pkg:Go/github.com/patrickhener/goshs/v2

共 5 筆 CVECRITICAL1HIGH3MEDIUM1

✅ 檢查你的版本

所有已知漏洞

  • CRITICAL9.8CVE-2026-40884goshs has an empty-username SFTP password authentication bypass
    from 0, < 2.0.0
  • HIGH8.8CVE-2026-40885goshs's public collaborator feed leaks .goshs ACL credentials and enables unauthorized access
    >= 2.0.0-beta.4, < 2.0.0-beta.6
  • HIGH8.8CVE-2026-40876SFTP root escape via prefix-based path validation in goshs
    from 0, < 2.0.0
  • HIGH8.1CVE-2026-40883goshs has CSRF in state-changing GET routes enables authenticated file deletion and directory creation
    >= 2.0.0-beta.4, < 2.0.0-beta.6
  • MEDIUM6.5CVE-2026-42091goshs has Cross-Origin Arbitrary File Write via Missing CSRF on PUT and Wildcard CORS
    from 0, < 2.0.2