Skip to content

Commit a585aa5

Browse files
tatianabgopherbot
tatianab
authored and
gopherbot
committed
data/reports: unexclude 20 reports (2)
 - data/reports/GO-2023-1512.yaml - data/reports/GO-2023-1520.yaml - data/reports/GO-2023-1524.yaml - data/reports/GO-2023-1527.yaml - data/reports/GO-2023-1533.yaml - data/reports/GO-2023-1541.yaml - data/reports/GO-2023-1542.yaml - data/reports/GO-2023-1543.yaml - data/reports/GO-2023-1544.yaml - data/reports/GO-2023-1550.yaml - data/reports/GO-2023-1551.yaml - data/reports/GO-2023-1552.yaml - data/reports/GO-2023-1553.yaml - data/reports/GO-2023-1554.yaml - data/reports/GO-2023-1555.yaml - data/reports/GO-2023-1560.yaml - data/reports/GO-2023-1577.yaml - data/reports/GO-2023-1581.yaml - data/reports/GO-2023-1582.yaml - data/reports/GO-2023-1583.yaml Updates #1512 Updates #1520 Updates #1524 Updates #1527 Updates #1533 Updates #1541 Updates #1542 Updates #1543 Updates #1544 Updates #1550 Updates #1551 Updates #1552 Updates #1553 Updates #1554 Updates #1555 Updates #1560 Updates #1577 Updates #1581 Updates #1582 Updates #1583 Change-Id: I6a2829acd39b6e598b81e8138e6d126128073198 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/606782 Auto-Submit: Tatiana Bradley <tatianabradley@google.com> Reviewed-by: Damien Neil <dneil@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
1 parent 1761aab commit a585aa5

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

60 files changed

+1714
-162
lines changed

data/excluded/GO-2023-1512.yaml

-8
This file was deleted.

data/excluded/GO-2023-1520.yaml

-8
This file was deleted.

data/excluded/GO-2023-1524.yaml

-6
This file was deleted.

data/excluded/GO-2023-1527.yaml

-8
This file was deleted.

data/excluded/GO-2023-1533.yaml

-8
This file was deleted.

data/excluded/GO-2023-1541.yaml

-8
This file was deleted.

data/excluded/GO-2023-1542.yaml

-11
This file was deleted.

data/excluded/GO-2023-1543.yaml

-8
This file was deleted.

data/excluded/GO-2023-1544.yaml

-8
This file was deleted.

data/excluded/GO-2023-1550.yaml

-8
This file was deleted.

data/excluded/GO-2023-1551.yaml

-8
This file was deleted.

data/excluded/GO-2023-1552.yaml

-8
This file was deleted.

data/excluded/GO-2023-1553.yaml

-8
This file was deleted.

data/excluded/GO-2023-1554.yaml

-8
This file was deleted.

data/excluded/GO-2023-1555.yaml

-11
This file was deleted.

data/excluded/GO-2023-1560.yaml

-8
This file was deleted.

data/excluded/GO-2023-1577.yaml

-8
This file was deleted.

data/excluded/GO-2023-1581.yaml

-8
This file was deleted.

data/excluded/GO-2023-1582.yaml

-8
This file was deleted.

data/excluded/GO-2023-1583.yaml

-6
This file was deleted.

data/osv/GO-2023-1512.json

+71
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,71 @@
1+
{
2+
"schema_version": "1.3.1",
3+
"id": "GO-2023-1512",
4+
"modified": "0001-01-01T00:00:00Z",
5+
"published": "0001-01-01T00:00:00Z",
6+
"aliases": [
7+
"CVE-2023-22736",
8+
"GHSA-6p4m-hw2h-6gmw"
9+
],
10+
"summary": "Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd",
11+
"details": "Controller reconciles apps outside configured namespaces when sharding is enabled in github.com/argoproj/argo-cd",
12+
"affected": [
13+
{
14+
"package": {
15+
"name": "github.com/argoproj/argo-cd",
16+
"ecosystem": "Go"
17+
},
18+
"ranges": [
19+
{
20+
"type": "SEMVER",
21+
"events": [
22+
{
23+
"introduced": "0"
24+
}
25+
]
26+
}
27+
],
28+
"ecosystem_specific": {}
29+
},
30+
{
31+
"package": {
32+
"name": "github.com/argoproj/argo-cd/v2",
33+
"ecosystem": "Go"
34+
},
35+
"ranges": [
36+
{
37+
"type": "SEMVER",
38+
"events": [
39+
{
40+
"introduced": "2.5.0-rc1"
41+
},
42+
{
43+
"fixed": "2.5.8"
44+
},
45+
{
46+
"introduced": "2.6.0-rc4"
47+
},
48+
{
49+
"fixed": "2.6.0-rc5"
50+
}
51+
]
52+
}
53+
],
54+
"ecosystem_specific": {}
55+
}
56+
],
57+
"references": [
58+
{
59+
"type": "ADVISORY",
60+
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-6p4m-hw2h-6gmw"
61+
},
62+
{
63+
"type": "ADVISORY",
64+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-22736"
65+
}
66+
],
67+
"database_specific": {
68+
"url": "https://pkg.go.dev/vuln/GO-2023-1512",
69+
"review_status": "UNREVIEWED"
70+
}
71+
}

data/osv/GO-2023-1520.json

+83
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,83 @@
1+
{
2+
"schema_version": "1.3.1",
3+
"id": "GO-2023-1520",
4+
"modified": "0001-01-01T00:00:00Z",
5+
"published": "0001-01-01T00:00:00Z",
6+
"aliases": [
7+
"CVE-2023-22482",
8+
"GHSA-q9hr-j4rf-8fjc"
9+
],
10+
"summary": "JWT audience claim is not verified in github.com/argoproj/argo-cd",
11+
"details": "JWT audience claim is not verified in github.com/argoproj/argo-cd",
12+
"affected": [
13+
{
14+
"package": {
15+
"name": "github.com/argoproj/argo-cd",
16+
"ecosystem": "Go"
17+
},
18+
"ranges": [
19+
{
20+
"type": "SEMVER",
21+
"events": [
22+
{
23+
"introduced": "1.8.2"
24+
}
25+
]
26+
}
27+
],
28+
"ecosystem_specific": {}
29+
},
30+
{
31+
"package": {
32+
"name": "github.com/argoproj/argo-cd/v2",
33+
"ecosystem": "Go"
34+
},
35+
"ranges": [
36+
{
37+
"type": "SEMVER",
38+
"events": [
39+
{
40+
"introduced": "0"
41+
},
42+
{
43+
"fixed": "2.3.14"
44+
},
45+
{
46+
"introduced": "2.4.0"
47+
},
48+
{
49+
"fixed": "2.4.20"
50+
},
51+
{
52+
"introduced": "2.5.0"
53+
},
54+
{
55+
"fixed": "2.5.8"
56+
},
57+
{
58+
"introduced": "2.6.0-rc1"
59+
},
60+
{
61+
"fixed": "2.6.0-rc5"
62+
}
63+
]
64+
}
65+
],
66+
"ecosystem_specific": {}
67+
}
68+
],
69+
"references": [
70+
{
71+
"type": "ADVISORY",
72+
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-q9hr-j4rf-8fjc"
73+
},
74+
{
75+
"type": "ADVISORY",
76+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-22482"
77+
}
78+
],
79+
"database_specific": {
80+
"url": "https://pkg.go.dev/vuln/GO-2023-1520",
81+
"review_status": "UNREVIEWED"
82+
}
83+
}

data/osv/GO-2023-1524.json

+47
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,47 @@
1+
{
2+
"schema_version": "1.3.1",
3+
"id": "GO-2023-1524",
4+
"modified": "0001-01-01T00:00:00Z",
5+
"published": "0001-01-01T00:00:00Z",
6+
"aliases": [
7+
"GHSA-x477-fq37-q5wr"
8+
],
9+
"summary": "Initial debug-host handler implementation could leak information and facilitate denial of service in fortio.org/proxy",
10+
"details": "Initial debug-host handler implementation could leak information and facilitate denial of service in fortio.org/proxy",
11+
"affected": [
12+
{
13+
"package": {
14+
"name": "fortio.org/proxy",
15+
"ecosystem": "Go"
16+
},
17+
"ranges": [
18+
{
19+
"type": "SEMVER",
20+
"events": [
21+
{
22+
"introduced": "1.5.0"
23+
},
24+
{
25+
"fixed": "1.6.1"
26+
}
27+
]
28+
}
29+
],
30+
"ecosystem_specific": {}
31+
}
32+
],
33+
"references": [
34+
{
35+
"type": "ADVISORY",
36+
"url": "https://github.com/fortio/proxy/security/advisories/GHSA-x477-fq37-q5wr"
37+
},
38+
{
39+
"type": "WEB",
40+
"url": "https://github.com/fortio/proxy/pull/38"
41+
}
42+
],
43+
"database_specific": {
44+
"url": "https://pkg.go.dev/vuln/GO-2023-1524",
45+
"review_status": "UNREVIEWED"
46+
}
47+
}

0 commit comments

Comments
 (0)