-
Notifications
You must be signed in to change notification settings - Fork 58
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
data/reports: unexclude 20 reports (26)
- data/reports/GO-2022-0887.yaml - data/reports/GO-2022-0888.yaml - data/reports/GO-2022-0889.yaml - data/reports/GO-2022-0890.yaml - data/reports/GO-2022-0892.yaml - data/reports/GO-2022-0893.yaml - data/reports/GO-2022-0894.yaml - data/reports/GO-2022-0895.yaml - data/reports/GO-2022-0903.yaml - data/reports/GO-2022-0905.yaml - data/reports/GO-2022-0906.yaml - data/reports/GO-2022-0907.yaml - data/reports/GO-2022-0908.yaml - data/reports/GO-2022-0910.yaml - data/reports/GO-2022-0912.yaml - data/reports/GO-2022-0914.yaml - data/reports/GO-2022-0915.yaml - data/reports/GO-2022-0919.yaml - data/reports/GO-2022-0920.yaml - data/reports/GO-2022-0921.yaml Updates #887 Updates #888 Updates #889 Updates #890 Updates #892 Updates #893 Updates #894 Updates #895 Updates #903 Updates #905 Updates #906 Updates #907 Updates #908 Updates #910 Updates #912 Updates #914 Updates #915 Updates #919 Updates #920 Updates #921 Change-Id: I6d9c7aaa7d687d3c0aaa5797012853825c9ab22f Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/607228 LUCI-TryBot-Result: Go LUCI <[email protected]> Reviewed-by: Damien Neil <[email protected]> Auto-Submit: Tatiana Bradley <[email protected]>
- Loading branch information
Showing
60 changed files
with
1,837 additions
and
162 deletions.
There are no files selected for viewing
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,56 @@ | ||
| { | ||
| "schema_version": "1.3.1", | ||
| "id": "GO-2022-0887", | ||
| "modified": "0001-01-01T00:00:00Z", | ||
| "published": "0001-01-01T00:00:00Z", | ||
| "aliases": [ | ||
| "CVE-2017-14623", | ||
| "GHSA-x27w-qxhg-343v" | ||
| ], | ||
| "summary": "Access Restriction Bypass in go-ldap in github.com/go-ldap/ldap", | ||
| "details": "Access Restriction Bypass in go-ldap in github.com/go-ldap/ldap", | ||
| "affected": [ | ||
| { | ||
| "package": { | ||
| "name": "github.com/go-ldap/ldap", | ||
| "ecosystem": "Go" | ||
| }, | ||
| "ranges": [ | ||
| { | ||
| "type": "SEMVER", | ||
| "events": [ | ||
| { | ||
| "introduced": "0" | ||
| }, | ||
| { | ||
| "fixed": "2.5.0+incompatible" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "ecosystem_specific": {} | ||
| } | ||
| ], | ||
| "references": [ | ||
| { | ||
| "type": "ADVISORY", | ||
| "url": "https://github.com/advisories/GHSA-x27w-qxhg-343v" | ||
| }, | ||
| { | ||
| "type": "ADVISORY", | ||
| "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14623" | ||
| }, | ||
| { | ||
| "type": "FIX", | ||
| "url": "https://github.com/go-ldap/ldap/commit/95ede1266b237bf8e9aa5dce0b3250e51bfefe66" | ||
| }, | ||
| { | ||
| "type": "FIX", | ||
| "url": "https://github.com/go-ldap/ldap/pull/126" | ||
| } | ||
| ], | ||
| "database_specific": { | ||
| "url": "https://pkg.go.dev/vuln/GO-2022-0887", | ||
| "review_status": "UNREVIEWED" | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,60 @@ | ||
| { | ||
| "schema_version": "1.3.1", | ||
| "id": "GO-2022-0888", | ||
| "modified": "0001-01-01T00:00:00Z", | ||
| "published": "0001-01-01T00:00:00Z", | ||
| "aliases": [ | ||
| "CVE-2021-21404", | ||
| "GHSA-x462-89pf-6r5h" | ||
| ], | ||
| "summary": "Crash due to malformed relay protocol message in github.com/syncthing/syncthing", | ||
| "details": "Crash due to malformed relay protocol message in github.com/syncthing/syncthing", | ||
| "affected": [ | ||
| { | ||
| "package": { | ||
| "name": "github.com/syncthing/syncthing", | ||
| "ecosystem": "Go" | ||
| }, | ||
| "ranges": [ | ||
| { | ||
| "type": "SEMVER", | ||
| "events": [ | ||
| { | ||
| "introduced": "0" | ||
| }, | ||
| { | ||
| "fixed": "1.15.0" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "ecosystem_specific": {} | ||
| } | ||
| ], | ||
| "references": [ | ||
| { | ||
| "type": "ADVISORY", | ||
| "url": "https://github.com/syncthing/syncthing/security/advisories/GHSA-x462-89pf-6r5h" | ||
| }, | ||
| { | ||
| "type": "ADVISORY", | ||
| "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21404" | ||
| }, | ||
| { | ||
| "type": "FIX", | ||
| "url": "https://github.com/syncthing/syncthing/commit/fb4fdaf4c0a79c22cad000c42ac1394e3ccb6a97" | ||
| }, | ||
| { | ||
| "type": "WEB", | ||
| "url": "https://github.com/syncthing/syncthing/releases/tag/v1.15.0" | ||
| }, | ||
| { | ||
| "type": "WEB", | ||
| "url": "https://pkg.go.dev/github.com/syncthing/syncthing" | ||
| } | ||
| ], | ||
| "database_specific": { | ||
| "url": "https://pkg.go.dev/vuln/GO-2022-0888", | ||
| "review_status": "UNREVIEWED" | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,60 @@ | ||
| { | ||
| "schema_version": "1.3.1", | ||
| "id": "GO-2022-0889", | ||
| "modified": "0001-01-01T00:00:00Z", | ||
| "published": "0001-01-01T00:00:00Z", | ||
| "aliases": [ | ||
| "CVE-2021-25835", | ||
| "GHSA-x5f3-qmwj-4f84" | ||
| ], | ||
| "summary": "Authentication bypass by capture-replay in github.com/cosmos/ethermint", | ||
| "details": "Authentication bypass by capture-replay in github.com/cosmos/ethermint", | ||
| "affected": [ | ||
| { | ||
| "package": { | ||
| "name": "github.com/cosmos/ethermint", | ||
| "ecosystem": "Go" | ||
| }, | ||
| "ranges": [ | ||
| { | ||
| "type": "SEMVER", | ||
| "events": [ | ||
| { | ||
| "introduced": "0" | ||
| }, | ||
| { | ||
| "fixed": "0.4.1" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "ecosystem_specific": {} | ||
| } | ||
| ], | ||
| "references": [ | ||
| { | ||
| "type": "ADVISORY", | ||
| "url": "https://github.com/advisories/GHSA-x5f3-qmwj-4f84" | ||
| }, | ||
| { | ||
| "type": "ADVISORY", | ||
| "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25835" | ||
| }, | ||
| { | ||
| "type": "FIX", | ||
| "url": "https://github.com/cosmos/ethermint/pull/692" | ||
| }, | ||
| { | ||
| "type": "REPORT", | ||
| "url": "https://github.com/cosmos/ethermint/issues/687" | ||
| }, | ||
| { | ||
| "type": "WEB", | ||
| "url": "https://github.com/cosmos/ethermint/releases/tag/v0.4.1" | ||
| } | ||
| ], | ||
| "database_specific": { | ||
| "url": "https://pkg.go.dev/vuln/GO-2022-0889", | ||
| "review_status": "UNREVIEWED" | ||
| } | ||
| } |
Oops, something went wrong.