-
Notifications
You must be signed in to change notification settings - Fork 58
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
data/reports: unexclude 20 reports (16)
- data/reports/GO-2022-0407.yaml - data/reports/GO-2022-0410.yaml - data/reports/GO-2022-0413.yaml - data/reports/GO-2022-0416.yaml - data/reports/GO-2022-0418.yaml - data/reports/GO-2022-0424.yaml - data/reports/GO-2022-0426.yaml - data/reports/GO-2022-0429.yaml - data/reports/GO-2022-0440.yaml - data/reports/GO-2022-0442.yaml - data/reports/GO-2022-0447.yaml - data/reports/GO-2022-0448.yaml - data/reports/GO-2022-0449.yaml - data/reports/GO-2022-0450.yaml - data/reports/GO-2022-0451.yaml - data/reports/GO-2022-0452.yaml - data/reports/GO-2022-0453.yaml - data/reports/GO-2022-0454.yaml - data/reports/GO-2022-0455.yaml - data/reports/GO-2022-0456.yaml Updates #407 Updates #410 Updates #413 Updates #416 Updates #418 Updates #424 Updates #426 Updates #429 Updates #440 Updates #442 Updates #447 Updates #448 Updates #449 Updates #450 Updates #451 Updates #452 Updates #453 Updates #454 Updates #455 Updates #456 Change-Id: I206c09343a83edd1fd9f1a37410a59391d904c6d Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/607218 Reviewed-by: Damien Neil <dneil@google.com> Auto-Submit: Tatiana Bradley <tatianabradley@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
- Loading branch information
Showing
60 changed files
with
1,801 additions
and
152 deletions.
There are no files selected for viewing
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,43 @@ | ||
| { | ||
| "schema_version": "1.3.1", | ||
| "id": "GO-2022-0407", | ||
| "modified": "0001-01-01T00:00:00Z", | ||
| "published": "0001-01-01T00:00:00Z", | ||
| "aliases": [ | ||
| "GHSA-qmfx-75ff-8mw6" | ||
| ], | ||
| "summary": "Listing of upload directory contents possible in github.com/ThomasLeister/prosody-filer", | ||
| "details": "Listing of upload directory contents possible in github.com/ThomasLeister/prosody-filer", | ||
| "affected": [ | ||
| { | ||
| "package": { | ||
| "name": "github.com/ThomasLeister/prosody-filer", | ||
| "ecosystem": "Go" | ||
| }, | ||
| "ranges": [ | ||
| { | ||
| "type": "SEMVER", | ||
| "events": [ | ||
| { | ||
| "introduced": "0" | ||
| }, | ||
| { | ||
| "fixed": "1.0.1" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "ecosystem_specific": {} | ||
| } | ||
| ], | ||
| "references": [ | ||
| { | ||
| "type": "ADVISORY", | ||
| "url": "https://github.com/ThomasLeister/prosody-filer/security/advisories/GHSA-qmfx-75ff-8mw6" | ||
| } | ||
| ], | ||
| "database_specific": { | ||
| "url": "https://pkg.go.dev/vuln/GO-2022-0407", | ||
| "review_status": "UNREVIEWED" | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,60 @@ | ||
| { | ||
| "schema_version": "1.3.1", | ||
| "id": "GO-2022-0410", | ||
| "modified": "0001-01-01T00:00:00Z", | ||
| "published": "0001-01-01T00:00:00Z", | ||
| "aliases": [ | ||
| "GHSA-x5c7-x7m2-rhmf" | ||
| ], | ||
| "summary": "Local directory executable lookup in sops (Windows-only) in go.mozilla.org/sops", | ||
| "details": "Local directory executable lookup in sops (Windows-only) in go.mozilla.org/sops", | ||
| "affected": [ | ||
| { | ||
| "package": { | ||
| "name": "go.mozilla.org/sops", | ||
| "ecosystem": "Go" | ||
| }, | ||
| "ranges": [ | ||
| { | ||
| "type": "SEMVER", | ||
| "events": [ | ||
| { | ||
| "introduced": "0" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "ecosystem_specific": {} | ||
| }, | ||
| { | ||
| "package": { | ||
| "name": "go.mozilla.org/sops/v3", | ||
| "ecosystem": "Go" | ||
| }, | ||
| "ranges": [ | ||
| { | ||
| "type": "SEMVER", | ||
| "events": [ | ||
| { | ||
| "introduced": "0" | ||
| }, | ||
| { | ||
| "fixed": "3.7.1" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "ecosystem_specific": {} | ||
| } | ||
| ], | ||
| "references": [ | ||
| { | ||
| "type": "ADVISORY", | ||
| "url": "https://github.com/mozilla/sops/security/advisories/GHSA-x5c7-x7m2-rhmf" | ||
| } | ||
| ], | ||
| "database_specific": { | ||
| "url": "https://pkg.go.dev/vuln/GO-2022-0410", | ||
| "review_status": "UNREVIEWED" | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,56 @@ | ||
| { | ||
| "schema_version": "1.3.1", | ||
| "id": "GO-2022-0413", | ||
| "modified": "0001-01-01T00:00:00Z", | ||
| "published": "0001-01-01T00:00:00Z", | ||
| "aliases": [ | ||
| "CVE-2022-24797", | ||
| "GHSA-q98f-2x4p-prjr" | ||
| ], | ||
| "summary": "Exposure of Sensitive Information in Pomerium in github.com/pomerium/pomerium", | ||
| "details": "Exposure of Sensitive Information in Pomerium in github.com/pomerium/pomerium", | ||
| "affected": [ | ||
| { | ||
| "package": { | ||
| "name": "github.com/pomerium/pomerium", | ||
| "ecosystem": "Go" | ||
| }, | ||
| "ranges": [ | ||
| { | ||
| "type": "SEMVER", | ||
| "events": [ | ||
| { | ||
| "introduced": "0.16.0" | ||
| }, | ||
| { | ||
| "fixed": "0.17.1" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "ecosystem_specific": {} | ||
| } | ||
| ], | ||
| "references": [ | ||
| { | ||
| "type": "ADVISORY", | ||
| "url": "https://github.com/pomerium/pomerium/security/advisories/GHSA-q98f-2x4p-prjr" | ||
| }, | ||
| { | ||
| "type": "ADVISORY", | ||
| "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-24797" | ||
| }, | ||
| { | ||
| "type": "FIX", | ||
| "url": "https://github.com/pomerium/pomerium/commit/b435f73e2b54088da2aca5e8c3aa1808293d6903" | ||
| }, | ||
| { | ||
| "type": "FIX", | ||
| "url": "https://github.com/pomerium/pomerium/pull/3212" | ||
| } | ||
| ], | ||
| "database_specific": { | ||
| "url": "https://pkg.go.dev/vuln/GO-2022-0413", | ||
| "review_status": "UNREVIEWED" | ||
| } | ||
| } |
Oops, something went wrong.