-
Notifications
You must be signed in to change notification settings - Fork 61
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- data/reports/GO-2024-2428.yaml - data/reports/GO-2024-2442.yaml - data/reports/GO-2024-2444.yaml - data/reports/GO-2024-2445.yaml - data/reports/GO-2024-2446.yaml - data/reports/GO-2024-2447.yaml - data/reports/GO-2024-2448.yaml - data/reports/GO-2024-2449.yaml - data/reports/GO-2024-2450.yaml - data/reports/GO-2024-2478.yaml - data/reports/GO-2024-2485.yaml - data/reports/GO-2024-2486.yaml - data/reports/GO-2024-2488.yaml - data/reports/GO-2024-2499.yaml - data/reports/GO-2024-2501.yaml - data/reports/GO-2024-2505.yaml - data/reports/GO-2024-2508.yaml - data/reports/GO-2024-2509.yaml - data/reports/GO-2024-2511.yaml - data/reports/GO-2024-2513.yaml - data/reports/GO-2024-2514.yaml - data/reports/GO-2024-2515.yaml - data/reports/GO-2024-2517.yaml - data/reports/GO-2024-2519.yaml - data/reports/GO-2024-2520.yaml - data/reports/GO-2024-2523.yaml - data/reports/GO-2024-2540.yaml - data/reports/GO-2024-2541.yaml - data/reports/GO-2024-2566.yaml - data/reports/GO-2024-2568.yaml - data/reports/GO-2024-2569.yaml - data/reports/GO-2024-2576.yaml - data/reports/GO-2024-2578.yaml - data/reports/GO-2024-2579.yaml - data/reports/GO-2024-2580.yaml - data/reports/GO-2024-2582.yaml - data/reports/GO-2024-2588.yaml - data/reports/GO-2024-2589.yaml - data/reports/GO-2024-2590.yaml - data/reports/GO-2024-2591.yaml - data/reports/GO-2024-2592.yaml - data/reports/GO-2024-2593.yaml - data/reports/GO-2024-2594.yaml - data/reports/GO-2024-2595.yaml - data/reports/GO-2024-2597.yaml - data/reports/GO-2024-2629.yaml - data/reports/GO-2024-2635.yaml - data/reports/GO-2024-2636.yaml - data/reports/GO-2024-2637.yaml - data/reports/GO-2024-2641.yaml Updates #2428 Updates #2442 Updates #2444 Updates #2445 Updates #2446 Updates #2447 Updates #2448 Updates #2449 Updates #2450 Updates #2478 Updates #2485 Updates #2486 Updates #2488 Updates #2499 Updates #2501 Updates #2505 Updates #2508 Updates #2509 Updates #2511 Updates #2513 Updates #2514 Updates #2515 Updates #2517 Updates #2519 Updates #2520 Updates #2523 Updates #2540 Updates #2541 Updates #2566 Updates #2568 Updates #2569 Updates #2576 Updates #2578 Updates #2579 Updates #2580 Updates #2582 Updates #2588 Updates #2589 Updates #2590 Updates #2591 Updates #2592 Updates #2593 Updates #2594 Updates #2595 Updates #2597 Updates #2629 Updates #2635 Updates #2636 Updates #2637 Updates #2641 Change-Id: If02ad5ae2b621addda56b45d8c84b0476a12737b Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/606358 Reviewed-by: Damien Neil <dneil@google.com> Auto-Submit: Tatiana Bradley <tatianabradley@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
- Loading branch information
Showing
57 changed files
with
101 additions
and
187 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -20,7 +20,7 @@ | |
"type": "SEMVER", | ||
"events": [ | ||
{ | ||
"introduced": "0" | ||
"introduced": "1.14.0" | ||
}, | ||
{ | ||
"fixed": "1.14.7" | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -20,7 +20,7 @@ | |
"type": "SEMVER", | ||
"events": [ | ||
{ | ||
"introduced": "0" | ||
"introduced": "1.14.0" | ||
}, | ||
{ | ||
"fixed": "1.14.7" | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,30 +1,27 @@ | ||
id: GO-2024-2444 | ||
modules: | ||
- module: github.com/mattermost/mattermost-server | ||
vulnerable_at: 9.9.0+incompatible | ||
vulnerable_at: 9.11.0+incompatible | ||
- module: github.com/mattermost/mattermost-server/v5 | ||
vulnerable_at: 5.39.3 | ||
- module: github.com/mattermost/mattermost-server/v6 | ||
vulnerable_at: 6.7.2 | ||
- module: github.com/mattermost/mattermost/server/v8 | ||
non_go_versions: | ||
- fixed: 8.1.7 | ||
vulnerable_at: 8.0.0-20240626184126-817e18414e41 | ||
vulnerable_at: 8.0.0-20240816093336-e666f7ccfc35 | ||
summary: Mattermost allows demoted guests to change group names in github.com/mattermost/mattermost-server | ||
cves: | ||
- CVE-2023-50333 | ||
ghsas: | ||
- GHSA-9w97-9rqx-8v4j | ||
unknown_aliases: | ||
- BIT-mattermost-2023-50333 | ||
- CGA-28fj-7rmv-xw55 | ||
references: | ||
- advisory: https://github.com/advisories/GHSA-9w97-9rqx-8v4j | ||
- advisory: https://nvd.nist.gov/vuln/detail/CVE-2023-50333 | ||
- web: https://github.com/mattermost/mattermost/commit/61dd452fb2fcd3ac6f7b2e050f7f0a93a92d95fc | ||
- web: https://mattermost.com/security-updates | ||
source: | ||
id: GHSA-9w97-9rqx-8v4j | ||
created: 2024-06-26T16:12:41.49358-04:00 | ||
created: 2024-08-16T15:57:37.961165-04:00 | ||
review_status: UNREVIEWED | ||
unexcluded: EFFECTIVELY_PRIVATE |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,29 +1,26 @@ | ||
id: GO-2024-2446 | ||
modules: | ||
- module: github.com/mattermost/mattermost-server | ||
vulnerable_at: 9.9.0+incompatible | ||
vulnerable_at: 9.11.0+incompatible | ||
- module: github.com/mattermost/mattermost-server/v5 | ||
vulnerable_at: 5.39.3 | ||
- module: github.com/mattermost/mattermost-server/v6 | ||
vulnerable_at: 6.7.2 | ||
- module: github.com/mattermost/mattermost/server/v8 | ||
non_go_versions: | ||
- fixed: 8.1.7 | ||
vulnerable_at: 8.0.0-20240626184126-817e18414e41 | ||
vulnerable_at: 8.0.0-20240816093336-e666f7ccfc35 | ||
summary: Mattermost Cross-site Scripting vulnerability in github.com/mattermost/mattermost-server | ||
cves: | ||
- CVE-2023-7113 | ||
ghsas: | ||
- GHSA-h3gq-j7p9-x3p4 | ||
unknown_aliases: | ||
- BIT-mattermost-2023-7113 | ||
- CGA-pcxv-43r4-92mm | ||
references: | ||
- advisory: https://github.com/advisories/GHSA-h3gq-j7p9-x3p4 | ||
- advisory: https://nvd.nist.gov/vuln/detail/CVE-2023-7113 | ||
- web: https://mattermost.com/security-updates | ||
source: | ||
id: GHSA-h3gq-j7p9-x3p4 | ||
created: 2024-06-26T16:12:13.229043-04:00 | ||
created: 2024-08-16T15:59:00.341654-04:00 | ||
review_status: UNREVIEWED | ||
unexcluded: EFFECTIVELY_PRIVATE |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.