Why Go
- Case Studies
  
  Common problems companies solve with Go
- Use Cases
  
  Stories about how and why companies use Go
- Security
  
  How Go can help keep you secure by default
Learn
Docs
- Effective Go
  
  Tips for writing clear, performant, and idiomatic Go code
- Go User Manual
  
  A complete introduction to building software with Go
- Standard library
  
  Reference documentation for Go's standard library
- Release Notes
  
  Learn what's new in each Go release
Packages
Community
- Recorded Talks
  
  Videos from prior events
- Meetups
  
  Meet other local Go developers
- Conferences
  
  Learn and network with Go developers from around the world
- Go blog
  
  The Go project's official blog.
- Go project
  
  Get help and stay informed from Go
- Get connected

tokenizer

package

Go to main page

Versions in this module

v0

v0.19.0

Jan 28, 2024 GO-2024-3046 +12 more

GO-2024-3046: memos vulnerable to Server-Side Request Forgery in /api/resource in github.com/usememos/memos

GO-2024-3049: memos vulnerable to Server-Side Request Forgery and Cross-site Scripting in github.com/usememos/memos

GO-2024-3088: memos CORS Misconfiguration in server.go (GHSL-2024-034) in github.com/usememos/memos

GO-2025-3492: Memos Server-Side Request Forgery (SSRF) in github.com/usememos/memos

GO-2025-3831: Memos has Cross-Site Scripting (XSS) Vulnerability in Image URLs in github.com/usememos/memos

GO-2025-3936: Memos Vulnerable to Path Traversal via the CreateResource Endpoint in github.com/usememos/memos

GO-2025-3937: Memos Vulnerable to Stored Cross-Site Scripting in github.com/usememos/memos

GO-2025-4127: Memos' Access Tokens Stay Valid after User Password Change in github.com/usememos/memos

GO-2025-4215: memos vulnerability allows arbitrarily reactions deletion in github.com/usememos/memos

GO-2025-4216: memos vulnerability allows arbitrarily modification or deletion of attachments in github.com/usememos/memos

GO-2025-4217: memos vulnerability allows the creation of arbitrary accounts in github.com/usememos/memos

GO-2025-4218: memos lacks file name validation or verification in github.com/usememos/memos

GO-2025-4220: memos vulnerability allows arbitrarily modification or deletion registered identity providers in github.com/usememos/memos

Changes in this version

+ func Find(tokens []*Token, target TokenType) int

+ func FindUnescaped(tokens []*Token, target TokenType) int

type Token

+ func GetFirstLine(tokens []*Token) []*Token

type TokenType

+ const Caret

+ const NewLine

+ const QuestionMark

v0.18.2

Jan 18, 2024 GO-2024-3046 +12 more

GO-2024-3046: memos vulnerable to Server-Side Request Forgery in /api/resource in github.com/usememos/memos

GO-2024-3049: memos vulnerable to Server-Side Request Forgery and Cross-site Scripting in github.com/usememos/memos

GO-2024-3088: memos CORS Misconfiguration in server.go (GHSL-2024-034) in github.com/usememos/memos

GO-2025-3492: Memos Server-Side Request Forgery (SSRF) in github.com/usememos/memos

GO-2025-3831: Memos has Cross-Site Scripting (XSS) Vulnerability in Image URLs in github.com/usememos/memos

GO-2025-3936: Memos Vulnerable to Path Traversal via the CreateResource Endpoint in github.com/usememos/memos

GO-2025-3937: Memos Vulnerable to Stored Cross-Site Scripting in github.com/usememos/memos

GO-2025-4127: Memos' Access Tokens Stay Valid after User Password Change in github.com/usememos/memos

GO-2025-4215: memos vulnerability allows arbitrarily reactions deletion in github.com/usememos/memos

GO-2025-4216: memos vulnerability allows arbitrarily modification or deletion of attachments in github.com/usememos/memos

GO-2025-4217: memos vulnerability allows the creation of arbitrary accounts in github.com/usememos/memos

GO-2025-4218: memos lacks file name validation or verification in github.com/usememos/memos

GO-2025-4220: memos vulnerability allows arbitrarily modification or deletion registered identity providers in github.com/usememos/memos

Changes in this version

+ func Split(tokens []*Token, delimiter TokenType) [][]*Token

type TokenType

+ const Backslash

+ const Colon

+ const DollarSign

+ const Dot

+ const EqualSign

+ const Hyphen

+ const LessThan

+ const Number

+ const Pipe

+ const PlusSign

+ const PoundSign

+ const Underscore

v0.18.1

Dec 15, 2023 GO-2024-3046 +12 more

GO-2024-3046: memos vulnerable to Server-Side Request Forgery in /api/resource in github.com/usememos/memos

GO-2024-3049: memos vulnerable to Server-Side Request Forgery and Cross-site Scripting in github.com/usememos/memos

GO-2024-3088: memos CORS Misconfiguration in server.go (GHSL-2024-034) in github.com/usememos/memos

GO-2025-3492: Memos Server-Side Request Forgery (SSRF) in github.com/usememos/memos

GO-2025-3831: Memos has Cross-Site Scripting (XSS) Vulnerability in Image URLs in github.com/usememos/memos

GO-2025-3936: Memos Vulnerable to Path Traversal via the CreateResource Endpoint in github.com/usememos/memos

GO-2025-3937: Memos Vulnerable to Stored Cross-Site Scripting in github.com/usememos/memos

GO-2025-4127: Memos' Access Tokens Stay Valid after User Password Change in github.com/usememos/memos

GO-2025-4215: memos vulnerability allows arbitrarily reactions deletion in github.com/usememos/memos

GO-2025-4216: memos vulnerability allows arbitrarily modification or deletion of attachments in github.com/usememos/memos

GO-2025-4217: memos vulnerability allows the creation of arbitrary accounts in github.com/usememos/memos

GO-2025-4218: memos lacks file name validation or verification in github.com/usememos/memos

GO-2025-4220: memos vulnerability allows arbitrarily modification or deletion registered identity providers in github.com/usememos/memos

Changes in this version

+ func Stringify(tokens []*Token) string

type Token

+ func (t *Token) String() string

type TokenType

+ const Asterisk

+ const Dash

+ const GreaterThan

+ const Tilde

v0.18.0

Dec 10, 2023 GO-2024-3046 +12 more

GO-2024-3046: memos vulnerable to Server-Side Request Forgery in /api/resource in github.com/usememos/memos

GO-2024-3049: memos vulnerable to Server-Side Request Forgery and Cross-site Scripting in github.com/usememos/memos

GO-2024-3088: memos CORS Misconfiguration in server.go (GHSL-2024-034) in github.com/usememos/memos

GO-2025-3492: Memos Server-Side Request Forgery (SSRF) in github.com/usememos/memos

GO-2025-3831: Memos has Cross-Site Scripting (XSS) Vulnerability in Image URLs in github.com/usememos/memos

GO-2025-3936: Memos Vulnerable to Path Traversal via the CreateResource Endpoint in github.com/usememos/memos

GO-2025-3937: Memos Vulnerable to Stored Cross-Site Scripting in github.com/usememos/memos

GO-2025-4127: Memos' Access Tokens Stay Valid after User Password Change in github.com/usememos/memos

GO-2025-4215: memos vulnerability allows arbitrarily reactions deletion in github.com/usememos/memos

GO-2025-4216: memos vulnerability allows arbitrarily modification or deletion of attachments in github.com/usememos/memos

GO-2025-4217: memos vulnerability allows the creation of arbitrary accounts in github.com/usememos/memos

GO-2025-4218: memos lacks file name validation or verification in github.com/usememos/memos

GO-2025-4220: memos vulnerability allows arbitrarily modification or deletion registered identity providers in github.com/usememos/memos

v0.17.1

Nov 19, 2023 GO-2024-3046 +12 more

GO-2024-3046: memos vulnerable to Server-Side Request Forgery in /api/resource in github.com/usememos/memos

GO-2024-3049: memos vulnerable to Server-Side Request Forgery and Cross-site Scripting in github.com/usememos/memos

GO-2024-3088: memos CORS Misconfiguration in server.go (GHSL-2024-034) in github.com/usememos/memos

GO-2025-3492: Memos Server-Side Request Forgery (SSRF) in github.com/usememos/memos

GO-2025-3831: Memos has Cross-Site Scripting (XSS) Vulnerability in Image URLs in github.com/usememos/memos

GO-2025-3936: Memos Vulnerable to Path Traversal via the CreateResource Endpoint in github.com/usememos/memos

GO-2025-3937: Memos Vulnerable to Stored Cross-Site Scripting in github.com/usememos/memos

GO-2025-4127: Memos' Access Tokens Stay Valid after User Password Change in github.com/usememos/memos

GO-2025-4215: memos vulnerability allows arbitrarily reactions deletion in github.com/usememos/memos

GO-2025-4216: memos vulnerability allows arbitrarily modification or deletion of attachments in github.com/usememos/memos

GO-2025-4217: memos vulnerability allows the creation of arbitrary accounts in github.com/usememos/memos

GO-2025-4218: memos lacks file name validation or verification in github.com/usememos/memos

GO-2025-4220: memos vulnerability allows arbitrarily modification or deletion registered identity providers in github.com/usememos/memos

v0.17.0

Oct 29, 2023 GO-2024-3046 +12 more

GO-2024-3046: memos vulnerable to Server-Side Request Forgery in /api/resource in github.com/usememos/memos

GO-2024-3049: memos vulnerable to Server-Side Request Forgery and Cross-site Scripting in github.com/usememos/memos

GO-2024-3088: memos CORS Misconfiguration in server.go (GHSL-2024-034) in github.com/usememos/memos

GO-2025-3492: Memos Server-Side Request Forgery (SSRF) in github.com/usememos/memos

GO-2025-3831: Memos has Cross-Site Scripting (XSS) Vulnerability in Image URLs in github.com/usememos/memos

GO-2025-3936: Memos Vulnerable to Path Traversal via the CreateResource Endpoint in github.com/usememos/memos

GO-2025-3937: Memos Vulnerable to Stored Cross-Site Scripting in github.com/usememos/memos

GO-2025-4127: Memos' Access Tokens Stay Valid after User Password Change in github.com/usememos/memos

GO-2025-4215: memos vulnerability allows arbitrarily reactions deletion in github.com/usememos/memos

GO-2025-4216: memos vulnerability allows arbitrarily modification or deletion of attachments in github.com/usememos/memos

GO-2025-4217: memos vulnerability allows the creation of arbitrary accounts in github.com/usememos/memos

GO-2025-4218: memos lacks file name validation or verification in github.com/usememos/memos

GO-2025-4220: memos vulnerability allows arbitrarily modification or deletion registered identity providers in github.com/usememos/memos

v0.16.1

Oct 21, 2023 GO-2024-3046 +12 more

GO-2024-3046: memos vulnerable to Server-Side Request Forgery in /api/resource in github.com/usememos/memos

GO-2024-3049: memos vulnerable to Server-Side Request Forgery and Cross-site Scripting in github.com/usememos/memos

GO-2024-3088: memos CORS Misconfiguration in server.go (GHSL-2024-034) in github.com/usememos/memos

GO-2025-3492: Memos Server-Side Request Forgery (SSRF) in github.com/usememos/memos

GO-2025-3831: Memos has Cross-Site Scripting (XSS) Vulnerability in Image URLs in github.com/usememos/memos

GO-2025-3936: Memos Vulnerable to Path Traversal via the CreateResource Endpoint in github.com/usememos/memos

GO-2025-3937: Memos Vulnerable to Stored Cross-Site Scripting in github.com/usememos/memos

GO-2025-4127: Memos' Access Tokens Stay Valid after User Password Change in github.com/usememos/memos

GO-2025-4215: memos vulnerability allows arbitrarily reactions deletion in github.com/usememos/memos

GO-2025-4216: memos vulnerability allows arbitrarily modification or deletion of attachments in github.com/usememos/memos

GO-2025-4217: memos vulnerability allows the creation of arbitrary accounts in github.com/usememos/memos

GO-2025-4218: memos lacks file name validation or verification in github.com/usememos/memos

GO-2025-4220: memos vulnerability allows arbitrarily modification or deletion registered identity providers in github.com/usememos/memos

v0.16.0

Oct 5, 2023 GO-2024-3046 +13 more

GO-2024-3046: memos vulnerable to Server-Side Request Forgery in /api/resource in github.com/usememos/memos

GO-2024-3047: memos vulnerable to Server-Side Request Forgery in /o/get/httpmeta in github.com/usememos/memos

GO-2024-3049: memos vulnerable to Server-Side Request Forgery and Cross-site Scripting in github.com/usememos/memos

GO-2024-3088: memos CORS Misconfiguration in server.go (GHSL-2024-034) in github.com/usememos/memos

GO-2025-3492: Memos Server-Side Request Forgery (SSRF) in github.com/usememos/memos

GO-2025-3831: Memos has Cross-Site Scripting (XSS) Vulnerability in Image URLs in github.com/usememos/memos

GO-2025-3936: Memos Vulnerable to Path Traversal via the CreateResource Endpoint in github.com/usememos/memos

GO-2025-3937: Memos Vulnerable to Stored Cross-Site Scripting in github.com/usememos/memos

GO-2025-4127: Memos' Access Tokens Stay Valid after User Password Change in github.com/usememos/memos

GO-2025-4215: memos vulnerability allows arbitrarily reactions deletion in github.com/usememos/memos

GO-2025-4216: memos vulnerability allows arbitrarily modification or deletion of attachments in github.com/usememos/memos

GO-2025-4217: memos vulnerability allows the creation of arbitrary accounts in github.com/usememos/memos

GO-2025-4218: memos lacks file name validation or verification in github.com/usememos/memos

GO-2025-4220: memos vulnerability allows arbitrarily modification or deletion registered identity providers in github.com/usememos/memos

v0.15.2

Sep 23, 2023 GO-2024-3046 +13 more

GO-2024-3046: memos vulnerable to Server-Side Request Forgery in /api/resource in github.com/usememos/memos

GO-2024-3047: memos vulnerable to Server-Side Request Forgery in /o/get/httpmeta in github.com/usememos/memos

GO-2024-3049: memos vulnerable to Server-Side Request Forgery and Cross-site Scripting in github.com/usememos/memos

GO-2024-3088: memos CORS Misconfiguration in server.go (GHSL-2024-034) in github.com/usememos/memos

GO-2025-3492: Memos Server-Side Request Forgery (SSRF) in github.com/usememos/memos

GO-2025-3831: Memos has Cross-Site Scripting (XSS) Vulnerability in Image URLs in github.com/usememos/memos

GO-2025-3936: Memos Vulnerable to Path Traversal via the CreateResource Endpoint in github.com/usememos/memos

GO-2025-3937: Memos Vulnerable to Stored Cross-Site Scripting in github.com/usememos/memos

GO-2025-4127: Memos' Access Tokens Stay Valid after User Password Change in github.com/usememos/memos

GO-2025-4215: memos vulnerability allows arbitrarily reactions deletion in github.com/usememos/memos

GO-2025-4216: memos vulnerability allows arbitrarily modification or deletion of attachments in github.com/usememos/memos

GO-2025-4217: memos vulnerability allows the creation of arbitrary accounts in github.com/usememos/memos

GO-2025-4218: memos lacks file name validation or verification in github.com/usememos/memos

GO-2025-4220: memos vulnerability allows arbitrarily modification or deletion registered identity providers in github.com/usememos/memos

v0.15.1

Sep 18, 2023 GO-2024-3046 +13 more

GO-2024-3046: memos vulnerable to Server-Side Request Forgery in /api/resource in github.com/usememos/memos

GO-2024-3047: memos vulnerable to Server-Side Request Forgery in /o/get/httpmeta in github.com/usememos/memos

GO-2024-3049: memos vulnerable to Server-Side Request Forgery and Cross-site Scripting in github.com/usememos/memos

GO-2024-3088: memos CORS Misconfiguration in server.go (GHSL-2024-034) in github.com/usememos/memos

GO-2025-3492: Memos Server-Side Request Forgery (SSRF) in github.com/usememos/memos

GO-2025-3831: Memos has Cross-Site Scripting (XSS) Vulnerability in Image URLs in github.com/usememos/memos

GO-2025-3936: Memos Vulnerable to Path Traversal via the CreateResource Endpoint in github.com/usememos/memos

GO-2025-3937: Memos Vulnerable to Stored Cross-Site Scripting in github.com/usememos/memos

GO-2025-4127: Memos' Access Tokens Stay Valid after User Password Change in github.com/usememos/memos

GO-2025-4215: memos vulnerability allows arbitrarily reactions deletion in github.com/usememos/memos

GO-2025-4216: memos vulnerability allows arbitrarily modification or deletion of attachments in github.com/usememos/memos

GO-2025-4217: memos vulnerability allows the creation of arbitrary accounts in github.com/usememos/memos

GO-2025-4218: memos lacks file name validation or verification in github.com/usememos/memos

GO-2025-4220: memos vulnerability allows arbitrarily modification or deletion registered identity providers in github.com/usememos/memos

v0.15.0

Sep 16, 2023 GO-2023-2065 +14 more

GO-2023-2065: Cross-Site Request Forgery (CSRF) in usememos/memos in github.com/usememos/memos

GO-2024-3046: memos vulnerable to Server-Side Request Forgery in /api/resource in github.com/usememos/memos

GO-2024-3047: memos vulnerable to Server-Side Request Forgery in /o/get/httpmeta in github.com/usememos/memos

GO-2024-3049: memos vulnerable to Server-Side Request Forgery and Cross-site Scripting in github.com/usememos/memos

GO-2024-3088: memos CORS Misconfiguration in server.go (GHSL-2024-034) in github.com/usememos/memos

GO-2025-3492: Memos Server-Side Request Forgery (SSRF) in github.com/usememos/memos

GO-2025-3831: Memos has Cross-Site Scripting (XSS) Vulnerability in Image URLs in github.com/usememos/memos

GO-2025-3936: Memos Vulnerable to Path Traversal via the CreateResource Endpoint in github.com/usememos/memos

GO-2025-3937: Memos Vulnerable to Stored Cross-Site Scripting in github.com/usememos/memos

GO-2025-4127: Memos' Access Tokens Stay Valid after User Password Change in github.com/usememos/memos

GO-2025-4215: memos vulnerability allows arbitrarily reactions deletion in github.com/usememos/memos

GO-2025-4216: memos vulnerability allows arbitrarily modification or deletion of attachments in github.com/usememos/memos

GO-2025-4217: memos vulnerability allows the creation of arbitrary accounts in github.com/usememos/memos

GO-2025-4218: memos lacks file name validation or verification in github.com/usememos/memos

GO-2025-4220: memos vulnerability allows arbitrarily modification or deletion registered identity providers in github.com/usememos/memos

v0.14.4

Aug 13, 2023 GO-2023-2065 +14 more

GO-2023-2065: Cross-Site Request Forgery (CSRF) in usememos/memos in github.com/usememos/memos

GO-2024-3046: memos vulnerable to Server-Side Request Forgery in /api/resource in github.com/usememos/memos

GO-2024-3047: memos vulnerable to Server-Side Request Forgery in /o/get/httpmeta in github.com/usememos/memos

GO-2024-3049: memos vulnerable to Server-Side Request Forgery and Cross-site Scripting in github.com/usememos/memos

GO-2024-3088: memos CORS Misconfiguration in server.go (GHSL-2024-034) in github.com/usememos/memos

GO-2025-3492: Memos Server-Side Request Forgery (SSRF) in github.com/usememos/memos

GO-2025-3831: Memos has Cross-Site Scripting (XSS) Vulnerability in Image URLs in github.com/usememos/memos

GO-2025-3936: Memos Vulnerable to Path Traversal via the CreateResource Endpoint in github.com/usememos/memos

GO-2025-3937: Memos Vulnerable to Stored Cross-Site Scripting in github.com/usememos/memos

GO-2025-4127: Memos' Access Tokens Stay Valid after User Password Change in github.com/usememos/memos

GO-2025-4215: memos vulnerability allows arbitrarily reactions deletion in github.com/usememos/memos

GO-2025-4216: memos vulnerability allows arbitrarily modification or deletion of attachments in github.com/usememos/memos

GO-2025-4217: memos vulnerability allows the creation of arbitrary accounts in github.com/usememos/memos

GO-2025-4218: memos lacks file name validation or verification in github.com/usememos/memos

GO-2025-4220: memos vulnerability allows arbitrarily modification or deletion registered identity providers in github.com/usememos/memos

v0.14.3

Aug 5, 2023 GO-2023-2065 +14 more

GO-2023-2065: Cross-Site Request Forgery (CSRF) in usememos/memos in github.com/usememos/memos

GO-2024-3046: memos vulnerable to Server-Side Request Forgery in /api/resource in github.com/usememos/memos

GO-2024-3047: memos vulnerable to Server-Side Request Forgery in /o/get/httpmeta in github.com/usememos/memos

GO-2024-3049: memos vulnerable to Server-Side Request Forgery and Cross-site Scripting in github.com/usememos/memos

GO-2024-3088: memos CORS Misconfiguration in server.go (GHSL-2024-034) in github.com/usememos/memos

GO-2025-3492: Memos Server-Side Request Forgery (SSRF) in github.com/usememos/memos

GO-2025-3831: Memos has Cross-Site Scripting (XSS) Vulnerability in Image URLs in github.com/usememos/memos

GO-2025-3936: Memos Vulnerable to Path Traversal via the CreateResource Endpoint in github.com/usememos/memos

GO-2025-3937: Memos Vulnerable to Stored Cross-Site Scripting in github.com/usememos/memos

GO-2025-4127: Memos' Access Tokens Stay Valid after User Password Change in github.com/usememos/memos

GO-2025-4215: memos vulnerability allows arbitrarily reactions deletion in github.com/usememos/memos

GO-2025-4216: memos vulnerability allows arbitrarily modification or deletion of attachments in github.com/usememos/memos

GO-2025-4217: memos vulnerability allows the creation of arbitrary accounts in github.com/usememos/memos

GO-2025-4218: memos lacks file name validation or verification in github.com/usememos/memos

GO-2025-4220: memos vulnerability allows arbitrarily modification or deletion registered identity providers in github.com/usememos/memos

v0.14.2

Jul 26, 2023 GO-2023-2065 +14 more

GO-2023-2065: Cross-Site Request Forgery (CSRF) in usememos/memos in github.com/usememos/memos

GO-2024-3046: memos vulnerable to Server-Side Request Forgery in /api/resource in github.com/usememos/memos

GO-2024-3047: memos vulnerable to Server-Side Request Forgery in /o/get/httpmeta in github.com/usememos/memos

GO-2024-3049: memos vulnerable to Server-Side Request Forgery and Cross-site Scripting in github.com/usememos/memos

GO-2024-3088: memos CORS Misconfiguration in server.go (GHSL-2024-034) in github.com/usememos/memos

GO-2025-3492: Memos Server-Side Request Forgery (SSRF) in github.com/usememos/memos

GO-2025-3831: Memos has Cross-Site Scripting (XSS) Vulnerability in Image URLs in github.com/usememos/memos

GO-2025-3936: Memos Vulnerable to Path Traversal via the CreateResource Endpoint in github.com/usememos/memos

GO-2025-3937: Memos Vulnerable to Stored Cross-Site Scripting in github.com/usememos/memos

GO-2025-4127: Memos' Access Tokens Stay Valid after User Password Change in github.com/usememos/memos

GO-2025-4215: memos vulnerability allows arbitrarily reactions deletion in github.com/usememos/memos

GO-2025-4216: memos vulnerability allows arbitrarily modification or deletion of attachments in github.com/usememos/memos

GO-2025-4217: memos vulnerability allows the creation of arbitrary accounts in github.com/usememos/memos

GO-2025-4218: memos lacks file name validation or verification in github.com/usememos/memos

GO-2025-4220: memos vulnerability allows arbitrarily modification or deletion registered identity providers in github.com/usememos/memos

v0.14.1

Jul 22, 2023 GO-2023-2065 +14 more

GO-2023-2065: Cross-Site Request Forgery (CSRF) in usememos/memos in github.com/usememos/memos

GO-2024-3046: memos vulnerable to Server-Side Request Forgery in /api/resource in github.com/usememos/memos

GO-2024-3047: memos vulnerable to Server-Side Request Forgery in /o/get/httpmeta in github.com/usememos/memos

GO-2024-3049: memos vulnerable to Server-Side Request Forgery and Cross-site Scripting in github.com/usememos/memos

GO-2024-3088: memos CORS Misconfiguration in server.go (GHSL-2024-034) in github.com/usememos/memos

GO-2025-3492: Memos Server-Side Request Forgery (SSRF) in github.com/usememos/memos

GO-2025-3831: Memos has Cross-Site Scripting (XSS) Vulnerability in Image URLs in github.com/usememos/memos

GO-2025-3936: Memos Vulnerable to Path Traversal via the CreateResource Endpoint in github.com/usememos/memos

GO-2025-3937: Memos Vulnerable to Stored Cross-Site Scripting in github.com/usememos/memos

GO-2025-4127: Memos' Access Tokens Stay Valid after User Password Change in github.com/usememos/memos

GO-2025-4215: memos vulnerability allows arbitrarily reactions deletion in github.com/usememos/memos

GO-2025-4216: memos vulnerability allows arbitrarily modification or deletion of attachments in github.com/usememos/memos

GO-2025-4217: memos vulnerability allows the creation of arbitrary accounts in github.com/usememos/memos

GO-2025-4218: memos lacks file name validation or verification in github.com/usememos/memos

GO-2025-4220: memos vulnerability allows arbitrarily modification or deletion registered identity providers in github.com/usememos/memos

v0.14.0

Jul 16, 2023 GO-2023-2065 +14 more

GO-2023-2065: Cross-Site Request Forgery (CSRF) in usememos/memos in github.com/usememos/memos

GO-2024-3046: memos vulnerable to Server-Side Request Forgery in /api/resource in github.com/usememos/memos

GO-2024-3047: memos vulnerable to Server-Side Request Forgery in /o/get/httpmeta in github.com/usememos/memos

GO-2024-3049: memos vulnerable to Server-Side Request Forgery and Cross-site Scripting in github.com/usememos/memos

GO-2024-3088: memos CORS Misconfiguration in server.go (GHSL-2024-034) in github.com/usememos/memos

GO-2025-3492: Memos Server-Side Request Forgery (SSRF) in github.com/usememos/memos

GO-2025-3831: Memos has Cross-Site Scripting (XSS) Vulnerability in Image URLs in github.com/usememos/memos

GO-2025-3936: Memos Vulnerable to Path Traversal via the CreateResource Endpoint in github.com/usememos/memos

GO-2025-3937: Memos Vulnerable to Stored Cross-Site Scripting in github.com/usememos/memos

GO-2025-4127: Memos' Access Tokens Stay Valid after User Password Change in github.com/usememos/memos

GO-2025-4215: memos vulnerability allows arbitrarily reactions deletion in github.com/usememos/memos

GO-2025-4216: memos vulnerability allows arbitrarily modification or deletion of attachments in github.com/usememos/memos

GO-2025-4217: memos vulnerability allows the creation of arbitrary accounts in github.com/usememos/memos

GO-2025-4218: memos lacks file name validation or verification in github.com/usememos/memos

GO-2025-4220: memos vulnerability allows arbitrarily modification or deletion registered identity providers in github.com/usememos/memos

v0.13.2

Jul 1, 2023 GO-2023-2065 +14 more

GO-2023-2065: Cross-Site Request Forgery (CSRF) in usememos/memos in github.com/usememos/memos

GO-2024-3046: memos vulnerable to Server-Side Request Forgery in /api/resource in github.com/usememos/memos

GO-2024-3047: memos vulnerable to Server-Side Request Forgery in /o/get/httpmeta in github.com/usememos/memos

GO-2024-3049: memos vulnerable to Server-Side Request Forgery and Cross-site Scripting in github.com/usememos/memos

GO-2024-3088: memos CORS Misconfiguration in server.go (GHSL-2024-034) in github.com/usememos/memos

GO-2025-3492: Memos Server-Side Request Forgery (SSRF) in github.com/usememos/memos

GO-2025-3831: Memos has Cross-Site Scripting (XSS) Vulnerability in Image URLs in github.com/usememos/memos

GO-2025-3936: Memos Vulnerable to Path Traversal via the CreateResource Endpoint in github.com/usememos/memos

GO-2025-3937: Memos Vulnerable to Stored Cross-Site Scripting in github.com/usememos/memos

GO-2025-4127: Memos' Access Tokens Stay Valid after User Password Change in github.com/usememos/memos

GO-2025-4215: memos vulnerability allows arbitrarily reactions deletion in github.com/usememos/memos

GO-2025-4216: memos vulnerability allows arbitrarily modification or deletion of attachments in github.com/usememos/memos

GO-2025-4217: memos vulnerability allows the creation of arbitrary accounts in github.com/usememos/memos

GO-2025-4218: memos lacks file name validation or verification in github.com/usememos/memos

GO-2025-4220: memos vulnerability allows arbitrarily modification or deletion registered identity providers in github.com/usememos/memos

v0.13.1

May 27, 2023 GO-2023-2036 +16 more

GO-2023-2036: usememos/memos vulnerable to privilege escalation in github.com/usememos/memos

GO-2023-2038: Account TakeOver Due to Improper Handling of JWT Tokens in usememos/memos in github.com/usememos/memos

GO-2023-2065: Cross-Site Request Forgery (CSRF) in usememos/memos in github.com/usememos/memos

GO-2024-3046: memos vulnerable to Server-Side Request Forgery in /api/resource in github.com/usememos/memos

GO-2024-3047: memos vulnerable to Server-Side Request Forgery in /o/get/httpmeta in github.com/usememos/memos

GO-2024-3049: memos vulnerable to Server-Side Request Forgery and Cross-site Scripting in github.com/usememos/memos

GO-2024-3088: memos CORS Misconfiguration in server.go (GHSL-2024-034) in github.com/usememos/memos

GO-2025-3492: Memos Server-Side Request Forgery (SSRF) in github.com/usememos/memos

GO-2025-3831: Memos has Cross-Site Scripting (XSS) Vulnerability in Image URLs in github.com/usememos/memos

GO-2025-3936: Memos Vulnerable to Path Traversal via the CreateResource Endpoint in github.com/usememos/memos

GO-2025-3937: Memos Vulnerable to Stored Cross-Site Scripting in github.com/usememos/memos

GO-2025-4127: Memos' Access Tokens Stay Valid after User Password Change in github.com/usememos/memos

GO-2025-4215: memos vulnerability allows arbitrarily reactions deletion in github.com/usememos/memos

GO-2025-4216: memos vulnerability allows arbitrarily modification or deletion of attachments in github.com/usememos/memos

GO-2025-4217: memos vulnerability allows the creation of arbitrary accounts in github.com/usememos/memos

GO-2025-4218: memos lacks file name validation or verification in github.com/usememos/memos

GO-2025-4220: memos vulnerability allows arbitrarily modification or deletion registered identity providers in github.com/usememos/memos

Changes in this version

type Token

+ func Tokenize(text string) []*Token

type TokenType

+ const Backtick

+ const ExclamationMark

+ const LeftParenthesis

+ const LeftSquareBracket

+ const RightParenthesis

+ const RightSquareBracket

v0.13.0

May 20, 2023 GO-2023-2036 +16 more

GO-2023-2036: usememos/memos vulnerable to privilege escalation in github.com/usememos/memos

GO-2023-2038: Account TakeOver Due to Improper Handling of JWT Tokens in usememos/memos in github.com/usememos/memos

GO-2023-2065: Cross-Site Request Forgery (CSRF) in usememos/memos in github.com/usememos/memos

GO-2024-3046: memos vulnerable to Server-Side Request Forgery in /api/resource in github.com/usememos/memos

GO-2024-3047: memos vulnerable to Server-Side Request Forgery in /o/get/httpmeta in github.com/usememos/memos

GO-2024-3049: memos vulnerable to Server-Side Request Forgery and Cross-site Scripting in github.com/usememos/memos

GO-2024-3088: memos CORS Misconfiguration in server.go (GHSL-2024-034) in github.com/usememos/memos

GO-2025-3492: Memos Server-Side Request Forgery (SSRF) in github.com/usememos/memos

GO-2025-3831: Memos has Cross-Site Scripting (XSS) Vulnerability in Image URLs in github.com/usememos/memos

GO-2025-3936: Memos Vulnerable to Path Traversal via the CreateResource Endpoint in github.com/usememos/memos

GO-2025-3937: Memos Vulnerable to Stored Cross-Site Scripting in github.com/usememos/memos

GO-2025-4127: Memos' Access Tokens Stay Valid after User Password Change in github.com/usememos/memos

GO-2025-4215: memos vulnerability allows arbitrarily reactions deletion in github.com/usememos/memos

GO-2025-4216: memos vulnerability allows arbitrarily modification or deletion of attachments in github.com/usememos/memos

GO-2025-4217: memos vulnerability allows the creation of arbitrary accounts in github.com/usememos/memos

GO-2025-4218: memos lacks file name validation or verification in github.com/usememos/memos

GO-2025-4220: memos vulnerability allows arbitrarily modification or deletion registered identity providers in github.com/usememos/memos

Changes in this version

+ type Token struct

+ Type TokenType

+ Value string

+ func NewToken(tp, text string) *Token

+ type TokenType = string

+ const Hash

+ const Newline

+ const Space

+ const Star

+ const Text

+ const Underline