|
Arbitrary File Write via Archive Extraction (Zip Slip)
|
github.com/cockroachdb/cockroach/pkg/workload/querylog
<19.2.0-beta.20190930
|
Go
|
11 Oct, 2019
|
|
Arbitrary File Write via Archive Extraction (Zip Slip)
|
github.com/rclone/rclone/cmd/rcd
<1.49.4
|
Go
|
11 Oct, 2019
|
|
Arbitrary File Write via Archive Extraction (Zip Slip)
|
github.com/uber/prototool/internal/protoc
*
|
Go
|
11 Oct, 2019
|
|
Arbitrary File Write via Archive Extraction (Zip Slip)
|
github.com/uber/astro/astro/tvm
<0.5.0
|
Go
|
11 Oct, 2019
|
|
Insufficient Hostname Verification
|
github.com/openshift/builder/pkg/build/builder
*
|
Go
|
08 Oct, 2019
|
|
Sensitive Data Exposure
|
github.com/openshift/library-go/pkg/operator/resource/resourceapply
>=4.0 <4.1
|
Go
|
08 Oct, 2019
|
|
Denial of Service (DoS)
|
github.com/ethereum/go-ethereum/cmd/evm
>=1.8.13 <1.8.14
|
Go
|
08 Oct, 2019
|
|
Improper Input Validation
|
github.com/ethereum/go-ethereum/eth
<1.8.14
|
Go
|
08 Oct, 2019
|
|
Information Exposure
|
github.com/kubernetes/kube-state-metrics
>=1.7.0 <1.7.2
|
Go
|
03 Oct, 2019
|
|
Access Restriction Bypass
|
github.com/docker/libcontainer
*
|
Go
|
26 Sep, 2019
|
|
Access Restriction Bypass
|
github.com/opencontainers/runc/libcontainer
*
|
Go
|
26 Sep, 2019
|
|
Insecure Permissions
|
github.com/astaxie/beego/session
*
|
Go
|
17 Sep, 2019
|
|
Man-in-the-Middle (MitM)
|
github.com/containers/image/docker
<3.0.0
|
Go
|
10 Sep, 2019
|
|
Improper Authentication
|
github.com/apache/trafficcontrol/traffic_ops/traffic_ops_golang/login
>=3.0.0 <3.0.2-RC1
|
Go
|
10 Sep, 2019
|
|
Access Restriction Bypass
|
github.com/goharbor/harbor/src/core/api
>=1.7.0 <1.9.0-rc1
|
Go
|
08 Sep, 2019
|
|
Cross-site Request Forgery (CSRF)
|
github.com/rancher/rancher/pkg/clusterrouter
>=2.0.0 <2.0.16,>=2.1.0 <2.1.11,>=2.2.0 <2.2.5
|
Go
|
04 Sep, 2019
|
|
Cross-site Request Forgery (CSRF)
|
github.com/rancher/rancher/server
>=2.0.0 <2.0.16,>=2.1.0 <2.1.11,>=2.2.0 <2.2.5
|
Go
|
04 Sep, 2019
|
|
Privilege Escalation
|
github.com/sylabs/singularity/internal/pkg/runtime/engines/singularity
>=3.1.0 <3.2.0
|
Go
|
04 Jul, 2019
|
|
Integer Overflow
|
github.com/square/go-jose/cipher
<1.0.5
|
Go
|
03 Jul, 2019
|
|
N1QL injection
|
github.com/couchbase/sync_gateway/db
<2.5
|
Go
|
27 Jun, 2019
|
|
Incorrect Access Control
|
github.com/hashicorp/consul/acl
>=1.4.0 <1.5.1
|
Go
|
07 Jun, 2019
|
|
Incorrect Access Control
|
github.com/istio/istio/pilot/pkg/networking/plugin/mixer/mixer.go
>=1.1 <1.1.7
|
Go
|
06 Jun, 2019
|
|
Denial of Service (DoS)
|
github.com/facebook/fbthrift/thrift/lib/go/thrift
|
Go
|
04 Jun, 2019
|
|
Insecure Defaults
|
github.com/hybridgroup/gobot/platforms/mqtt
<1.13.0
|
Go
|
02 Jun, 2019
|
|
Insecure Defaults
|
gobot.io/x/gobot/platforms/mqtt
<1.13.0
|
Go
|
02 Jun, 2019
|
|
Insecure Permissions
|
github.com/kubernetes/kubernetes/pkg/kubelet/kuberuntime
>=1.14.0 <1.14.3,>=1.13.0 <1.13.7
|
Go
|
25 May, 2019
|
|
Insecure Permissions
|
k8s.io/kubernetes/pkg/kubelet/kuberuntime
>=1.14.0 <1.14.3,>=1.13.0 <1.13.7
|
Go
|
25 May, 2019
|
|
Arbitrary File Write via Archive Extraction (Zip Slip)
|
github.com/mholt/archiver/cmd/arc
>=3.0.0
|
Go
|
16 May, 2019
|
|
World Writable Files
|
github.com/kubernetes/client-go/discovery/cached/disk
>=1.8.0 <1.12.9
|
Go
|
25 Apr, 2019
|
|
World Writable Files
|
github.com/kubernetes/kubernetes/staging/src/k8s.io/client-go/discovery/cached/disk
>=1.8.0 <1.12.9
|
Go
|
25 Apr, 2019
|