Skip to content

Commit

Permalink
data/reports: regenerate 50 reports
Browse files Browse the repository at this point in the history
  - data/reports/GO-2024-2428.yaml
  - data/reports/GO-2024-2442.yaml
  - data/reports/GO-2024-2444.yaml
  - data/reports/GO-2024-2445.yaml
  - data/reports/GO-2024-2446.yaml
  - data/reports/GO-2024-2447.yaml
  - data/reports/GO-2024-2448.yaml
  - data/reports/GO-2024-2449.yaml
  - data/reports/GO-2024-2450.yaml
  - data/reports/GO-2024-2478.yaml
  - data/reports/GO-2024-2485.yaml
  - data/reports/GO-2024-2486.yaml
  - data/reports/GO-2024-2488.yaml
  - data/reports/GO-2024-2499.yaml
  - data/reports/GO-2024-2501.yaml
  - data/reports/GO-2024-2505.yaml
  - data/reports/GO-2024-2508.yaml
  - data/reports/GO-2024-2509.yaml
  - data/reports/GO-2024-2511.yaml
  - data/reports/GO-2024-2513.yaml
  - data/reports/GO-2024-2514.yaml
  - data/reports/GO-2024-2515.yaml
  - data/reports/GO-2024-2517.yaml
  - data/reports/GO-2024-2519.yaml
  - data/reports/GO-2024-2520.yaml
  - data/reports/GO-2024-2523.yaml
  - data/reports/GO-2024-2540.yaml
  - data/reports/GO-2024-2541.yaml
  - data/reports/GO-2024-2566.yaml
  - data/reports/GO-2024-2568.yaml
  - data/reports/GO-2024-2569.yaml
  - data/reports/GO-2024-2576.yaml
  - data/reports/GO-2024-2578.yaml
  - data/reports/GO-2024-2579.yaml
  - data/reports/GO-2024-2580.yaml
  - data/reports/GO-2024-2582.yaml
  - data/reports/GO-2024-2588.yaml
  - data/reports/GO-2024-2589.yaml
  - data/reports/GO-2024-2590.yaml
  - data/reports/GO-2024-2591.yaml
  - data/reports/GO-2024-2592.yaml
  - data/reports/GO-2024-2593.yaml
  - data/reports/GO-2024-2594.yaml
  - data/reports/GO-2024-2595.yaml
  - data/reports/GO-2024-2597.yaml
  - data/reports/GO-2024-2629.yaml
  - data/reports/GO-2024-2635.yaml
  - data/reports/GO-2024-2636.yaml
  - data/reports/GO-2024-2637.yaml
  - data/reports/GO-2024-2641.yaml

Updates #2428
Updates #2442
Updates #2444
Updates #2445
Updates #2446
Updates #2447
Updates #2448
Updates #2449
Updates #2450
Updates #2478
Updates #2485
Updates #2486
Updates #2488
Updates #2499
Updates #2501
Updates #2505
Updates #2508
Updates #2509
Updates #2511
Updates #2513
Updates #2514
Updates #2515
Updates #2517
Updates #2519
Updates #2520
Updates #2523
Updates #2540
Updates #2541
Updates #2566
Updates #2568
Updates #2569
Updates #2576
Updates #2578
Updates #2579
Updates #2580
Updates #2582
Updates #2588
Updates #2589
Updates #2590
Updates #2591
Updates #2592
Updates #2593
Updates #2594
Updates #2595
Updates #2597
Updates #2629
Updates #2635
Updates #2636
Updates #2637
Updates #2641

Change-Id: If02ad5ae2b621addda56b45d8c84b0476a12737b
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/606358
Reviewed-by: Damien Neil <dneil@google.com>
Auto-Submit: Tatiana Bradley <tatianabradley@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
  • Loading branch information
tatianab authored and gopherbot committed Aug 19, 2024
1 parent 9c256df commit 08b42c7
Show file tree
Hide file tree
Showing 57 changed files with 101 additions and 187 deletions.
5 changes: 3 additions & 2 deletions data/osv/GO-2024-2442.json
Original file line number Diff line number Diff line change
Expand Up @@ -3,11 +3,12 @@
"id": "GO-2024-2442",
"modified": "0001-01-01T00:00:00Z",
"published": "0001-01-01T00:00:00Z",
"withdrawn": "2024-01-23T12:50:23Z",
"aliases": [
"GHSA-76cc-p55w-63g3"
],
"summary": "Teleport Access List owners can escalate their privileges in github.com/gravitational/teleport",
"details": "Teleport Access List owners can escalate their privileges in github.com/gravitational/teleport.\n\nNOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions.\n\n(If this is causing false-positive reports from vulnerability scanners, please suggest an edit to the report.)\n\nThe additional affected modules and versions are: github.com/gravitational/teleport from v13.0.0 before v13.4.13, from v14.0.0 before v14.2.4.",
"summary": "Withdrawn Advisory: Teleport Access List owners can escalate their privileges in github.com/gravitational/teleport",
"details": "Withdrawn Advisory: Teleport Access List owners can escalate their privileges in github.com/gravitational/teleport.\n\nNOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions.\n\n(If this is causing false-positive reports from vulnerability scanners, please suggest an edit to the report.)\n\nThe additional affected modules and versions are: github.com/gravitational/teleport from v13.0.0 before v13.4.13, from v14.0.0 before v14.2.4.",
"affected": [
{
"package": {
Expand Down
5 changes: 3 additions & 2 deletions data/osv/GO-2024-2445.json
Original file line number Diff line number Diff line change
Expand Up @@ -3,11 +3,12 @@
"id": "GO-2024-2445",
"modified": "0001-01-01T00:00:00Z",
"published": "0001-01-01T00:00:00Z",
"withdrawn": "2024-01-23T12:50:08Z",
"aliases": [
"GHSA-c9v7-wmwj-vf6x"
],
"summary": "SFTP is possible on the Proxy server for any user with SFTP access in github.com/gravitational/teleport",
"details": "SFTP is possible on the Proxy server for any user with SFTP access in github.com/gravitational/teleport.\n\nNOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions.\n\n(If this is causing false-positive reports from vulnerability scanners, please suggest an edit to the report.)\n\nThe additional affected modules and versions are: github.com/gravitational/teleport before v12.4.31, from v13.0.0 before v13.4.13, from v14.0.0 before v14.2.4.",
"summary": "Withdrawn Advisory: SFTP is possible on the Proxy server for any user with SFTP access in github.com/gravitational/teleport",
"details": "Withdrawn Advisory: SFTP is possible on the Proxy server for any user with SFTP access in github.com/gravitational/teleport.\n\nNOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions.\n\n(If this is causing false-positive reports from vulnerability scanners, please suggest an edit to the report.)\n\nThe additional affected modules and versions are: github.com/gravitational/teleport before v12.4.31, from v13.0.0 before v13.4.13, from v14.0.0 before v14.2.4.",
"affected": [
{
"package": {
Expand Down
5 changes: 3 additions & 2 deletions data/osv/GO-2024-2447.json
Original file line number Diff line number Diff line change
Expand Up @@ -3,11 +3,12 @@
"id": "GO-2024-2447",
"modified": "0001-01-01T00:00:00Z",
"published": "0001-01-01T00:00:00Z",
"withdrawn": "2024-01-23T12:50:39Z",
"aliases": [
"GHSA-hw4x-mcx5-9q36"
],
"summary": "Teleport Proxy and Teleport Agents: SSRF to arbitrary hosts is possible from low privileged users in github.com/gravitational/teleport",
"details": "Teleport Proxy and Teleport Agents: SSRF to arbitrary hosts is possible from low privileged users in github.com/gravitational/teleport.\n\nNOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions.\n\n(If this is causing false-positive reports from vulnerability scanners, please suggest an edit to the report.)\n\nThe additional affected modules and versions are: github.com/gravitational/teleport before v12.4.31, from v13.0.0 before v13.4.13, from v14.0.0 before v14.2.4.",
"summary": "Withdrawn Advisory: Teleport Proxy and Teleport Agents: SSRF to arbitrary hosts is possible from low privileged users in github.com/gravitational/teleport",
"details": "Withdrawn Advisory: Teleport Proxy and Teleport Agents: SSRF to arbitrary hosts is possible from low privileged users in github.com/gravitational/teleport.\n\nNOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions.\n\n(If this is causing false-positive reports from vulnerability scanners, please suggest an edit to the report.)\n\nThe additional affected modules and versions are: github.com/gravitational/teleport before v12.4.31, from v13.0.0 before v13.4.13, from v14.0.0 before v14.2.4.",
"affected": [
{
"package": {
Expand Down
5 changes: 3 additions & 2 deletions data/osv/GO-2024-2449.json
Original file line number Diff line number Diff line change
Expand Up @@ -3,11 +3,12 @@
"id": "GO-2024-2449",
"modified": "0001-01-01T00:00:00Z",
"published": "0001-01-01T00:00:00Z",
"withdrawn": "2024-01-23T12:49:53Z",
"aliases": [
"GHSA-vfxf-76hv-v4w4"
],
"summary": "User-provided environment values allow execution on macOS agents in github.com/gravitational/teleport",
"details": "User-provided environment values allow execution on macOS agents in github.com/gravitational/teleport.\n\nNOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions.\n\n(If this is causing false-positive reports from vulnerability scanners, please suggest an edit to the report.)\n\nThe additional affected modules and versions are: github.com/gravitational/teleport before v12.4.31, from v13.0.0 before v13.4.13, from v14.0.0 before v14.2.4.",
"summary": "Withdrawn Advisory: User-provided environment values allow execution on macOS agents in github.com/gravitational/teleport",
"details": "Withdrawn Advisory: User-provided environment values allow execution on macOS agents in github.com/gravitational/teleport.\n\nNOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions.\n\n(If this is causing false-positive reports from vulnerability scanners, please suggest an edit to the report.)\n\nThe additional affected modules and versions are: github.com/gravitational/teleport before v12.4.31, from v13.0.0 before v13.4.13, from v14.0.0 before v14.2.4.",
"affected": [
{
"package": {
Expand Down
2 changes: 1 addition & 1 deletion data/osv/GO-2024-2568.json
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@
"type": "SEMVER",
"events": [
{
"introduced": "0"
"introduced": "1.14.0"
},
{
"fixed": "1.14.7"
Expand Down
2 changes: 1 addition & 1 deletion data/osv/GO-2024-2569.json
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@
"type": "SEMVER",
"events": [
{
"introduced": "0"
"introduced": "1.14.0"
},
{
"fixed": "1.14.7"
Expand Down
18 changes: 2 additions & 16 deletions data/osv/GO-2024-2635.json
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@
"GHSA-r4fm-g65h-cr54"
],
"summary": "Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server",
"details": "Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server.\n\nNOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions.\n\n(If this is causing false-positive reports from vulnerability scanners, please suggest an edit to the report.)\n\nThe additional affected modules and versions are: github.com/mattermost/mattermost/server/v8 before v8.1.9.",
"details": "Mattermost incorrectly allows access individual posts in github.com/mattermost/mattermost-server",
"affected": [
{
"package": {
Expand Down Expand Up @@ -79,21 +79,7 @@
]
}
],
"ecosystem_specific": {
"custom_ranges": [
{
"type": "ECOSYSTEM",
"events": [
{
"introduced": "0"
},
{
"fixed": "8.1.9"
}
]
}
]
}
"ecosystem_specific": {}
}
],
"references": [
Expand Down
4 changes: 1 addition & 3 deletions data/reports/GO-2024-2428.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -11,8 +11,6 @@ cves:
- CVE-2023-5044
ghsas:
- GHSA-fp9f-44c2-cw27
unknown_aliases:
- BIT-nginx-ingress-controller-2023-5044
references:
- advisory: https://github.com/advisories/GHSA-fp9f-44c2-cw27
- advisory: https://nvd.nist.gov/vuln/detail/CVE-2023-5044
Expand All @@ -22,6 +20,6 @@ references:
- web: https://security.netapp.com/advisory/ntap-20240307-0012
source:
id: GHSA-fp9f-44c2-cw27
created: 2024-06-14T11:34:12.417676-04:00
created: 2024-08-16T15:55:16.958982-04:00
review_status: UNREVIEWED
unexcluded: EFFECTIVELY_PRIVATE
5 changes: 3 additions & 2 deletions data/reports/GO-2024-2442.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -7,13 +7,14 @@ modules:
- introduced: 14.0.0
- fixed: 14.2.4
vulnerable_at: 3.2.17+incompatible
summary: Teleport Access List owners can escalate their privileges in github.com/gravitational/teleport
summary: 'Withdrawn Advisory: Teleport Access List owners can escalate their privileges in github.com/gravitational/teleport'
withdrawn: "2024-01-23T12:50:23Z"
ghsas:
- GHSA-76cc-p55w-63g3
references:
- advisory: https://github.com/gravitational/teleport/security/advisories/GHSA-76cc-p55w-63g3
source:
id: GHSA-76cc-p55w-63g3
created: 2024-06-14T11:35:01.72578-04:00
created: 2024-08-16T15:56:08.836802-04:00
review_status: UNREVIEWED
unexcluded: EFFECTIVELY_PRIVATE
9 changes: 3 additions & 6 deletions data/reports/GO-2024-2444.yaml
Original file line number Diff line number Diff line change
@@ -1,30 +1,27 @@
id: GO-2024-2444
modules:
- module: github.com/mattermost/mattermost-server
vulnerable_at: 9.9.0+incompatible
vulnerable_at: 9.11.0+incompatible
- module: github.com/mattermost/mattermost-server/v5
vulnerable_at: 5.39.3
- module: github.com/mattermost/mattermost-server/v6
vulnerable_at: 6.7.2
- module: github.com/mattermost/mattermost/server/v8
non_go_versions:
- fixed: 8.1.7
vulnerable_at: 8.0.0-20240626184126-817e18414e41
vulnerable_at: 8.0.0-20240816093336-e666f7ccfc35
summary: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server
cves:
- CVE-2023-50333
ghsas:
- GHSA-9w97-9rqx-8v4j
unknown_aliases:
- BIT-mattermost-2023-50333
- CGA-28fj-7rmv-xw55
references:
- advisory: https://github.com/advisories/GHSA-9w97-9rqx-8v4j
- advisory: https://nvd.nist.gov/vuln/detail/CVE-2023-50333
- web: https://github.com/mattermost/mattermost/commit/61dd452fb2fcd3ac6f7b2e050f7f0a93a92d95fc
- web: https://mattermost.com/security-updates
source:
id: GHSA-9w97-9rqx-8v4j
created: 2024-06-26T16:12:41.49358-04:00
created: 2024-08-16T15:57:37.961165-04:00
review_status: UNREVIEWED
unexcluded: EFFECTIVELY_PRIVATE
7 changes: 5 additions & 2 deletions data/reports/GO-2024-2445.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,10 @@ modules:
- introduced: 14.0.0
- fixed: 14.2.4
vulnerable_at: 3.2.17+incompatible
summary: SFTP is possible on the Proxy server for any user with SFTP access in github.com/gravitational/teleport
summary: |-
Withdrawn Advisory: SFTP is possible on the Proxy server for any user with SFTP
access in github.com/gravitational/teleport
withdrawn: "2024-01-23T12:50:08Z"
ghsas:
- GHSA-c9v7-wmwj-vf6x
references:
Expand All @@ -17,6 +20,6 @@ references:
- fix: https://github.com/gravitational/teleport/pull/36136
source:
id: GHSA-c9v7-wmwj-vf6x
created: 2024-06-14T11:35:27.699279-04:00
created: 2024-08-16T15:58:42.619857-04:00
review_status: UNREVIEWED
unexcluded: EFFECTIVELY_PRIVATE
9 changes: 3 additions & 6 deletions data/reports/GO-2024-2446.yaml
Original file line number Diff line number Diff line change
@@ -1,29 +1,26 @@
id: GO-2024-2446
modules:
- module: github.com/mattermost/mattermost-server
vulnerable_at: 9.9.0+incompatible
vulnerable_at: 9.11.0+incompatible
- module: github.com/mattermost/mattermost-server/v5
vulnerable_at: 5.39.3
- module: github.com/mattermost/mattermost-server/v6
vulnerable_at: 6.7.2
- module: github.com/mattermost/mattermost/server/v8
non_go_versions:
- fixed: 8.1.7
vulnerable_at: 8.0.0-20240626184126-817e18414e41
vulnerable_at: 8.0.0-20240816093336-e666f7ccfc35
summary: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server
cves:
- CVE-2023-7113
ghsas:
- GHSA-h3gq-j7p9-x3p4
unknown_aliases:
- BIT-mattermost-2023-7113
- CGA-pcxv-43r4-92mm
references:
- advisory: https://github.com/advisories/GHSA-h3gq-j7p9-x3p4
- advisory: https://nvd.nist.gov/vuln/detail/CVE-2023-7113
- web: https://mattermost.com/security-updates
source:
id: GHSA-h3gq-j7p9-x3p4
created: 2024-06-26T16:12:13.229043-04:00
created: 2024-08-16T15:59:00.341654-04:00
review_status: UNREVIEWED
unexcluded: EFFECTIVELY_PRIVATE
7 changes: 4 additions & 3 deletions data/reports/GO-2024-2447.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -9,8 +9,9 @@ modules:
- fixed: 14.2.4
vulnerable_at: 3.2.17+incompatible
summary: |-
Teleport Proxy and Teleport Agents: SSRF to arbitrary hosts is possible from low
privileged users in github.com/gravitational/teleport
Withdrawn Advisory: Teleport Proxy and Teleport Agents: SSRF to arbitrary hosts
is possible from low privileged users in github.com/gravitational/teleport
withdrawn: "2024-01-23T12:50:39Z"
ghsas:
- GHSA-hw4x-mcx5-9q36
references:
Expand All @@ -19,6 +20,6 @@ references:
- fix: https://github.com/gravitational/teleport/pull/36127
source:
id: GHSA-hw4x-mcx5-9q36
created: 2024-06-14T11:35:35.160981-04:00
created: 2024-08-16T15:59:03.836685-04:00
review_status: UNREVIEWED
unexcluded: EFFECTIVELY_PRIVATE
7 changes: 2 additions & 5 deletions data/reports/GO-2024-2448.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -11,24 +11,21 @@ modules:
- module: github.com/mattermost/mattermost/server/v8
non_go_versions:
- fixed: 8.1.7
vulnerable_at: 8.0.0-20240626184126-817e18414e41
vulnerable_at: 8.0.0-20240816093336-e666f7ccfc35
summary: |-
Mattermost notified all users in the channel when using WebSockets to respond
individually in github.com/mattermost/mattermost-server
cves:
- CVE-2023-48732
ghsas:
- GHSA-q7rx-w656-fwmv
unknown_aliases:
- BIT-mattermost-2023-48732
- CGA-jhcr-g7wj-9vq2
references:
- advisory: https://github.com/advisories/GHSA-q7rx-w656-fwmv
- advisory: https://nvd.nist.gov/vuln/detail/CVE-2023-48732
- web: https://github.com/mattermost/mattermost/commit/851515be222160bee0a495c0d411056b19ed4111
- web: https://mattermost.com/security-updates
source:
id: GHSA-q7rx-w656-fwmv
created: 2024-06-26T16:10:54.767283-04:00
created: 2024-08-16T15:59:06.451782-04:00
review_status: UNREVIEWED
unexcluded: EFFECTIVELY_PRIVATE
7 changes: 5 additions & 2 deletions data/reports/GO-2024-2449.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,10 @@ modules:
- introduced: 14.0.0
- fixed: 14.2.4
vulnerable_at: 3.2.17+incompatible
summary: User-provided environment values allow execution on macOS agents in github.com/gravitational/teleport
summary: |-
Withdrawn Advisory: User-provided environment values allow execution on macOS
agents in github.com/gravitational/teleport
withdrawn: "2024-01-23T12:49:53Z"
ghsas:
- GHSA-vfxf-76hv-v4w4
references:
Expand All @@ -17,6 +20,6 @@ references:
- fix: https://github.com/gravitational/teleport/pull/36132
source:
id: GHSA-vfxf-76hv-v4w4
created: 2024-06-14T11:35:44.744025-04:00
created: 2024-08-16T15:59:25.038667-04:00
review_status: UNREVIEWED
unexcluded: EFFECTIVELY_PRIVATE
9 changes: 3 additions & 6 deletions data/reports/GO-2024-2450.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -3,29 +3,26 @@ modules:
- module: github.com/mattermost/mattermost-server
non_go_versions:
- fixed: 7.8.10
vulnerable_at: 9.9.0+incompatible
vulnerable_at: 9.11.0+incompatible
- module: github.com/mattermost/mattermost-server/v5
vulnerable_at: 5.39.3
- module: github.com/mattermost/mattermost-server/v6
vulnerable_at: 6.7.2
- module: github.com/mattermost/mattermost/server/v8
non_go_versions:
- fixed: 8.1.1
vulnerable_at: 8.0.0-20240626184126-817e18414e41
vulnerable_at: 8.0.0-20240816093336-e666f7ccfc35
summary: Mattermost viewing archived public channels permissions vulnerability in github.com/mattermost/mattermost-server
cves:
- CVE-2023-47858
ghsas:
- GHSA-w88v-pjr8-cmv2
unknown_aliases:
- BIT-mattermost-2023-47858
- CGA-4m9j-264v-7mr3
references:
- advisory: https://github.com/advisories/GHSA-w88v-pjr8-cmv2
- advisory: https://nvd.nist.gov/vuln/detail/CVE-2023-47858
- web: https://mattermost.com/security-updates
source:
id: GHSA-w88v-pjr8-cmv2
created: 2024-06-26T16:13:37.899374-04:00
created: 2024-08-16T15:59:27.824124-04:00
review_status: UNREVIEWED
unexcluded: EFFECTIVELY_PRIVATE
2 changes: 1 addition & 1 deletion data/reports/GO-2024-2478.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,6 @@ references:
- web: https://blitiri.com.ar/p/chasquid/relnotes/#113-2023-12-24
source:
id: GHSA-g4x3-mfpj-f335
created: 2024-06-26T16:14:26.250749-04:00
created: 2024-08-16T16:37:28.044846-04:00
review_status: UNREVIEWED
unexcluded: EFFECTIVELY_PRIVATE
4 changes: 1 addition & 3 deletions data/reports/GO-2024-2485.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -10,8 +10,6 @@ cves:
- CVE-2020-10661
ghsas:
- GHSA-j6vv-vv26-rh7c
unknown_aliases:
- BIT-vault-2020-10661
references:
- advisory: https://github.com/advisories/GHSA-j6vv-vv26-rh7c
- advisory: https://nvd.nist.gov/vuln/detail/CVE-2020-10661
Expand All @@ -20,6 +18,6 @@ references:
- web: https://www.hashicorp.com/blog/category/vault
source:
id: GHSA-j6vv-vv26-rh7c
created: 2024-06-14T11:37:17.728135-04:00
created: 2024-08-16T16:01:08.485499-04:00
review_status: UNREVIEWED
unexcluded: EFFECTIVELY_PRIVATE
4 changes: 1 addition & 3 deletions data/reports/GO-2024-2486.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -10,8 +10,6 @@ cves:
- CVE-2020-10660
ghsas:
- GHSA-m979-w9wj-qfj9
unknown_aliases:
- BIT-vault-2020-10660
references:
- advisory: https://github.com/advisories/GHSA-m979-w9wj-qfj9
- advisory: https://nvd.nist.gov/vuln/detail/CVE-2020-10660
Expand All @@ -21,6 +19,6 @@ references:
- web: https://www.hashicorp.com/blog/category/vault
source:
id: GHSA-m979-w9wj-qfj9
created: 2024-06-14T11:37:27.238275-04:00
created: 2024-08-16T16:01:23.539137-04:00
review_status: UNREVIEWED
unexcluded: EFFECTIVELY_PRIVATE
4 changes: 1 addition & 3 deletions data/reports/GO-2024-2488.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -16,8 +16,6 @@ cves:
- CVE-2020-16251
ghsas:
- GHSA-4mp7-2m29-gqxf
unknown_aliases:
- BIT-vault-2020-16251
references:
- advisory: https://github.com/advisories/GHSA-4mp7-2m29-gqxf
- advisory: https://nvd.nist.gov/vuln/detail/CVE-2020-16251
Expand All @@ -26,6 +24,6 @@ references:
- web: https://www.hashicorp.com/blog/category/vault
source:
id: GHSA-4mp7-2m29-gqxf
created: 2024-06-14T11:37:32.985013-04:00
created: 2024-08-16T16:01:28.479046-04:00
review_status: UNREVIEWED
unexcluded: EFFECTIVELY_PRIVATE
Loading

0 comments on commit 08b42c7

Please sign in to comment.