x/vulndb: potential Go vuln in github.com/heketi/heketi: GHSA-rm7c-x6gj-2mr8

[GoVulnBot]

In GitHub Security Advisory GHSA-rm7c-x6gj-2mr8, there is a vulnerability in the following Go packages or modules:

Unit	Fixed	Vulnerable Ranges
github.com/heketi/heketi	10.1.0	< 10.1.0

Cross references:

• Module github.com/heketi/heketi appears in issue x/vulndb: potential Go vuln in github.com/heketi/heketi: GHSA-q9vw-wr57-xjv3 #866 NOT_IMPORTABLE
• CVE-2020-10763 appears in issue x/vulndb: potential Go vuln in github.com/heketi/heketi: CVE-2020-10763 #2265 LEGACY_FALSE_POSITIVE
• Module github.com/heketi/heketi appears in issue x/vulndb: potential Go vuln in github.com/heketi/heketi: CVE-2020-10763 #2265 LEGACY_FALSE_POSITIVE

See doc/triage.md for instructions on how to triage this report.

modules:
    - module: github.com/heketi/heketi
      versions:
        - fixed: 10.1.0
      packages:
        - package: github.com/heketi/heketi
summary: Heketi logs sensitive information in github.com/heketi/heketi
cves:
    - CVE-2020-10763
ghsas:
    - GHSA-rm7c-x6gj-2mr8
references:
    - web: https://nvd.nist.gov/vuln/detail/CVE-2020-10763
    - web: https://bugzilla.redhat.com/show_bug.cgi?id=1845387
    - web: https://github.com/heketi/heketi/releases/tag/v10.1.0
    - fix: https://github.com/heketi/heketi/commit/be1583833924e62d2581824a0addcba0aed33c99
    - advisory: https://github.com/advisories/GHSA-rm7c-x6gj-2mr8
source:
    id: GHSA-rm7c-x6gj-2mr8

[gopherbot]

Change https://go.dev/cl/582535 mentions this issue: data/reports: batch add unreviewed reports

[tatianab]

Duplicate of #2265