pkg:Go/github.com/drakkan/sftpgo

11 total CVEsHIGH3MEDIUM3

✅ Check your installed version

All known vulnerabilities

  • HIGH8.3CVE-2022-36071SFTPGo vulnerable to recovery codes abuse in github.com/drakkan/sftpgo
    from 0
  • HIGH7.5CVE-2025-24366SFTPGo has insufficient sanitization of user provided rsync command in github.com/drakkan/sftpgo
    from 0, <= 1.2.2
  • HIGH7.5CVE-2025-24366SFTPGo has insufficient sanitization of user provided rsync command in github.com/drakkan/sftpgo
    from 0
  • MEDIUM6.5CVE-2024-37897SFTPGo has insufficient access control for password reset in github.com/drakkan/sftpgo
    from 0
  • MEDIUM6.1CVE-2022-39220SFTPGo WebClient vulnerable to Cross-site Scripting in github.com/drakkan/sftpgo
    from 0, < 2.3.5
  • MEDIUM6.1CVE-2022-39220SFTPGo WebClient vulnerable to Cross-site Scripting in github.com/drakkan/sftpgo
    from 0
  • CVE-2026-30915SFTPGo improperly sanitizes placeholders in group home directories/key prefixes
    from 0
  • CVE-2026-30914SFTPGo Vulnerable to Path Traversal and Permission Bypass via Path Normalization Discrepancy
    from 0, <= 1.2.2
  • CVE-2026-30914SFTPGo Vulnerable to Path Traversal and Permission Bypass via Path Normalization Discrepancy
    from 0
  • CVE-2024-52801sftpgo vulnerable to brute force takeover of OpenID Connect session cookies in github.com/drakkan/sftpgo
    from 0
  • CVE-2024-52309SFTPGo allows administrators to restrict command execution from the EventManager in github.com/drakkan/sftpgo
    from 0