Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

12 matches found

EUVD
EUVDadded 2025/10/03 8:7 p.m.5 views

EUVD-2022-7651

Malicious code in bioql PyPI...

9.1CVSS9AI score0.00811EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2025/05/22 3:34 p.m.8 views

CVE-2020-36569

Authentication is globally bypassed in github.com/nanobox-io/golang-nanoauth between v0.0.0-20160722212129-ac0cc4484ad4 and v0.0.0-20200131131040-063a3fb69896 if ListenAndServe is called with an empty token...

9.1CVSS6.9AI score0.00811EPSS
Exploits0
Github Security Blog
Github Security Blogadded 2022/12/28 12:30 a.m.22 views

golang-nanoauth authentication bypass vulnerability

Authentication is globally bypassed in github.com/nanobox-io/golang-nanoauth between v0.0.0-20160722212129-ac0cc4484ad4 and v0.0.0-20200131131040-063a3fb69896 if ListenAndServe is called with an empty token...

9.1CVSS8.8AI score0.00811EPSS
Exploits0References5Affected Software1
OSV
OSVadded 2022/12/28 12:30 a.m.51 views

GHSA-HRM3-3XM6-X33H golang-nanoauth authentication bypass vulnerability

Authentication is globally bypassed in github.com/nanobox-io/golang-nanoauth between v0.0.0-20160722212129-ac0cc4484ad4 and v0.0.0-20200131131040-063a3fb69896 if ListenAndServe is called with an empty token...

9.1CVSS9.2AI score0.00811EPSS
Exploits0References5
OSV
OSVadded 2022/12/27 10:15 p.m.18 views

CVE-2020-36569

Authentication is globally bypassed in github.com/nanobox-io/golang-nanoauth between v0.0.0-20160722212129-ac0cc4484ad4 and v0.0.0-20200131131040-063a3fb69896 if ListenAndServe is called with an empty token...

9.1CVSS9.3AI score
Exploits0References3
NVD
NVDadded 2022/12/27 10:15 p.m.13 views

CVE-2020-36569

Authentication is globally bypassed in github.com/nanobox-io/golang-nanoauth between v0.0.0-20160722212129-ac0cc4484ad4 and v0.0.0-20200131131040-063a3fb69896 if ListenAndServe is called with an empty token...

9.1CVSS0.00811EPSS
Exploits0References3
Prion
Prionadded 2022/12/27 10:15 p.m.10 views

Authentication flaw

Authentication is globally bypassed in github.com/nanobox-io/golang-nanoauth between v0.0.0-20160722212129-ac0cc4484ad4 and v0.0.0-20200131131040-063a3fb69896 if ListenAndServe is called with an empty token...

6.4CVSS9.2AI score0.00811EPSS
Exploits0References3Affected Software1
Vulnrichment
Vulnrichmentadded 2022/12/27 9:12 p.m.6 views

CVE-2020-36569 Authentication bypass in github.com/nanobox-io/golang-nanoauth

Authentication is globally bypassed in github.com/nanobox-io/golang-nanoauth between v0.0.0-20160722212129-ac0cc4484ad4 and v0.0.0-20200131131040-063a3fb69896 if ListenAndServe is called with an empty token...

9.3AI score0.00811EPSS
Exploits0References3
CVE
CVEadded 2022/12/27 9:12 p.m.117 views

CVE-2020-36569

The CVE-2020-36569 entry concerns golang-nanoauth, where authentication is bypassed in the authentication layer when ListenAndServe is invoked with an empty token. Affected versions are v0.0.0-20160722212129-ac0cc4484ad4 through v0.0.0-20200131131040-063a3fb69896. The issue is described as an aut...

9.1CVSS9.3AI score0.00811EPSS
Exploits0References3Affected Software1
CNNVD
CNNVDadded 2022/12/27 12:0 a.m.4 views

golang-nanoauth 授权问题漏洞

golang-nanoauth is a simple authentication layer of DigitalOcean open source . Provides a unified approach to secure services HTTP/S . A security vulnerability exists in versions golang-nanoauth v0.0.0-20160722212129-ac0cc4484ad4 through v0.0.0-20200131131040-063a3fb69896. An attacker can bypass...

9.1CVSS8.3AI score0.00811EPSS
Exploits0References4
OSV
OSVadded 2021/04/14 8:4 p.m.23 views

GO-2020-0004 Authentication bypass in github.com/nanobox-io/golang-nanoauth

If any of the ListenAndServe functions are called with an empty token, token authentication is disabled globally for all listeners. Also, a minor timing side channel was present allowing attackers with very low latency and able to make many requests to potentially recover the token...

9.1CVSS9.3AI score0.00811EPSS
Exploits0References2
Positive Technologies
Positive Technologiesadded 2021/04/14 12:0 a.m.3 views

PT-2021-12084 · Unknown · Golang-Nanoauth

Name of the Vulnerable Software and Affected Versions: golang-nanoauth versions v0.0.0-20160722212129-ac0cc4484ad4 through v0.0.0-20200131131040-063a3fb69896 Description: The issue concerns a global bypass of authentication in the golang-nanoauth library. When the ListenAndServe function is calle...

9.1CVSS9.1AI score0.00811EPSS
Exploits0References10
Rows per page
Query Builder