x/vulndb: potential Go vuln in github.com/AdguardTeam/AdGuardHome: GHSA-7jp9-vgmq-c8r5

[GoVulnBot]

In GitHub Security Advisory GHSA-7jp9-vgmq-c8r5, there is a vulnerability in the following Go packages or modules:

Unit	Fixed	Vulnerable Ranges
github.com/AdguardTeam/AdGuardHome		>= 0.93, <= 0.107.51

Cross references:

• Module github.com/AdguardTeam/AdGuardHome appears in issue x/vulndb: potential Go vuln in github.com/AdguardTeam/AdGuardHome: GHSA-mwwc-3jv2-62j3 #1061 NOT_IMPORTABLE

See doc/triage.md for instructions on how to triage this report.

id: GO-ID-PENDING
modules:
    - module: github.com/AdguardTeam/AdGuardHome
      non_go_versions:
        - introduced: TODO (earliest fixed "", vuln range ">= 0.93, <= 0.107.51")
      vulnerable_at: 0.107.51
      packages:
        - package: github.com/AdguardTeam/AdGuardHome
summary: AdGuardHome privilege escalation vulnerability in github.com/AdguardTeam/AdGuardHome
cves:
    - CVE-2024-36586
ghsas:
    - GHSA-7jp9-vgmq-c8r5
references:
    - advisory: https://github.com/advisories/GHSA-7jp9-vgmq-c8r5
    - advisory: https://nvd.nist.gov/vuln/detail/CVE-2024-36586
    - web: https://github.com/go-compile/security-advisories/blob/master/vulns/CVE-2024-36586.md
source:
    id: GHSA-7jp9-vgmq-c8r5
    created: 2024-06-14T00:01:12.284790257Z
review_status: UNREVIEWED

[gopherbot]

Change https://go.dev/cl/594901 mentions this issue: data/reports: add 18 unreviewed reports

[gopherbot]

Change https://go.dev/cl/595636 mentions this issue: data/reports: add 15 unreviewed reports