Go modules package
github.com/arduino/arduino-create-agent
pkg:golang/github.com/arduino/arduino-create-agent
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-43800 | — | < 1.3.3 | 1.3.3 | Oct 18, 2023 | Arduino Create Agent is a package to help manage Arduino development. The vulnerability affects the endpoint `/v2/pkgs/tools/installed`. A user who has the ability to perform HTTP requests to the localhost interface, or is able to bypass the CORS configuration, can escalate his p | ||
| CVE-2023-43801 | — | < 1.3.3 | 1.3.3 | Oct 18, 2023 | Arduino Create Agent is a package to help manage Arduino development. This vulnerability affects the endpoint `/v2/pkgs/tools/installed` and the way it handles plugin names supplied as user input. A user who has the ability to perform HTTP requests to the localhost interface, or | ||
| CVE-2023-43802 | — | < 1.3.3 | 1.3.3 | Oct 18, 2023 | Arduino Create Agent is a package to help manage Arduino development. This vulnerability affects the endpoint `/upload` which handles request with the `filename` parameter. A user who has the ability to perform HTTP requests to the localhost interface, or is able to bypass the CO | ||
| CVE-2023-43803 | — | < 1.3.3 | 1.3.3 | Oct 18, 2023 | Arduino Create Agent is a package to help manage Arduino development. This vulnerability affects the endpoint `/v2/pkgs/tools/installed` and the way it handles plugin names supplied as user input. A user who has the ability to perform HTTP requests to the localhost interface, or |
- CVE-2023-43800Oct 18, 2023affected < 1.3.3fixed 1.3.3
Arduino Create Agent is a package to help manage Arduino development. The vulnerability affects the endpoint `/v2/pkgs/tools/installed`. A user who has the ability to perform HTTP requests to the localhost interface, or is able to bypass the CORS configuration, can escalate his p
- CVE-2023-43801Oct 18, 2023affected < 1.3.3fixed 1.3.3
Arduino Create Agent is a package to help manage Arduino development. This vulnerability affects the endpoint `/v2/pkgs/tools/installed` and the way it handles plugin names supplied as user input. A user who has the ability to perform HTTP requests to the localhost interface, or
- CVE-2023-43802Oct 18, 2023affected < 1.3.3fixed 1.3.3
Arduino Create Agent is a package to help manage Arduino development. This vulnerability affects the endpoint `/upload` which handles request with the `filename` parameter. A user who has the ability to perform HTTP requests to the localhost interface, or is able to bypass the CO
- CVE-2023-43803Oct 18, 2023affected < 1.3.3fixed 1.3.3
Arduino Create Agent is a package to help manage Arduino development. This vulnerability affects the endpoint `/v2/pkgs/tools/installed` and the way it handles plugin names supplied as user input. A user who has the ability to perform HTTP requests to the localhost interface, or