virus logo DevSecOps

github.com/jumpserver/koko - medium issue in >=2.0.0,<2.28.20;>=3.0.0,<3.7.1 - CVE-2023-43651

Impact logoDescription

Package github.com/jumpserver/koko which comes from package manager golang is found vulnerable with medium severity, please avoid version >=2.0.0,<2.28.20;>=3.0.0,<3.7.1 in order to mitigate.

Recommended Actions

Avoid using versions >=2.0.0,<2.28.20;>=3.0.0,<3.7.1 for package github.com/jumpserver/koko

Coverage

FortiDevSec 24.3 or later

Version Updates

Date Version Status Detail
2024-09-30 24.30000
New
 None
ID 20244
CVE ID
CWE ID CWE-94
OWASP A03:2021
Package Source golang
Affected Language Go
Date Feb 16, 2024
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon