pkg:Go/d7y.io/dragonfly/v2

共 26 筆 CVECRITICAL2LOW2

✅ 檢查你的版本

所有已知漏洞

  • CRITICAL9.8CVE-2023-27584Dragonfly2 has hard coded cyptographic key in d7y.io/dragonfly
    >= 2.1.0-alpha.0, < 2.1.0-beta.1
  • CRITICAL9.8CVE-2023-27584Dragonfly2 has hard coded cyptographic key in d7y.io/dragonfly
    from 0, < 2.1.0-beta.1
  • LOW3.7CVE-2025-59410DragonFly's tiny file download uses hard coded HTTP protocol in d7y.io/dragonfly
    from 0, < 2.1.0
  • LOW3.7CVE-2025-59410DragonFly's tiny file download uses hard coded HTTP protocol in d7y.io/dragonfly
    from 0, < 2.1.0
  • CVE-2026-24124Dragonfly Manager Job API Unauthenticated Access in d7y.io/dragonfly
    from 0, < 2.4.1
  • CVE-2026-24124Dragonfly Manager Job API Unauthenticated Access in d7y.io/dragonfly
    from 0, < 2.4.1
  • CVE-2025-59354DragonFly has weak integrity checks for downloaded files in d7y.io/dragonfly
    from 0, < 2.1.0
  • CVE-2025-59354DragonFly has weak integrity checks for downloaded files in d7y.io/dragonfly
    from 0, < 2.1.0
  • CVE-2025-59353DragonFly's manager generates mTLS certificates for arbitrary IP addresses in d7y.io/dragonfly
    from 0, < 2.1.0
  • CVE-2025-59353DragonFly's manager generates mTLS certificates for arbitrary IP addresses in d7y.io/dragonfly
    from 0, < 2.1.0
  • CVE-2025-59352DragonFly vulnerable to arbitrary file read and write on a peer machine in d7y.io/dragonfly
    from 0, < 2.1.0
  • CVE-2025-59352DragonFly vulnerable to arbitrary file read and write on a peer machine in d7y.io/dragonfly
    from 0, < 2.1.0
  • CVE-2025-59351DragonFly vulnerable to panics due to nil pointer dereference when using variables created alongside an error in d7y.io/dragonfly
    from 0, < 2.1.0
  • CVE-2025-59351DragonFly vulnerable to panics due to nil pointer dereference when using variables created alongside an error in d7y.io/dragonfly
    from 0, < 2.1.0
  • CVE-2025-59350Dragonfly vulnerable to timing attacks against Proxy’s basic authentication in d7y.io/dragonfly
    from 0, < 2.1.0
  • CVE-2025-59350Dragonfly vulnerable to timing attacks against Proxy’s basic authentication in d7y.io/dragonfly
    from 0, < 2.1.0
  • CVE-2025-59349Dragonfly's directories created via os.MkdirAll are not checked for permissions in d7y.io/dragonfly
    from 0, < 2.1.0
  • CVE-2025-59349Dragonfly's directories created via os.MkdirAll are not checked for permissions in d7y.io/dragonfly
    from 0, < 2.1.0
  • CVE-2025-59348Dragonfly incorrectly handles a task structure’s usedTrac field in d7y.io/dragonfly
    from 0, < 2.1.0
  • CVE-2025-59348Dragonfly incorrectly handles a task structure’s usedTrac field in d7y.io/dragonfly
    from 0, < 2.1.0
  • CVE-2025-59347Dragonfly's manager makes requests to external endpoints with disabled TLS authentication in d7y.io/dragonfly
    from 0, < 2.1.0
  • CVE-2025-59347Dragonfly's manager makes requests to external endpoints with disabled TLS authentication in d7y.io/dragonfly
    from 0, < 2.1.0
  • CVE-2025-59346Dragonfly vulnerable to server-side request forgery in d7y.io/dragonfly
    from 0, < 2.1.0
  • CVE-2025-59346Dragonfly vulnerable to server-side request forgery in d7y.io/dragonfly
    from 0, < 2.1.0
  • CVE-2025-59345Dragonfly doesn't have authentication enabled for some Manager’s endpoints in d7y.io/dragonfly
    from 0, < 2.1.0
  • CVE-2025-59345Dragonfly doesn't have authentication enabled for some Manager’s endpoints in d7y.io/dragonfly
    from 0, < 2.1.0