github.com/tiagorlampert/CHAOS
Go2 known CVEs affecting this package
Aggregated from OSV, GitHub Security Advisories, NVD, and vendor advisories. Each CVE links to its full detail page with vendor advisories, patches, fixed versions, and remediation guidance.
CVEs affecting github.com/tiagorlampert/CHAOSpage 1 of 1
- CVE-2024-31839MEDIUMCVSS 4.8EG 4.82024-04-12
Cross Site Scripting vulnerability in tiagorlampert CHAOS v.5.0.1 allows a remote attacker to escalate privileges via the sendCommandHandler function in the handler.go component.
- CVE-2024-33434CRITICALCVSS 9.8EG 9.8✓ Fixed in 0.0.0-20220716132853-b47438d36e3a2024-05-07
An issue in tiagorlampert CHAOS v5.0.1 before 1b451cf62582295b7225caf5a7b506f0bad56f6b and 24c9e109b5be34df7b2bce8368eae669c481ed5e allows a remote attacker to execute arbitrary code via the unsafe concatenation of the `filename` argument …
Check whether github.com/tiagorlampert/CHAOS is used in your infrastructure
EchelonGraph scans your cloud and SBOMs to map every package to your actual deployments. See blast radius for github.com/tiagorlampert/CHAOS CVEs against the assets you own.
Start Free Scan →