Vulnerabilities in drakkan
8 resultsCVE-2025-24366HIGHInsufficient sanitization of user provided rsync command in SFTPGoEPSS 0.7%CVE-2024-52309MEDIUMSFTPGo allows administrators to restrict command execution from the EventManagerEPSS 0.6%CVE-2026-30914MEDIUMSFTPGo has a Path Traversal and Permission Bypass via Path Normalization DiscrepancyEPSS 0.5%CVE-2022-39220MEDIUMXSS Vulnerabilities in WebClientEPSS 0.5%CVE-2022-36071HIGHRecovery codes abuse in SFTPGoEPSS 0.4%CVE-2024-52801MEDIUMBrute force takeover of OpenID Connect session cookies in sftpgoEPSS 0.4%CVE-2026-30915MEDIUMSFTPGo improperly sanitizes placeholders in group home directories/key prefixesEPSS 0.3%CVE-2024-37897MEDIUMInsufficient access control for password reset in sftpgoEPSS 0.3%