Skip to content

Commit 34d5974

Browse files
tatianabgopherbot
tatianab
authored and
gopherbot
committed
data/reports: unexclude 20 reports (6)
 - data/reports/GO-2023-1785.yaml - data/reports/GO-2023-1793.yaml - data/reports/GO-2023-1795.yaml - data/reports/GO-2023-1800.yaml - data/reports/GO-2023-1801.yaml - data/reports/GO-2023-1803.yaml - data/reports/GO-2023-1804.yaml - data/reports/GO-2023-1806.yaml - data/reports/GO-2023-1808.yaml - data/reports/GO-2023-1809.yaml - data/reports/GO-2023-1819.yaml - data/reports/GO-2023-1827.yaml - data/reports/GO-2023-1828.yaml - data/reports/GO-2023-1829.yaml - data/reports/GO-2023-1831.yaml - data/reports/GO-2023-1849.yaml - data/reports/GO-2023-1850.yaml - data/reports/GO-2023-1851.yaml - data/reports/GO-2023-1852.yaml - data/reports/GO-2023-1853.yaml Updates #1785 Updates #1793 Updates #1795 Updates #1800 Updates #1801 Updates #1803 Updates #1804 Updates #1806 Updates #1808 Updates #1809 Updates #1819 Updates #1827 Updates #1828 Updates #1829 Updates #1831 Updates #1849 Updates #1850 Updates #1851 Updates #1852 Updates #1853 Change-Id: Ib6fb15714358b0a9d7644d6ed43de25bdbd8434b Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/606786 LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Auto-Submit: Tatiana Bradley <tatianabradley@google.com> Reviewed-by: Damien Neil <dneil@google.com>
1 parent 5ea5cbb commit 34d5974

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

60 files changed

+1716
-158
lines changed

data/excluded/GO-2023-1785.yaml

-8
This file was deleted.

data/excluded/GO-2023-1793.yaml

-8
This file was deleted.

data/excluded/GO-2023-1795.yaml

-8
This file was deleted.

data/excluded/GO-2023-1800.yaml

-8
This file was deleted.

data/excluded/GO-2023-1801.yaml

-8
This file was deleted.

data/excluded/GO-2023-1803.yaml

-8
This file was deleted.

data/excluded/GO-2023-1804.yaml

-6
This file was deleted.

data/excluded/GO-2023-1806.yaml

-8
This file was deleted.

data/excluded/GO-2023-1808.yaml

-8
This file was deleted.

data/excluded/GO-2023-1809.yaml

-8
This file was deleted.

data/excluded/GO-2023-1819.yaml

-8
This file was deleted.

data/excluded/GO-2023-1827.yaml

-8
This file was deleted.

data/excluded/GO-2023-1828.yaml

-8
This file was deleted.

data/excluded/GO-2023-1829.yaml

-8
This file was deleted.

data/excluded/GO-2023-1831.yaml

-8
This file was deleted.

data/excluded/GO-2023-1849.yaml

-8
This file was deleted.

data/excluded/GO-2023-1850.yaml

-8
This file was deleted.

data/excluded/GO-2023-1851.yaml

-8
This file was deleted.

data/excluded/GO-2023-1852.yaml

-8
This file was deleted.

data/excluded/GO-2023-1853.yaml

-8
This file was deleted.

data/osv/GO-2023-1785.json

+72
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,72 @@
1+
{
2+
"schema_version": "1.3.1",
3+
"id": "GO-2023-1785",
4+
"modified": "0001-01-01T00:00:00Z",
5+
"published": "0001-01-01T00:00:00Z",
6+
"aliases": [
7+
"CVE-2023-30851",
8+
"GHSA-2h44-x2wx-49f4"
9+
],
10+
"summary": "Potential HTTP policy bypass when using header rules in Cilium in github.com/cilium/cilium",
11+
"details": "Potential HTTP policy bypass when using header rules in Cilium in github.com/cilium/cilium",
12+
"affected": [
13+
{
14+
"package": {
15+
"name": "github.com/cilium/cilium",
16+
"ecosystem": "Go"
17+
},
18+
"ranges": [
19+
{
20+
"type": "SEMVER",
21+
"events": [
22+
{
23+
"introduced": "0"
24+
},
25+
{
26+
"fixed": "1.11.16"
27+
},
28+
{
29+
"introduced": "1.12.0"
30+
},
31+
{
32+
"fixed": "1.12.9"
33+
},
34+
{
35+
"introduced": "1.13.0"
36+
},
37+
{
38+
"fixed": "1.13.2"
39+
}
40+
]
41+
}
42+
],
43+
"ecosystem_specific": {}
44+
}
45+
],
46+
"references": [
47+
{
48+
"type": "ADVISORY",
49+
"url": "https://github.com/cilium/cilium/security/advisories/GHSA-2h44-x2wx-49f4"
50+
},
51+
{
52+
"type": "ADVISORY",
53+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-30851"
54+
},
55+
{
56+
"type": "WEB",
57+
"url": "https://github.com/cilium/cilium/releases/tag/v1.11.16"
58+
},
59+
{
60+
"type": "WEB",
61+
"url": "https://github.com/cilium/cilium/releases/tag/v1.12.9"
62+
},
63+
{
64+
"type": "WEB",
65+
"url": "https://github.com/cilium/cilium/releases/tag/v1.13.2"
66+
}
67+
],
68+
"database_specific": {
69+
"url": "https://pkg.go.dev/vuln/GO-2023-1785",
70+
"review_status": "UNREVIEWED"
71+
}
72+
}

data/osv/GO-2023-1793.json

+64
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,64 @@
1+
{
2+
"schema_version": "1.3.1",
3+
"id": "GO-2023-1793",
4+
"modified": "0001-01-01T00:00:00Z",
5+
"published": "0001-01-01T00:00:00Z",
6+
"aliases": [
7+
"CVE-2023-2878",
8+
"GHSA-g82w-58jf-gcxx"
9+
],
10+
"summary": "secrets-store-csi-driver discloses service account tokens in logs in sigs.k8s.io/secrets-store-csi-driver",
11+
"details": "secrets-store-csi-driver discloses service account tokens in logs in sigs.k8s.io/secrets-store-csi-driver",
12+
"affected": [
13+
{
14+
"package": {
15+
"name": "sigs.k8s.io/secrets-store-csi-driver",
16+
"ecosystem": "Go"
17+
},
18+
"ranges": [
19+
{
20+
"type": "SEMVER",
21+
"events": [
22+
{
23+
"introduced": "0"
24+
},
25+
{
26+
"fixed": "1.3.3"
27+
}
28+
]
29+
}
30+
],
31+
"ecosystem_specific": {}
32+
}
33+
],
34+
"references": [
35+
{
36+
"type": "ADVISORY",
37+
"url": "https://github.com/kubernetes-sigs/secrets-store-csi-driver/security/advisories/GHSA-g82w-58jf-gcxx"
38+
},
39+
{
40+
"type": "ADVISORY",
41+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2878"
42+
},
43+
{
44+
"type": "WEB",
45+
"url": "https://github.com/kubernetes-sigs/secrets-store-csi-driver/releases/tag/v1.3.3"
46+
},
47+
{
48+
"type": "WEB",
49+
"url": "https://github.com/kubernetes/kubernetes/issues/118419"
50+
},
51+
{
52+
"type": "WEB",
53+
"url": "https://groups.google.com/g/kubernetes-security-announce/c/5K8ghQHBDdQ/m/Udee6YUgAAAJ"
54+
},
55+
{
56+
"type": "WEB",
57+
"url": "https://security.netapp.com/advisory/ntap-20230814-0003"
58+
}
59+
],
60+
"database_specific": {
61+
"url": "https://pkg.go.dev/vuln/GO-2023-1793",
62+
"review_status": "UNREVIEWED"
63+
}
64+
}

data/osv/GO-2023-1795.json

+52
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,52 @@
1+
{
2+
"schema_version": "1.3.1",
3+
"id": "GO-2023-1795",
4+
"modified": "0001-01-01T00:00:00Z",
5+
"published": "0001-01-01T00:00:00Z",
6+
"aliases": [
7+
"CVE-2023-33199",
8+
"GHSA-frqx-jfcm-6jjr"
9+
],
10+
"summary": "malformed proposed intoto entries can cause a panic in github.com/sigstore/rekor",
11+
"details": "malformed proposed intoto entries can cause a panic in github.com/sigstore/rekor",
12+
"affected": [
13+
{
14+
"package": {
15+
"name": "github.com/sigstore/rekor",
16+
"ecosystem": "Go"
17+
},
18+
"ranges": [
19+
{
20+
"type": "SEMVER",
21+
"events": [
22+
{
23+
"introduced": "0"
24+
},
25+
{
26+
"fixed": "1.2.0"
27+
}
28+
]
29+
}
30+
],
31+
"ecosystem_specific": {}
32+
}
33+
],
34+
"references": [
35+
{
36+
"type": "ADVISORY",
37+
"url": "https://github.com/sigstore/rekor/security/advisories/GHSA-frqx-jfcm-6jjr"
38+
},
39+
{
40+
"type": "ADVISORY",
41+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-33199"
42+
},
43+
{
44+
"type": "FIX",
45+
"url": "https://github.com/sigstore/rekor/commit/140c5add105179e5ffd9e3e114fd1b6b93aebbd4"
46+
}
47+
],
48+
"database_specific": {
49+
"url": "https://pkg.go.dev/vuln/GO-2023-1795",
50+
"review_status": "UNREVIEWED"
51+
}
52+
}

0 commit comments

Comments
 (0)