x/vulndb: potential Go vuln in github.com/1Panel-dev/1Panel: GHSA-26w3-q4j8-4xjp #2613

GoVulnBot · 2024-03-06T16:01:28Z

In GitHub Security Advisory GHSA-26w3-q4j8-4xjp, there is a vulnerability in the following Go packages or modules:

Unit	Fixed	Vulnerable Ranges
github.com/1Panel-dev/1Panel	1.10.1-lts	<= 1.10.0-lts

Cross references:

Module github.com/1Panel-dev/1Panel appears in issue x/vulndb: potential Go vuln in github.com/1Panel-dev/1Panel: CVE-2023-36457 #1887 NOT_IMPORTABLE
Module github.com/1Panel-dev/1Panel appears in issue x/vulndb: potential Go vuln in github.com/1Panel-dev/1Panel: CVE-2023-36458 #1888 EFFECTIVELY_PRIVATE
Module github.com/1Panel-dev/1Panel appears in issue x/vulndb: potential Go vuln in github.com/1Panel-dev/1Panel: CVE-2023-37477 #1940 EFFECTIVELY_PRIVATE
Module github.com/1Panel-dev/1Panel appears in issue x/vulndb: potential Go vuln in github.com/1Panel-dev/1Panel: CVE-2023-39964 #2004 EFFECTIVELY_PRIVATE
Module github.com/1Panel-dev/1Panel appears in issue x/vulndb: potential Go vuln in github.com/1Panel-dev/1Panel: CVE-2023-39965 #2005 EFFECTIVELY_PRIVATE
Module github.com/1Panel-dev/1Panel appears in issue x/vulndb: potential Go vuln in github.com/1Panel-dev/1Panel: CVE-2023-39966 #2006 EFFECTIVELY_PRIVATE
Module github.com/1Panel-dev/1Panel appears in issue x/vulndb: potential Go vuln in github.com/1Panel-dev/1Panel: CVE-2024-24768 #2531 EFFECTIVELY_PRIVATE

See doc/triage.md for instructions on how to triage this report.

modules:
    - module: github.com/1Panel-dev/1Panel
      versions:
        - introduced: TODO (earliest fixed "1.10.1-lts", vuln range "<= 1.10.0-lts")
      packages:
        - package: github.com/1Panel-dev/1Panel
summary: 1Panel open source panel project has an unauthorized vulnerability.
cves:
    - CVE-2024-27288
ghsas:
    - GHSA-26w3-q4j8-4xjp
references:
    - advisory: https://github.com/1Panel-dev/1Panel/security/advisories/GHSA-26w3-q4j8-4xjp
    - web: https://github.com/1Panel-dev/1Panel/releases/tag/v1.10.1-lts
    - advisory: https://github.com/advisories/GHSA-26w3-q4j8-4xjp

The text was updated successfully, but these errors were encountered:

gopherbot · 2024-03-11T17:27:42Z

Change https://go.dev/cl/570720 mentions this issue: data/reports: add GO-2024-2613.yaml

tatianab assigned maceonthompson Mar 6, 2024

maceonthompson mentioned this issue Mar 10, 2024

x/vulndb: potential Go vuln in github.com/1Panel-dev/1Panel: CVE-2024-27288 #2622

Closed

gopherbot closed this as completed in c84c60a Mar 14, 2024

GoVulnBot mentioned this issue Apr 3, 2024

x/vulndb: potential Go vuln in github.com/1Panel-dev/1Panel: CVE-2024-2352 #2674

Closed

GoVulnBot mentioned this issue Apr 18, 2024

x/vulndb: potential Go vuln in github.com/1Panel-dev/1Panel: CVE-2024-30257 #2734

Closed

GoVulnBot mentioned this issue May 9, 2024

x/vulndb: potential Go vuln in github.com/1Panel-dev/1Panel: CVE-2024-34352 #2830

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

x/vulndb: potential Go vuln in github.com/1Panel-dev/1Panel: GHSA-26w3-q4j8-4xjp #2613

x/vulndb: potential Go vuln in github.com/1Panel-dev/1Panel: GHSA-26w3-q4j8-4xjp #2613

GoVulnBot commented Mar 6, 2024

gopherbot commented Mar 11, 2024

x/vulndb: potential Go vuln in github.com/1Panel-dev/1Panel: GHSA-26w3-q4j8-4xjp #2613

x/vulndb: potential Go vuln in github.com/1Panel-dev/1Panel: GHSA-26w3-q4j8-4xjp #2613

Comments

GoVulnBot commented Mar 6, 2024

gopherbot commented Mar 11, 2024