go
/
vulndb
зеркало из https://github.com/golang/vulndb.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

data/reports: add 6 unreviewed reports 

- data/reports/GO-2024-2755.yaml
  - data/reports/GO-2024-2759.yaml
  - data/reports/GO-2024-2770.yaml
  - data/reports/GO-2024-2775.yaml
  - data/reports/GO-2024-2777.yaml
  - data/reports/GO-2024-2783.yaml

Fixes golang/vulndb#2755
Fixes golang/vulndb#2759
Fixes golang/vulndb#2770
Fixes golang/vulndb#2775
Fixes golang/vulndb#2777
Fixes golang/vulndb#2783

Change-Id: I388fd39e45ecb629bb8c72818b9082fdc6af4d65
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/590281
Reviewed-by: Damien Neil <dneil@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
This commit is contained in:
Tatiana Bradley 2024-06-04 18:03:50 -04:00
Родитель 8ed6db9e99
Коммит 7ecfe86a75
12 изменённых файлов: 506 добавлений и 0 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

76
data/osv/GO-2024-2755.json Normal file
Просмотреть файл

@ -0,0 +1,76 @@
{
"schema_version": "1.3.1",
"id": "GO-2024-2755",
"modified": "0001-01-01T00:00:00Z",
"published": "0001-01-01T00:00:00Z",
"aliases": [
"CVE-2020-8563",
"GHSA-5xfg-wv98-264m"
],
"summary": "Sensitive Information leak via Log File in Kubernetes in k8s.io/kubernetes",
"details": "Sensitive Information leak via Log File in Kubernetes in k8s.io/kubernetes",
"affected": [
{
"package": {
"name": "k8s.io/kubernetes",
"ecosystem": "Go"
},
"ranges": [
{
"type": "SEMVER",
"events": [
{
"introduced": "0"
},
{
"fixed": "1.19.3"
}
]
}
],
"ecosystem_specific": {}
}
],
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/advisories/GHSA-5xfg-wv98-264m"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8563"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1886635"
},
{
"type": "WEB",
"url": "https://github.com/kubernetes/kubernetes/issues/95621"
},
{
"type": "WEB",
"url": "https://github.com/kubernetes/kubernetes/pull/95236"
},
{
"type": "WEB",
"url": "https://github.com/kubernetes/kubernetes/pull/95236/commits/247f6dd09299bc7893c1e0affea11c0255025b96"
},
{
"type": "WEB",
"url": "https://groups.google.com/g/kubernetes-announce/c/ScdmyORnPDk"
},
{
"type": "WEB",
"url": "https://groups.google.com/g/kubernetes-security-discuss/c/vm-HcrFUOCs/m/36utxAM5CwAJ"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20210122-0006"
}
],
"database_specific": {
"url": "https://pkg.go.dev/vuln/GO-2024-2755",
"review_status": "UNREVIEWED"
}
}

60
data/osv/GO-2024-2759.json Normal file
Просмотреть файл

@ -0,0 +1,60 @@
{
"schema_version": "1.3.1",
"id": "GO-2024-2759",
"modified": "0001-01-01T00:00:00Z",
"published": "0001-01-01T00:00:00Z",
"aliases": [
"CVE-2022-3799",
"GHSA-fcgf-j8cf-h2rm"
],
"summary": "IBAX go-ibax vulnerable to SQL injection in github.com/IBAX-io/go-ibax",
"details": "IBAX go-ibax vulnerable to SQL injection in github.com/IBAX-io/go-ibax",
"affected": [
{
"package": {
"name": "github.com/IBAX-io/go-ibax",
"ecosystem": "Go"
},
"ranges": [
{
"type": "SEMVER",
"events": [
{
"introduced": "0"
},
{
"fixed": "1.4.2"
}
]
}
],
"ecosystem_specific": {}
}
],
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/advisories/GHSA-fcgf-j8cf-h2rm"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3799"
},
{
"type": "FIX",
"url": "https://github.com/IBAX-io/go-ibax/commit/b0183d8e550836dc50282ee74ff421ee41b25a37"
},
{
"type": "REPORT",
"url": "https://github.com/IBAX-io/go-ibax/issues/2060"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.212635"
}
],
"database_specific": {
"url": "https://pkg.go.dev/vuln/GO-2024-2759",
"review_status": "UNREVIEWED"
}
}

60
data/osv/GO-2024-2770.json Normal file
Просмотреть файл

@ -0,0 +1,60 @@
{
"schema_version": "1.3.1",
"id": "GO-2024-2770",
"modified": "0001-01-01T00:00:00Z",
"published": "0001-01-01T00:00:00Z",
"aliases": [
"CVE-2022-3802",
"GHSA-g23g-mw97-65c8"
],
"summary": "IBAX go-ibax vulnerable to SQL injection in github.com/IBAX-io/go-ibax",
"details": "IBAX go-ibax vulnerable to SQL injection in github.com/IBAX-io/go-ibax",
"affected": [
{
"package": {
"name": "github.com/IBAX-io/go-ibax",
"ecosystem": "Go"
},
"ranges": [
{
"type": "SEMVER",
"events": [
{
"introduced": "0"
},
{
"fixed": "1.4.2"
}
]
}
],
"ecosystem_specific": {}
}
],
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/advisories/GHSA-g23g-mw97-65c8"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3802"
},
{
"type": "FIX",
"url": "https://github.com/IBAX-io/go-ibax/commit/b0183d8e550836dc50282ee74ff421ee41b25a37"
},
{
"type": "REPORT",
"url": "https://github.com/IBAX-io/go-ibax/issues/2063"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.212638"
}
],
"database_specific": {
"url": "https://pkg.go.dev/vuln/GO-2024-2770",
"review_status": "UNREVIEWED"
}
}

60
data/osv/GO-2024-2775.json Normal file
Просмотреть файл

@ -0,0 +1,60 @@
{
"schema_version": "1.3.1",
"id": "GO-2024-2775",
"modified": "0001-01-01T00:00:00Z",
"published": "0001-01-01T00:00:00Z",
"aliases": [
"CVE-2022-3801",
"GHSA-m738-584h-26p6"
],
"summary": "IBAX go-ibax vulnerable to SQL injection in github.com/IBAX-io/go-ibax",
"details": "IBAX go-ibax vulnerable to SQL injection in github.com/IBAX-io/go-ibax",
"affected": [
{
"package": {
"name": "github.com/IBAX-io/go-ibax",
"ecosystem": "Go"
},
"ranges": [
{
"type": "SEMVER",
"events": [
{
"introduced": "0"
},
{
"fixed": "1.4.2"
}
]
}
],
"ecosystem_specific": {}
}
],
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/advisories/GHSA-m738-584h-26p6"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3801"
},
{
"type": "FIX",
"url": "https://github.com/IBAX-io/go-ibax/commit/b0183d8e550836dc50282ee74ff421ee41b25a37"
},
{
"type": "REPORT",
"url": "https://github.com/IBAX-io/go-ibax/issues/2062"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.212637"
}
],
"database_specific": {
"url": "https://pkg.go.dev/vuln/GO-2024-2775",
"review_status": "UNREVIEWED"
}
}

60
data/osv/GO-2024-2777.json Normal file
Просмотреть файл

@ -0,0 +1,60 @@
{
"schema_version": "1.3.1",
"id": "GO-2024-2777",
"modified": "0001-01-01T00:00:00Z",
"published": "0001-01-01T00:00:00Z",
"aliases": [
"CVE-2022-3798",
"GHSA-mgqh-3qm7-gx82"
],
"summary": "IBAX go-ibax vulnerable to SQL injection in github.com/IBAX-io/go-ibax",
"details": "IBAX go-ibax vulnerable to SQL injection in github.com/IBAX-io/go-ibax",
"affected": [
{
"package": {
"name": "github.com/IBAX-io/go-ibax",
"ecosystem": "Go"
},
"ranges": [
{
"type": "SEMVER",
"events": [
{
"introduced": "0"
},
{
"fixed": "1.4.2"
}
]
}
],
"ecosystem_specific": {}
}
],
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/advisories/GHSA-mgqh-3qm7-gx82"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3798"
},
{
"type": "FIX",
"url": "https://github.com/IBAX-io/go-ibax/commit/b0183d8e550836dc50282ee74ff421ee41b25a37"
},
{
"type": "REPORT",
"url": "https://github.com/IBAX-io/go-ibax/issues/2060"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.212634"
}
],
"database_specific": {
"url": "https://pkg.go.dev/vuln/GO-2024-2777",
"review_status": "UNREVIEWED"
}
}

60
data/osv/GO-2024-2783.json Normal file
Просмотреть файл

@ -0,0 +1,60 @@
{
"schema_version": "1.3.1",
"id": "GO-2024-2783",
"modified": "0001-01-01T00:00:00Z",
"published": "0001-01-01T00:00:00Z",
"aliases": [
"CVE-2022-3800",
"GHSA-rwcf-gq22-ph83"
],
"summary": "IBAX go-ibax vulnerable to SQL injection in github.com/IBAX-io/go-ibax",
"details": "IBAX go-ibax vulnerable to SQL injection in github.com/IBAX-io/go-ibax",
"affected": [
{
"package": {
"name": "github.com/IBAX-io/go-ibax",
"ecosystem": "Go"
},
"ranges": [
{
"type": "SEMVER",
"events": [
{
"introduced": "0"
},
{
"fixed": "1.4.2"
}
]
}
],
"ecosystem_specific": {}
}
],
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/advisories/GHSA-rwcf-gq22-ph83"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-3800"
},
{
"type": "FIX",
"url": "https://github.com/IBAX-io/go-ibax/commit/b0183d8e550836dc50282ee74ff421ee41b25a37"
},
{
"type": "REPORT",
"url": "https://github.com/IBAX-io/go-ibax/issues/2061"
},
{
"type": "WEB",
"url": "https://vuldb.com/?id.212636"
}
],
"database_specific": {
"url": "https://pkg.go.dev/vuln/GO-2024-2783",
"review_status": "UNREVIEWED"
}
}

25
data/reports/GO-2024-2755.yaml Normal file
Просмотреть файл

@ -0,0 +1,25 @@
id: GO-2024-2755
modules:
- module: k8s.io/kubernetes
versions:
- fixed: 1.19.3
vulnerable_at: 1.19.3-rc.0
summary: Sensitive Information leak via Log File in Kubernetes in k8s.io/kubernetes
cves:
- CVE-2020-8563
ghsas:
- GHSA-5xfg-wv98-264m
references:
- advisory: https://github.com/advisories/GHSA-5xfg-wv98-264m
- advisory: https://nvd.nist.gov/vuln/detail/CVE-2020-8563
- web: https://bugzilla.redhat.com/show_bug.cgi?id=1886635
- web: https://github.com/kubernetes/kubernetes/issues/95621
- web: https://github.com/kubernetes/kubernetes/pull/95236
- web: https://github.com/kubernetes/kubernetes/pull/95236/commits/247f6dd09299bc7893c1e0affea11c0255025b96
- web: https://groups.google.com/g/kubernetes-announce/c/ScdmyORnPDk
- web: https://groups.google.com/g/kubernetes-security-discuss/c/vm-HcrFUOCs/m/36utxAM5CwAJ
- web: https://security.netapp.com/advisory/ntap-20210122-0006
source:
id: GHSA-5xfg-wv98-264m
created: 2024-06-04T17:59:43.631502-04:00
review_status: UNREVIEWED

21
data/reports/GO-2024-2759.yaml Normal file
Просмотреть файл

@ -0,0 +1,21 @@
id: GO-2024-2759
modules:
- module: github.com/IBAX-io/go-ibax
versions:
- fixed: 1.4.2
vulnerable_at: 1.4.0
summary: IBAX go-ibax vulnerable to SQL injection in github.com/IBAX-io/go-ibax
cves:
- CVE-2022-3799
ghsas:
- GHSA-fcgf-j8cf-h2rm
references:
- advisory: https://github.com/advisories/GHSA-fcgf-j8cf-h2rm
- advisory: https://nvd.nist.gov/vuln/detail/CVE-2022-3799
- fix: https://github.com/IBAX-io/go-ibax/commit/b0183d8e550836dc50282ee74ff421ee41b25a37
- report: https://github.com/IBAX-io/go-ibax/issues/2060
- web: https://vuldb.com/?id.212635
source:
id: GHSA-fcgf-j8cf-h2rm
created: 2024-06-04T17:59:40.095-04:00
review_status: UNREVIEWED

21
data/reports/GO-2024-2770.yaml Normal file
Просмотреть файл

@ -0,0 +1,21 @@
id: GO-2024-2770
modules:
- module: github.com/IBAX-io/go-ibax
versions:
- fixed: 1.4.2
vulnerable_at: 1.4.0
summary: IBAX go-ibax vulnerable to SQL injection in github.com/IBAX-io/go-ibax
cves:
- CVE-2022-3802
ghsas:
- GHSA-g23g-mw97-65c8
references:
- advisory: https://github.com/advisories/GHSA-g23g-mw97-65c8
- advisory: https://nvd.nist.gov/vuln/detail/CVE-2022-3802
- fix: https://github.com/IBAX-io/go-ibax/commit/b0183d8e550836dc50282ee74ff421ee41b25a37
- report: https://github.com/IBAX-io/go-ibax/issues/2063
- web: https://vuldb.com/?id.212638
source:
id: GHSA-g23g-mw97-65c8
created: 2024-06-04T17:59:25.968887-04:00
review_status: UNREVIEWED

21
data/reports/GO-2024-2775.yaml Normal file
Просмотреть файл

@ -0,0 +1,21 @@
id: GO-2024-2775
modules:
- module: github.com/IBAX-io/go-ibax
versions:
- fixed: 1.4.2
vulnerable_at: 1.4.0
summary: IBAX go-ibax vulnerable to SQL injection in github.com/IBAX-io/go-ibax
cves:
- CVE-2022-3801
ghsas:
- GHSA-m738-584h-26p6
references:
- advisory: https://github.com/advisories/GHSA-m738-584h-26p6
- advisory: https://nvd.nist.gov/vuln/detail/CVE-2022-3801
- fix: https://github.com/IBAX-io/go-ibax/commit/b0183d8e550836dc50282ee74ff421ee41b25a37
- report: https://github.com/IBAX-io/go-ibax/issues/2062
- web: https://vuldb.com/?id.212637
source:
id: GHSA-m738-584h-26p6
created: 2024-06-04T17:59:22.590889-04:00
review_status: UNREVIEWED

21
data/reports/GO-2024-2777.yaml Normal file
Просмотреть файл

@ -0,0 +1,21 @@
id: GO-2024-2777
modules:
- module: github.com/IBAX-io/go-ibax
versions:
- fixed: 1.4.2
vulnerable_at: 1.4.0
summary: IBAX go-ibax vulnerable to SQL injection in github.com/IBAX-io/go-ibax
cves:
- CVE-2022-3798
ghsas:
- GHSA-mgqh-3qm7-gx82
references:
- advisory: https://github.com/advisories/GHSA-mgqh-3qm7-gx82
- advisory: https://nvd.nist.gov/vuln/detail/CVE-2022-3798
- fix: https://github.com/IBAX-io/go-ibax/commit/b0183d8e550836dc50282ee74ff421ee41b25a37
- report: https://github.com/IBAX-io/go-ibax/issues/2060
- web: https://vuldb.com/?id.212634
source:
id: GHSA-mgqh-3qm7-gx82
created: 2024-06-04T17:59:19.195022-04:00
review_status: UNREVIEWED

21
data/reports/GO-2024-2783.yaml Normal file
Просмотреть файл

@ -0,0 +1,21 @@
id: GO-2024-2783
modules:
- module: github.com/IBAX-io/go-ibax
versions:
- fixed: 1.4.2
vulnerable_at: 1.4.0
summary: IBAX go-ibax vulnerable to SQL injection in github.com/IBAX-io/go-ibax
cves:
- CVE-2022-3800
ghsas:
- GHSA-rwcf-gq22-ph83
references:
- advisory: https://github.com/advisories/GHSA-rwcf-gq22-ph83
- advisory: https://nvd.nist.gov/vuln/detail/CVE-2022-3800
- fix: https://github.com/IBAX-io/go-ibax/commit/b0183d8e550836dc50282ee74ff421ee41b25a37
- report: https://github.com/IBAX-io/go-ibax/issues/2061
- web: https://vuldb.com/?id.212636
source:
id: GHSA-rwcf-gq22-ph83
created: 2024-06-04T17:58:37.976778-04:00
review_status: UNREVIEWED