github.com/mickael-kerjean/filestash

Go2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting github.com/mickael-kerjean/filestashpage 1 of 1

CVE-2024-41255HIGHCVSS 7.5EG 5.9
2024-07-31
filestash v0.4 is configured to skip TLS certificate verification when using the FTPS protocol, possibly allowing attackers to execute a man-in-the-middle attack via the Init function of index.go.
CVE-2024-41256MEDIUMCVSS 5.9EG 8.1
2024-07-31
Default configurations in the ShareProofVerifier function of filestash v0.4 causes the application to skip the TLS certificate verification process when sending out email verification codes, possibly allowing attackers to access sensitive …

Check whether github.com/mickael-kerjean/filestash is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for github.com/mickael-kerjean/filestash CVEs against the assets you own.

Start Free Scan →