Go modules package
github.com/jumpserver/koko
pkg:golang/github.com/jumpserver/koko
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-43651 | — | >= 2.0.0, < 2.28.20 | 2.28.20 | Sep 27, 2023 | JumpServer is an open source bastion host. An authenticated user can exploit a vulnerability in MongoDB sessions to execute arbitrary commands, leading to remote code execution. This vulnerability may further be leveraged to gain root privileges on the system. Through the WEB CLI |
- CVE-2023-43651Sep 27, 2023affected >= 2.0.0, < 2.28.20fixed 2.28.20
JumpServer is an open source bastion host. An authenticated user can exploit a vulnerability in MongoDB sessions to execute arbitrary commands, leading to remote code execution. This vulnerability may further be leveraged to gain root privileges on the system. Through the WEB CLI