pommee/goaway

Releases287

Frequency1 day 16 hours

Last Release about 1 month ago

Stars710

Lightweight DNS sinkhole written in Go with a modern dashboard client

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-65730 ↗	Dec 5, 2025Friday, 5 December 2025, 16:15	8.8 HIGH	—
Authentication Bypass via Hardcoded Credentials GoAway up to v0.62.18, fixed in 0.62.19, uses a hardcoded secret for signing JWT tokens used for authentication.