Skip to content

Commit 41b516d

Browse files
tatianabgopherbot
tatianab
authored and
gopherbot
committed
data/reports: unexclude 20 reports (17)
 - data/reports/GO-2022-0457.yaml - data/reports/GO-2022-0458.yaml - data/reports/GO-2022-0459.yaml - data/reports/GO-2022-0471.yaml - data/reports/GO-2022-0473.yaml - data/reports/GO-2022-0480.yaml - data/reports/GO-2022-0482.yaml - data/reports/GO-2022-0483.yaml - data/reports/GO-2022-0490.yaml - data/reports/GO-2022-0491.yaml - data/reports/GO-2022-0494.yaml - data/reports/GO-2022-0495.yaml - data/reports/GO-2022-0496.yaml - data/reports/GO-2022-0497.yaml - data/reports/GO-2022-0498.yaml - data/reports/GO-2022-0499.yaml - data/reports/GO-2022-0500.yaml - data/reports/GO-2022-0501.yaml - data/reports/GO-2022-0502.yaml - data/reports/GO-2022-0505.yaml Updates #457 Updates #458 Updates #459 Updates #471 Updates #473 Updates #480 Updates #482 Updates #483 Updates #490 Updates #491 Updates #494 Updates #495 Updates #496 Updates #497 Updates #498 Updates #499 Updates #500 Updates #501 Updates #502 Updates #505 Change-Id: I92c5f4afd83bb1c6bd9f448bc65ca730c64ce770 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/607219 Auto-Submit: Tatiana Bradley <[email protected]> Reviewed-by: Damien Neil <[email protected]> LUCI-TryBot-Result: Go LUCI <[email protected]>
1 parent e9d3f29 commit 41b516d

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

60 files changed

+1885
-160
lines changed

data/excluded/GO-2022-0457.yaml

-8
This file was deleted.

data/excluded/GO-2022-0458.yaml

-8
This file was deleted.

data/excluded/GO-2022-0459.yaml

-8
This file was deleted.

data/excluded/GO-2022-0471.yaml

-8
This file was deleted.

data/excluded/GO-2022-0473.yaml

-6
This file was deleted.

data/excluded/GO-2022-0480.yaml

-8
This file was deleted.

data/excluded/GO-2022-0482.yaml

-8
This file was deleted.

data/excluded/GO-2022-0483.yaml

-8
This file was deleted.

data/excluded/GO-2022-0490.yaml

-8
This file was deleted.

data/excluded/GO-2022-0491.yaml

-8
This file was deleted.

data/excluded/GO-2022-0494.yaml

-8
This file was deleted.

data/excluded/GO-2022-0495.yaml

-8
This file was deleted.

data/excluded/GO-2022-0496.yaml

-10
This file was deleted.

data/excluded/GO-2022-0497.yaml

-8
This file was deleted.

data/excluded/GO-2022-0498.yaml

-8
This file was deleted.

data/excluded/GO-2022-0499.yaml

-8
This file was deleted.

data/excluded/GO-2022-0500.yaml

-8
This file was deleted.

data/excluded/GO-2022-0501.yaml

-8
This file was deleted.

data/excluded/GO-2022-0502.yaml

-8
This file was deleted.

data/excluded/GO-2022-0505.yaml

-8
This file was deleted.

data/osv/GO-2022-0457.json

+72
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,72 @@
1+
{
2+
"schema_version": "1.3.1",
3+
"id": "GO-2022-0457",
4+
"modified": "0001-01-01T00:00:00Z",
5+
"published": "0001-01-01T00:00:00Z",
6+
"aliases": [
7+
"CVE-2022-29178",
8+
"GHSA-6p8v-8cq8-v2r3"
9+
],
10+
"summary": "Access to Unix domain socket can lead to privileges escalation in Cilium in github.com/cilium/cilium",
11+
"details": "Access to Unix domain socket can lead to privileges escalation in Cilium in github.com/cilium/cilium",
12+
"affected": [
13+
{
14+
"package": {
15+
"name": "github.com/cilium/cilium",
16+
"ecosystem": "Go"
17+
},
18+
"ranges": [
19+
{
20+
"type": "SEMVER",
21+
"events": [
22+
{
23+
"introduced": "0"
24+
},
25+
{
26+
"fixed": "1.9.16"
27+
},
28+
{
29+
"introduced": "1.10.0"
30+
},
31+
{
32+
"fixed": "1.10.11"
33+
},
34+
{
35+
"introduced": "1.11.0"
36+
},
37+
{
38+
"fixed": "1.11.5"
39+
}
40+
]
41+
}
42+
],
43+
"ecosystem_specific": {}
44+
}
45+
],
46+
"references": [
47+
{
48+
"type": "ADVISORY",
49+
"url": "https://github.com/cilium/cilium/security/advisories/GHSA-6p8v-8cq8-v2r3"
50+
},
51+
{
52+
"type": "ADVISORY",
53+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29178"
54+
},
55+
{
56+
"type": "WEB",
57+
"url": "https://github.com/cilium/cilium/releases/tag/v1.10.11"
58+
},
59+
{
60+
"type": "WEB",
61+
"url": "https://github.com/cilium/cilium/releases/tag/v1.11.5"
62+
},
63+
{
64+
"type": "WEB",
65+
"url": "https://github.com/cilium/cilium/releases/tag/v1.9.16"
66+
}
67+
],
68+
"database_specific": {
69+
"url": "https://pkg.go.dev/vuln/GO-2022-0457",
70+
"review_status": "UNREVIEWED"
71+
}
72+
}

data/osv/GO-2022-0458.json

+72
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,72 @@
1+
{
2+
"schema_version": "1.3.1",
3+
"id": "GO-2022-0458",
4+
"modified": "0001-01-01T00:00:00Z",
5+
"published": "0001-01-01T00:00:00Z",
6+
"aliases": [
7+
"CVE-2022-29179",
8+
"GHSA-fmrf-gvjp-5j5g"
9+
],
10+
"summary": "Improper Privilege Management in Cilium in github.com/cilium/cilium",
11+
"details": "Improper Privilege Management in Cilium in github.com/cilium/cilium",
12+
"affected": [
13+
{
14+
"package": {
15+
"name": "github.com/cilium/cilium",
16+
"ecosystem": "Go"
17+
},
18+
"ranges": [
19+
{
20+
"type": "SEMVER",
21+
"events": [
22+
{
23+
"introduced": "0"
24+
},
25+
{
26+
"fixed": "1.9.16"
27+
},
28+
{
29+
"introduced": "1.10.0"
30+
},
31+
{
32+
"fixed": "1.10.11"
33+
},
34+
{
35+
"introduced": "1.11.0"
36+
},
37+
{
38+
"fixed": "1.11.5"
39+
}
40+
]
41+
}
42+
],
43+
"ecosystem_specific": {}
44+
}
45+
],
46+
"references": [
47+
{
48+
"type": "ADVISORY",
49+
"url": "https://github.com/cilium/cilium/security/advisories/GHSA-fmrf-gvjp-5j5g"
50+
},
51+
{
52+
"type": "ADVISORY",
53+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29179"
54+
},
55+
{
56+
"type": "WEB",
57+
"url": "https://github.com/cilium/cilium/releases/tag/v1.10.11"
58+
},
59+
{
60+
"type": "WEB",
61+
"url": "https://github.com/cilium/cilium/releases/tag/v1.11.5"
62+
},
63+
{
64+
"type": "WEB",
65+
"url": "https://github.com/cilium/cilium/releases/tag/v1.9.16"
66+
}
67+
],
68+
"database_specific": {
69+
"url": "https://pkg.go.dev/vuln/GO-2022-0458",
70+
"review_status": "UNREVIEWED"
71+
}
72+
}

data/osv/GO-2022-0459.json

+52
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,52 @@
1+
{
2+
"schema_version": "1.3.1",
3+
"id": "GO-2022-0459",
4+
"modified": "0001-01-01T00:00:00Z",
5+
"published": "0001-01-01T00:00:00Z",
6+
"aliases": [
7+
"CVE-2022-29188",
8+
"GHSA-qwrf-gfpj-qvj6"
9+
],
10+
"summary": "Smokescreen SSRF via deny list bypass (square brackets) in github.com/stripe/smokescreen",
11+
"details": "Smokescreen SSRF via deny list bypass (square brackets) in github.com/stripe/smokescreen",
12+
"affected": [
13+
{
14+
"package": {
15+
"name": "github.com/stripe/smokescreen",
16+
"ecosystem": "Go"
17+
},
18+
"ranges": [
19+
{
20+
"type": "SEMVER",
21+
"events": [
22+
{
23+
"introduced": "0"
24+
},
25+
{
26+
"fixed": "0.0.4"
27+
}
28+
]
29+
}
30+
],
31+
"ecosystem_specific": {}
32+
}
33+
],
34+
"references": [
35+
{
36+
"type": "ADVISORY",
37+
"url": "https://github.com/stripe/smokescreen/security/advisories/GHSA-qwrf-gfpj-qvj6"
38+
},
39+
{
40+
"type": "ADVISORY",
41+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-29188"
42+
},
43+
{
44+
"type": "FIX",
45+
"url": "https://github.com/stripe/smokescreen/commit/dea7b3c89df000f4072ff9866d61d78e30df6a36"
46+
}
47+
],
48+
"database_specific": {
49+
"url": "https://pkg.go.dev/vuln/GO-2022-0459",
50+
"review_status": "UNREVIEWED"
51+
}
52+
}

0 commit comments

Comments
 (0)