CVE search results

711 – 720 of 1533 results

Detailed view

Sort by:

CVE-2022-30323

Medium priority

Vulnerable

go-getter up to 1.5.11 and 2.0.2 panicked when processing password-protected ZIP files. Fixed in 1.6.1 and 2.1.0.

2 affected packages

golang-github-hashicorp-go-getter, golang-github-jesseduffield-go-getter

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
golang-github-hashicorp-go-getter	Vulnerable	Vulnerable	Vulnerable	Vulnerable
golang-github-jesseduffield-go-getter	Vulnerable	Vulnerable	Vulnerable	—

CVE-2022-30322

Medium priority

Vulnerable

go-getter up to 1.5.11 and 2.0.2 allowed asymmetric resource exhaustion when go-getter processed malicious HTTP responses. Fixed in 1.6.1 and 2.1.0.

2 affected packages

golang-github-hashicorp-go-getter, golang-github-jesseduffield-go-getter

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
golang-github-hashicorp-go-getter	Vulnerable	Vulnerable	Vulnerable	Vulnerable
golang-github-jesseduffield-go-getter	Vulnerable	Vulnerable	Vulnerable	—

CVE-2022-30321

Medium priority

Vulnerable

go-getter up to 1.5.11 and 2.0.2 allowed arbitrary host access via go-getter path traversal, symlink processing, and command injection flaws. Fixed in 1.6.1 and 2.1.0.

2 affected packages

golang-github-hashicorp-go-getter, golang-github-jesseduffield-go-getter

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
golang-github-hashicorp-go-getter	Vulnerable	Vulnerable	Vulnerable	Vulnerable
golang-github-jesseduffield-go-getter	Vulnerable	Vulnerable	Vulnerable	—

CVE-2022-26945

Medium priority

Vulnerable

go-getter up to 1.5.11 and 2.0.2 allowed protocol switching, endless redirect, and configuration bypass via abuse of custom HTTP response header processing. Fixed in 1.6.1 and 2.1.0.

2 affected packages

golang-github-hashicorp-go-getter, golang-github-jesseduffield-go-getter

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
golang-github-hashicorp-go-getter	Vulnerable	Vulnerable	Vulnerable	Vulnerable
golang-github-jesseduffield-go-getter	Vulnerable	Vulnerable	Vulnerable	—

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-42836. Reason: This candidate is a duplicate of CVE-2021-42836. Notes: All CVE users should reference CVE-2021-42836 instead of this candidate.

2 affected packages

golang-github-tidwall-gjson, telegraf

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
golang-github-tidwall-gjson	Not affected	Not affected	Not affected	—
telegraf	Not in release	Not affected	—	—

CVE-2022-1423

Medium priority

Improper access control in the CI/CD cache mechanism in GitLab CE/EE affecting all versions starting from 1.0.2 before 14.8.6, all versions from 14.9.0 before 14.9.4, and all versions from 14.10.0 before 14.10.1 allows a malicious...

1 affected package

gitlab

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
gitlab	—	—	—	—

CVE-2022-1416

Medium priority

Missing sanitization of data in Pipeline error messages in GitLab CE/EE affecting all versions starting from 1.0.2 before 14.8.6, all versions from 14.9.0 before 14.9.4, and all versions from 14.10.0 before 14.10.1 allows for...

1 affected package

gitlab

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
gitlab	—	—	—	—

CVE-2022-1413

Medium priority

Missing input masking in GitLab CE/EE affecting all versions starting from 1.0.2 before 14.8.6, all versions from 14.9.0 before 14.9.4, and all versions from 14.10.0 before 14.10.1 causes potentially sensitive integration...

1 affected package

gitlab

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
gitlab	—	—	—	—

CVE-2022-1545

Medium priority

It was possible to disclose details of confidential notes created via the API in Gitlab CE/EE affecting all versions from 13.2 prior to 14.8.6, 14.9 prior to 14.9.4, and 14.10 prior to 14.10.1 if an unauthorised project member was...

1 affected package

gitlab

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
gitlab	—	—	—	—

CVE-2022-1510

Medium priority

An issue has been discovered in GitLab affecting all versions starting from 13.9 before 14.8.6, all versions starting from 14.9 before 14.9.4, all versions starting from 14.10 before 14.10.1. GitLab was not correctly handling...

1 affected package

gitlab

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
gitlab	—	—	—	—

Export to JSON

Results by page:

Search CVE reports

CVE-2022-30323

CVE-2022-30322

CVE-2022-30321

CVE-2022-26945

CVE-2021-42248

CVE-2022-1423

CVE-2022-1416

CVE-2022-1413

CVE-2022-1545

CVE-2022-1510