Go modules package
github.com/gravitational/teleport
pkg:golang/github.com/gravitational/teleport
Vulnerabilities (2)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2025-49825 | Cri | 9.8 | >= 17.0.0, < 17.5.2 | 17.5.2 | Jun 17, 2025 | Teleport provides connectivity, authentication, access controls and audit for infrastructure. Community Edition versions before and including 17.5.1 are vulnerable to remote authentication bypass. At time of posting, there is no available open-source patch. | |
| CVE-2022-36633 | — | < 8.3.17 | 8.3.17 | Aug 24, 2022 | Teleport 9.3.6 is vulnerable to Command injection leading to Remote Code Execution. An attacker can craft a malicious ssh agent installation link by URL encoding a bash escape with carriage return line feed. This url encoded payload can be used in place of a token and sent to a u |
- affected >= 17.0.0, < 17.5.2fixed 17.5.2
Teleport provides connectivity, authentication, access controls and audit for infrastructure. Community Edition versions before and including 17.5.1 are vulnerable to remote authentication bypass. At time of posting, there is no available open-source patch.
- CVE-2022-36633Aug 24, 2022affected < 8.3.17fixed 8.3.17
Teleport 9.3.6 is vulnerable to Command injection leading to Remote Code Execution. An attacker can craft a malicious ssh agent installation link by URL encoding a bash escape with carriage return line feed. This url encoded payload can be used in place of a token and sent to a u