-
Notifications
You must be signed in to change notification settings - Fork 58
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
data/reports: unexclude 20 reports (8)
- data/reports/GO-2023-1912.yaml - data/reports/GO-2023-1915.yaml - data/reports/GO-2023-1919.yaml - data/reports/GO-2023-1922.yaml - data/reports/GO-2023-1924.yaml - data/reports/GO-2023-1925.yaml - data/reports/GO-2023-1927.yaml - data/reports/GO-2023-1928.yaml - data/reports/GO-2023-1931.yaml - data/reports/GO-2023-1932.yaml - data/reports/GO-2023-1936.yaml - data/reports/GO-2023-1938.yaml - data/reports/GO-2023-1939.yaml - data/reports/GO-2023-1940.yaml - data/reports/GO-2023-1942.yaml - data/reports/GO-2023-1945.yaml - data/reports/GO-2023-1946.yaml - data/reports/GO-2023-1948.yaml - data/reports/GO-2023-1950.yaml - data/reports/GO-2023-1952.yaml Updates #1912 Updates #1915 Updates #1919 Updates #1922 Updates #1924 Updates #1925 Updates #1927 Updates #1928 Updates #1931 Updates #1932 Updates #1936 Updates #1938 Updates #1939 Updates #1940 Updates #1942 Updates #1945 Updates #1946 Updates #1948 Updates #1950 Updates #1952 Change-Id: Id25f09c8f7270af68238752db96d6a399b91ef36 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/606788 Auto-Submit: Tatiana Bradley <tatianabradley@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Damien Neil <dneil@google.com>
- Loading branch information
Showing
60 changed files
with
1,860 additions
and
160 deletions.
There are no files selected for viewing
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,60 @@ | ||
| { | ||
| "schema_version": "1.3.1", | ||
| "id": "GO-2023-1912", | ||
| "modified": "0001-01-01T00:00:00Z", | ||
| "published": "0001-01-01T00:00:00Z", | ||
| "aliases": [ | ||
| "CVE-2023-34458", | ||
| "GHSA-j494-7x2v-vvvp" | ||
| ], | ||
| "summary": "mx-chain-go's relayed transactions always increment nonce in github.com/multiversx/mx-chain-go", | ||
| "details": "mx-chain-go's relayed transactions always increment nonce in github.com/multiversx/mx-chain-go", | ||
| "affected": [ | ||
| { | ||
| "package": { | ||
| "name": "github.com/multiversx/mx-chain-go", | ||
| "ecosystem": "Go" | ||
| }, | ||
| "ranges": [ | ||
| { | ||
| "type": "SEMVER", | ||
| "events": [ | ||
| { | ||
| "introduced": "0" | ||
| }, | ||
| { | ||
| "fixed": "1.4.17" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "ecosystem_specific": {} | ||
| } | ||
| ], | ||
| "references": [ | ||
| { | ||
| "type": "ADVISORY", | ||
| "url": "https://github.com/multiversx/mx-chain-go/security/advisories/GHSA-j494-7x2v-vvvp" | ||
| }, | ||
| { | ||
| "type": "ADVISORY", | ||
| "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-34458" | ||
| }, | ||
| { | ||
| "type": "FIX", | ||
| "url": "https://github.com/multiversx/mx-chain-go/commit/babdb144f1316ab6176bf3dbd7d4621120414d43" | ||
| }, | ||
| { | ||
| "type": "WEB", | ||
| "url": "https://github.com/multiversx/mx-chain-go/blob/babdb144f1316ab6176bf3dbd7d4621120414d43/integrationTests/vm/txsFee/relayedMoveBalance_test.go#LL165C14-L165C14" | ||
| }, | ||
| { | ||
| "type": "WEB", | ||
| "url": "https://github.com/multiversx/mx-chain-go/releases/tag/v1.4.17" | ||
| } | ||
| ], | ||
| "database_specific": { | ||
| "url": "https://pkg.go.dev/vuln/GO-2023-1912", | ||
| "review_status": "UNREVIEWED" | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,72 @@ | ||
| { | ||
| "schema_version": "1.3.1", | ||
| "id": "GO-2023-1915", | ||
| "modified": "0001-01-01T00:00:00Z", | ||
| "published": "0001-01-01T00:00:00Z", | ||
| "aliases": [ | ||
| "CVE-2020-10749", | ||
| "GHSA-fx6x-h9g4-56f8" | ||
| ], | ||
| "summary": "containernetworking/plugins vulnerable to MitM attacks in github.com/containernetworking/plugins", | ||
| "details": "containernetworking/plugins vulnerable to MitM attacks in github.com/containernetworking/plugins", | ||
| "affected": [ | ||
| { | ||
| "package": { | ||
| "name": "github.com/containernetworking/plugins", | ||
| "ecosystem": "Go" | ||
| }, | ||
| "ranges": [ | ||
| { | ||
| "type": "SEMVER", | ||
| "events": [ | ||
| { | ||
| "introduced": "0" | ||
| }, | ||
| { | ||
| "fixed": "0.8.6" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "ecosystem_specific": {} | ||
| } | ||
| ], | ||
| "references": [ | ||
| { | ||
| "type": "ADVISORY", | ||
| "url": "https://github.com/advisories/GHSA-fx6x-h9g4-56f8" | ||
| }, | ||
| { | ||
| "type": "ADVISORY", | ||
| "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-10749" | ||
| }, | ||
| { | ||
| "type": "WEB", | ||
| "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00063.html" | ||
| }, | ||
| { | ||
| "type": "WEB", | ||
| "url": "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00065.html" | ||
| }, | ||
| { | ||
| "type": "WEB", | ||
| "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10749" | ||
| }, | ||
| { | ||
| "type": "WEB", | ||
| "url": "https://github.com/containernetworking/plugins/releases/tag/v0.8.6" | ||
| }, | ||
| { | ||
| "type": "WEB", | ||
| "url": "https://groups.google.com/forum/#!topic/kubernetes-security-announce/BMb_6ICCfp8" | ||
| }, | ||
| { | ||
| "type": "WEB", | ||
| "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DV3HCDZYUTPPVDUMTZXDKK6IUO3JMGJC" | ||
| } | ||
| ], | ||
| "database_specific": { | ||
| "url": "https://pkg.go.dev/vuln/GO-2023-1915", | ||
| "review_status": "UNREVIEWED" | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,60 @@ | ||
| { | ||
| "schema_version": "1.3.1", | ||
| "id": "GO-2023-1919", | ||
| "modified": "0001-01-01T00:00:00Z", | ||
| "published": "0001-01-01T00:00:00Z", | ||
| "aliases": [ | ||
| "CVE-2019-12452", | ||
| "GHSA-r3fq-cmmw-cpmm" | ||
| ], | ||
| "summary": "Containous Traefik Exposes Password Hashes in github.com/traefik/traefik", | ||
| "details": "Containous Traefik Exposes Password Hashes in github.com/traefik/traefik", | ||
| "affected": [ | ||
| { | ||
| "package": { | ||
| "name": "github.com/traefik/traefik", | ||
| "ecosystem": "Go" | ||
| }, | ||
| "ranges": [ | ||
| { | ||
| "type": "SEMVER", | ||
| "events": [ | ||
| { | ||
| "introduced": "1.7.0" | ||
| }, | ||
| { | ||
| "fixed": "1.7.12" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "ecosystem_specific": {} | ||
| } | ||
| ], | ||
| "references": [ | ||
| { | ||
| "type": "ADVISORY", | ||
| "url": "https://github.com/advisories/GHSA-r3fq-cmmw-cpmm" | ||
| }, | ||
| { | ||
| "type": "ADVISORY", | ||
| "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12452" | ||
| }, | ||
| { | ||
| "type": "FIX", | ||
| "url": "https://github.com/traefik/traefik/commit/a169fec2e08e391d24b509c00fcf011656c1395c" | ||
| }, | ||
| { | ||
| "type": "WEB", | ||
| "url": "https://github.com/containous/traefik/issues/4917" | ||
| }, | ||
| { | ||
| "type": "WEB", | ||
| "url": "https://github.com/containous/traefik/pull/4918" | ||
| } | ||
| ], | ||
| "database_specific": { | ||
| "url": "https://pkg.go.dev/vuln/GO-2023-1919", | ||
| "review_status": "UNREVIEWED" | ||
| } | ||
| } |
Oops, something went wrong.