-
Notifications
You must be signed in to change notification settings - Fork 58
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
data/reports: unexclude 20 reports (30)
- data/reports/GO-2022-1160.yaml - data/reports/GO-2022-1161.yaml - data/reports/GO-2022-1164.yaml - data/reports/GO-2022-1171.yaml - data/reports/GO-2022-1179.yaml - data/reports/GO-2022-1181.yaml - data/reports/GO-2022-1189.yaml - data/reports/GO-2022-1190.yaml - data/reports/GO-2022-1191.yaml - data/reports/GO-2022-1192.yaml - data/reports/GO-2022-1200.yaml - data/reports/GO-2022-1204.yaml - data/reports/GO-2022-1205.yaml - data/reports/GO-2022-1206.yaml - data/reports/GO-2022-1208.yaml - data/reports/GO-2022-1212.yaml - data/reports/GO-2022-1215.yaml - data/reports/GO-2022-1216.yaml - data/reports/GO-2022-1217.yaml - data/reports/GO-2022-1218.yaml Updates #1160 Updates #1161 Updates #1164 Updates #1171 Updates #1179 Updates #1181 Updates #1189 Updates #1190 Updates #1191 Updates #1192 Updates #1200 Updates #1204 Updates #1205 Updates #1206 Updates #1208 Updates #1212 Updates #1215 Updates #1216 Updates #1217 Updates #1218 Change-Id: I342a98eb3c967b16853089cb8f66a898af13b544 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/607232 Reviewed-by: Damien Neil <dneil@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Auto-Submit: Tatiana Bradley <tatianabradley@google.com> Commit-Queue: Tatiana Bradley <tatianabradley@google.com>
- Loading branch information
Showing
60 changed files
with
1,658 additions
and
158 deletions.
There are no files selected for viewing
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,56 @@ | ||
{ | ||
"schema_version": "1.3.1", | ||
"id": "GO-2022-1160", | ||
"modified": "0001-01-01T00:00:00Z", | ||
"published": "0001-01-01T00:00:00Z", | ||
"aliases": [ | ||
"CVE-2022-23511", | ||
"GHSA-j8x2-2m5w-j939" | ||
], | ||
"summary": "Amazon CloudWatch Agent for Windows has Privilege Escalation Vector in github.com/aws/amazon-cloudwatch-agent", | ||
"details": "Amazon CloudWatch Agent for Windows has Privilege Escalation Vector in github.com/aws/amazon-cloudwatch-agent", | ||
"affected": [ | ||
{ | ||
"package": { | ||
"name": "github.com/aws/amazon-cloudwatch-agent", | ||
"ecosystem": "Go" | ||
}, | ||
"ranges": [ | ||
{ | ||
"type": "SEMVER", | ||
"events": [ | ||
{ | ||
"introduced": "0" | ||
}, | ||
{ | ||
"fixed": "1.247355.0" | ||
} | ||
] | ||
} | ||
], | ||
"ecosystem_specific": {} | ||
} | ||
], | ||
"references": [ | ||
{ | ||
"type": "ADVISORY", | ||
"url": "https://github.com/aws/amazon-cloudwatch-agent/security/advisories/GHSA-j8x2-2m5w-j939" | ||
}, | ||
{ | ||
"type": "ADVISORY", | ||
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23511" | ||
}, | ||
{ | ||
"type": "FIX", | ||
"url": "https://github.com/aws/amazon-cloudwatch-agent/commit/6119858864c317ff26f41f576c169148d1250837" | ||
}, | ||
{ | ||
"type": "FIX", | ||
"url": "https://github.com/aws/amazon-cloudwatch-agent/commit/6119858864c317ff26f41f576c169148d1250837#diff-76ed074a9305c04054cdebb9e9aad2d818052b07091de1f20cad0bbac34ffb52" | ||
} | ||
], | ||
"database_specific": { | ||
"url": "https://pkg.go.dev/vuln/GO-2022-1160", | ||
"review_status": "UNREVIEWED" | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,73 @@ | ||
{ | ||
"schema_version": "1.3.1", | ||
"id": "GO-2022-1161", | ||
"modified": "0001-01-01T00:00:00Z", | ||
"published": "0001-01-01T00:00:00Z", | ||
"aliases": [ | ||
"CVE-2022-45968", | ||
"GHSA-4gjr-vgfx-9qvw" | ||
], | ||
"summary": "AList vulnerable to Improper Preservation of Permissions in github.com/alist-org/alist", | ||
"details": "AList vulnerable to Improper Preservation of Permissions in github.com/alist-org/alist", | ||
"affected": [ | ||
{ | ||
"package": { | ||
"name": "github.com/alist-org/alist", | ||
"ecosystem": "Go" | ||
}, | ||
"ranges": [ | ||
{ | ||
"type": "SEMVER", | ||
"events": [ | ||
{ | ||
"introduced": "0" | ||
} | ||
] | ||
} | ||
], | ||
"ecosystem_specific": {} | ||
}, | ||
{ | ||
"package": { | ||
"name": "github.com/alist-org/alist/v3", | ||
"ecosystem": "Go" | ||
}, | ||
"ranges": [ | ||
{ | ||
"type": "SEMVER", | ||
"events": [ | ||
{ | ||
"introduced": "0" | ||
}, | ||
{ | ||
"fixed": "3.5.1" | ||
} | ||
] | ||
} | ||
], | ||
"ecosystem_specific": {} | ||
} | ||
], | ||
"references": [ | ||
{ | ||
"type": "ADVISORY", | ||
"url": "https://github.com/advisories/GHSA-4gjr-vgfx-9qvw" | ||
}, | ||
{ | ||
"type": "ADVISORY", | ||
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45968" | ||
}, | ||
{ | ||
"type": "FIX", | ||
"url": "https://github.com/alist-org/alist/commit/85e1350af82e1759ca6580895e48ab969eb566cf" | ||
}, | ||
{ | ||
"type": "REPORT", | ||
"url": "https://github.com/alist-org/alist/issues/2444" | ||
} | ||
], | ||
"database_specific": { | ||
"url": "https://pkg.go.dev/vuln/GO-2022-1161", | ||
"review_status": "UNREVIEWED" | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,60 @@ | ||
{ | ||
"schema_version": "1.3.1", | ||
"id": "GO-2022-1164", | ||
"modified": "0001-01-01T00:00:00Z", | ||
"published": "0001-01-01T00:00:00Z", | ||
"aliases": [ | ||
"CVE-2022-43996", | ||
"GHSA-xxfx-w2rw-gh63" | ||
], | ||
"summary": "csaf-poc/csaf_distribution Cross-site Scripting vulnerability in github.com/csaf-poc/csaf_distribution", | ||
"details": "csaf-poc/csaf_distribution Cross-site Scripting vulnerability in github.com/csaf-poc/csaf_distribution", | ||
"affected": [ | ||
{ | ||
"package": { | ||
"name": "github.com/csaf-poc/csaf_distribution", | ||
"ecosystem": "Go" | ||
}, | ||
"ranges": [ | ||
{ | ||
"type": "SEMVER", | ||
"events": [ | ||
{ | ||
"introduced": "0" | ||
}, | ||
{ | ||
"fixed": "0.8.2" | ||
} | ||
] | ||
} | ||
], | ||
"ecosystem_specific": {} | ||
} | ||
], | ||
"references": [ | ||
{ | ||
"type": "ADVISORY", | ||
"url": "https://github.com/advisories/GHSA-xxfx-w2rw-gh63" | ||
}, | ||
{ | ||
"type": "ADVISORY", | ||
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43996" | ||
}, | ||
{ | ||
"type": "FIX", | ||
"url": "https://github.com/csaf-poc/csaf_distribution/commit/17f22855ee8d4270dd17ff748c30ed7304846fdc" | ||
}, | ||
{ | ||
"type": "WEB", | ||
"url": "https://github.com/csaf-poc/csaf_distribution/releases/tag/v0.8.2" | ||
}, | ||
{ | ||
"type": "WEB", | ||
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/bsi-2022-0003.json" | ||
} | ||
], | ||
"database_specific": { | ||
"url": "https://pkg.go.dev/vuln/GO-2022-1164", | ||
"review_status": "UNREVIEWED" | ||
} | ||
} |
Oops, something went wrong.