{"id":"GO-2023-2136","summary":"Artifact Hub arbitrary file read vulnerability in github.com/artifacthub/hub","details":"Artifact Hub arbitrary file read vulnerability in github.com/artifacthub/hub","aliases":["CVE-2023-45823","GHSA-hmq4-c2r4-5q8h"],"modified":"2026-03-03T04:54:18.747176Z","published":"2024-08-21T14:30:22Z","database_specific":{"review_status":"UNREVIEWED","url":"https://pkg.go.dev/vuln/GO-2023-2136"},"references":[{"type":"ADVISORY","url":"https://github.com/artifacthub/hub/security/advisories/GHSA-hmq4-c2r4-5q8h"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-45823"},{"type":"WEB","url":"https://artifacthub.io/packages/helm/artifact-hub/artifact-hub?modal=changelog&version=1.16.0"}],"affected":[{"package":{"name":"github.com/artifacthub/hub","ecosystem":"Go","purl":"pkg:golang/github.com/artifacthub/hub"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"1.16.0"}]}],"ecosystem_specific":{},"database_specific":{"source":"https://vuln.go.dev/ID/GO-2023-2136.json"}}],"schema_version":"1.7.3"}