-
Notifications
You must be signed in to change notification settings - Fork 61
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
data/reports: unexclude 20 reports (5)
- data/reports/GO-2023-1700.yaml - data/reports/GO-2023-1701.yaml - data/reports/GO-2023-1707.yaml - data/reports/GO-2023-1708.yaml - data/reports/GO-2023-1716.yaml - data/reports/GO-2023-1718.yaml - data/reports/GO-2023-1719.yaml - data/reports/GO-2023-1721.yaml - data/reports/GO-2023-1723.yaml - data/reports/GO-2023-1730.yaml - data/reports/GO-2023-1735.yaml - data/reports/GO-2023-1738.yaml - data/reports/GO-2023-1747.yaml - data/reports/GO-2023-1754.yaml - data/reports/GO-2023-1758.yaml - data/reports/GO-2023-1761.yaml - data/reports/GO-2023-1763.yaml - data/reports/GO-2023-1764.yaml - data/reports/GO-2023-1768.yaml - data/reports/GO-2023-1774.yaml Updates #1700 Updates #1701 Updates #1707 Updates #1708 Updates #1716 Updates #1718 Updates #1719 Updates #1721 Updates #1723 Updates #1730 Updates #1735 Updates #1738 Updates #1747 Updates #1754 Updates #1758 Updates #1761 Updates #1763 Updates #1764 Updates #1768 Updates #1774 Change-Id: I3fc567427d68e095cc62ea48dc9b284b2414a372 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/606785 Auto-Submit: Tatiana Bradley <tatianabradley@google.com> Reviewed-by: Damien Neil <dneil@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
- Loading branch information
Showing
60 changed files
with
1,797 additions
and
170 deletions.
There are no files selected for viewing
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,82 @@ | ||
| { | ||
| "schema_version": "1.3.1", | ||
| "id": "GO-2023-1700", | ||
| "modified": "0001-01-01T00:00:00Z", | ||
| "published": "0001-01-01T00:00:00Z", | ||
| "aliases": [ | ||
| "CVE-2023-28841", | ||
| "GHSA-33pg-m6jh-5237" | ||
| ], | ||
| "summary": "Docker Swarm encrypted overlay network traffic may be unencrypted in github.com/docker/docker", | ||
| "details": "Docker Swarm encrypted overlay network traffic may be unencrypted in github.com/docker/docker", | ||
| "affected": [ | ||
| { | ||
| "package": { | ||
| "name": "github.com/docker/docker", | ||
| "ecosystem": "Go" | ||
| }, | ||
| "ranges": [ | ||
| { | ||
| "type": "SEMVER", | ||
| "events": [ | ||
| { | ||
| "introduced": "1.12.0" | ||
| }, | ||
| { | ||
| "fixed": "20.10.24+incompatible" | ||
| }, | ||
| { | ||
| "introduced": "23.0.0+incompatible" | ||
| }, | ||
| { | ||
| "fixed": "23.0.3+incompatible" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "ecosystem_specific": {} | ||
| } | ||
| ], | ||
| "references": [ | ||
| { | ||
| "type": "ADVISORY", | ||
| "url": "https://github.com/moby/moby/security/advisories/GHSA-33pg-m6jh-5237" | ||
| }, | ||
| { | ||
| "type": "ADVISORY", | ||
| "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28841" | ||
| }, | ||
| { | ||
| "type": "WEB", | ||
| "url": "https://github.com/moby/libnetwork/blob/d9fae4c73daf76c3b0f77e14b45b8bf612ba764d/drivers/overlay/encryption.go#L205-L207" | ||
| }, | ||
| { | ||
| "type": "WEB", | ||
| "url": "https://github.com/moby/libnetwork/security/advisories/GHSA-gvm4-2qqg-m333" | ||
| }, | ||
| { | ||
| "type": "WEB", | ||
| "url": "https://github.com/moby/moby/issues/43382" | ||
| }, | ||
| { | ||
| "type": "WEB", | ||
| "url": "https://github.com/moby/moby/pull/45118" | ||
| }, | ||
| { | ||
| "type": "WEB", | ||
| "url": "https://github.com/moby/moby/security/advisories/GHSA-232p-vwff-86mp" | ||
| }, | ||
| { | ||
| "type": "WEB", | ||
| "url": "https://github.com/moby/moby/security/advisories/GHSA-6wrf-mxfj-pf5p" | ||
| }, | ||
| { | ||
| "type": "WEB", | ||
| "url": "https://github.com/moby/moby/security/advisories/GHSA-vwm3-crmr-xfxw" | ||
| } | ||
| ], | ||
| "database_specific": { | ||
| "url": "https://pkg.go.dev/vuln/GO-2023-1700", | ||
| "review_status": "UNREVIEWED" | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,70 @@ | ||
| { | ||
| "schema_version": "1.3.1", | ||
| "id": "GO-2023-1701", | ||
| "modified": "0001-01-01T00:00:00Z", | ||
| "published": "0001-01-01T00:00:00Z", | ||
| "aliases": [ | ||
| "CVE-2023-28842", | ||
| "GHSA-6wrf-mxfj-pf5p" | ||
| ], | ||
| "summary": "Docker Swarm encrypted overlay network with a single endpoint is unauthenticated in github.com/docker/docker", | ||
| "details": "Docker Swarm encrypted overlay network with a single endpoint is unauthenticated in github.com/docker/docker", | ||
| "affected": [ | ||
| { | ||
| "package": { | ||
| "name": "github.com/docker/docker", | ||
| "ecosystem": "Go" | ||
| }, | ||
| "ranges": [ | ||
| { | ||
| "type": "SEMVER", | ||
| "events": [ | ||
| { | ||
| "introduced": "1.12.0" | ||
| }, | ||
| { | ||
| "fixed": "20.10.24+incompatible" | ||
| }, | ||
| { | ||
| "introduced": "23.0.0+incompatible" | ||
| }, | ||
| { | ||
| "fixed": "23.0.3+incompatible" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "ecosystem_specific": {} | ||
| } | ||
| ], | ||
| "references": [ | ||
| { | ||
| "type": "ADVISORY", | ||
| "url": "https://github.com/moby/moby/security/advisories/GHSA-6wrf-mxfj-pf5p" | ||
| }, | ||
| { | ||
| "type": "ADVISORY", | ||
| "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28842" | ||
| }, | ||
| { | ||
| "type": "WEB", | ||
| "url": "https://github.com/moby/libnetwork/security/advisories/GHSA-gvm4-2qqg-m333" | ||
| }, | ||
| { | ||
| "type": "WEB", | ||
| "url": "https://github.com/moby/moby/security/advisories/GHSA-232p-vwff-86mp" | ||
| }, | ||
| { | ||
| "type": "WEB", | ||
| "url": "https://github.com/moby/moby/security/advisories/GHSA-33pg-m6jh-5237" | ||
| }, | ||
| { | ||
| "type": "WEB", | ||
| "url": "https://github.com/moby/moby/security/advisories/GHSA-vwm3-crmr-xfxw" | ||
| } | ||
| ], | ||
| "database_specific": { | ||
| "url": "https://pkg.go.dev/vuln/GO-2023-1701", | ||
| "review_status": "UNREVIEWED" | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,52 @@ | ||
| { | ||
| "schema_version": "1.3.1", | ||
| "id": "GO-2023-1707", | ||
| "modified": "0001-01-01T00:00:00Z", | ||
| "published": "0001-01-01T00:00:00Z", | ||
| "aliases": [ | ||
| "CVE-2023-1782", | ||
| "GHSA-f8r8-h93m-mj77" | ||
| ], | ||
| "summary": "HashiCorp Nomad vulnerable to unauthenticated client agent HTTP request privilege escalation in github.com/hashicorp/nomad", | ||
| "details": "HashiCorp Nomad vulnerable to unauthenticated client agent HTTP request privilege escalation in github.com/hashicorp/nomad", | ||
| "affected": [ | ||
| { | ||
| "package": { | ||
| "name": "github.com/hashicorp/nomad", | ||
| "ecosystem": "Go" | ||
| }, | ||
| "ranges": [ | ||
| { | ||
| "type": "SEMVER", | ||
| "events": [ | ||
| { | ||
| "introduced": "1.5.0" | ||
| }, | ||
| { | ||
| "fixed": "1.5.3" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "ecosystem_specific": {} | ||
| } | ||
| ], | ||
| "references": [ | ||
| { | ||
| "type": "ADVISORY", | ||
| "url": "https://github.com/advisories/GHSA-f8r8-h93m-mj77" | ||
| }, | ||
| { | ||
| "type": "ADVISORY", | ||
| "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1782" | ||
| }, | ||
| { | ||
| "type": "WEB", | ||
| "url": "https://discuss.hashicorp.com/t/hcsec-2023-12-nomad-unauthenticated-client-agent-http-request-privilege-escalation/52375" | ||
| } | ||
| ], | ||
| "database_specific": { | ||
| "url": "https://pkg.go.dev/vuln/GO-2023-1707", | ||
| "review_status": "UNREVIEWED" | ||
| } | ||
| } |
Oops, something went wrong.