Skip to content

Commit fb09166

Browse files
tatianabtatianab
committed
data/reports: update 3 reports
Regenerate three UNREVIEWED reports that now have a GHSA available. - data/reports/GO-2024-2965.yaml - data/reports/GO-2024-2969.yaml - data/reports/GO-2024-2974.yaml Updates #2965 Updates #2969 Updates #2974 Change-Id: I5f5b9fc105520c831e598dc591d04b9e81347d3d Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/601375 Reviewed-by: Damien Neil <[email protected]> LUCI-TryBot-Result: Go LUCI <[email protected]>
1 parent 078e674 commit fb09166

File tree

6 files changed

+390
-42
lines changed

6 files changed

+390
-42
lines changed

data/osv/GO-2024-2965.json

Lines changed: 6 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -4,7 +4,8 @@
44
"modified": "0001-01-01T00:00:00Z",
55
"published": "0001-01-01T00:00:00Z",
66
"aliases": [
7-
"CVE-2024-39315"
7+
"CVE-2024-39315",
8+
"GHSA-rrqr-7w59-637v"
89
],
910
"summary": "Pomerium exposed OAuth2 access and ID tokens in user info endpoint response in github.com/pomerium/pomerium",
1011
"details": "Pomerium exposed OAuth2 access and ID tokens in user info endpoint response in github.com/pomerium/pomerium",
@@ -31,17 +32,17 @@
3132
}
3233
],
3334
"references": [
35+
{
36+
"type": "ADVISORY",
37+
"url": "https://github.com/pomerium/pomerium/security/advisories/GHSA-rrqr-7w59-637v"
38+
},
3439
{
3540
"type": "ADVISORY",
3641
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39315"
3742
},
3843
{
3944
"type": "FIX",
4045
"url": "https://github.com/pomerium/pomerium/commit/4c7c4320afb2ced70ba19b46de1ac4383f3daa48"
41-
},
42-
{
43-
"type": "WEB",
44-
"url": "https://github.com/pomerium/pomerium/security/advisories/GHSA-rrqr-7w59-637v"
4546
}
4647
],
4748
"database_specific": {

data/osv/GO-2024-2969.json

Lines changed: 9 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -4,10 +4,11 @@
44
"modified": "0001-01-01T00:00:00Z",
55
"published": "0001-01-01T00:00:00Z",
66
"aliases": [
7-
"CVE-2024-39930"
7+
"CVE-2024-39930",
8+
"GHSA-p69r-v3h4-rj4f"
89
],
9-
"summary": "CVE-2024-39930 in github.com/gogs/gogs",
10-
"details": "CVE-2024-39930 in github.com/gogs/gogs",
10+
"summary": "github.com/gogs/gogs affected by CVE-2024-39930",
11+
"details": "github.com/gogs/gogs affected by CVE-2024-39930",
1112
"affected": [
1213
{
1314
"package": {
@@ -28,6 +29,10 @@
2829
}
2930
],
3031
"references": [
32+
{
33+
"type": "ADVISORY",
34+
"url": "https://github.com/advisories/GHSA-p69r-v3h4-rj4f"
35+
},
3136
{
3237
"type": "ADVISORY",
3338
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39930"
@@ -38,7 +43,7 @@
3843
},
3944
{
4045
"type": "WEB",
41-
"url": "https://www.sonarsource.com/blog/securing-developer-tools-unpatched-code-vulnerabilities-in-gogs-1/"
46+
"url": "https://www.sonarsource.com/blog/securing-developer-tools-unpatched-code-vulnerabilities-in-gogs-1"
4247
}
4348
],
4449
"database_specific": {

0 commit comments

Comments
 (0)