Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

8 advisories

Loading
Rancher API and cluster.management.cattle.io object vulnerable to plaintext storage and exposure of credentials Critical
CVE-2021-36782 was published for github.com/rancher/rancher (Go) Sep 23, 2022
Instance config inline secret exposure in Grafana Moderate
CVE-2021-41090 was published for github.com/grafana/agent (Go) Dec 8, 2021
Plaintext storage of sensitive data in Rancher API and cluster.management.cattle.io objects High
CVE-2022-43757 was published for github.com/rancher/rancher (Go) Jan 25, 2023
HashiCorp Boundary Workers Store Rotated Credentials in Plaintext Even When Key Management Service Configured High
CVE-2023-0690 was published for github.com/hashicorp/boundary (Go) Jul 6, 2023
Weave GitOps Terraform Controller Information Disclosure Vulnerability High
CVE-2023-34236 was published for github.com/weaveworks/tf-controller (Go) Jul 14, 2023
greenu
lakeFS logs S3 credentials in plain text High
GHSA-4rgc-5g6r-2rjf was published for github.com/treeverse/lakefs (Go) Dec 12, 2023
Mattermost doesn't redact remote users' original email addresses Moderate
CVE-2024-32939 was published for github.com/mattermost/mattermost/server/v8 (Go) Aug 22, 2024
Grafana information disclosure High
CVE-2020-12458 was published for github.com/grafana/grafana (Go) May 24, 2022
ProTip! Advisories are also available from the GraphQL API