Commit 37e2de0 1 parent 17e5280 commit 37e2de0 Copy full SHA for 37e2de0
File tree 12 files changed +33
-320
lines changed
12 files changed +33
-320
lines changed Original file line number Diff line number Diff line change 2727 }
2828 ],
2929 "ecosystem_specific" : {}
30- },
31- {
32- "package" : {
33- "name" : " k8s.io/kubernetes"
34- "ecosystem" : " Go"
35- },
36- "ranges" : [
37- {
38- "type" : " SEMVER"
39- "events" : [
40- {
41- "introduced" : " 1.19.0"
42- }
43- ]
44- }
45- ],
46- "ecosystem_specific" : {}
47- },
48- {
49- "package" : {
50- "name" : " k8s.io/kubernetes"
51- "ecosystem" : " Go"
52- },
53- "ranges" : [
54- {
55- "type" : " SEMVER"
56- "events" : [
57- {
58- "introduced" : " 1.20.0"
59- }
60- ]
61- }
62- ],
63- "ecosystem_specific" : {}
64- },
65- {
66- "package" : {
67- "name" : " k8s.io/kubernetes"
68- "ecosystem" : " Go"
69- },
70- "ranges" : [
71- {
72- "type" : " SEMVER"
73- "events" : [
74- {
75- "introduced" : " 1.21.0"
76- }
77- ]
78- }
79- ],
80- "ecosystem_specific" : {}
8130 }
8231 ],
8332 "references" : [
Original file line number Diff line number Diff line change 2020 "type" : " SEMVER"
2121 "events" : [
2222 {
23- "introduced" : " 1.6. 0"
23+ "introduced" : " 0"
2424 },
2525 {
26- "fixed" : " 1.6.18"
27- }
28- ]
29- }
30- ],
31- "ecosystem_specific" : {
32- "imports" : [
33- {
34- "path" : " github.com/containerd/containerd/images/archive"
35- "symbols" : [
36- " ImportIndex"
37- " onUntarJSON"
38- ]
39- }
40- ]
41- }
42- },
43- {
44- "package" : {
45- "name" : " github.com/containerd/containerd"
46- "ecosystem" : " Go"
47- },
48- "ranges" : [
49- {
50- "type" : " SEMVER"
51- "events" : [
26+ "fixed" : " 1.5.18"
27+ },
5228 {
53- "introduced" : " 0"
29+ "introduced" : " 1.6. 0"
5430 },
5531 {
56- "fixed" : " 1.5 .18"
32+ "fixed" : " 1.6 .18"
5733 }
5834 ]
5935 }
Original file line number Diff line number Diff line change 3030 "type" : " SEMVER"
3131 "events" : [
3232 {
33- "introduced" : " 1.6. 0"
33+ "introduced" : " 0"
3434 },
3535 {
36- "fixed" : " 1.6.18"
37- }
38- ]
39- }
40- ],
41- "ecosystem_specific" : {
42- "imports" : [
43- {
44- "path" : " github.com/containerd/containerd/oci"
45- "symbols" : [
46- " WithAdditionalGIDs"
47- " WithUIDGID"
48- " WithUser"
49- " WithUserID"
50- " WithUsername"
51- ]
52- },
53- {
54- "path" : " github.com/containerd/containerd/pkg/cri/server"
55- "symbols" : [
56- " criService.CreateContainer"
57- " criService.containerSpecOpts"
58- " instrumentedAlphaService.CreateContainer"
59- " instrumentedService.CreateContainer"
60- ]
61- }
62- ]
63- }
64- },
65- {
66- "package" : {
67- "name" : " github.com/containerd/containerd"
68- "ecosystem" : " Go"
69- },
70- "ranges" : [
71- {
72- "type" : " SEMVER"
73- "events" : [
36+ "fixed" : " 1.5.18"
37+ },
7438 {
75- "introduced" : " 0"
39+ "introduced" : " 1.6. 0"
7640 },
7741 {
78- "fixed" : " 1.5 .18"
42+ "fixed" : " 1.6 .18"
7943 }
8044 ]
8145 }
9761 "symbols" : [
9862 " criService.CreateContainer"
9963 " criService.containerSpecOpts"
64+ " instrumentedAlphaService.CreateContainer"
10065 " instrumentedService.CreateContainer"
10166 ]
10267 }
11075 "url" : " https://github.com/containerd/containerd/security/advisories/GHSA-hmfx-3pcx-653p"
11176 },
11277 {
113- "type" : " WEB "
114- "url" : " https://github.com/moby/moby/security/advisories/GHSA-rc4r-wh2q-q6c4 "
78+ "type" : " ARTICLE "
79+ "url" : " https://www.benthamsgaze.org/2022/08/22/vulnerability-in-linux-containers-investigation-and-mitigation/ "
11580 },
11681 {
11782 "type" : " FIX"
13095 "url" : " https://github.com/advisories/GHSA-phjr-8j92-w5v7"
13196 },
13297 {
133- "type" : " ARTICLE "
134- "url" : " https://www.benthamsgaze.org/2022/08/22/vulnerability-in-linux-containers-investigation-and-mitigation/ "
98+ "type" : " WEB "
99+ "url" : " https://github.com/moby/moby/security/advisories/GHSA-rc4r-wh2q-q6c4 "
135100 }
136101 ],
137102 "database_specific" : {
Original file line number Diff line number Diff line change 2121 "events" : [
2222 {
2323 "introduced" : " 1.7.0"
24- }
25- ]
26- }
27- ],
28- "ecosystem_specific" : {}
29- },
30- {
31- "package" : {
32- "name" : " github.com/cilium/cilium"
33- "ecosystem" : " Go"
34- },
35- "ranges" : [
36- {
37- "type" : " SEMVER"
38- "events" : [
39- {
40- "introduced" : " 1.11.0"
4124 },
4225 {
4326 "fixed" : " 1.11.16"
44- }
45- ]
46- }
47- ],
48- "ecosystem_specific" : {}
49- },
50- {
51- "package" : {
52- "name" : " github.com/cilium/cilium"
53- "ecosystem" : " Go"
54- },
55- "ranges" : [
56- {
57- "type" : " SEMVER"
58- "events" : [
27+ },
5928 {
6029 "introduced" : " 1.12.0"
6130 },
6231 {
6332 "fixed" : " 1.12.9"
64- }
65- ]
66- }
67- ],
68- "ecosystem_specific" : {}
69- },
70- {
71- "package" : {
72- "name" : " github.com/cilium/cilium"
73- "ecosystem" : " Go"
74- },
75- "ranges" : [
76- {
77- "type" : " SEMVER"
78- "events" : [
33+ },
7934 {
8035 "introduced" : " 1.13.0"
8136 },
Original file line number Diff line number Diff line change 2020 "type" : " SEMVER"
2121 "events" : [
2222 {
23- "introduced" : " 1.11 .0"
23+ "introduced" : " 1.0 .0"
2424 },
2525 {
2626 "fixed" : " 1.11.8"
27- }
28- ]
29- }
30- ],
31- "ecosystem_specific" : {}
32- },
33- {
34- "package" : {
35- "name" : " k8s.io/kubernetes"
36- "ecosystem" : " Go"
37- },
38- "ranges" : [
39- {
40- "type" : " SEMVER"
41- "events" : [
27+ },
4228 {
4329 "introduced" : " 1.12.0"
4430 },
4531 {
4632 "fixed" : " 1.12.6"
47- }
48- ]
49- }
50- ],
51- "ecosystem_specific" : {}
52- },
53- {
54- "package" : {
55- "name" : " k8s.io/kubernetes"
56- "ecosystem" : " Go"
57- },
58- "ranges" : [
59- {
60- "type" : " SEMVER"
61- "events" : [
33+ },
6234 {
6335 "introduced" : " 1.13.0"
6436 },
Original file line number Diff line number Diff line change 2121 "events" : [
2222 {
2323 "introduced" : " 2.0.0+incompatible"
24- }
25- ]
26- }
27- ],
28- "ecosystem_specific" : {}
29- },
30- {
31- "package" : {
32- "name" : " github.com/rancher/rancher"
33- "ecosystem" : " Go"
34- },
35- "ranges" : [
36- {
37- "type" : " SEMVER"
38- "events" : [
39- {
40- "introduced" : " 2.1.0+incompatible"
41- }
42- ]
43- }
44- ],
45- "ecosystem_specific" : {}
46- },
47- {
48- "package" : {
49- "name" : " github.com/rancher/rancher"
50- "ecosystem" : " Go"
51- },
52- "ranges" : [
53- {
54- "type" : " SEMVER"
55- "events" : [
56- {
57- "introduced" : " 2.2.0+incompatible"
5824 },
5925 {
6026 "fixed" : " 2.2.2+incompatible"
Original file line number Diff line number Diff line change 11id : GO-2022-0617
22modules :
33 - module : k8s.io/kubernetes
4- unsupported_versions :
5- - last_affected : 1.18.19
6- vulnerable_at : 1.31.0
7- - module : k8s.io/kubernetes
8- versions :
9- - introduced : 1.19.0
10- unsupported_versions :
11- - last_affected : 1.19.11
12- vulnerable_at : 1.31.0
13- - module : k8s.io/kubernetes
14- versions :
15- - introduced : 1.20.0
16- unsupported_versions :
17- - last_affected : 1.20.7
18- vulnerable_at : 1.31.0
19- - module : k8s.io/kubernetes
20- versions :
21- - introduced : 1.21.0
224 unsupported_versions :
235 - last_affected : 1.21.1
246 vulnerable_at : 1.31.0
@@ -42,7 +24,7 @@ references:
4224 - web : https://groups.google.com/g/kubernetes-security-announce/c/-MFX60_wdOY
4325 - web : https://security.netapp.com/advisory/ntap-20220225-0002
4426notes :
45- - fix : ' module merge error: could not merge versions of module k8s.io/kubernetes: introduced and fixed versions must alternate '
27+ - manually collapsed version ranges
4628source :
4729 id : GHSA-qh36-44jv-c8xj
4830 created : 2024-08-20T14:08:01.48392-04:00
You can’t perform that action at this time.
0 commit comments