CVE-2019-18923

Insufficient content type validation of proxied resources in go-camo before 2.1.1 allows a remote attacker to serve arbitrary content from go-camo's origin...

EUVD-2019-5495

Malware in sbrugna...

EUVD-2019-8597

Malware in sbrugna...

CVE-2019-14255

A Server Side Request Forgery SSRF vulnerability in go-camo up to version 1.1.4 allows a remote attacker to perform HTTP requests to internal endpoints...

CVE-2022-36048

Zulip is an open-source team collaboration tool with topic-based threading that combines email and chat. When displaying messages with embedded remote images, Zulip normally loads the image preview via a go-camo proxy server. However, an attacker who can send messages could include a crafted URL...

Information Disclosure

github.com/cactus/go-camo is vulnerable to information disclosure through content-type smuggling. The vulnerability exists as it allows malformed content type records to bypass the validation checks, allowing non-media content to be served. This vulnerability can potentially be exploited to perfo...

go-camo cross-site scripting vulnerability

go-camo is an image proxy server. A cross-site scripting vulnerability exists in go-camo versions prior to 2.1.1, which can be exploited by an attacker to execute client-side code...

CVE-2019-18923

Insufficient content type validation of proxied resources in go-camo before 2.1.1 allows a remote attacker to serve arbitrary content from go-camo's origin...

CVE-2019-18923

Insufficient content type validation of proxied resources in go-camo before 2.1.1 allows a remote attacker to serve arbitrary content from go-camo's origin...

Input validation

Insufficient content type validation of proxied resources in go-camo before 2.1.1 allows a remote attacker to serve arbitrary content from go-camo's origin...

CVE-2019-18923

CVE-2019-18923 affects the Go proxy/cache project go-camo, where insufficient content-type validation of proxied resources allows a remote attacker to serve arbitrary content from go-camo’s origin. The issue occurs in versions before 2.1.1. As documented in multiple connected sources, the root ca...

go-camo server-side request forgery vulnerability

Camo is a special type of image proxy that proxies non-secure images over SSL/TLS. go-camo is the Go language version of Camo. A server-side request forgery vulnerability exists in go-camo 1.1.4 and earlier versions, which can be exploited by remote attackers to perform HTTP requests to internal...

CVE-2019-14255

A Server Side Request Forgery SSRF vulnerability in go-camo up to version 1.1.4 allows a remote attacker to perform HTTP requests to internal endpoints...

CVE-2019-14255

A Server Side Request Forgery SSRF vulnerability in go-camo up to version 1.1.4 allows a remote attacker to perform HTTP requests to internal endpoints...

Server side request forgery (ssrf)

A Server Side Request Forgery SSRF vulnerability in go-camo up to version 1.1.4 allows a remote attacker to perform HTTP requests to internal endpoints...

CVE-2019-14255

A Server Side Request Forgery SSRF vulnerability in go-camo up to version 1.1.4 allows a remote attacker to perform HTTP requests to internal endpoints...

CVE-2019-14255

The CVE-2019-14255 entry concerns go-camo