Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

15 advisories

Loading
Silver vulnerable to MitM attack against implants due to a cryptography vulnerability Critical
CVE-2023-34758 was published for github.com/bishopfox/sliver (Go) Jun 21, 2023
Portainer improperly uses an encryption algorithm in the AesEncrypt function High
CVE-2024-33662 was published for github.com/portainer/portainer (Go) Oct 2, 2024
Use of a Broken or Risky Cryptographic Algorithm in Terraform High
CVE-2019-19316 was published for github.com/hashicorp/terraform (Go) May 18, 2021
Gorush uses deprecated TLS versions Moderate
CVE-2024-41270 was published for github.com/appleboy/gorush (Go) Aug 6, 2024
Beego privilege escalation vulnerability High
CVE-2024-40465 was published for github.com/beego/beego/v2 (Go) Jul 31, 2024
ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache Critical
CVE-2024-31989 was published for github.com/argoproj/argo-cd (Go) May 21, 2024
oreenlivnicode leoluz
crenshaw-dev mkilchhofer todaywasawesome pasha-codefresh
github.com/bincyber/go-sqlcrypter vulnerable to IV collision Low
GHSA-2j6r-9vv4-6gf5 was published for github.com/bincyber/go-sqlcrypter (Go) May 20, 2024
Collision of hash values in github.com/bnb-chain/tss-lib Critical
CVE-2022-47931 was published for github.com/bnb-chain/tss-lib (Go) Dec 23, 2022
CBC padding oracle issue in AWS S3 Crypto SDK for golang Moderate
CVE-2020-8911 was published for github.com/aws/aws-sdk-go (Go) Feb 11, 2022
sophieschmieg
In-band key negotiation issue in AWS S3 Crypto SDK for golang Low
CVE-2020-8912 was published for github.com/aws/aws-sdk-go (Go) Feb 11, 2022
sophieschmieg
free5GC udm vulnerable to Invalid Curve Attack High
CVE-2023-46324 was published for github.com/free5gc/udm (Go) Oct 23, 2023
golang.org/x/crypto/ssh Denial of service via crafted Signer High
CVE-2022-27191 was published for golang.org/x/crypto (Go) Mar 19, 2022
westonsteimel
SIF's Digital Signature Hash Algorithms Not Validated Moderate
CVE-2022-39237 was published for github.com/sylabs/sif/v2 (Go) Oct 6, 2022
tri-adam
Use of a Broken or Risky Cryptographic Algorithm in Max Mazurov Maddy High
CVE-2021-42583 was published for github.com/foxcpp/maddy (Go) Jan 6, 2022
Broken encryption in EdgeX Foundry Moderate
CVE-2021-41278 was published for github.com/edgexfoundry/app-functions-sdk-go (Go) Nov 19, 2021
bnevis-i
ProTip! Advisories are also available from the GraphQL API