teleport-18

Direct Vulnerabilities

Known vulnerabilities in the teleport-18 package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free

Vulnerability	Vulnerable Version
H Improper Validation of Array Index	<18.7.6-r0
L Improper Encoding or Escaping of Output	<18.8.2-r0
L Directory Traversal	<18.8.2-r0
L CVE-2026-41568	<18.7.6-r0
L CVE-2026-42306	<18.7.6-r0
L CVE-2026-41567	<18.7.6-r0
L GHSA-pmwq-pjrm-6p5r	*
L CVE-2026-44973	<18.8.1-r0
L Incorrect Behavior Order: Validate Before Canonicalize	<18.8.1-r0
L CVE-2026-44740	<18.8.1-r0
M Out-of-bounds Write	<18.7.6-r1
H NULL Pointer Dereference	<18.7.6-r1
L CVE-2026-42499	<18.7.6-r1
H Loop with Unreachable Exit Condition ('Infinite Loop')	<18.7.6-r1
L CVE-2026-42501	<18.7.6-r1
L CVE-2026-39825	<18.7.6-r1
H Allocation of Resources Without Limits or Throttling	<18.7.6-r1
M Link Following	<18.7.6-r1
L Improper Encoding or Escaping of Output	<18.7.6-r1
L Cross-site Scripting (XSS)	<18.7.6-r1
H Double Free	<18.7.6-r1
H Off-by-one Error	<18.7.6-r0
C SQL Injection	<18.7.6-r0
L CVE-2026-32286	<18.7.6-r0
L Improper Validation of Array Index	<18.7.6-r0
L GHSA-pcgw-qcv5-h8ch	<18.7.6-r0
L GHSA-hwqm-qvj9-4jr2	<18.7.6-r0
L Improper Authorization	<18.7.6-r0
L Improper Verification of Cryptographic Signature	<18.7.6-r0
H Authentication Bypass	<18.7.6-r0
L Improper Validation of Array Index	<18.7.6-r0
L Integer Underflow	<18.7.6-r0
L GHSA-xmrv-pmrh-hhx2	<18.7.6-r0
L Uncaught Exception	<18.7.6-r0
L CVE-2026-33816	<18.7.6-r0
L Uncontrolled Memory Allocation	<18.7.6-r0
H Insufficiently Protected Credentials	<18.7.6-r0
M Directory Traversal	<18.7.6-r0
L Allocation of Resources Without Limits or Throttling	<18.7.6-r0
H Integer Overflow or Wraparound	<18.7.6-r0
L Allocation of Resources Without Limits or Throttling	<18.7.6-r0
H Access of Resource Using Incompatible Type ('Type Confusion')	<18.7.2-r1
C CVE-2026-27143	<18.7.2-r1
H Incorrect Authorization	<18.7.2-r1
M Allocation of Resources Without Limits or Throttling	<18.7.2-r1
M Link Following	<18.7.2-r1
L CVE-2026-32280	<18.7.2-r1
M Cross-site Scripting (XSS)	<18.7.2-r1
H Allocation of Resources Without Limits or Throttling	<18.7.2-r1
H Improper Certificate Validation	<18.7.2-r1
H Improper Certificate Validation	<18.7.2-r1
H CVE-2025-15558	<18.7.6-r0
L Untrusted Search Path	<18.7.6-r0
L Direct Request ('Forced Browsing')	<18.7.2-r0
L Cross-site Scripting (XSS)	<18.7.2-r0
L Improper Certificate Validation	<18.7.2-r0
L Improper Certificate Validation	<18.7.2-r0
L Directory Traversal	<18.7.2-r0
M Improper Validation of Integrity Check Value	<18.7.1-r0
M Directory Traversal	<18.7.6-r0
L CVE-2025-61732	<18.6.7-r0
C CVE-2025-68121	<18.6.7-r0
H Improper Verification of Cryptographic Signature	<18.7.6-r0
H Reachable Assertion	<18.7.6-r0
L NULL Pointer Dereference	<18.7.6-r0
L Directory Traversal	<18.7.6-r0
L Server-Side Request Forgery (SSRF)	<18.7.6-r0
L CVE-2025-61731	<18.6.4-r0
L Allocation of Resources Without Limits or Throttling	<18.6.4-r0
L Allocation of Resources Without Limits or Throttling	<18.6.4-r0
L Out-of-bounds Write	<18.6.4-r0
L CVE-2025-61730	<18.6.4-r0
L Allocation of Resources Without Limits or Throttling	<18.5.1-r0
L Asymmetric Resource Consumption (Amplification)	<18.7.6-r0
L Improper Certificate Validation	<18.5.0-r0
L Improper Certificate Validation	<18.5.0-r0
L CVE-2025-47914	<18.4.1-r0
L CVE-2025-58181	<18.4.1-r0
H Incorrect Execution-Assigned Permissions	<18.3.2-r0
M Memory Leak	<18.3.2-r0
L CVE-2025-58183	<18.2.10-r0
L Allocation of Resources Without Limits or Throttling	<18.2.10-r0
L Allocation of Resources Without Limits or Throttling	<18.2.10-r0
L Allocation of Resources Without Limits or Throttling	<18.2.10-r0
L Information Exposure Through Log Files	<18.2.10-r0
L CVE-2025-61725	<18.2.10-r0
L Improper Certificate Validation	<18.2.10-r0
L CVE-2025-47912	<18.2.10-r0
L Algorithmic Complexity	<18.2.10-r0
L CVE-2025-58186	<18.2.10-r0
L Reachable Assertion	<18.3.2-r0
L CVE-2025-47910	<18.2.0-r0
L Allocation of Resources Without Limits or Throttling	<18.1.4-r1
L Use of Uninitialized Resource	<18.1.4-r1

Vulnerability

Vulnerable Version

Improper Validation of Array Index

<18.7.6-r0