Skip to content

Commit 004e616

Browse files
tatianabgopherbot
tatianab
authored and
gopherbot
committed
data/reports: unexclude 20 reports (28)
 - data/reports/GO-2022-0985.yaml - data/reports/GO-2022-0986.yaml - data/reports/GO-2022-0987.yaml - data/reports/GO-2022-0989.yaml - data/reports/GO-2022-0995.yaml - data/reports/GO-2022-1000.yaml - data/reports/GO-2022-1006.yaml - data/reports/GO-2022-1014.yaml - data/reports/GO-2022-1015.yaml - data/reports/GO-2022-1019.yaml - data/reports/GO-2022-1021.yaml - data/reports/GO-2022-1023.yaml - data/reports/GO-2022-1029.yaml - data/reports/GO-2022-1032.yaml - data/reports/GO-2022-1033.yaml - data/reports/GO-2022-1060.yaml - data/reports/GO-2022-1062.yaml - data/reports/GO-2022-1065.yaml - data/reports/GO-2022-1066.yaml - data/reports/GO-2022-1067.yaml Updates #985 Updates #986 Updates #987 Updates #989 Updates #995 Updates #1000 Updates #1006 Updates #1014 Updates #1015 Updates #1019 Updates #1021 Updates #1023 Updates #1029 Updates #1032 Updates #1033 Updates #1060 Updates #1062 Updates #1065 Updates #1066 Updates #1067 Change-Id: I27b6f79e1898a13040a758a71348464c5e7c72a9 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/607230 Auto-Submit: Tatiana Bradley <tatianabradley@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Damien Neil <dneil@google.com> Commit-Queue: Tatiana Bradley <tatianabradley@google.com>
1 parent bcdceff commit 004e616

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

60 files changed

+1660
-175
lines changed

data/excluded/GO-2022-0985.yaml

-17
This file was deleted.

data/excluded/GO-2022-0986.yaml

-8
This file was deleted.

data/excluded/GO-2022-0987.yaml

-8
This file was deleted.

data/excluded/GO-2022-0989.yaml

-8
This file was deleted.

data/excluded/GO-2022-0995.yaml

-8
This file was deleted.

data/excluded/GO-2022-1000.yaml

-9
This file was deleted.

data/excluded/GO-2022-1006.yaml

-8
This file was deleted.

data/excluded/GO-2022-1014.yaml

-17
This file was deleted.

data/excluded/GO-2022-1015.yaml

-8
This file was deleted.

data/excluded/GO-2022-1019.yaml

-6
This file was deleted.

data/excluded/GO-2022-1021.yaml

-8
This file was deleted.

data/excluded/GO-2022-1023.yaml

-8
This file was deleted.

data/excluded/GO-2022-1029.yaml

-8
This file was deleted.

data/excluded/GO-2022-1032.yaml

-8
This file was deleted.

data/excluded/GO-2022-1033.yaml

-8
This file was deleted.

data/excluded/GO-2022-1060.yaml

-8
This file was deleted.

data/excluded/GO-2022-1062.yaml

-8
This file was deleted.

data/excluded/GO-2022-1065.yaml

-8
This file was deleted.

data/excluded/GO-2022-1066.yaml

-6
This file was deleted.

data/excluded/GO-2022-1067.yaml

-8
This file was deleted.

data/osv/GO-2022-0985.json

+64
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,64 @@
1+
{
2+
"schema_version": "1.3.1",
3+
"id": "GO-2022-0985",
4+
"modified": "0001-01-01T00:00:00Z",
5+
"published": "0001-01-01T00:00:00Z",
6+
"aliases": [
7+
"CVE-2022-36109",
8+
"GHSA-rc4r-wh2q-q6c4"
9+
],
10+
"summary": "Docker supplementary group permissions not set up properly, allowing attackers to bypass primary group restrictions in github.com/docker/docker",
11+
"details": "Docker supplementary group permissions not set up properly, allowing attackers to bypass primary group restrictions in github.com/docker/docker",
12+
"affected": [
13+
{
14+
"package": {
15+
"name": "github.com/docker/docker",
16+
"ecosystem": "Go"
17+
},
18+
"ranges": [
19+
{
20+
"type": "SEMVER",
21+
"events": [
22+
{
23+
"introduced": "0"
24+
},
25+
{
26+
"fixed": "20.10.18+incompatible"
27+
}
28+
]
29+
}
30+
],
31+
"ecosystem_specific": {}
32+
}
33+
],
34+
"references": [
35+
{
36+
"type": "ADVISORY",
37+
"url": "https://github.com/moby/moby/security/advisories/GHSA-rc4r-wh2q-q6c4"
38+
},
39+
{
40+
"type": "ADVISORY",
41+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36109"
42+
},
43+
{
44+
"type": "WEB",
45+
"url": "https://github.com/moby/moby/commit/de7af816e76a7fd3fbf06bffa6832959289fba32"
46+
},
47+
{
48+
"type": "WEB",
49+
"url": "https://github.com/moby/moby/releases/tag/v20.10.18"
50+
},
51+
{
52+
"type": "WEB",
53+
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/O7JL2QA3RB732MLJ3RMUXB3IB7AA22YU"
54+
},
55+
{
56+
"type": "WEB",
57+
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RQQ4E3JBXVR3VK5FIZVJ3QS2TAOOXXTQ"
58+
}
59+
],
60+
"database_specific": {
61+
"url": "https://pkg.go.dev/vuln/GO-2022-0985",
62+
"review_status": "UNREVIEWED"
63+
}
64+
}

data/osv/GO-2022-0986.json

+52
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,52 @@
1+
{
2+
"schema_version": "1.3.1",
3+
"id": "GO-2022-0986",
4+
"modified": "0001-01-01T00:00:00Z",
5+
"published": "0001-01-01T00:00:00Z",
6+
"aliases": [
7+
"CVE-2022-36110",
8+
"GHSA-ggf6-638m-vqmg"
9+
],
10+
"summary": "Netmaker vulnerable to Insufficient Granularity of Access Control in github.com/gravitl/netmaker",
11+
"details": "Netmaker vulnerable to Insufficient Granularity of Access Control in github.com/gravitl/netmaker",
12+
"affected": [
13+
{
14+
"package": {
15+
"name": "github.com/gravitl/netmaker",
16+
"ecosystem": "Go"
17+
},
18+
"ranges": [
19+
{
20+
"type": "SEMVER",
21+
"events": [
22+
{
23+
"introduced": "0"
24+
},
25+
{
26+
"fixed": "0.15.1"
27+
}
28+
]
29+
}
30+
],
31+
"ecosystem_specific": {}
32+
}
33+
],
34+
"references": [
35+
{
36+
"type": "ADVISORY",
37+
"url": "https://github.com/gravitl/netmaker/security/advisories/GHSA-ggf6-638m-vqmg"
38+
},
39+
{
40+
"type": "ADVISORY",
41+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-36110"
42+
},
43+
{
44+
"type": "WEB",
45+
"url": "https://github.com/gravitl/netmaker/releases/tag/v0.15.1"
46+
}
47+
],
48+
"database_specific": {
49+
"url": "https://pkg.go.dev/vuln/GO-2022-0986",
50+
"review_status": "UNREVIEWED"
51+
}
52+
}

data/osv/GO-2022-0987.json

+64
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,64 @@
1+
{
2+
"schema_version": "1.3.1",
3+
"id": "GO-2022-0987",
4+
"modified": "0001-01-01T00:00:00Z",
5+
"published": "0001-01-01T00:00:00Z",
6+
"aliases": [
7+
"CVE-2022-25295",
8+
"GHSA-hvw3-p9px-gpc9"
9+
],
10+
"summary": "Gophish before 0.12.0 vulnerable to Open Redirect in github.com/gophish/gophish",
11+
"details": "Gophish before 0.12.0 vulnerable to Open Redirect in github.com/gophish/gophish",
12+
"affected": [
13+
{
14+
"package": {
15+
"name": "github.com/gophish/gophish",
16+
"ecosystem": "Go"
17+
},
18+
"ranges": [
19+
{
20+
"type": "SEMVER",
21+
"events": [
22+
{
23+
"introduced": "0"
24+
},
25+
{
26+
"fixed": "0.12.0"
27+
}
28+
]
29+
}
30+
],
31+
"ecosystem_specific": {}
32+
}
33+
],
34+
"references": [
35+
{
36+
"type": "ADVISORY",
37+
"url": "https://github.com/advisories/GHSA-hvw3-p9px-gpc9"
38+
},
39+
{
40+
"type": "ADVISORY",
41+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-25295"
42+
},
43+
{
44+
"type": "FIX",
45+
"url": "https://github.com/gophish/gophish/commit/2a452bda89ffdb85f929fa78290bce1f456881dc"
46+
},
47+
{
48+
"type": "FIX",
49+
"url": "https://github.com/gophish/gophish/pull/2262"
50+
},
51+
{
52+
"type": "WEB",
53+
"url": "https://github.com/gophish/gophish/releases/tag/v0.12.0"
54+
},
55+
{
56+
"type": "WEB",
57+
"url": "https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGOPHISHGOPHISH-2404177"
58+
}
59+
],
60+
"database_specific": {
61+
"url": "https://pkg.go.dev/vuln/GO-2022-0987",
62+
"review_status": "UNREVIEWED"
63+
}
64+
}

0 commit comments

Comments
 (0)