Browse all 5 CVE security advisories affecting go-vela. AI-powered Chinese analysis, POCs, and references for each vulnerability.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-27616 | Vela Server has Insufficient Webhook Payload Data Verification — serverCWE-290 | 8.6 | High | 2025-03-10 |
| CVE-2024-28236 | Insecure Variable Substitution in Vela — workerCWE-532 | 7.7 | High | 2024-03-12 |
| CVE-2022-39395 | Vela Insecure Defaults — serverCWE-269 | 9.6 | Critical | 2022-11-10 |
| CVE-2021-21432 | Reject unauthorized access with GitHub PATs — serverCWE-285 | 7.5 | High | 2021-04-09 |
| CVE-2020-26294 | Exposure of server configuration — compilerCWE-78 | 7.4 | High | 2021-01-04 |
This page lists every published CVE security advisory associated with go-vela. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.