pkg:Go/github.com/pterodactyl/wings

All known vulnerabilities

• CRITICAL9.9CVE-2024-27102Pterodactyl Wings vulnerable to improper isolation of server file access in github.com/pterodactyl/wings
  from 0, < 1.11.9
• CRITICAL9.9CVE-2024-27102Pterodactyl Wings vulnerable to improper isolation of server file access in github.com/pterodactyl/wings
  from 0, < 1.11.9
• CRITICAL9.6CVE-2023-25168Pterodactyl Wings contains UNIX Symbolic Link (Symlink) Following resulting in deletion of files and directories on the host system in github.com/pterodactyl/wings
  from 0, < 1.7.4, >= 1.11.0, < 1.11.4
• CRITICAL9.6Pterodactyl Wings contains UNIX Symbolic Link (Symlink) Following resulting in deletion of files and directories on the host system in github.com/pterodactyl/wings
  from 0, < 1.7.4
• CRITICAL9.0Wings vulnerable to escape to host from installation container in github.com/pterodactyl/wings
  from 0, < 1.7.5
• CRITICAL9.0Wings vulnerable to escape to host from installation container in github.com/pterodactyl/wings
  from 0, < 1.7.5, >= 1.11.0, < 1.11.6
• HIGH8.4Pterodactyl Wings vulnerable to Arbitrary File Write/Read in github.com/pterodactyl/wings
  from 0, < 1.11.12
• HIGH8.4Pterodactyl Wings vulnerable to Arbitrary File Write/Read in github.com/pterodactyl/wings
  from 0, < 1.11.12
• HIGH8.4Pterodactyl Wings contains UNIX Symbolic Link (Symlink) Following in github.com/pterodactyl/wings
  from 0, < 1.7.3, >= 1.11.0, < 1.11.3
• HIGH8.4Pterodactyl Wings contains UNIX Symbolic Link (Symlink) Following in github.com/pterodactyl/wings
  from 0, < 1.7.3
• MEDIUM6.5Pterodactyl endlessly reprocesses/reuploads activity log data due to SQLite max parameters limit not being considered in github.com/pterodactyl/wings
  >= 1.7.0, < 1.12.0
• MEDIUM6.5Pterodactyl endlessly reprocesses/reuploads activity log data due to SQLite max parameters limit not being considered in github.com/pterodactyl/wings
  >= 1.7.0, < 1.12.0
• MEDIUM6.5Pterodactyl websocket endpoints have no visible rate limits or monitoring, allowing for DOS attacks in github.com/pterodactyl/wings
  from 0, < 1.12.0
• MEDIUM6.5Pterodactyl websocket endpoints have no visible rate limits or monitoring, allowing for DOS attacks in github.com/pterodactyl/wings
  from 0, < 1.12.0
• MEDIUM6.5Asymmetric Resource Consumption (Amplification) in Docker containers created by Wings in github.com/pterodactyl/wings
  from 0, < 1.4.4
• MEDIUM6.5Asymmetric Resource Consumption (Amplification) in Docker containers created by Wings in github.com/pterodactyl/wings
  from 0, < 1.4.4
• MEDIUM6.4Pterodactyl Wings vulnerable to Server-Side Request Forgery during remote file pull in github.com/pterodactyl/wings
  from 0, < 1.11.12
• MEDIUM6.4Pterodactyl Wings vulnerable to Server-Side Request Forgery during remote file pull in github.com/pterodactyl/wings
  >= 1.2.0, < 1.2.1
• MEDIUM6.4Pterodactyl Wings vulnerable to Server-Side Request Forgery during remote file pull in github.com/pterodactyl/wings
  from 0, < 1.11.12
• —Pterodactyl does not revoke SFTP access when server is deleted or permissions reduced
  from 0, < 1.12.0
• —Pterodactyl does not revoke SFTP access when server is deleted or permissions reduced
  from 0, < 1.12.0