github.com/google/exposure-notifications-verification-server (Go) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Go package github.com/google/exposure-notifications-verification-server, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (2)
CVE-2021-22565 — CVSS 6.5 (medium): An attacker could prematurely expire a verification code, making it unusable by the patient, making the patient unable to upload their TEKs…
CVE-2021-22538 — CVSS 6.3 (medium): A privilege escalation vulnerability impacting the Google Exposure Notification Verification Server (versions prior to 0.23.1), allows an…