Go module

github.com/stacklok/minder

v0.0.28

Newer version available

Security Advisories

7

In this package

Minder trusts client-provided mapping from repo name to upstream ID in github.com/stacklok/minder

GO-2024-2582

Similar advisories

Minder trusts client-provided mapping from repo name to upstream ID

4.6 MODERATE·GHSA-q6h8-4j2v-pjg4

Minder access control bypass in github.com/stacklok/minder

GO-2024-2608

Similar advisories

`GetRepositoryByName`, `DeleteRepositoryByName` and `GetArtifactByName` allow access of arbitrary repositories in Minder by any authenticated user

7.1 HIGH·GHSA-v627-69v2-xx37

Denial of Service from untrusted requests in github.com/stacklok/minder

GO-2024-2821

Similar advisories

Minder's GitHub Webhook Handler vulnerable to DoS from un-validated requests

7.5 HIGH·GHSA-9c5w-9q3f-3hv7

Denial of service of Minder Server with attacker-controlled REST endpoint in github.com/stacklok/minder

GO-2024-2864

Similar advisories

Denial of service of Minder Server with attacker-controlled REST endpoint

5.3 MODERATE·GHSA-fjw8-3gp8-4cvx

Stacklok Minder vulnerable to denial of service from maliciously crafted templates in github.com/stacklok/minder

GO-2024-2871

Similar advisories

Stacklok Minder vulnerable to denial of service from maliciously crafted templates

5.3 MODERATE·GHSA-crgc-2583-rw27

Denial of service of Minder Server from maliciously crafted GitHub attestations in github.com/stacklok/minder

GO-2024-2885

Similar advisories

Denial of service of Minder Server from maliciously crafted GitHub attestations

5.3 MODERATE·GHSA-8fmj-33gw-g7pw

Minder affected by denial of service from maliciously configured Git repository in github.com/stacklok/minder

GO-2024-2934

Similar advisories

Minder affected by denial of service from maliciously configured Git repository

5.7 MODERATE·GHSA-hpcg-xjq5-g666

Licenses

Learn more about license information.

Licenses

Apache-2.0

Package metadata as of June 9, 2025.

Published

February 5, 2024

Links

Origin: https://pkg.go.dev/github.com/stacklok/minder@v0.0.28
Repo: https://github.com/stacklok/minder

Projects

mindersec/minder

GitHub

Software Supply Chain Security Platform

47 forks

338 stars

Project metadata as of June 13, 2025.

This site uses cookies from Google to deliver its services and to analyze traffic.