5 matches found
CVE-2024-41255
filestash v0.4 is configured to skip TLS certificate verification when using the FTPS protocol, possibly allowing attackers to execute a man-in-the-middle attack via the Init function of index.go...
GO-2024-3033 Filestash configured to skip TLS certificate verification when using the FTPS protocol in github.com/mickael-kerjean/filestash
Filestash configured to skip TLS certificate verification when using the FTPS protocol in github.com/mickael-kerjean/filestash...
GHSA-4JMM-C6JW-G796 Filestash configured to skip TLS certificate verification when using the FTPS protocol
filestash v0.4 is configured to skip TLS certificate verification when using the FTPS protocol, possibly allowing attackers to execute a man-in-the-middle attack via the Init function of index.go...
CVE-2024-41255
filestash v0.4 is configured to skip TLS certificate verification when using the FTPS protocol, possibly allowing attackers to execute a man-in-the-middle attack via the Init function of index.go...
CVE-2024-41255
Summary: Filestash v0.4 is configured to skip TLS certificate verification when using FTPS, potentially allowing a man‑in‑the‑middle attack via the Init function of index.go. Root cause: insecure TLS validation (InsecureSkipVerify style setting) leads to certificate trust bypass. Impact: high ris...