Vulnerability Library

search
ID
Packages
Summary
Affected versions
Published
Fix
GHSA-2rhx-qhxp-5jpw
  • Go/github.com/submariner-io/submariner-operator
 Submariner Operator sets unnecessary RBAC permissions in helm charts
  • See details.
 2024-05-17T15:31:10Z Fix available
GHSA-fjw8-3gp8-4cvx
  • Go/github.com/stacklok/minder
 Denial of service of Minder Server with attacker-controlled REST endpoint
  • See details.
 2024-05-16T17:44:39Z Fix available
GHSA-x8xm-wrjq-5g54
  • Go/github.com/stakater/Forecastle
 Stakater Forecastle has a directory traversal vulnerability
  • See details.
 2024-05-15T21:31:25Z No fix available
GHSA-8fg7-hp93-qhvr
  • Go/github.com/wolfi-dev/wolfictl
 wolfictl leaks GitHub tokens to remote non-GitHub git servers
  • See details.
 2024-05-15T20:02:14Z Fix available
GHSA-f6mm-5fc7-3g3c
  • Go/github.com/goreleaser/goreleaser
 goreleaser shows environment by default
  • 1.26.0
 2024-05-15T17:17:10Z Fix available
GHSA-v554-xwgw-hc3w
  • Go/github.com/fluxcd/source-controller
 source-controller leaks Azure Storage SAS token into logs
  • See details.
 2024-05-15T17:09:24Z Fix available
GHSA-qjqg-4wg7-957h
  • Go/sigs.k8s.io/azurefile-csi-driver
 azure-file-csi-driver leaks service account tokens in the logs
  • 1.30.0
 2024-05-15T03:30:43Z Fix available
GHSA-4w53-6jvp-gg52
  • Go/github.com/tg123/sshpiper
 sshpiper's enabling of proxy protocol without proper feature flagging allows faking source address
  • See details.
 2024-05-14T22:31:14Z Fix available
GHSA-p978-56hq-r492
  • Go/github.com/grafana/grafana
 Grafana folders admin only permission privilege escalation
  • See details.
 2024-05-14T22:29:44Z Fix available
GHSA-x744-mm8v-vpgr
  • Go/github.com/grafana/grafana
 Grafana Data source and plugin proxy endpoints could leak the authentication cookie to some destination plugins
  • See details.
 2024-05-14T22:29:41Z Fix available
GHSA-gj7m-853r-289r
  • Go/github.com/grafana/grafana
 Grafana when using email as a username can block other users from signing in
  • See details.
 2024-05-14T22:29:38Z Fix available
GHSA-2x6g-h2hg-rq84
  • Go/github.com/grafana/grafana
 Grafana Email addresses and usernames can not be trusted
  • See details.
 2024-05-14T22:29:35Z Fix available
GHSA-3p62-42x7-gxg5
  • Go/github.com/grafana/grafana
 Grafana User enumeration via forget password
  • See details.
 2024-05-14T22:29:31Z Fix available
GHSA-vqc4-mpj8-jxch
  • Go/github.com/grafana/grafana
 Grafana Race condition allowing privilege escalation
  • See details.
 2024-05-14T22:26:48Z Fix available
GHSA-ff5c-938w-8c9q
  • Go/github.com/grafana/grafana
 Grafana Escalation from admin to server admin when auth proxy is used
  • See details.
 2024-05-14T22:25:56Z Fix available
GHSA-jv32-5578-pxjc
  • Go/github.com/grafana/grafana
 Grafana Data source and plugin proxy endpoints leaking authentication tokens to some destination plugins
  • See details.
 2024-05-14T22:25:26Z Fix available
Load more...