Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

6 advisories

Loading
Sender can cause a receiver to overwrite files during ZIP extraction in Croc Moderate
CVE-2023-43616 was published for github.com/schollz/croc (Go) Sep 20, 2023
schollz
Cros secrets may be disclosed to untrusted relay Moderate
CVE-2023-43617 was published for github.com/schollz/croc/v9 (Go) Sep 20, 2023
schollz
Croc requires senders to provide local IP addresses in cleartext Moderate
CVE-2023-43618 was published for github.com/schollz/croc/v9 (Go) Sep 20, 2023
schollz
Croc sender may send dangerous new files to receiver High
CVE-2023-43619 was published for github.com/schollz/croc/v9 (Go) Sep 20, 2023
schollz
Croc sender may place ANSI or CSI escape sequences in filename to attach receiver's terminal device High
CVE-2023-43620 was published for github.com/schollz/croc/v9 (Go) Sep 20, 2023
schollz
Croc may expose secret to local users Moderate
CVE-2023-43621 was published for github.com/schollz/croc/v9 (Go) Sep 20, 2023
schollz
ProTip! Advisories are also available from the GraphQL API