Known Vulnerabilities for Go-slug by Hashicorp

Listed below are 1 of the newest known vulnerabilities associated with "Go-slug" by "Hashicorp".

These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE	Shortened Description	Severity	Publish Date	Last Modified
CVE-2026-2931	The Amelia Booking plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, ...	Not Provided	2026-03-26	2026-03-26
CVE-2025-24544	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in dashed-slug.net Bitcoin...	Not Provided	2025-02-03	2026-04-01
CVE-2025-23640	Cross-Site Request Forgery (CSRF) vulnerability in Nazmul Ahsan Rename Author Slug rename-author-slug allows Stored XSS.This ...	Not Provided	2025-01-16	2026-04-01
CVE-2024-51655	Cross-Site Request Forgery (CSRF) vulnerability in microkid Custom Author URL author-slug allows Stored XSS.This issue affect...	Not Provided	2024-11-19	2026-04-01
CVE-2020-29529	HashiCorp go-slug up to 0.4.3 did not fully protect against directory traversal while unpacking tar archives, and protections...	7.5 - HIGH	2020-12-03	2021-03-08

Known Affected Configurations (CPE V2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Hashicorp	Go-slug	0.5.0	All	All	All
Application	Hashicorp	Go-slug	0.4.3	All	All	All
Application	Hashicorp	Go-slug	0.4.2	All	All	All
Application	Hashicorp	Go-slug	0.4.1	All	All	All
Application	Hashicorp	Go-slug	0.4.0	All	All	All
Application	Hashicorp	Go-slug	0.3.1	All	All	All
Application	Hashicorp	Go-slug	0.3.0	All	All	All
Application	Hashicorp	Go-slug	0.2.0	All	All	All
Application	Hashicorp	Go-slug	0.1.0	All	All	All