4 matches found
CVE-2025-15414
A flaw has been found in go-sonic sonic up to 1.1.4. The affected element is the function FetchTheme of the file service/theme/gitfetcher.go of the component Theme Fetching API. Executing a manipulation of the argument uri can lead to server-side request forgery. The attack may be launched...
CVE-2025-15414 go-sonic Theme Fetching API git_fetcher.go FetchTheme server-side request forgery
A flaw has been found in go-sonic sonic up to 1.1.4. The affected element is the function FetchTheme of the file service/theme/gitfetcher.go of the component Theme Fetching API. Executing a manipulation of the argument uri can lead to server-side request forgery. The attack may be launched...
CVE-2025-15414 go-sonic Theme Fetching API git_fetcher.go FetchTheme server-side request forgery
A flaw has been found in go-sonic sonic up to 1.1.4. The affected element is the function FetchTheme of the file service/theme/gitfetcher.go of the component Theme Fetching API. Executing a manipulation of the argument uri can lead to server-side request forgery. The attack may be launched...
PT-2026-1030
Name of the Vulnerable Software and Affected Versions go-sonic versions up to 1.1.4 Description A server-side request forgery issue exists in the Theme Fetching API of go-sonic. The flaw is located in the FetchTheme function within the service/theme/git fetcher.go file. Manipulation of the uri...