Skip to content

Commit

Permalink
data/reports: unexclude 20 reports (6)
Browse files Browse the repository at this point in the history
  - data/reports/GO-2023-1785.yaml
  - data/reports/GO-2023-1793.yaml
  - data/reports/GO-2023-1795.yaml
  - data/reports/GO-2023-1800.yaml
  - data/reports/GO-2023-1801.yaml
  - data/reports/GO-2023-1803.yaml
  - data/reports/GO-2023-1804.yaml
  - data/reports/GO-2023-1806.yaml
  - data/reports/GO-2023-1808.yaml
  - data/reports/GO-2023-1809.yaml
  - data/reports/GO-2023-1819.yaml
  - data/reports/GO-2023-1827.yaml
  - data/reports/GO-2023-1828.yaml
  - data/reports/GO-2023-1829.yaml
  - data/reports/GO-2023-1831.yaml
  - data/reports/GO-2023-1849.yaml
  - data/reports/GO-2023-1850.yaml
  - data/reports/GO-2023-1851.yaml
  - data/reports/GO-2023-1852.yaml
  - data/reports/GO-2023-1853.yaml

Updates #1785
Updates #1793
Updates #1795
Updates #1800
Updates #1801
Updates #1803
Updates #1804
Updates #1806
Updates #1808
Updates #1809
Updates #1819
Updates #1827
Updates #1828
Updates #1829
Updates #1831
Updates #1849
Updates #1850
Updates #1851
Updates #1852
Updates #1853

Change-Id: Ib6fb15714358b0a9d7644d6ed43de25bdbd8434b
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/606786
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Tatiana Bradley <tatianabradley@google.com>
Reviewed-by: Damien Neil <dneil@google.com>
  • Loading branch information
tatianab authored and gopherbot committed Aug 20, 2024
1 parent 5ea5cbb commit 34d5974
Show file tree
Hide file tree
Showing 60 changed files with 1,716 additions and 158 deletions.
8 changes: 0 additions & 8 deletions data/excluded/GO-2023-1785.yaml

This file was deleted.

8 changes: 0 additions & 8 deletions data/excluded/GO-2023-1793.yaml

This file was deleted.

8 changes: 0 additions & 8 deletions data/excluded/GO-2023-1795.yaml

This file was deleted.

8 changes: 0 additions & 8 deletions data/excluded/GO-2023-1800.yaml

This file was deleted.

8 changes: 0 additions & 8 deletions data/excluded/GO-2023-1801.yaml

This file was deleted.

8 changes: 0 additions & 8 deletions data/excluded/GO-2023-1803.yaml

This file was deleted.

6 changes: 0 additions & 6 deletions data/excluded/GO-2023-1804.yaml

This file was deleted.

8 changes: 0 additions & 8 deletions data/excluded/GO-2023-1806.yaml

This file was deleted.

8 changes: 0 additions & 8 deletions data/excluded/GO-2023-1808.yaml

This file was deleted.

8 changes: 0 additions & 8 deletions data/excluded/GO-2023-1809.yaml

This file was deleted.

8 changes: 0 additions & 8 deletions data/excluded/GO-2023-1819.yaml

This file was deleted.

8 changes: 0 additions & 8 deletions data/excluded/GO-2023-1827.yaml

This file was deleted.

8 changes: 0 additions & 8 deletions data/excluded/GO-2023-1828.yaml

This file was deleted.

8 changes: 0 additions & 8 deletions data/excluded/GO-2023-1829.yaml

This file was deleted.

8 changes: 0 additions & 8 deletions data/excluded/GO-2023-1831.yaml

This file was deleted.

8 changes: 0 additions & 8 deletions data/excluded/GO-2023-1849.yaml

This file was deleted.

8 changes: 0 additions & 8 deletions data/excluded/GO-2023-1850.yaml

This file was deleted.

8 changes: 0 additions & 8 deletions data/excluded/GO-2023-1851.yaml

This file was deleted.

8 changes: 0 additions & 8 deletions data/excluded/GO-2023-1852.yaml

This file was deleted.

8 changes: 0 additions & 8 deletions data/excluded/GO-2023-1853.yaml

This file was deleted.

72 changes: 72 additions & 0 deletions data/osv/GO-2023-1785.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,72 @@
{
"schema_version": "1.3.1",
"id": "GO-2023-1785",
"modified": "0001-01-01T00:00:00Z",
"published": "0001-01-01T00:00:00Z",
"aliases": [
"CVE-2023-30851",
"GHSA-2h44-x2wx-49f4"
],
"summary": "Potential HTTP policy bypass when using header rules in Cilium in github.com/cilium/cilium",
"details": "Potential HTTP policy bypass when using header rules in Cilium in github.com/cilium/cilium",
"affected": [
{
"package": {
"name": "github.com/cilium/cilium",
"ecosystem": "Go"
},
"ranges": [
{
"type": "SEMVER",
"events": [
{
"introduced": "0"
},
{
"fixed": "1.11.16"
},
{
"introduced": "1.12.0"
},
{
"fixed": "1.12.9"
},
{
"introduced": "1.13.0"
},
{
"fixed": "1.13.2"
}
]
}
],
"ecosystem_specific": {}
}
],
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/cilium/cilium/security/advisories/GHSA-2h44-x2wx-49f4"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-30851"
},
{
"type": "WEB",
"url": "https://github.com/cilium/cilium/releases/tag/v1.11.16"
},
{
"type": "WEB",
"url": "https://github.com/cilium/cilium/releases/tag/v1.12.9"
},
{
"type": "WEB",
"url": "https://github.com/cilium/cilium/releases/tag/v1.13.2"
}
],
"database_specific": {
"url": "https://pkg.go.dev/vuln/GO-2023-1785",
"review_status": "UNREVIEWED"
}
}
64 changes: 64 additions & 0 deletions data/osv/GO-2023-1793.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,64 @@
{
"schema_version": "1.3.1",
"id": "GO-2023-1793",
"modified": "0001-01-01T00:00:00Z",
"published": "0001-01-01T00:00:00Z",
"aliases": [
"CVE-2023-2878",
"GHSA-g82w-58jf-gcxx"
],
"summary": "secrets-store-csi-driver discloses service account tokens in logs in sigs.k8s.io/secrets-store-csi-driver",
"details": "secrets-store-csi-driver discloses service account tokens in logs in sigs.k8s.io/secrets-store-csi-driver",
"affected": [
{
"package": {
"name": "sigs.k8s.io/secrets-store-csi-driver",
"ecosystem": "Go"
},
"ranges": [
{
"type": "SEMVER",
"events": [
{
"introduced": "0"
},
{
"fixed": "1.3.3"
}
]
}
],
"ecosystem_specific": {}
}
],
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/kubernetes-sigs/secrets-store-csi-driver/security/advisories/GHSA-g82w-58jf-gcxx"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-2878"
},
{
"type": "WEB",
"url": "https://github.com/kubernetes-sigs/secrets-store-csi-driver/releases/tag/v1.3.3"
},
{
"type": "WEB",
"url": "https://github.com/kubernetes/kubernetes/issues/118419"
},
{
"type": "WEB",
"url": "https://groups.google.com/g/kubernetes-security-announce/c/5K8ghQHBDdQ/m/Udee6YUgAAAJ"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20230814-0003"
}
],
"database_specific": {
"url": "https://pkg.go.dev/vuln/GO-2023-1793",
"review_status": "UNREVIEWED"
}
}
52 changes: 52 additions & 0 deletions data/osv/GO-2023-1795.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,52 @@
{
"schema_version": "1.3.1",
"id": "GO-2023-1795",
"modified": "0001-01-01T00:00:00Z",
"published": "0001-01-01T00:00:00Z",
"aliases": [
"CVE-2023-33199",
"GHSA-frqx-jfcm-6jjr"
],
"summary": "malformed proposed intoto entries can cause a panic in github.com/sigstore/rekor",
"details": "malformed proposed intoto entries can cause a panic in github.com/sigstore/rekor",
"affected": [
{
"package": {
"name": "github.com/sigstore/rekor",
"ecosystem": "Go"
},
"ranges": [
{
"type": "SEMVER",
"events": [
{
"introduced": "0"
},
{
"fixed": "1.2.0"
}
]
}
],
"ecosystem_specific": {}
}
],
"references": [
{
"type": "ADVISORY",
"url": "https://github.com/sigstore/rekor/security/advisories/GHSA-frqx-jfcm-6jjr"
},
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-33199"
},
{
"type": "FIX",
"url": "https://github.com/sigstore/rekor/commit/140c5add105179e5ffd9e3e114fd1b6b93aebbd4"
}
],
"database_specific": {
"url": "https://pkg.go.dev/vuln/GO-2023-1795",
"review_status": "UNREVIEWED"
}
}
Loading

0 comments on commit 34d5974

Please sign in to comment.