-
Notifications
You must be signed in to change notification settings - Fork 62
Commit
- data/reports/GO-2022-1160.yaml - data/reports/GO-2022-1161.yaml - data/reports/GO-2022-1164.yaml - data/reports/GO-2022-1171.yaml - data/reports/GO-2022-1179.yaml - data/reports/GO-2022-1181.yaml - data/reports/GO-2022-1189.yaml - data/reports/GO-2022-1190.yaml - data/reports/GO-2022-1191.yaml - data/reports/GO-2022-1192.yaml - data/reports/GO-2022-1200.yaml - data/reports/GO-2022-1204.yaml - data/reports/GO-2022-1205.yaml - data/reports/GO-2022-1206.yaml - data/reports/GO-2022-1208.yaml - data/reports/GO-2022-1212.yaml - data/reports/GO-2022-1215.yaml - data/reports/GO-2022-1216.yaml - data/reports/GO-2022-1217.yaml - data/reports/GO-2022-1218.yaml Updates #1160 Updates #1161 Updates #1164 Updates #1171 Updates #1179 Updates #1181 Updates #1189 Updates #1190 Updates #1191 Updates #1192 Updates #1200 Updates #1204 Updates #1205 Updates #1206 Updates #1208 Updates #1212 Updates #1215 Updates #1216 Updates #1217 Updates #1218 Change-Id: I342a98eb3c967b16853089cb8f66a898af13b544 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/607232 Reviewed-by: Damien Neil <dneil@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Auto-Submit: Tatiana Bradley <tatianabradley@google.com> Commit-Queue: Tatiana Bradley <tatianabradley@google.com>
- Loading branch information
There are no files selected for viewing
This file was deleted.
This file was deleted.
This file was deleted.
This file was deleted.
This file was deleted.
This file was deleted.
This file was deleted.
This file was deleted.
This file was deleted.
This file was deleted.
This file was deleted.
This file was deleted.
This file was deleted.
This file was deleted.
This file was deleted.
This file was deleted.
This file was deleted.
This file was deleted.
This file was deleted.
This file was deleted.
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,56 @@ | ||
{ | ||
"schema_version": "1.3.1", | ||
"id": "GO-2022-1160", | ||
"modified": "0001-01-01T00:00:00Z", | ||
"published": "0001-01-01T00:00:00Z", | ||
"aliases": [ | ||
"CVE-2022-23511", | ||
"GHSA-j8x2-2m5w-j939" | ||
], | ||
"summary": "Amazon CloudWatch Agent for Windows has Privilege Escalation Vector in github.com/aws/amazon-cloudwatch-agent", | ||
"details": "Amazon CloudWatch Agent for Windows has Privilege Escalation Vector in github.com/aws/amazon-cloudwatch-agent", | ||
"affected": [ | ||
{ | ||
"package": { | ||
"name": "github.com/aws/amazon-cloudwatch-agent", | ||
"ecosystem": "Go" | ||
}, | ||
"ranges": [ | ||
{ | ||
"type": "SEMVER", | ||
"events": [ | ||
{ | ||
"introduced": "0" | ||
}, | ||
{ | ||
"fixed": "1.247355.0" | ||
} | ||
] | ||
} | ||
], | ||
"ecosystem_specific": {} | ||
} | ||
], | ||
"references": [ | ||
{ | ||
"type": "ADVISORY", | ||
"url": "https://github.com/aws/amazon-cloudwatch-agent/security/advisories/GHSA-j8x2-2m5w-j939" | ||
}, | ||
{ | ||
"type": "ADVISORY", | ||
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23511" | ||
}, | ||
{ | ||
"type": "FIX", | ||
"url": "https://github.com/aws/amazon-cloudwatch-agent/commit/6119858864c317ff26f41f576c169148d1250837" | ||
}, | ||
{ | ||
"type": "FIX", | ||
"url": "https://github.com/aws/amazon-cloudwatch-agent/commit/6119858864c317ff26f41f576c169148d1250837#diff-76ed074a9305c04054cdebb9e9aad2d818052b07091de1f20cad0bbac34ffb52" | ||
} | ||
], | ||
"database_specific": { | ||
"url": "https://pkg.go.dev/vuln/GO-2022-1160", | ||
"review_status": "UNREVIEWED" | ||
} | ||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,73 @@ | ||
{ | ||
"schema_version": "1.3.1", | ||
"id": "GO-2022-1161", | ||
"modified": "0001-01-01T00:00:00Z", | ||
"published": "0001-01-01T00:00:00Z", | ||
"aliases": [ | ||
"CVE-2022-45968", | ||
"GHSA-4gjr-vgfx-9qvw" | ||
], | ||
"summary": "AList vulnerable to Improper Preservation of Permissions in github.com/alist-org/alist", | ||
"details": "AList vulnerable to Improper Preservation of Permissions in github.com/alist-org/alist", | ||
"affected": [ | ||
{ | ||
"package": { | ||
"name": "github.com/alist-org/alist", | ||
"ecosystem": "Go" | ||
}, | ||
"ranges": [ | ||
{ | ||
"type": "SEMVER", | ||
"events": [ | ||
{ | ||
"introduced": "0" | ||
} | ||
] | ||
} | ||
], | ||
"ecosystem_specific": {} | ||
}, | ||
{ | ||
"package": { | ||
"name": "github.com/alist-org/alist/v3", | ||
"ecosystem": "Go" | ||
}, | ||
"ranges": [ | ||
{ | ||
"type": "SEMVER", | ||
"events": [ | ||
{ | ||
"introduced": "0" | ||
}, | ||
{ | ||
"fixed": "3.5.1" | ||
} | ||
] | ||
} | ||
], | ||
"ecosystem_specific": {} | ||
} | ||
], | ||
"references": [ | ||
{ | ||
"type": "ADVISORY", | ||
"url": "https://github.com/advisories/GHSA-4gjr-vgfx-9qvw" | ||
}, | ||
{ | ||
"type": "ADVISORY", | ||
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-45968" | ||
}, | ||
{ | ||
"type": "FIX", | ||
"url": "https://github.com/alist-org/alist/commit/85e1350af82e1759ca6580895e48ab969eb566cf" | ||
}, | ||
{ | ||
"type": "REPORT", | ||
"url": "https://github.com/alist-org/alist/issues/2444" | ||
} | ||
], | ||
"database_specific": { | ||
"url": "https://pkg.go.dev/vuln/GO-2022-1161", | ||
"review_status": "UNREVIEWED" | ||
} | ||
} |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,60 @@ | ||
{ | ||
"schema_version": "1.3.1", | ||
"id": "GO-2022-1164", | ||
"modified": "0001-01-01T00:00:00Z", | ||
"published": "0001-01-01T00:00:00Z", | ||
"aliases": [ | ||
"CVE-2022-43996", | ||
"GHSA-xxfx-w2rw-gh63" | ||
], | ||
"summary": "csaf-poc/csaf_distribution Cross-site Scripting vulnerability in github.com/csaf-poc/csaf_distribution", | ||
"details": "csaf-poc/csaf_distribution Cross-site Scripting vulnerability in github.com/csaf-poc/csaf_distribution", | ||
"affected": [ | ||
{ | ||
"package": { | ||
"name": "github.com/csaf-poc/csaf_distribution", | ||
"ecosystem": "Go" | ||
}, | ||
"ranges": [ | ||
{ | ||
"type": "SEMVER", | ||
"events": [ | ||
{ | ||
"introduced": "0" | ||
}, | ||
{ | ||
"fixed": "0.8.2" | ||
} | ||
] | ||
} | ||
], | ||
"ecosystem_specific": {} | ||
} | ||
], | ||
"references": [ | ||
{ | ||
"type": "ADVISORY", | ||
"url": "https://github.com/advisories/GHSA-xxfx-w2rw-gh63" | ||
}, | ||
{ | ||
"type": "ADVISORY", | ||
"url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43996" | ||
}, | ||
{ | ||
"type": "FIX", | ||
"url": "https://github.com/csaf-poc/csaf_distribution/commit/17f22855ee8d4270dd17ff748c30ed7304846fdc" | ||
}, | ||
{ | ||
"type": "WEB", | ||
"url": "https://github.com/csaf-poc/csaf_distribution/releases/tag/v0.8.2" | ||
}, | ||
{ | ||
"type": "WEB", | ||
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2022/bsi-2022-0003.json" | ||
} | ||
], | ||
"database_specific": { | ||
"url": "https://pkg.go.dev/vuln/GO-2022-1164", | ||
"review_status": "UNREVIEWED" | ||
} | ||
} |