pkg:Go/github.com/dragonflyoss/dragonfly

共 22 筆 CVELOW2

✅ 檢查你的版本

所有已知漏洞

  • LOW3.7CVE-2025-59410DragonFly's tiny file download uses hard coded HTTP protocol in d7y.io/dragonfly
    from 0
  • LOW3.7CVE-2025-59410DragonFly's tiny file download uses hard coded HTTP protocol in d7y.io/dragonfly
    from 0, < 2.1.0
  • CVE-2025-59354DragonFly has weak integrity checks for downloaded files in d7y.io/dragonfly
    from 0
  • CVE-2025-59354DragonFly has weak integrity checks for downloaded files in d7y.io/dragonfly
    from 0, < 2.1.0
  • CVE-2025-59353DragonFly's manager generates mTLS certificates for arbitrary IP addresses in d7y.io/dragonfly
    from 0, < 2.1.0
  • CVE-2025-59353DragonFly's manager generates mTLS certificates for arbitrary IP addresses in d7y.io/dragonfly
    from 0
  • CVE-2025-59352DragonFly vulnerable to arbitrary file read and write on a peer machine in d7y.io/dragonfly
    from 0
  • CVE-2025-59352DragonFly vulnerable to arbitrary file read and write on a peer machine in d7y.io/dragonfly
    from 0, < 2.1.0
  • CVE-2025-59351DragonFly vulnerable to panics due to nil pointer dereference when using variables created alongside an error in d7y.io/dragonfly
    from 0, < 2.1.0
  • CVE-2025-59351DragonFly vulnerable to panics due to nil pointer dereference when using variables created alongside an error in d7y.io/dragonfly
    from 0
  • CVE-2025-59350Dragonfly vulnerable to timing attacks against Proxy’s basic authentication in d7y.io/dragonfly
    from 0
  • CVE-2025-59350Dragonfly vulnerable to timing attacks against Proxy’s basic authentication in d7y.io/dragonfly
    from 0, < 2.1.0
  • CVE-2025-59349Dragonfly's directories created via os.MkdirAll are not checked for permissions in d7y.io/dragonfly
    from 0, < 2.1.0
  • CVE-2025-59349Dragonfly's directories created via os.MkdirAll are not checked for permissions in d7y.io/dragonfly
    from 0
  • CVE-2025-59348Dragonfly incorrectly handles a task structure’s usedTrac field in d7y.io/dragonfly
    from 0, < 2.1.0
  • CVE-2025-59348Dragonfly incorrectly handles a task structure’s usedTrac field in d7y.io/dragonfly
    from 0
  • CVE-2025-59347Dragonfly's manager makes requests to external endpoints with disabled TLS authentication in d7y.io/dragonfly
    from 0
  • CVE-2025-59347Dragonfly's manager makes requests to external endpoints with disabled TLS authentication in d7y.io/dragonfly
    from 0, < 2.1.0
  • CVE-2025-59346Dragonfly vulnerable to server-side request forgery in d7y.io/dragonfly
    from 0
  • CVE-2025-59346Dragonfly vulnerable to server-side request forgery in d7y.io/dragonfly
    from 0, < 2.1.0
  • CVE-2025-59345Dragonfly doesn't have authentication enabled for some Manager’s endpoints in d7y.io/dragonfly
    from 0
  • CVE-2025-59345Dragonfly doesn't have authentication enabled for some Manager’s endpoints in d7y.io/dragonfly
    from 0, < 2.1.0