github.com/oxyno-zeta/s3-proxy

Go2 known CVEs affecting this package

Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.

CVEs affecting github.com/oxyno-zeta/s3-proxypage 1 of 1

CVE-2025-27088HIGHCVSS 8.2EG 8.2✓ Fixed in 0.0.0-20250220214310-c611c741ed48
2025-02-20
oxyno-zeta/s3-proxy is an aws s3 proxy written in go. In affected versions a Reflected Cross-site Scripting (XSS) vulnerability enables attackers to create malicious URLs that, when visited, inject scripts into the web application. This ca…
CVE-2026-42882CRITICALCVSS 9.4EG 9.4✓ Fixed in 0.0.0-20260424211602-1320e4abd46a
2026-05-11
oxyno-zeta/s3-proxy is an aws s3 proxy written in go. Prior to 5.0.0, s3-proxy contains an authentication bypass caused by inconsistent URL path interpretation between the authentication middleware and the bucket handler. The authenticatio…

Check whether github.com/oxyno-zeta/s3-proxy is used in your infrastructure

EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for github.com/oxyno-zeta/s3-proxy CVEs against the assets you own.

Start Free Scan →