GO-2023-2422 Deis Workflow Manager race condition vulnerability in github.com/deis/workflow-manager

Deis Workflow Manager race condition vulnerability in github.com/deis/workflow-manager...

GO-2023-2378 Go package github.com/edgelesssys/marblerun CLI commands susceptible to MITM attacks

Go package github.com/edgelesssys/marblerun CLI commands susceptible to MITM attacks...

GO-2023-2070 Croc requires senders to provide local IP addresses in cleartext in github.com/schollz/croc

Croc requires senders to provide local IP addresses in cleartext in github.com/schollz/croc...

GO-2023-2067 Faktory Web Dashboard can lead to denial of service(DOS) via malicious user input in github.com/contribsys/faktory

Faktory Web Dashboard can lead to denial of serviceDOS via malicious user input in github.com/contribsys/faktory...

GO-2023-2055 Terraform allows arbitrary file write during the `init` operation in github.com/hashicorp/terraform

Terraform allows arbitrary file write during the init operation in github.com/hashicorp/terraform...

GO-2023-2011 Yaklang Plugin's Fuzztag Component Allows Unauthorized Local File Reading in github.com/yaklang/yaklang

Yaklang Plugin's Fuzztag Component Allows Unauthorized Local File Reading in github.com/yaklang/yaklang...

GO-2023-2020 Alertmanager UI is vulnerable to stored XSS via the /api/v1/alerts endpoint in github.com/prometheus/alertmanager

Alertmanager UI is vulnerable to stored XSS via the /api/v1/alerts endpoint in github.com/prometheus/alertmanager...

GO-2023-1973 Rancher Access Control Vulnerability in github.com/rancher/rancher

Rancher Access Control Vulnerability in github.com/rancher/rancher...

GO-2023-1936 Gophish XSS Vulnerability in github.com/gophish/gophish

Gophish XSS Vulnerability in github.com/gophish/gophish...

GO-2023-1925 Weave GitOps Terraform Controller Information Disclosure Vulnerability in github.com/weaveworks/tf-controller

Weave GitOps Terraform Controller Information Disclosure Vulnerability in github.com/weaveworks/tf-controller...

GO-2023-1919 Containous Traefik Exposes Password Hashes in github.com/traefik/traefik

Containous Traefik Exposes Password Hashes in github.com/traefik/traefik...

GO-2023-1927 Podman Path Traversal Vulnerability leads to arbitrary file read/write in github.com/containers/podman

Podman Path Traversal Vulnerability leads to arbitrary file read/write in github.com/containers/podman...

GO-2023-1945 HashiCorp Consul Access Restriction Bypass in github.com/hashicorp/consul

HashiCorp Consul Access Restriction Bypass in github.com/hashicorp/consul...

GO-2023-1896 Zinc Cross-site Scripting vulnerability in github.com/zinclabs/zinc

Zinc Cross-site Scripting vulnerability in github.com/zinclabs/zinc...

GO-2023-1911 gitjacker arbitrary code execution in github.com/liamg/gitjacker

gitjacker arbitrary code execution in github.com/liamg/gitjacker...

GO-2023-1895 Zinc Cross-site Scripting vulnerability in github.com/zinclabs/zinc

Zinc Cross-site Scripting vulnerability in github.com/zinclabs/zinc...

GO-2023-1831 Notation's default `maxSignatureAttempts` in `notation verify` enables an endless data attack in github.com/notaryproject/notation

Notation's default maxSignatureAttempts in notation verify enables an endless data attack in github.com/notaryproject/notation...

GO-2023-1808 Go package pydio/cells vulnerable to authorization bypass in github.com/pydio/cells

Go package pydio/cells vulnerable to authorization bypass in github.com/pydio/cells...

GO-2023-1806 mx-chain-go does not treat invalid transaction with wrong username correctly in github.com/multiversx/mx-chain-go

mx-chain-go does not treat invalid transaction with wrong username correctly in github.com/multiversx/mx-chain-go...

GO-2023-1723 SpiceDB binding metrics port to untrusted networks and can leak command-line flags in github.com/authzed/spicedb

SpiceDB binding metrics port to untrusted networks and can leak command-line flags in github.com/authzed/spicedb...