x/vulndb: potential Go vuln in github.com/heketi/heketi: GHSA-6g56-v9qg-jp92

[GoVulnBot]

In GitHub Security Advisory GHSA-6g56-v9qg-jp92, there is a vulnerability in the following Go packages or modules:

Unit	Fixed	Vulnerable Ranges
github.com/heketi/heketi	5.0.1	< 5.0.1

Cross references:

• Module github.com/heketi/heketi appears in issue x/vulndb: potential Go vuln in github.com/heketi/heketi: GHSA-q9vw-wr57-xjv3 #866 NOT_IMPORTABLE
• Module github.com/heketi/heketi appears in issue x/vulndb: potential Go vuln in github.com/heketi/heketi: CVE-2020-10763 #2265 LEGACY_FALSE_POSITIVE

See doc/triage.md for instructions on how to triage this report.

modules:
    - module: github.com/heketi/heketi
      versions:
        - fixed: 5.0.1
      packages:
        - package: github.com/heketi/heketi
summary: Heketi Arbitrary Code Execution in github.com/heketi/heketi
cves:
    - CVE-2017-15103
ghsas:
    - GHSA-6g56-v9qg-jp92
references:
    - web: https://nvd.nist.gov/vuln/detail/CVE-2017-15103
    - fix: https://github.com/heketi/heketi/commit/787bae461b23003a4daa4d1d639016a754cf6b00
    - web: https://access.redhat.com/errata/RHSA-2017:3481
    - web: https://access.redhat.com/security/cve/CVE-2017-15103
    - web: https://bugzilla.redhat.com/show_bug.cgi?id=1510147
    - web: https://github.com/heketi/heketi/releases/tag/v5.0.1
    - advisory: https://github.com/advisories/GHSA-6g56-v9qg-jp92
source:
    id: GHSA-6g56-v9qg-jp92

[gopherbot]

Change https://go.dev/cl/586484 mentions this issue: data/reports: add 73 unreviewed reports

[gopherbot]

Change https://go.dev/cl/590039 mentions this issue: data/reports: add 51 reports