{"id":"GO-2024-3035","summary":"Filestash skips TLS certificate verification process when sending out email verification codes in github.com/mickael-kerjean/filestash","details":"Filestash skips TLS certificate verification process when sending out email verification codes in github.com/mickael-kerjean/filestash","aliases":["CVE-2024-41256","GHSA-mpvx-whpp-99xj"],"modified":"2026-03-17T04:53:22.036823Z","published":"2024-08-06T22:03:16Z","database_specific":{"url":"https://pkg.go.dev/vuln/GO-2024-3035","review_status":"UNREVIEWED"},"references":[{"type":"ADVISORY","url":"https://github.com/advisories/GHSA-mpvx-whpp-99xj"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-41256"},{"type":"REPORT","url":"https://github.com/mickael-kerjean/filestash/issues/709"},{"type":"WEB","url":"https://gist.github.com/nyxfqq/a6da3fe6128b978ea1aaa5df639d5f98"},{"type":"WEB","url":"https://github.com/mickael-kerjean/filestash/blob/master/server/model/share.go#L132"}],"affected":[{"package":{"name":"github.com/mickael-kerjean/filestash","ecosystem":"Go","purl":"pkg:golang/github.com/mickael-kerjean/filestash"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"}]}],"ecosystem_specific":{},"database_specific":{"source":"https://vuln.go.dev/ID/GO-2024-3035.json"}}],"schema_version":"1.7.5"}