x/vulndb: potential Go vuln in github.com/1Panel-dev/1Panel: CVE-2023-36458 #1888
Assignees
Labels
excluded: EFFECTIVELY_PRIVATE
This vulnerability exists in a package can be imported, but isn't meant to be outside that module.
Comments
jba
added
the
excluded: EFFECTIVELY_PRIVATE
|
Change https://go.dev/cl/508456 mentions this issue: |
This was referenced Aug 10, 2023
This was referenced Mar 6, 2024
|
Change https://go.dev/cl/592761 mentions this issue: |
This was referenced Jul 18, 2024
|
Change https://go.dev/cl/606787 mentions this issue: |
gopherbot
pushed a commit
that referenced
this issue
Aug 20, 2024
- data/reports/GO-2023-1862.yaml - data/reports/GO-2023-1863.yaml - data/reports/GO-2023-1864.yaml - data/reports/GO-2023-1865.yaml - data/reports/GO-2023-1866.yaml - data/reports/GO-2023-1871.yaml - data/reports/GO-2023-1879.yaml - data/reports/GO-2023-1887.yaml - data/reports/GO-2023-1888.yaml - data/reports/GO-2023-1891.yaml - data/reports/GO-2023-1892.yaml - data/reports/GO-2023-1894.yaml - data/reports/GO-2023-1895.yaml - data/reports/GO-2023-1896.yaml - data/reports/GO-2023-1897.yaml - data/reports/GO-2023-1898.yaml - data/reports/GO-2023-1899.yaml - data/reports/GO-2023-1900.yaml - data/reports/GO-2023-1901.yaml - data/reports/GO-2023-1911.yaml Updates #1862 Updates #1863 Updates #1864 Updates #1865 Updates #1866 Updates #1871 Updates #1879 Updates #1887 Updates #1888 Updates #1891 Updates #1892 Updates #1894 Updates #1895 Updates #1896 Updates #1897 Updates #1898 Updates #1899 Updates #1900 Updates #1901 Updates #1911 Change-Id: Iffcbe8e6325ef654a17298cd4c7072192626ad21 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/606787 Auto-Submit: Tatiana Bradley <[email protected]> Reviewed-by: Damien Neil <[email protected]> LUCI-TryBot-Result: Go LUCI <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
CVE-2023-36458 references github.com/1Panel-dev/1Panel, which may be a Go module.
Description:
1Panel is an open source Linux server operation and maintenance management panel. Prior to version 1.3.6, an authenticated attacker can craft a malicious payloads to achieve command injection when entering the container terminal. The vulnerability has been fixed in v1.3.6.
References:
Cross references:
No existing reports found with this module or alias.
See doc/triage.md for instructions on how to triage this report.
The text was updated successfully, but these errors were encountered: