We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? # to your account
In GitHub Security Advisory GHSA-j9hf-98c3-wrm8, there is a vulnerability in the following Go packages or modules:
Cross references:
See doc/triage.md for instructions on how to triage this report.
id: GO-ID-PENDING modules: - module: github.com/cri-o/cri-o non_go_versions: - introduced: TODO (earliest fixed "1.28.7", vuln range "= 1.28.6") vulnerable_at: 1.30.2 packages: - package: github.com/cri-o/cri-o - module: github.com/cri-o/cri-o non_go_versions: - introduced: TODO (earliest fixed "1.29.5", vuln range "= 1.29.4") vulnerable_at: 1.30.2 packages: - package: github.com/cri-o/cri-o - module: github.com/cri-o/cri-o non_go_versions: - introduced: TODO (earliest fixed "1.30.1", vuln range "= 1.30.0") vulnerable_at: 1.30.2 packages: - package: github.com/cri-o/cri-o summary: malicious container creates symlink "mtab" on the host External in github.com/cri-o/cri-o cves: - CVE-2024-5154 ghsas: - GHSA-j9hf-98c3-wrm8 references: - advisory: https://github.com/advisories/GHSA-j9hf-98c3-wrm8 - advisory: https://github.com/cri-o/cri-o/security/advisories/GHSA-j9hf-98c3-wrm8 notes: - fix: 'module merge error: could not merge versions of module github.com/cri-o/cri-o: invalid or non-canonical semver version (found TODO (earliest fixed "1.28.7", vuln range "= 1.28.6"))' source: id: GHSA-j9hf-98c3-wrm8 created: 2024-06-07T17:18:15.058375-04:00 review_status: UNREVIEWED
The text was updated successfully, but these errors were encountered:
Change https://go.dev/cl/592456 mentions this issue: data/reports: add 19 unreviewed reports
data/reports: add 19 unreviewed reports
Sorry, something went wrong.
Duplicate of #2919
No branches or pull requests
In GitHub Security Advisory GHSA-j9hf-98c3-wrm8, there is a vulnerability in the following Go packages or modules:
Cross references:
See doc/triage.md for instructions on how to triage this report.
The text was updated successfully, but these errors were encountered: