Homepage
About Snyk

Find out if you have vulnerabilities that put you at risk

Test your applications
Toggle filtering controls
Expand this section

APPLICATION

Expand this section

OPERATING SYSTEM

Report a new vulnerability
VULNERABILITY AFFECTS TYPE PUBLISHED
  • H
Reliance on Untrusted Inputs in a Security Decision 		github.com/rancher/rancher/pkg/multiclustermanager >=2.0.0 <2.4.16 >=2.5.0 <2.5.9 Go 25 Apr 2024
  • H
Reliance on Untrusted Inputs in a Security Decision 		github.com/rancher/rancher/pkg/auth/requests >=2.0.0 <2.4.16 >=2.5.0 <2.5.9 Go 25 Apr 2024
  • M
Improper Input Validation 		github.com/rancher/rancher/pkg/auth/providers/saml <2.3.0-alpha4 Go 25 Apr 2024
  • H
Improper Control of Generation of Code ('Code Injection') 		github.com/rancher/rancher >=2.0.0 <2.2.4 Go 25 Apr 2024
  • H
Improper Access Control 		github.com/rancher/rancher/pkg/controllers/management/auth <2.4.18 >=2.5.0 <2.5.12 >=2.6.0 <2.6.3 Go 25 Apr 2024
  • H
Improper Access Control 		github.com/rancher/rancher/pkg/agent/clean <2.4.18 >=2.5.0 <2.5.12 >=2.6.0 <2.6.3 Go 25 Apr 2024
  • H
Improper Access Control 		github.com/rancher/rancher/app <2.4.18 >=2.5.0 <2.5.12 >=2.6.0 <2.6.3 Go 25 Apr 2024
  • C
Improper Authentication 		github.com/rancher/rancher/pkg/controllers/management/auth >=2.0.0 <2.0.14 >=2.1.0 <2.1.9 >=2.2.0 <2.2.2 Go 25 Apr 2024
  • C
Improper Authentication 		github.com/rancher/rancher/app >=2.0.0 <2.0.14 >=2.1.0 <2.1.9 >=2.2.0 <2.2.2 Go 25 Apr 2024
  • L
Improper Authorization 		github.com/authelia/authelia/v4/internal/handlers >=4.37.0 <4.38.0 Go 24 Apr 2024
  • H
Command Injection 		github.com/opencontainers/runc/libcontainer * Go 24 Apr 2024
  • M
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') 		github.com/gohugoio/hugo/tpl/tplimpl/embedded >=0.123.0 <0.125.3 Go 24 Apr 2024
  • M
Cross-site Scripting (XSS) 		vitess.io/vitess/go/vt/throttler <0.17.0-rc1 Go 24 Apr 2024
  • M
Cross-site Scripting (XSS) 		github.com/vitessio/vitess/go/vt/throttler <0.17.0-rc1 Go 24 Apr 2024
  • M
Cross-site Scripting (XSS) 		github.com/apache/incubator-answer/internal/schema <1.3.0-RC1 Go 22 Apr 2024
  • M
Open Redirect 		gogs.io/gogs/pkg/tool <0.11.79 Go 21 Apr 2024
  • M
Server-Side Request Forgery (SSRF) 		github.com/usememos/memos/api/v1 <0.16.1 Go 21 Apr 2024
  • M
Server-Side Request Forgery (SSRF) 		github.com/usememos/memos/api/v1 <0.16.1 Go 21 Apr 2024
  • M
Open Redirect 		github.com/gogs/gogs/pkg/tool <0.11.79 Go 21 Apr 2024
  • L
Observable Timing Discrepancy 		github.com/1panel-dev/1panel/backend/app/service <1.10.3-lts Go 21 Apr 2024
  • M
Server-Side Request Forgery (SSRF) 		github.com/usememos/memos/api/v1 <0.16.1 Go 21 Apr 2024
  • M
Path Traversal 		github.com/owncast/owncast/controllers/admin <0.1.3 Go 21 Apr 2024
  • M
Improper Access Control 		github.com/evmos/evmos/v13/x/vesting * Go 19 Apr 2024
  • M
Improper Access Control 		github.com/evmos/evmos/v13 * Go 19 Apr 2024
  • C
Resource Exhaustion 		github.com/evmos/evmos/v11 <12.0.0 Go 19 Apr 2024
  • H
Argument Injection 		github.com/hashicorp/go-getter >=1.5.9 <1.7.4 Go 19 Apr 2024
  • M
Transmission of Private Resources into a New Sphere ('Resource Leak') 		github.com/moby/moby/libnetwork/osl >=26.0.0 <26.0.2 Go 19 Apr 2024
  • M
Transmission of Private Resources into a New Sphere ('Resource Leak') 		github.com/docker/docker/libnetwork/osl >=26.0.0 <26.0.2 Go 19 Apr 2024
  • M
Transmission of Private Resources into a New Sphere ('Resource Leak') 		github.com/moby/moby/integration/networking >=26.0.0 <26.0.2 Go 19 Apr 2024
  • M
Transmission of Private Resources into a New Sphere ('Resource Leak') 		github.com/docker/docker/integration/networking >=26.0.0 <26.0.2 Go 19 Apr 2024