github.com/mickael-kerjean/filestash (Go) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Go package github.com/mickael-kerjean/filestash, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (2)
CVE-2024-41255 — CVSS 7.5 (high): filestash v0.4 is configured to skip TLS certificate verification when using the FTPS protocol, possibly allowing attackers to execute a…
CVE-2024-41256 — CVSS 5.9 (medium): Default configurations in the ShareProofVerifier function of filestash v0.4 causes the application to skip the TLS certificate verification…