-
Notifications
You must be signed in to change notification settings - Fork 58
Commit
- data/reports/GO-2022-0642.yaml - data/reports/GO-2022-0644.yaml - data/reports/GO-2022-0645.yaml - data/reports/GO-2022-0647.yaml - data/reports/GO-2022-0649.yaml - data/reports/GO-2022-0700.yaml - data/reports/GO-2022-0703.yaml - data/reports/GO-2022-0704.yaml - data/reports/GO-2022-0705.yaml - data/reports/GO-2022-0707.yaml - data/reports/GO-2022-0708.yaml - data/reports/GO-2022-0709.yaml - data/reports/GO-2022-0732.yaml - data/reports/GO-2022-0749.yaml - data/reports/GO-2022-0751.yaml - data/reports/GO-2022-0752.yaml - data/reports/GO-2022-0759.yaml - data/reports/GO-2022-0760.yaml - data/reports/GO-2022-0769.yaml - data/reports/GO-2022-0770.yaml Updates #642 Updates #644 Updates #645 Updates #647 Updates #649 Updates #700 Updates #703 Updates #704 Updates #705 Updates #707 Updates #708 Updates #709 Updates #732 Updates #749 Updates #751 Updates #752 Updates #759 Updates #760 Updates #769 Updates #770 Change-Id: I3dabcc907fd498009a9bd4cf865198037615717e Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/607223 LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Auto-Submit: Tatiana Bradley <tatianabradley@google.com> Reviewed-by: Damien Neil <dneil@google.com>
- Loading branch information
There are no files selected for viewing
This file was deleted.
This file was deleted.
This file was deleted.
This file was deleted.
This file was deleted.
This file was deleted.
This file was deleted.
This file was deleted.
This file was deleted.
This file was deleted.
This file was deleted.
This file was deleted.
This file was deleted.
This file was deleted.
This file was deleted.
This file was deleted.
This file was deleted.
This file was deleted.
This file was deleted.
This file was deleted.
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,72 @@ | ||
{ | ||
"schema_version": "1.3.1", | ||
"id": "GO-2022-0642", | ||
"modified": "0001-01-01T00:00:00Z", | ||
"published": "0001-01-01T00:00:00Z", | ||
"aliases": [ | ||
"CVE-2014-8683", | ||
"GHSA-9hx4-qm7h-x84j" | ||
], | ||
"summary": "Cross-site Scripting in Gogs in gogs.io/gogs", | ||
"details": "Cross-site Scripting in Gogs in gogs.io/gogs", | ||
"affected": [ | ||
{ | ||
"package": { | ||
"name": "gogs.io/gogs", | ||
"ecosystem": "Go" | ||
}, | ||
"ranges": [ | ||
{ | ||
"type": "SEMVER", | ||
"events": [ | ||
{ | ||
"introduced": "0.3.1" | ||
}, | ||
{ | ||
"fixed": "0.5.8" | ||
} | ||
] | ||
} | ||
], | ||
"ecosystem_specific": {} | ||
} | ||
], | ||
"references": [ | ||
{ | ||
"type": "ADVISORY", | ||
"url": "https://github.com/advisories/GHSA-9hx4-qm7h-x84j" | ||
}, | ||
{ | ||
"type": "ADVISORY", | ||
"url": "https://nvd.nist.gov/vuln/detail/CVE-2014-8683" | ||
}, | ||
{ | ||
"type": "WEB", | ||
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/98693" | ||
}, | ||
{ | ||
"type": "WEB", | ||
"url": "https://github.com/gogits/gogs/commit/3abc41cccab2486012b46305827433ad6f5deade" | ||
}, | ||
{ | ||
"type": "WEB", | ||
"url": "https://github.com/gogits/gogs/releases/tag/v0.5.8" | ||
}, | ||
{ | ||
"type": "WEB", | ||
"url": "https://packetstormsecurity.com/files/129118/Gogs-Markdown-Renderer-Cross-Site-Scripting.html" | ||
}, | ||
{ | ||
"type": "WEB", | ||
"url": "https://seclists.org/fulldisclosure/2014/Nov/31" | ||
}, | ||
{ | ||
"type": "WEB", | ||
"url": "https://seclists.org/fulldisclosure/2014/Nov/34" | ||
} | ||
], | ||
"database_specific": { | ||
"url": "https://pkg.go.dev/vuln/GO-2022-0642", | ||
"review_status": "UNREVIEWED" | ||
} | ||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,64 @@ | ||
{ | ||
"schema_version": "1.3.1", | ||
"id": "GO-2022-0644", | ||
"modified": "0001-01-01T00:00:00Z", | ||
"published": "0001-01-01T00:00:00Z", | ||
"aliases": [ | ||
"CVE-2018-20321", | ||
"GHSA-9qq2-xhmc-h9qr" | ||
], | ||
"summary": "Access Control Bypass in github.com/rancher/rancher", | ||
"details": "Access Control Bypass in github.com/rancher/rancher", | ||
"affected": [ | ||
{ | ||
"package": { | ||
"name": "github.com/rancher/rancher", | ||
"ecosystem": "Go" | ||
}, | ||
"ranges": [ | ||
{ | ||
"type": "SEMVER", | ||
"events": [ | ||
{ | ||
"introduced": "2.0.0+incompatible" | ||
}, | ||
{ | ||
"fixed": "2.1.6+incompatible" | ||
} | ||
] | ||
} | ||
], | ||
"ecosystem_specific": {} | ||
} | ||
], | ||
"references": [ | ||
{ | ||
"type": "ADVISORY", | ||
"url": "https://github.com/advisories/GHSA-9qq2-xhmc-h9qr" | ||
}, | ||
{ | ||
"type": "ADVISORY", | ||
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-20321" | ||
}, | ||
{ | ||
"type": "FIX", | ||
"url": "https://github.com/rancher/rancher/commit/6ea187fcc2309d5a7a14ed47de5688bf6573f448" | ||
}, | ||
{ | ||
"type": "WEB", | ||
"url": "https://forums.rancher.com/c/announcements" | ||
}, | ||
{ | ||
"type": "WEB", | ||
"url": "https://github.com/rancher/rancher/releases/tag/v2.1.6" | ||
}, | ||
{ | ||
"type": "WEB", | ||
"url": "https://rancher.com/blog/2019/2019-01-29-explaining-security-vulnerabilities-addressed-in-rancher-v2-1-6-and-v2-0-11" | ||
} | ||
], | ||
"database_specific": { | ||
"url": "https://pkg.go.dev/vuln/GO-2022-0644", | ||
"review_status": "UNREVIEWED" | ||
} | ||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,60 @@ | ||
{ | ||
"schema_version": "1.3.1", | ||
"id": "GO-2022-0645", | ||
"modified": "0001-01-01T00:00:00Z", | ||
"published": "0001-01-01T00:00:00Z", | ||
"aliases": [ | ||
"CVE-2021-3495", | ||
"GHSA-mv55-23xp-3wp8" | ||
], | ||
"summary": "Access control flaw in Kiali in github.com/kiali/kiali", | ||
"details": "Access control flaw in Kiali in github.com/kiali/kiali", | ||
"affected": [ | ||
{ | ||
"package": { | ||
"name": "github.com/kiali/kiali", | ||
"ecosystem": "Go" | ||
}, | ||
"ranges": [ | ||
{ | ||
"type": "SEMVER", | ||
"events": [ | ||
{ | ||
"introduced": "0" | ||
}, | ||
{ | ||
"fixed": "1.33.0" | ||
} | ||
] | ||
} | ||
], | ||
"ecosystem_specific": {} | ||
} | ||
], | ||
"references": [ | ||
{ | ||
"type": "ADVISORY", | ||
"url": "https://github.com/advisories/GHSA-mv55-23xp-3wp8" | ||
}, | ||
{ | ||
"type": "ADVISORY", | ||
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3495" | ||
}, | ||
{ | ||
"type": "WEB", | ||
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1947361" | ||
}, | ||
{ | ||
"type": "WEB", | ||
"url": "https://github.com/kiali/kiali-operator/pull/278" | ||
}, | ||
{ | ||
"type": "WEB", | ||
"url": "https://kiali.io/news/security-bulletins/kiali-security-003" | ||
} | ||
], | ||
"database_specific": { | ||
"url": "https://pkg.go.dev/vuln/GO-2022-0645", | ||
"review_status": "UNREVIEWED" | ||
} | ||
} |