VYPR

Go modules package

github.com/arduino/arduino-create-agent

pkg:golang/github.com/arduino/arduino-create-agent

Vulnerabilities (4)

  • CVE-2023-43800Oct 18, 2023
    affected < 1.3.3fixed 1.3.3

    Arduino Create Agent is a package to help manage Arduino development. The vulnerability affects the endpoint `/v2/pkgs/tools/installed`. A user who has the ability to perform HTTP requests to the localhost interface, or is able to bypass the CORS configuration, can escalate his p

  • CVE-2023-43801Oct 18, 2023
    affected < 1.3.3fixed 1.3.3

    Arduino Create Agent is a package to help manage Arduino development. This vulnerability affects the endpoint `/v2/pkgs/tools/installed` and the way it handles plugin names supplied as user input. A user who has the ability to perform HTTP requests to the localhost interface, or

  • CVE-2023-43802Oct 18, 2023
    affected < 1.3.3fixed 1.3.3

    Arduino Create Agent is a package to help manage Arduino development. This vulnerability affects the endpoint `/upload` which handles request with the `filename` parameter. A user who has the ability to perform HTTP requests to the localhost interface, or is able to bypass the CO

  • CVE-2023-43803Oct 18, 2023
    affected < 1.3.3fixed 1.3.3

    Arduino Create Agent is a package to help manage Arduino development. This vulnerability affects the endpoint `/v2/pkgs/tools/installed` and the way it handles plugin names supplied as user input. A user who has the ability to perform HTTP requests to the localhost interface, or