Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

10 advisories

Loading
Unrestricted Upload of File with Dangerous Type in Gogs High
CVE-2022-0415 was published for gogs.io/gogs (Go) Mar 28, 2022
wuhan005
Arbitrary command execution in Minidoc High
CVE-2022-29637 was published for github.com/mindoc-org/mindoc (Go) May 27, 2022
Mattermost subject to Denial of Service via upload of special GIF Moderate
CVE-2022-3257 was published for github.com/mattermost/mattermost-server/v6 (Go) Sep 25, 2022
hod-alpert
AList vulnerable to Improper Preservation of Permissions High
CVE-2022-45968 was published for github.com/alist-org/alist/v3 (Go) Dec 12, 2022
act vulnerable to arbitrary file upload in artifact server High
CVE-2023-22726 was published for github.com/nektos/act (Go) Jan 20, 2023
sjqzhang go-fastdfs vulnerable to path traversal Critical
CVE-2023-1800 was published for github.com/sjqzhang/go-fastdfs (Go) Apr 2, 2023
alist Incorrect Access Control vulnerability High
CVE-2023-33498 was published for github.com/alist-org/alist/v3 (Go) Jun 7, 2023
Apache Answer Unrestricted Upload of File with Dangerous Type vulnerability High
CVE-2024-22393 was published for github.com/apache/incubator-answer (Go) Feb 22, 2024
ZITADEL's Improper Content-Type Validation Leads to Account Takeover via Stored XSS + CSP Bypass High
CVE-2024-29891 was published for github.com/zitadel/zitadel (Go) Mar 28, 2024
amit-laish fforootd
livio-a adlerhurst
Matrix Media Repo (MMR) allows untrusted file formats can be thumbnailed, invoking potentially further untrusted decoders Moderate
CVE-2024-56515 was published for github.com/t2bot/matrix-media-repo (Go) Jan 16, 2025
ProTip! Advisories are also available from the GraphQL API