vulndb/data/osv/GO-2023-2338.json

{
  "schema_version": "1.3.1",
  "id": "GO-2023-2338",
  "modified": "0001-01-01T00:00:00Z",
  "published": "0001-01-01T00:00:00Z",
  "aliases": [
    "CVE-2023-42816",
    "GHSA-4mp4-46gq-hv3r"
  ],
  "summary": "Denial of service from malicious signature in kyverno in github.com/kyverno/kyverno",
  "details": "Denial of service from malicious signature in kyverno in github.com/kyverno/kyverno",
  "affected": [
    {
      "package": {
        "name": "github.com/kyverno/kyverno",
        "ecosystem": "Go"
      },
      "ranges": [
        {
          "type": "SEMVER",
          "events": [
            {
              "introduced": "1.5.0-rc1.0.20230601080528-80d139bb5d1d"
            },
            {
              "fixed": "1.5.0-rc1.0.20230918070231-fec2992e3f9f"
            }
          ]
        }
      ],
      "ecosystem_specific": {}
    }
  ],
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://github.com/kyverno/kyverno/security/advisories/GHSA-4mp4-46gq-hv3r"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-42816"
    },
    {
      "type": "FIX",
      "url": "https://github.com/kyverno/kyverno/commit/80d139bb5d1d9d7e907abe851b97dc73821a5be2"
    },
    {
      "type": "FIX",
      "url": "https://github.com/kyverno/kyverno/commit/fec2992e3f9fcd6b9c62267522c09b182e7df73b"
    },
    {
      "type": "FIX",
      "url": "https://github.com/kyverno/kyverno/pull/8428"
    }
  ],
  "database_specific": {
    "url": "https://pkg.go.dev/vuln/GO-2023-2338",
    "review_status": "UNREVIEWED"
  }
}
data/reports: unexclude 20 reports (11) - data/reports/GO-2023-2097.yaml - data/reports/GO-2023-2109.yaml - data/reports/GO-2023-2121.yaml - data/reports/GO-2023-2125.yaml - data/reports/GO-2023-2134.yaml - data/reports/GO-2023-2135.yaml - data/reports/GO-2023-2136.yaml - data/reports/GO-2023-2156.yaml - data/reports/GO-2023-2159.yaml - data/reports/GO-2023-2166.yaml - data/reports/GO-2023-2170.yaml - data/reports/GO-2023-2176.yaml - data/reports/GO-2023-2188.yaml - data/reports/GO-2023-2329.yaml - data/reports/GO-2023-2330.yaml - data/reports/GO-2023-2332.yaml - data/reports/GO-2023-2335.yaml - data/reports/GO-2023-2336.yaml - data/reports/GO-2023-2337.yaml - data/reports/GO-2023-2338.yaml Updates golang/vulndb#2097 Updates golang/vulndb#2109 Updates golang/vulndb#2121 Updates golang/vulndb#2125 Updates golang/vulndb#2134 Updates golang/vulndb#2135 Updates golang/vulndb#2136 Updates golang/vulndb#2156 Updates golang/vulndb#2159 Updates golang/vulndb#2166 Updates golang/vulndb#2170 Updates golang/vulndb#2176 Updates golang/vulndb#2188 Updates golang/vulndb#2329 Updates golang/vulndb#2330 Updates golang/vulndb#2332 Updates golang/vulndb#2335 Updates golang/vulndb#2336 Updates golang/vulndb#2337 Updates golang/vulndb#2338 Change-Id: I5fc55dacf7cdfd2512c00f07abfc0debfde9263f Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/606792 LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Commit-Queue: Tatiana Bradley <tatianabradley@google.com> Auto-Submit: Tatiana Bradley <tatianabradley@google.com> Reviewed-by: Damien Neil <dneil@google.com> 2024-08-20 19:50:24 +03:00			`{`
			`"schema_version": "1.3.1",`
			`"id": "GO-2023-2338",`
			`"modified": "0001-01-01T00:00:00Z",`
			`"published": "0001-01-01T00:00:00Z",`
			`"aliases": [`
			`"CVE-2023-42816",`
			`"GHSA-4mp4-46gq-hv3r"`
			`],`
			`"summary": "Denial of service from malicious signature in kyverno in github.com/kyverno/kyverno",`
			`"details": "Denial of service from malicious signature in kyverno in github.com/kyverno/kyverno",`
			`"affected": [`
			`{`
			`"package": {`
			`"name": "github.com/kyverno/kyverno",`
			`"ecosystem": "Go"`
			`},`
			`"ranges": [`
			`{`
			`"type": "SEMVER",`
			`"events": [`
			`{`
			`"introduced": "1.5.0-rc1.0.20230601080528-80d139bb5d1d"`
			`},`
			`{`
			`"fixed": "1.5.0-rc1.0.20230918070231-fec2992e3f9f"`
			`}`
			`]`
			`}`
			`],`
			`"ecosystem_specific": {}`
			`}`
			`],`
			`"references": [`
			`{`
			`"type": "ADVISORY",`
			`"url": "https://github.com/kyverno/kyverno/security/advisories/GHSA-4mp4-46gq-hv3r"`
			`},`
			`{`
			`"type": "ADVISORY",`
			`"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-42816"`
			`},`
			`{`
			`"type": "FIX",`
			`"url": "https://github.com/kyverno/kyverno/commit/80d139bb5d1d9d7e907abe851b97dc73821a5be2"`
			`},`
			`{`
			`"type": "FIX",`
			`"url": "https://github.com/kyverno/kyverno/commit/fec2992e3f9fcd6b9c62267522c09b182e7df73b"`
			`},`
			`{`
			`"type": "FIX",`
			`"url": "https://github.com/kyverno/kyverno/pull/8428"`
			`}`
			`],`
			`"database_specific": {`
			`"url": "https://pkg.go.dev/vuln/GO-2023-2338",`
			`"review_status": "UNREVIEWED"`
			`}`
			`}`