зеркало из https://github.com/golang/vulndb.git
data/reports: add vulnerable_at to GO-2021-0113.yaml
Aliases: CVE-2021-38561, GHSA-ppp9-7jff-5vj2 Updates golang/vulndb#113 Change-Id: I1b6108e968286216b1e353987e59da0fb9c0acc5 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/465180 Reviewed-by: Tim King <taking@google.com> Run-TryBot: Tatiana Bradley <tatianabradley@google.com> TryBot-Result: Gopher Robot <gobot@golang.org>
This commit is contained in:
Tatiana Bradley
Родитель
2fc0ee00d2
Коммит
a9d74d0f79
|
|
@ -2,6 +2,7 @@ modules:
|
||||||
- module: golang.org/x/text
|
- module: golang.org/x/text
|
||||||
versions:
|
versions:
|
||||||
- fixed: 0.3.7
|
- fixed: 0.3.7
|
||||||
|
vulnerable_at: 0.3.6
|
||||||
packages:
|
packages:
|
||||||
- package: golang.org/x/text/language
|
- package: golang.org/x/text/language
|
||||||
symbols:
|
symbols:
|
||||||
|
|
@ -10,7 +11,6 @@ modules:
|
||||||
- MatchStrings
|
- MatchStrings
|
||||||
- MustParse
|
- MustParse
|
||||||
- ParseAcceptLanguage
|
- ParseAcceptLanguage
|
||||||
skip_fix: 'TODO: fill this out [or set vulnerable_at to derive symbols]'
|
|
||||||
description: |
|
description: |
|
||||||
Due to improper index calculation, an incorrectly formatted language tag can cause Parse
|
Due to improper index calculation, an incorrectly formatted language tag can cause Parse
|
||||||
to panic via an out of bounds read. If Parse is used to process untrusted user inputs,
|
to panic via an out of bounds read. If Parse is used to process untrusted user inputs,
|
||||||
|
|
|
||||||
Загрузка…
Ссылка в новой задаче