x/vulndb: potential Go vuln in github.com/containernetworking/plugins/pkg/ip: GHSA-pf59-j7c2-rh6x

[GoVulnBot]

In GitHub Security Advisory GHSA-pf59-j7c2-rh6x, there is a vulnerability in the following Go packages or modules:

Unit	Fixed	Vulnerable Ranges
github.com/containernetworking/plugins/pkg/ip	0.8.6	< 0.8.6

Cross references:

• CVE-2020-13597 appears in issue x/vulndb: potential Go vuln in github.com/containernetworking/plugins/pkg/ip: GHSA-pf59-j7c2-rh6x #860 NOT_IMPORTABLE
• GHSA-pf59-j7c2-rh6x appears in issue x/vulndb: potential Go vuln in github.com/containernetworking/plugins/pkg/ip: GHSA-pf59-j7c2-rh6x #860 NOT_IMPORTABLE

See doc/triage.md for instructions on how to triage this report.

modules:
  - module: TODO
    versions:
      - fixed: 0.8.6
    packages:
      - package: github.com/containernetworking/plugins/pkg/ip
description: Clusters using Calico (version 3.14.0 and below), Calico Enterprise (version
    2.8.2 and below), may be vulnerable to information disclosure if IPv6 is enabled
    but unused. A compromised pod with sufficient privilege is able to reconfigure
    the node’s IPv6 interface due to the node accepting route advertisement by default,
    allowing the attacker to redirect full or partial network traffic from the node
    to the compromised pod.
cves:
  - CVE-2020-13597
ghsas:
  - GHSA-pf59-j7c2-rh6x

[tatianab]

Duplicate of #860