VYPR

Go modules package

github.com/tobychui/zoraxy

pkg:golang/github.com/tobychui/zoraxy

Vulnerabilities (2)

  • CVE-2026-33529LowMar 26, 2026
    affected < 3.3.2fixed 3.3.2

    Zoraxy is a general purpose HTTP reverse proxy and forwarding tool. Prior to version 3.3.2, an authenticated path traversal vulnerability in the configuration import endpoint allows an authenticated user to write arbitrary files outside the config directory, which can lead to RCE

  • CVE-2024-52010HigNov 12, 2024
    affected >= 2.6.1, < 3.1.3fixed 3.1.3

    Zoraxy is a general purpose HTTP reverse proxy and forwarding tool. A command injection vulnerability in the Web SSH feature allows an authenticated attacker to execute arbitrary commands as root on the host. Zoraxy has a Web SSH terminal feature that allows authenticated users t