reports: delete
The reports directory is deleted. This is stored in x/vulndb.
Everything else in x/vuln is deleted from x/vulndb in CL 360436.
Change-Id: I89e7c2e056b435908a34f1bdb5f06552e5f4bbd2
Reviewed-on: https://go-review.googlesource.com/c/vuln/+/360435
Trust: Julie Qiu <julie@golang.org>
Run-TryBot: Julie Qiu <julie@golang.org>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Roland Shoemaker <roland@golang.org>
diff --git a/reports/GO-2020-0001.yaml b/reports/GO-2020-0001.yaml
deleted file mode 100644
index 7b5430a..0000000
--- a/reports/GO-2020-0001.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-module: github.com/gin-gonic/gin
-versions:
- - fixed: v1.6.0
-description: |
- The default [`Formatter`][LoggerConfig.Formatter] for the [`Logger`][] middleware
- (included in the [`Default`][] engine) allows attackers to inject arbitrary log
- entries by manipulating the request path.
-published: 2021-04-14T12:00:00Z
-credit: "@thinkerou <thinkerou@gmail.com>"
-symbols:
- - defaultLogFormatter
-links:
- pr: https://github.com/gin-gonic/gin/pull/2237
- commit: https://github.com/gin-gonic/gin/commit/a71af9c144f9579f6dbe945341c1df37aaf09c0d
-cve_metadata:
- id: CVE-9999-0001
- cwe: "CWE-20: Improper Input Validation"
- description: |
- Unsanitized input in the default logger in github.com/gin-gonic/gin before v1.6.0
- allows remote attackers to inject arbitary log lines.
diff --git a/reports/GO-2020-0002.yaml b/reports/GO-2020-0002.yaml
deleted file mode 100644
index 1a0e9ba..0000000
--- a/reports/GO-2020-0002.yaml
+++ /dev/null
@@ -1,13 +0,0 @@
-module: github.com/proglottis/gpgme
-versions:
- - fixed: v0.1.1
-description: |
- The [`Data`][], [`Context`][], or [`Key`][] finalizers might run during or
- before GPGME operations, releasing the C structures as they are still in use,
- leading to crashes and potentially code execution through a use-after-free.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2020-8945
-credit: Ulrich Obergfell <uobergfe@redhat.com>
-links:
- pr: https://github.com/proglottis/gpgme/pull/23
- commit: https://github.com/proglottis/gpgme/commit/92153bcb59bd2f511e502262c46c7bd660e21733
diff --git a/reports/GO-2020-0003.yaml b/reports/GO-2020-0003.yaml
deleted file mode 100644
index 98051d1..0000000
--- a/reports/GO-2020-0003.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-module: github.com/revel/revel
-versions:
- - fixed: v1.0.0
-description: |
- If the application accepts
- [slice parameters](https://revel.github.io/manual/parameters.html#slices), an
- attacker can cause the application to allocate large amounts of memory and
- crash by manipulating the request query.
-published: 2021-04-14T12:00:00Z
-credit: "@SYM01"
-links:
- pr: https://github.com/revel/revel/pull/1427
- commit: https://github.com/revel/revel/commit/d160ecb72207824005b19778594cbdc272e8a605
- context:
- - https://github.com/revel/revel/issues/1424
-cve_metadata:
- id: CVE-9999-0002
- cwe: "CWE-400: Uncontrolled Resource Consumption"
- description: |
- Unsanitized input in the query parser in github.com/revel/revel before v1.0.0
- allows remote attackers to cause resource exhaustion via memory allocation.
diff --git a/reports/GO-2020-0004.yaml b/reports/GO-2020-0004.yaml
deleted file mode 100644
index 8ec9c64..0000000
--- a/reports/GO-2020-0004.yaml
+++ /dev/null
@@ -1,27 +0,0 @@
-module: github.com/nanobox-io/golang-nanoauth
-versions:
- - introduced: v0.0.0-20160722212129-ac0cc4484ad4
- fixed: v0.0.0-20200131131040-063a3fb69896
-description: |
- If any of the `ListenAndServe` functions are called with an empty token,
- token authentication is disabled globally for all listeners.
-
- Also, a minor timing side channel was present allowing attackers with
- very low latency and able to make a lot of requests to potentially
- recover the token.
-published: 2021-04-14T12:00:00Z
-credit: "@bouk"
-symbols:
- - Auth.ServerHTTP
- - Auth.ListenAndServeTLS
- - Auth.ListenAndServe
-links:
- pr: https://github.com/nanobox-io/golang-nanoauth/pull/5
- commit: https://github.com/nanobox-io/golang-nanoauth/commit/063a3fb69896acf985759f0fe3851f15973993f3
-cve_metadata:
- id: CVE-9999-0003
- cwe: "CWE-305: Authentication Bypass by Primary Weakness"
- description: |
- Authentication is globally bypassed in github.com/nanobox-io/golang-nanoauth between
- v0.0.0-20160722212129-ac0cc4484ad4 and v0.0.0-20200131131040-063a3fb69896 if ListenAndServe
- is called with an empty token.
diff --git a/reports/GO-2020-0005.yaml b/reports/GO-2020-0005.yaml
deleted file mode 100644
index 249c634..0000000
--- a/reports/GO-2020-0005.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-module: go.etcd.io/etcd
-package: go.etcd.io/etcd/wal
-versions:
- - fixed: v0.5.0-alpha.5.0.20200423152442-f4b650b51dc4
-description: |
- Malformed WALs can be constructed such that [`WAL.ReadAll`][] can cause attempted
- out of bounds reads, or creation of arbitarily sized slices, which may be used as
- a DoS vector.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2020-15106
-credit: Trail of Bits
-symbols:
- - WAL.ReadAll
- - decoder.decodeRecord
-links:
- pr: https://github.com/etcd-io/etcd/pull/11793
- commit: https://github.com/etcd-io/etcd/commit/f4b650b51dc4a53a8700700dc12e1242ac56ba07
- context:
- - https://github.com/etcd-io/etcd/blob/master/security/SECURITY_AUDIT.pdf
diff --git a/reports/GO-2020-0006.yaml b/reports/GO-2020-0006.yaml
deleted file mode 100644
index cbd926b..0000000
--- a/reports/GO-2020-0006.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
-module: github.com/miekg/dns
-versions:
- - fixed: v1.0.4-0.20180125103619-43913f2f4fbd
-description: |
- An attacker may prevent TCP connections to a [`Server`][] by opening
- a connection and leaving it idle, until the connection is closed by
- the server no other connections will be accepted.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2017-15133
-credit: Pedro Sampaio
-symbols:
- - Server.serveTCP
-links:
- pr: https://github.com/miekg/dns/pull/631
- commit: https://github.com/miekg/dns/commit/43913f2f4fbd7dcff930b8a809e709591e4dd79e
diff --git a/reports/GO-2020-0007.yaml b/reports/GO-2020-0007.yaml
deleted file mode 100644
index da3aa5a..0000000
--- a/reports/GO-2020-0007.yaml
+++ /dev/null
@@ -1,16 +0,0 @@
-module: github.com/seccomp/libseccomp-golang
-versions:
- - fixed: v0.9.1-0.20170424173420-06e7a29f36a3
-description: |
- Filters containing rules with multiple syscall arguments are improperly
- constructed, such that all arguments are required to match rather than
- any of the arguments (AND is used rather than OR). These filters can be
- bypassed by only specifying a subset of the arguments due to this
- behavior.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2017-18367
-credit: "@ihac"
-symbols:
- - ScmpFilter.addRuleGeneric
-links:
- commit: https://github.com/seccomp/libseccomp-golang/commit/06e7a29f36a34b8cf419aeb87b979ee508e58f9e
diff --git a/reports/GO-2020-0008.yaml b/reports/GO-2020-0008.yaml
deleted file mode 100644
index dfd1d9c..0000000
--- a/reports/GO-2020-0008.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-module: github.com/miekg/dns
-versions:
- - fixed: v1.1.25-0.20191211073109-8ebf2e419df7
-description: |
- DNS message transaction IDs are generated using [`math/rand`] which
- makes them relatively predictable. This reduces the complexity
- of response spoofing attacks against DNS clients.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2019-19794
-symbols:
- - id
-links:
- pr: https://github.com/miekg/dns/pull/1044
- commit: https://github.com/miekg/dns/commit/8ebf2e419df7857ac8919baa05248789a8ffbf33
- context:
- - https://github.com/miekg/dns/issues/1037
- - https://github.com/miekg/dns/issues/1043
diff --git a/reports/GO-2020-0009.yaml b/reports/GO-2020-0009.yaml
deleted file mode 100644
index b0cba05..0000000
--- a/reports/GO-2020-0009.yaml
+++ /dev/null
@@ -1,36 +0,0 @@
-module: github.com/square/go-jose
-package: github.com/square/go-jose/cipher
-additional_packages:
- - module: github.com/square/go-jose
- symbols:
- - JsonWebEncryption.Decrypt
- - JsonWebEncryption.DecryptMulti
-versions:
- - fixed: v0.0.0-20160903044734-789a4c4bd4c1
-description: |
- On 32-bit platforms an attacker can manipulate a ciphertext encrypted with AES-CBC
- with HMAC such that they can control how large the input buffer is when computing
- the HMAC authentication tag. This can can allow a manipulated ciphertext to be
- verified as authentic, opening the door for padding oracle attacks.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2016-9123
-credit: Quan Nguyen from Google's Information Security Engineering Team
-symbols:
- - cbcAEAD.computeAuthTag
-arch:
- - "386"
- - arm
- - armbe
- - amd64p32
- - mips
- - mipsle
- - mips64p32
- - mips64p32le
- - ppc
- - riscv
- - s390
- - sparc
-links:
- commit: https://github.com/square/go-jose/commit/789a4c4bd4c118f7564954f441b29c153ccd6a96
- context:
- - https://www.openwall.com/lists/oss-security/2016/11/03/1
diff --git a/reports/GO-2020-0010.yaml b/reports/GO-2020-0010.yaml
deleted file mode 100644
index b6f431d..0000000
--- a/reports/GO-2020-0010.yaml
+++ /dev/null
@@ -1,23 +0,0 @@
-module: github.com/square/go-jose
-package: github.com/square/go-jose/cipher
-additional_packages:
- - module: github.com/square/go-jose
- symbols:
- - JsonWebEncryption.Decrypt
-versions:
- - fixed: v0.0.0-20160831185616-c7581939a365
-description: |
- When using ECDH-ES an attacker can mount an invalid curve attack during
- decryption as the supplied public key is not checked to be on the same
- curve as the recievers private key.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2016-9121
-credit: Quan Nguyen from Google's Information Security Engineering Team
-symbols:
- - DeriveECDHES
- - ecDecrypterSigner.decryptKey
- - rawJsonWebKey.ecPublicKey
-links:
- commit: https://github.com/square/go-jose/commit/c7581939a3656bb65e89d64da0a52364a33d2507
- context:
- - https://www.openwall.com/lists/oss-security/2016/11/03/1
diff --git a/reports/GO-2020-0011.yaml b/reports/GO-2020-0011.yaml
deleted file mode 100644
index 08ddd59..0000000
--- a/reports/GO-2020-0011.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-module: github.com/square/go-jose
-versions:
- - fixed: v0.0.0-20160922232413-2c5656adca99
-description: |
- When decrypting JsonWebEncryption objects with multiple recipients
- or JsonWebSignature objects with multiple signatures the Decrypt
- and Verify methods do not indicate which recipient or signature was
- valid. This may lead a caller to rely on protected headers from an
- invalid recipient or signature.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2016-9122
-credit: Quan Nguyen from Google's Information Security Engineering Team
-symbols:
- - JsonWebEncryption.Decrypt
- - JsonWebSignature.Verify
-links:
- commit: https://github.com/square/go-jose/commit/2c5656adca9909843c4ff50acf1d2cf8f32da7e6
- context:
- - https://www.openwall.com/lists/oss-security/2016/11/03/1
diff --git a/reports/GO-2020-0012.yaml b/reports/GO-2020-0012.yaml
deleted file mode 100644
index 3fd954b..0000000
--- a/reports/GO-2020-0012.yaml
+++ /dev/null
@@ -1,23 +0,0 @@
-module: golang.org/x/crypto
-package: golang.org/x/crypto/ssh
-versions:
- - fixed: v0.0.0-20200220183623-bac4c82f6975
-description: |
- An attacker can craft an ssh-ed25519 or sk-ssh-ed25519@openssh.com public
- key, such that the library will panic when trying to verify a signature
- with it. If verifying signatures using user supplied public keys, this
- may be used as a denial of service vector.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2020-9283
-credit: Alex Gaynor, Fish in a Barrel
-symbols:
- - parseED25519
- - ed25519PublicKey.Verify
- - parseSKEd25519
- - skEd25519PublicKey.Verify
- - NewPublicKey
-links:
- pr: https://go-review.googlesource.com/c/crypto/+/220357
- commit: https://github.com/golang/crypto/commit/bac4c82f69751a6dd76e702d54b3ceb88adab236
- context:
- - https://groups.google.com/g/golang-announce/c/3L45YRc91SY
diff --git a/reports/GO-2020-0013.yaml b/reports/GO-2020-0013.yaml
deleted file mode 100644
index 878b9ff..0000000
--- a/reports/GO-2020-0013.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-module: golang.org/x/crypto
-package: golang.org/x/crypto/ssh
-versions:
- - fixed: v0.0.0-20170330155735-e4e2799dd7aa
-description: |
- By default host key verification is disabled which allows for
- man-in-the-middle attacks against SSH clients if
- [`ClientConfig.HostKeyCallback`] is not set.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2017-3204
-credit: Phil Pennock
-symbols:
- - NewClientConn
-links:
- pr: https://go-review.googlesource.com/38701
- commit: https://github.com/golang/crypto/commit/e4e2799dd7aab89f583e1d898300d96367750991
- context:
- - https://github.com/golang/go/issues/19767
- - https://bridge.grumpy-troll.org/2017/04/golang-ssh-security/
diff --git a/reports/GO-2020-0014.yaml b/reports/GO-2020-0014.yaml
deleted file mode 100644
index 66c99ae..0000000
--- a/reports/GO-2020-0014.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-module: golang.org/x/net
-package: golang.org/x/net/html
-versions:
- - fixed: v0.0.0-20190125091013-d26f9f9a57f3
-description: |
- [`html.Parse`] does not properly handle "select" tags, which can lead
- to an infinite loop. If parsing user supplied input, this may be used
- as a denial of service vector.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2018-17846
-credit: "@tr3ee"
-symbols:
- - inSelectIM
- - inSelectInTableIM
-links:
- pr: https://go-review.googlesource.com/c/137275
- commit: https://github.com/golang/net/commit/d26f9f9a57f3fab6a695bec0d84433c2c50f8bbf
- context:
- - https://github.com/golang/go/issues/27842
diff --git a/reports/GO-2020-0015.yaml b/reports/GO-2020-0015.yaml
deleted file mode 100644
index 7b1e289..0000000
--- a/reports/GO-2020-0015.yaml
+++ /dev/null
@@ -1,29 +0,0 @@
-module: golang.org/x/text
-package: golang.org/x/text/encoding/unicode
-additional_packages:
- - module: golang.org/x/text
- package: golang.org/x/text/transform
- symbols:
- - Transform
- versions:
- - fixed: v0.3.3
-versions:
- - fixed: v0.3.3
-description: |
- An attacker could provide a single byte to a [`UTF16`] decoder instantiated with
- [`UseBOM`] or [`ExpectBOM`] to trigger an infinite loop if the [`String`] function on
- the [`Decoder`] is called, or the [`Decoder`] is passed to [`transform.String`].
- If used to parse user supplied input, this may be used as a denial of service
- vector.
-published: 2021-04-14T12:00:00Z
-last_modified: 2021-06-07T12:00:00Z
-cve: CVE-2020-14040
-credit: "@abacabadabacaba and Anton Gyllenberg"
-symbols:
- - utf16Decoder.Transform
-links:
- pr: https://go-review.googlesource.com/c/text/+/238238
- commit: https://github.com/golang/text/commit/23ae387dee1f90d29a23c0e87ee0b46038fbed0e
- context:
- - https://github.com/golang/go/issues/39491
- - https://groups.google.com/g/golang-announce/c/bXVeAmGOqz0
diff --git a/reports/GO-2020-0016.yaml b/reports/GO-2020-0016.yaml
deleted file mode 100644
index 5f2a646..0000000
--- a/reports/GO-2020-0016.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-module: github.com/ulikunitz/xz
-versions:
- - fixed: v0.5.8
-description: |
- An attacker can construct a series of bytes such that calling
- [`Reader.Read`] on the bytes could cause an infinite loop. If
- parsing user supplied input, this may be used as a denial of
- service vector.
-published: 2021-04-14T12:00:00Z
-credit: "@0xdecaf"
-cve: CVE-2021-29482
-symbols:
- - readUvarint
-links:
- commit: https://github.com/ulikunitz/xz/commit/69c6093c7b2397b923acf82cb378f55ab2652b9b
- context:
- - https://github.com/ulikunitz/xz/issues/35
- - https://github.com/ulikunitz/xz/security/advisories/GHSA-25xm-hr59-7c27
\ No newline at end of file
diff --git a/reports/GO-2020-0017.yaml b/reports/GO-2020-0017.yaml
deleted file mode 100644
index d21c6cd..0000000
--- a/reports/GO-2020-0017.yaml
+++ /dev/null
@@ -1,23 +0,0 @@
-module: github.com/dgrijalva/jwt-go
-additional_packages:
- - module: github.com/dgrijalva/jwt-go/v4
- symbols:
- - MapClaims.VerifyAudience
- versions:
- - fixed: v4.0.0-preview1
-versions:
- - introduced: v0.0.0-20150717181359-44718f8a89b0
-description: |
- If a JWT contains an audience claim with an array of strings, rather
- than a single string, and `MapClaims.VerifyAudience` is called with
- `req` set to `false`, then audience verification will be bypassed,
- allowing an invalid set of audiences to be provided.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2020-26160
-credit: "@christopher-wong"
-symbols:
- - MapClaims.VerifyAudience
-links:
- commit: https://github.com/dgrijalva/jwt-go/commit/ec0a89a131e3e8567adcb21254a5cd20a70ea4ab
- context:
- - https://github.com/dgrijalva/jwt-go/issues/422
diff --git a/reports/GO-2020-0018.yaml b/reports/GO-2020-0018.yaml
deleted file mode 100644
index a291bea..0000000
--- a/reports/GO-2020-0018.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-module: github.com/satori/go.uuid
-versions:
- - fixed: v1.2.1-0.20181016170032-d91630c85102
-description: |
- UUIDs generated using [`NewV1`] and [`NewV4`] may not read the expected
- number of random bytes. These UUIDs may contain a significantly smaller
- amount of entropy than expected, possibly leading to collisions.
-published: 2021-04-14T12:00:00Z
-credit: "@josselin-c"
-symbols:
- - NewV4
- - rfc4122Generator.getClockSequence
- - rfc4122Generator.getHardwareAddr
-links:
- pr: https://github.com/satori/go.uuid/pull/75
- commit: https://github.com/satori/go.uuid/commit/d91630c8510268e75203009fe7daf2b8e1d60c45
- context:
- - https://github.com/satori/go.uuid/issues/73
diff --git a/reports/GO-2020-0019.yaml b/reports/GO-2020-0019.yaml
deleted file mode 100644
index d57c8c4..0000000
--- a/reports/GO-2020-0019.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-module: github.com/gorilla/websocket
-versions:
- - fixed: v1.4.1
-description: |
- An attacker can craft malicious WebSocket frames that cause an integer
- overflow in a variable which tracks the number of bytes remaining. This
- may cause the server or client to get stuck attempting to read frames
- in a loop, which can be used as a denial of service vector.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2020-27813
-credit: Max Justicz
-symbols:
- - Conn.advanceFrame
- - messageReader.Read
-links:
- pr: https://github.com/gorilla/websocket/pull/537
- commit: https://github.com/gorilla/websocket/commit/5b740c29263eb386f33f265561c8262522f19d37
diff --git a/reports/GO-2020-0020.yaml b/reports/GO-2020-0020.yaml
deleted file mode 100644
index 99ac7c1..0000000
--- a/reports/GO-2020-0020.yaml
+++ /dev/null
@@ -1,14 +0,0 @@
-module: github.com/gorilla/handlers
-versions:
- - fixed: v1.3.0
-description: |
- Usage of the [`CORS`] handler may apply improper CORS headers, allowing
- the requester to explicitly control the value of the Access-Control-Allow-Origin
- header, which bypasses the expected behavior of the Same Origin Policy.
-published: 2021-04-14T12:00:00Z
-credit: Evan J Johnson
-symbols:
- - cors.ServeHTTP
-links:
- pr: https://github.com/gorilla/handlers/pull/116
- commit: https://github.com/gorilla/handlers/commit/90663712d74cb411cbef281bc1e08c19d1a76145
diff --git a/reports/GO-2020-0021.yaml b/reports/GO-2020-0021.yaml
deleted file mode 100644
index 41a308c..0000000
--- a/reports/GO-2020-0021.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-module: github.com/gogits/gogs
-versions:
- - fixed: v0.5.8
-description: |
- Due to improper santization of user input, a number of methods are
- vulnerable to SQL injection if used with user input that has not
- been santized by the caller.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2014-8681
-credit: Pascal Turbing and Jiahua (Joe) Chen
-symbols:
- - GetIssues
- - SearchRepositoryByName
- - SearchUserByName
-links:
- commit: https://github.com/gogs/gogs/commit/83283bca4cb4e0f4ec48a28af680f0d88db3d2c8
- context:
- - https://seclists.org/fulldisclosure/2014/Nov/31
diff --git a/reports/GO-2020-0022.yaml b/reports/GO-2020-0022.yaml
deleted file mode 100644
index 2d93d8b..0000000
--- a/reports/GO-2020-0022.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
-module: github.com/cloudflare/golz4
-versions:
- - fixed: v0.0.0-20140711154735-199f5f787806
-description: |
- LZ4 bindings use a deprecated C API that is vulnerable to
- memory corruption, which could lead to arbitrary code execution
- if called with untrusted user input.
-published: 2021-04-14T12:00:00Z
-credit: Yann Collet
-symbols:
- - Uncompress
-links:
- commit: https://github.com/cloudflare/golz4/commit/199f5f7878062ca17a98e079f2dbe1205e2ed898
- context:
- - https://github.com/cloudflare/golz4/issues/5
diff --git a/reports/GO-2020-0023.yaml b/reports/GO-2020-0023.yaml
deleted file mode 100644
index 34ba025..0000000
--- a/reports/GO-2020-0023.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
-module: github.com/robbert229/jwt
-versions:
- - fixed: v0.0.0-20170426191122-ca1404ee6e83
-description: |
- Token validation methods are susceptible to a timing side-channel
- during HMAC comparison. With a large enough number of requests
- over a low latency connection, an attacker may use this to determine
- the expected HMAC.
-published: 2021-04-14T12:00:00Z
-symbols:
- - Algorithm.validateSignature
-links:
- commit: https://github.com/robbert229/jwt/commit/ca1404ee6e83fcbafb66b09ed0d543850a15b654
- context:
- - https://github.com/robbert229/jwt/issues/12
diff --git a/reports/GO-2020-0024.yaml b/reports/GO-2020-0024.yaml
deleted file mode 100644
index 99f37be..0000000
--- a/reports/GO-2020-0024.yaml
+++ /dev/null
@@ -1,22 +0,0 @@
-module: github.com/btcsuite/go-socks
-package: github.com/btcsuite/go-socks/socks
-additional_packages:
- - module: github.com/btcsuitereleases/go-socks
- package: github.com/btcsuitereleases/go-socks/socks
- symbols:
- - proxiedConn.LocalAddr
- - proxiedConn.RemoteAddr
- versions:
- - fixed: v0.0.0-20130808000456-233bccbb1abe
-versions:
- - fixed: v0.0.0-20130808000456-233bccbb1abe
-description: |
- The RemoteAddr and LocalAddr methods on the returned net.Conn may
- call themselves, leading to an infinite loop which will crash the
- program due to a stack overflow.
-published: 2021-04-14T12:00:00Z
-symbols:
- - proxiedConn.LocalAddr
- - proxiedConn.RemoteAddr
-links:
- commit: https://github.com/btcsuite/go-socks/commit/233bccbb1abe02f05750f7ace66f5bffdb13defc
diff --git a/reports/GO-2020-0025.yaml b/reports/GO-2020-0025.yaml
deleted file mode 100644
index 5c216a0..0000000
--- a/reports/GO-2020-0025.yaml
+++ /dev/null
@@ -1,22 +0,0 @@
-module: github.com/cloudfoundry/archiver
-additional_packages:
- - module: code.cloudfoundry.org/archiver
- symbols:
- - tgzExtractor.Extract
- - zipExtractor.Extract
- versions:
- - fixed: v0.0.0-20180523222229-09b5706aa936
-versions:
- - fixed: v0.0.0-20180523222229-09b5706aa936
-description: |
- Due to improper path santization, archives containing relative file
- paths can cause files to be written (or overwritten) outside of the
- target directory.
-published: 2021-04-14T12:00:00Z
-symbols:
- - tgzExtractor.Extract
- - zipExtractor.Extract
-links:
- commit: https://github.com/cloudfoundry/archiver/commit/09b5706aa9367972c09144a450bb4523049ee840
- context:
- - https://snyk.io/research/zip-slip-vulnerability
diff --git a/reports/GO-2020-0026.yaml b/reports/GO-2020-0026.yaml
deleted file mode 100644
index ad82d48..0000000
--- a/reports/GO-2020-0026.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-module: github.com/openshift/source-to-image
-package: github.com/openshift/source-to-image/pkg/tar
-versions:
- - fixed: v1.1.10-0.20180427153919-f5cbcbc5cc6f
-description: |
- Due to improper path santization, archives containing relative file
- paths can cause files to be written (or overwritten) outside of the
- target directory.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2018-1103
-symbols:
- - stiTar.ExtractTarStreamFromTarReader
- - stiTar.extractLink
- - New
-links:
- commit: https://github.com/openshift/source-to-image/commit/f5cbcbc5cc6f8cc2f479a7302443bea407a700cb
- context:
- - https://snyk.io/research/zip-slip-vulnerability
diff --git a/reports/GO-2020-0027.yaml b/reports/GO-2020-0027.yaml
deleted file mode 100644
index a897f6d..0000000
--- a/reports/GO-2020-0027.yaml
+++ /dev/null
@@ -1,23 +0,0 @@
-module: github.com/google/fscrypt
-package: github.com/google/fscrypt/pam
-additional_packages:
- - module: github.com/google/fscrypt
- package: github.com/google/fscrypt/security
- symbols:
- - UserKeyringID
-versions:
- - fixed: v0.2.4
-description: |
- After dropping and then elevating process privileges euid, guid, and groups
- are not properly restored to their original values, allowing an unprivileged
- user to gain membership in the root group.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2018-6558
-symbols:
- - NewHandle
- - SetProcessPrivileges
- - Handle.StopAsPamUser
-links:
- commit: https://github.com/google/fscrypt/commit/3022c1603d968c22f147b4a2c49c4637dd1be91b
- context:
- - https://github.com/google/fscrypt/issues/77
diff --git a/reports/GO-2020-0028.yaml b/reports/GO-2020-0028.yaml
deleted file mode 100644
index ec0003d..0000000
--- a/reports/GO-2020-0028.yaml
+++ /dev/null
@@ -1,16 +0,0 @@
-module: github.com/miekg/dns
-versions:
- - fixed: v1.0.10
-description: |
- Due to a nil pointer dereference, parsing a malformed zone file
- containing TA records may cause a panic. If parsing user supplied
- input, this may be used as a denial of service vector.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2018-17419
-credit: "@tr3ee"
-symbols:
- - setTA
-links:
- commit: https://github.com/miekg/dns/commit/501e858f679edecd4a38a86317ce50271014a80d
- context:
- - https://github.com/miekg/dns/issues/742
diff --git a/reports/GO-2020-0029.yaml b/reports/GO-2020-0029.yaml
deleted file mode 100644
index 7023c26..0000000
--- a/reports/GO-2020-0029.yaml
+++ /dev/null
@@ -1,14 +0,0 @@
-module: github.com/gin-gonic/gin
-versions:
- - fixed: v0.0.0-20141229113116-0099840c98ae
-description: |
- Due to improper HTTP header santization, a malicious user can spoof their
- source IP address by setting the X-Forwarded-For header. This may allow
- a user to bypass IP based restrictions, or obfuscate their true source.
-published: 2021-04-14T12:00:00Z
-credit: "@nl5887"
-symbols:
- - Context.ClientIP
-links:
- commit: https://github.com/gin-gonic/gin/commit/0099840c98ae1473c5ff0f18bc93a8e13ceed829
- pr: https://github.com/gin-gonic/gin/pull/182
diff --git a/reports/GO-2020-0031.yaml b/reports/GO-2020-0031.yaml
deleted file mode 100644
index 94c32b6..0000000
--- a/reports/GO-2020-0031.yaml
+++ /dev/null
@@ -1,12 +0,0 @@
-module: github.com/proglottis/gpgme
-versions:
- - fixed: v0.1.1
-description: |
- Due to improper setting of finalizers, memory passed to C may be freed before it is used,
- leading to crashes due to memory corruption or possible code execution.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2020-8945
-links:
- commit: https://github.com/proglottis/gpgme/commit/92153bcb59bd2f511e502262c46c7bd660e21733
- context:
- - https://bugzilla.redhat.com/show_bug.cgi?id=1795838
diff --git a/reports/GO-2020-0032.yaml b/reports/GO-2020-0032.yaml
deleted file mode 100644
index 7392de9..0000000
--- a/reports/GO-2020-0032.yaml
+++ /dev/null
@@ -1,33 +0,0 @@
-module: github.com/goadesign/goa
-additional_packages:
- - module: goa.design/goa
- symbols:
- - Controller.FileHandler
- versions:
- - fixed: v1.4.3
- - module: goa.design/goa/v3
- symbols:
- - Controller.FileHandler
- versions:
- - fixed: v3.0.9
-versions:
- - fixed: v1.4.3
-description: |
- Due to improper santization of user input, Controller.FileHandler allows
- for directory traversal, allowing an attacker to read files outside of
- the target directory that the server has permission to read.
-published: 2021-04-14T12:00:00Z
-credit: "@christi3k"
-symbols:
- - Controller.FileHandler
-links:
- pr: https://github.com/goadesign/goa/pull/2388
- commit: https://github.com/goadesign/goa/commit/70b5a199d0f813d74423993832c424e1fc73fb39
-cve_metadata:
- id: CVE-9999-0012
- cwe:
- "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path
- Traversal')"
- description: |
- Improper path santiziation in github.com/goadesign/goa before v3.0.9, v2.0.10, or
- v1.4.3 allow remote attackers to read files outside of the intended directory.
diff --git a/reports/GO-2020-0033.yaml b/reports/GO-2020-0033.yaml
deleted file mode 100644
index d22189c..0000000
--- a/reports/GO-2020-0033.yaml
+++ /dev/null
@@ -1,16 +0,0 @@
-module: aahframe.work
-versions:
- - fixed: v0.12.4
-description: |
- Due to improper santization of user input, HTTPEngine.Handle allows
- for directory traversal, allowing an attacker to read files outside of
- the target directory that the server has permission to read.
-published: 2021-04-14T12:00:00Z
-credit: "@snyff"
-symbols:
- - HTTPEngine.Handle
-links:
- pr: https://github.com/go-aah/aah/pull/267
- commit: https://github.com/go-aah/aah/commit/881dc9f71d1f7a4e8a9a39df9c5c081d3a2da1ec
- context:
- - https://github.com/go-aah/aah/issues/266
diff --git a/reports/GO-2020-0034.yaml b/reports/GO-2020-0034.yaml
deleted file mode 100644
index ef74643..0000000
--- a/reports/GO-2020-0034.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
-module: github.com/artdarek/go-unzip
-versions:
- - fixed: v1.0.0
-description: |
- Due to improper path santization, archives containing relative file
- paths can cause files to be written (or overwritten) outside of the
- target directory.
-published: 2021-04-14T12:00:00Z
-symbols:
- - Unzip.Extract
-links:
- pr: https://github.com/artdarek/go-unzip/pull/2
- commit: https://github.com/artdarek/go-unzip/commit/4975cbe0a719dc50b12da8585f1f207c82f7dfe0
- context:
- - https://snyk.io/research/zip-slip-vulnerability
diff --git a/reports/GO-2020-0035.yaml b/reports/GO-2020-0035.yaml
deleted file mode 100644
index 9fa679b..0000000
--- a/reports/GO-2020-0035.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
-module: github.com/yi-ge/unzip
-versions:
- - fixed: v1.0.3-0.20200308084313-2adbaa4891b9
-description: |
- Due to improper path santization, archives containing relative file
- paths can cause files to be written (or overwritten) outside of the
- target directory.
-published: 2021-04-14T12:00:00Z
-symbols:
- - Unzip.Extract
-links:
- pr: https://github.com/yi-ge/unzip/pull/1
- commit: https://github.com/yi-ge/unzip/commit/2adbaa4891b9690853ef10216189189f5ad7dc73
- context:
- - https://snyk.io/research/zip-slip-vulnerability
diff --git a/reports/GO-2020-0036.yaml b/reports/GO-2020-0036.yaml
deleted file mode 100644
index 0c6a8e3..0000000
--- a/reports/GO-2020-0036.yaml
+++ /dev/null
@@ -1,22 +0,0 @@
-module: gopkg.in/yaml.v2
-additional_packages:
- # all of the incompatible versions of github.com/go-yaml/yaml
- # are affected
- - module: github.com/go-yaml/yaml
- symbols:
- - yaml_parser_fetch_more_tokens
-versions:
- - fixed: v2.2.8
-description: |
- Due to unbounded aliasing, a crafted YAML file can cause consumption
- of significant system resources. If parsing user supplied input, this
- may be used as a denial of service vector.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2019-11254
-symbols:
- - yaml_parser_fetch_more_tokens
-links:
- pr: https://github.com/go-yaml/yaml/pull/555
- commit: https://github.com/go-yaml/yaml/commit/53403b58ad1b561927d19068c655246f2db79d48
- context:
- - https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=18496
diff --git a/reports/GO-2020-0037.yaml b/reports/GO-2020-0037.yaml
deleted file mode 100644
index 6b38fc6..0000000
--- a/reports/GO-2020-0037.yaml
+++ /dev/null
@@ -1,16 +0,0 @@
-module: github.com/tendermint/tendermint
-package: github.com/tendermint/tendermint/rpc/client
-versions:
- - fixed: v0.31.1
-description: |
- Due to support of Gzip compression in request bodies, as well
- as a lack of limiting response body sizes, a malicious server
- can cause a client to consume a significant amount of system
- resources, which may be used as a denial of service vector.
-published: 2021-04-14T12:00:00Z
-credit: "@guagualvcha"
-symbols:
- - makeHTTPClient
-links:
- pr: https://github.com/tendermint/tendermint/pull/3430
- commit: https://github.com/tendermint/tendermint/commit/03085c2da23b179c4a51f59a03cb40aa4e85a613
diff --git a/reports/GO-2020-0038.yaml b/reports/GO-2020-0038.yaml
deleted file mode 100644
index c08cf05..0000000
--- a/reports/GO-2020-0038.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-module: github.com/pion/dtls
-versions:
- - fixed: v1.5.2
-description: |
- Due to improper verification of packets, unencrypted packets containing
- application data are accepted after the initial handshake. This allows
- an attacker to inject arbitary data which the client/server believes
- was encrypted, despite not knowing the session key.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2019-20786
-symbols:
- - Conn.handleIncomingPacket
-links:
- pr: https://github.com/pion/dtls/pull/128
- commit: https://github.com/pion/dtls/commit/fd73a5df2ff0e1fb6ae6a51e2777d7a16cc4f4e0
- context:
- - https://www.usenix.org/system/files/sec20fall_fiterau-brostean_prepub.pdf
diff --git a/reports/GO-2020-0039.yaml b/reports/GO-2020-0039.yaml
deleted file mode 100644
index 5f6a1b8..0000000
--- a/reports/GO-2020-0039.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-module: gopkg.in/macaron.v1
-versions:
- - fixed: v1.3.7
-description: |
- Due to improper request santization, a specifically crafted URL
- can cause the static file handler to redirect to an attacker chosen
- URL, allowing for open redirect attacks.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2020-12666
-credit: "@ev0A"
-symbols:
- - staticHandler
-links:
- pr: https://github.com/go-macaron/macaron/pull/199
- commit: https://github.com/go-macaron/macaron/commit/addc7461c3a90a040e79aa75bfd245107a210245
- context:
- - https://github.com/go-macaron/macaron/issues/198
diff --git a/reports/GO-2020-0040.yaml b/reports/GO-2020-0040.yaml
deleted file mode 100644
index 3527139..0000000
--- a/reports/GO-2020-0040.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
-module: github.com/shiyanhui/dht
-description: |
- Due to unchecked type assertions, maliciously crafted messages can
- cause panics, which may be used as a denial of service vector.
-published: 2021-04-14T12:00:00Z
-credit: "@hMihaiDavid"
-links:
- context:
- - https://github.com/shiyanhui/dht/issues/57
diff --git a/reports/GO-2020-0041.yaml b/reports/GO-2020-0041.yaml
deleted file mode 100644
index 33bc1f9..0000000
--- a/reports/GO-2020-0041.yaml
+++ /dev/null
@@ -1,26 +0,0 @@
-module: github.com/unknwon/cae
-package: github.com/unknwon/cae/tz
-additional_packages:
- # CVE-2020-7664
- - module: github.com/unknwon/cae
- package: github.com/unknwon/cae/zip
- symbols:
- - ZipArchive.Open
- - ZipArchive.ExtractToFunc
- versions:
- - fixed: v1.0.1
-versions:
- - fixed: v1.0.1
-description: |
- Due to improper path santization, archives containing relative file
- paths can cause files to be written (or overwritten) outside of the
- target directory.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2020-7668
-symbols:
- - TzArchive.syncFiles
- - TzArchive.ExtractToFunc
-links:
- commit: https://github.com/unknwon/cae/commit/07971c00a1bfd9dc171c3ad0bfab5b67c2287e11
- context:
- - https://snyk.io/research/zip-slip-vulnerability
diff --git a/reports/GO-2020-0042.yaml b/reports/GO-2020-0042.yaml
deleted file mode 100644
index f937241..0000000
--- a/reports/GO-2020-0042.yaml
+++ /dev/null
@@ -1,16 +0,0 @@
-module: github.com/sassoftware/go-rpmutils
-package: github.com/sassoftware/go-rpmutils/cpio
-versions:
- - fixed: v0.1.0
-description: |
- Due to improper path santization, RPMs containing relative file
- paths can cause files to be written (or overwritten) outside of the
- target directory.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2020-7667
-symbols:
- - Extract
-links:
- commit: https://github.com/sassoftware/go-rpmutils/commit/a64058cf21b8aada501bba923c9aab66fb6febf0
- context:
- - https://snyk.io/research/zip-slip-vulnerability
diff --git a/reports/GO-2020-0043.yaml b/reports/GO-2020-0043.yaml
deleted file mode 100644
index b00d7d6..0000000
--- a/reports/GO-2020-0043.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-module: github.com/mholt/caddy
-package: github.com/mholt/caddy/caddyhttp/httpserver
-versions:
- - fixed: v0.10.13
-description: |
- Due to improper TLS verification when serving traffic for multiple
- SNIs, an attacker may bypass TLS client authentication by indicating
- an SNI during the TLS handshake that is different from the name in
- the HTTP Host header.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2018-21246
-symbols:
- - httpContext.MakeServers
- - Server.serveHTTP
- - assertConfigsCompatible
-links:
- pr: https://github.com/caddyserver/caddy/pull/2099
- commit: https://github.com/caddyserver/caddy/commit/4d9ee000c8d2cbcdd8284007c1e0f2da7bc3c7c3
- context:
- - https://bugs.gentoo.org/715214
diff --git a/reports/GO-2020-0045.yaml b/reports/GO-2020-0045.yaml
deleted file mode 100644
index 09fad5d..0000000
--- a/reports/GO-2020-0045.yaml
+++ /dev/null
@@ -1,16 +0,0 @@
-module: github.com/dinever/golf
-versions:
- - fixed: v0.3.0
-description: |
- CSRF tokens are generated using math/rand, which is not a cryptographically secure
- rander number generation, making predicting their values relatively trivial and
- allowing an attacker to bypass CSRF protections which relatively few requests.
-published: 2021-04-14T12:00:00Z
-credit: "@elithrar"
-symbols:
- - randomBytes
-links:
- pr: https://github.com/dinever/golf/pull/24
- commit: https://github.com/dinever/golf/commit/3776f338be48b5bc5e8cf9faff7851fc52a3f1fe
- context:
- - https://github.com/dinever/golf/issues/20
diff --git a/reports/GO-2020-0046.yaml b/reports/GO-2020-0046.yaml
deleted file mode 100644
index 64e017f..0000000
--- a/reports/GO-2020-0046.yaml
+++ /dev/null
@@ -1,22 +0,0 @@
-module: github.com/russellhaering/goxmldsig
-additional_packages:
- - module: github.com/russellhaering/gosaml2
- symbols:
- - SAMLServiceProvider.validateAssertionSignatures
- versions:
- - fixed: v0.6.0
-versions:
- - fixed: v1.1.0
-description: |
- Due to a nil pointer dereference, a malformed XML Digital Signature
- can cause a panic during validation. If user supplied signatures are
- being validated, this may be used as a denial of service vector.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2020-7711
-credit: "@stevenjohnstone"
-symbols:
- - ValidationContext.validateSignature
-links:
- context:
- - https://github.com/russellhaering/goxmldsig/issues/48
- - https://github.com/russellhaering/gosaml2/issues/59
diff --git a/reports/GO-2020-0047.yaml b/reports/GO-2020-0047.yaml
deleted file mode 100644
index f1c8481..0000000
--- a/reports/GO-2020-0047.yaml
+++ /dev/null
@@ -1,13 +0,0 @@
-module: github.com/RobotsAndPencils/go-saml
-description: |
- XML Digital Signatures generated and validated using this package use
- SHA-1, which may allow an attacker to craft inputs which cause hash
- collisions depending on their control over the input.
-published: 2021-04-14T12:00:00Z
-symbols:
- - AuthnRequest.Validate
- - NewAuthnRequest
- - NewSignedResponse
-links:
- context:
- - https://github.com/RobotsAndPencils/go-saml/pull/38
diff --git a/reports/GO-2020-0048.yaml b/reports/GO-2020-0048.yaml
deleted file mode 100644
index 620524c..0000000
--- a/reports/GO-2020-0048.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-module: github.com/antchfx/xmlquery
-versions:
- - fixed: v1.3.1
-description: |
- [`LoadURL`] does not check the Content-Type of loaded resources,
- which can cause a panic due to nil pointer deference if the loaded
- resource is not XML. If user supplied URLs are loaded, this may be
- used as a denial of service vector.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2020-25614
-credit: "@dwisiswant0"
-symbols:
- - LoadURL
-links:
- commit: https://github.com/antchfx/xmlquery/commit/5648b2f39e8d5d3fc903c45a4f1274829df71821
- context:
- - https://github.com/antchfx/xmlquery/issues/39
diff --git a/reports/GO-2020-0049.yaml b/reports/GO-2020-0049.yaml
deleted file mode 100644
index 4b98b30..0000000
--- a/reports/GO-2020-0049.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
-module: github.com/justinas/nosurf
-versions:
- - fixed: v1.1.1
-description: |
- Due to improper validation of caller input, validation is silently disabled
- if the provided expected token is malformed, causing any user supplied token
- to be considered valid.
-published: 2021-04-14T12:00:00Z
-credit: "@aeneasr"
-symbols:
- - VerifyToken
- - verifyToken
-links:
- pr: https://github.com/justinas/nosurf/pull/60
- commit: https://github.com/justinas/nosurf/commit/4d86df7a4affa1fa50ab39fb09aac56c3ce9c314
diff --git a/reports/GO-2020-0050.yaml b/reports/GO-2020-0050.yaml
deleted file mode 100644
index 3356de6..0000000
--- a/reports/GO-2020-0050.yaml
+++ /dev/null
@@ -1,16 +0,0 @@
-module: github.com/russellhaering/goxmldsig
-versions:
- - fixed: v1.1.0
-description: |
- Due to the behavior of encoding/xml, a crafted XML document may cause
- XML Digital Signature validation to be entirely bypassed, causing an
- unsigned document to appear signed.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2020-15216
-credit: "@jupenur"
-symbols:
- - ValidationContext.findSignature
-links:
- commit: https://github.com/russellhaering/goxmldsig/commit/f6188febf0c29d7ffe26a0436212b19cb9615e64
- context:
- - https://github.com/russellhaering/goxmldsig/security/advisories/GHSA-q547-gmf8-8jr7
diff --git a/reports/GO-2021-0051.yaml b/reports/GO-2021-0051.yaml
deleted file mode 100644
index 209f9a4..0000000
--- a/reports/GO-2021-0051.yaml
+++ /dev/null
@@ -1,16 +0,0 @@
-module: github.com/labstack/echo/v4
-versions:
- - fixed: v4.1.18-0.20201215153152-4422e3b66b9f
-description: |
- Due to improper santization of user input on Windows, the static file handler
- allows for directory traversal, allowing an attacker to read files outside of
- the target directory that the server has permission to read.
-published: 2021-04-14T12:00:00Z
-credit: "@little-cui (Apache ServiceComb)"
-symbols:
- - common.static
-os:
- - windows
-links:
- pr: https://github.com/labstack/echo/pull/1718
- commit: https://github.com/labstack/echo/commit/4422e3b66b9fd498ed1ae1d0242d660d0ed3faaa
diff --git a/reports/GO-2021-0052.yaml b/reports/GO-2021-0052.yaml
deleted file mode 100644
index 70396e7..0000000
--- a/reports/GO-2021-0052.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-module: github.com/gin-gonic/gin
-description: |
- Due to improper HTTP header santization, a malicious user can spoof their
- source IP address by setting the X-Forwarded-For header. This may allow
- a user to bypass IP based restrictions, or obfuscate their true source.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2020-28483
-credit: "@sorenh"
-symbols:
- - Context.ClientIP
-versions:
- - fixed: v1.6.3-0.20210406033725-bfc8ca285eb4
-links:
- commit: https://github.com/gin-gonic/gin/commit/bfc8ca285eb46dad60e037d57c545cd260636711
- pr: https://github.com/gin-gonic/gin/pull/2632
- context:
- - https://github.com/gin-gonic/gin/pull/2474
diff --git a/reports/GO-2021-0053.yaml b/reports/GO-2021-0053.yaml
deleted file mode 100644
index ee530d9..0000000
--- a/reports/GO-2021-0053.yaml
+++ /dev/null
@@ -1,11 +0,0 @@
-module: github.com/gogo/protobuf
-versions:
- - fixed: v1.3.2
-description: |
- Due to improper bounds checking, maliciously crafted input to generated
- Unmarshal methods can cause an out-of-bounds panic. If parsing messages
- from untrusted parties, this may be used as a denial of service vector.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2021-3121
-links:
- commit: https://github.com/gogo/protobuf/commit/b03c65ea87cdc3521ede29f62fe3ce239267c1bc
diff --git a/reports/GO-2021-0054.yaml b/reports/GO-2021-0054.yaml
deleted file mode 100644
index 566fca6..0000000
--- a/reports/GO-2021-0054.yaml
+++ /dev/null
@@ -1,16 +0,0 @@
-module: github.com/tidwall/gjson
-versions:
- - fixed: v1.6.6
-description: |
- Due to improper bounds checking, maliciously crafted JSON objects
- can cause an out-of-bounds panic. If parsing user input, this may
- be used as a denial of service vector.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2020-36067
-credit: "@toptotu"
-symbols:
- - unwrap
-links:
- commit: https://github.com/tidwall/gjson/commit/bf4efcb3c18d1825b2988603dea5909140a5302b
- context:
- - https://github.com/tidwall/gjson/issues/196
diff --git a/reports/GO-2021-0056.yaml b/reports/GO-2021-0056.yaml
deleted file mode 100644
index 896cbc2..0000000
--- a/reports/GO-2021-0056.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-module: github.com/dexidp/dex
-package: github.com/dexidp/dex/connector/saml
-versions:
- - fixed: v0.0.0-20201214082111-324b1c886b40
-description: |
- Due to the behavior of encoding/xml, a crafted XML document may cause
- XML Digital Signature validation to be entirely bypassed, causing an
- unsigned document to appear signed.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2020-15216
-credit: Juho Nurminen (Mattermost)
-symbols:
- - provider.HandlePOST
-links:
- commit: https://github.com/dexidp/dex/commit/324b1c886b407594196113a3dbddebe38eecd4e8
- context:
- - https://github.com/dexidp/dex/security/advisories/GHSA-m9hp-7r99-94h5
diff --git a/reports/GO-2021-0057.yaml b/reports/GO-2021-0057.yaml
deleted file mode 100644
index 94d1203..0000000
--- a/reports/GO-2021-0057.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-module: github.com/buger/jsonparser
-versions:
- - fixed: v1.1.1
-description: |
- Due to improper bounds checking, maliciously crafted JSON objects
- can cause an out-of-bounds panic. If parsing user input, this may
- be used as a denial of service vector.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2020-35381
-credit: "@toptotu"
-symbols:
- - searchKeys
-links:
- pr: https://github.com/buger/jsonparser/pull/221
- commit: https://github.com/buger/jsonparser/commit/df3ea76ece10095374fd1c9a22a4fb85a44efc42
- context:
- - https://github.com/buger/jsonparser/issues/219
diff --git a/reports/GO-2021-0058.yaml b/reports/GO-2021-0058.yaml
deleted file mode 100644
index 4b359be..0000000
--- a/reports/GO-2021-0058.yaml
+++ /dev/null
@@ -1,27 +0,0 @@
-module: github.com/crewjam/saml
-additional_packages:
- - module: github.com/crewjam/saml
- package: github.com/crewjam/saml/samlidp
- versions:
- - fixed: v0.4.3
- - module: github.com/crewjam/saml
- package: github.com/crewjam/saml/samlsp
- versions:
- - fixed: v0.4.3
-versions:
- - fixed: v0.4.3
-description: |
- Due to the behavior of encoding/xml, a crafted XML document may cause
- XML Digital Signature validation to be entirely bypassed, causing an
- unsigned document to appear signed.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2020-27846
-symbols:
- - IdpAuthnRequest.Validate
- - ServiceProvider.ParseXMLResponse
- - ServiceProvider.ValidateLogoutResponseForm
- - ServiceProvider.ValidateLogoutResponseRedirect
-links:
- commit: https://github.com/crewjam/saml/commit/da4f1a0612c0a8dd0452cf8b3c7a6518f6b4d053
- context:
- - https://github.com/crewjam/saml/security/advisories/GHSA-4hq8-gmxx-h6w9
diff --git a/reports/GO-2021-0059.yaml b/reports/GO-2021-0059.yaml
deleted file mode 100644
index 0c57920..0000000
--- a/reports/GO-2021-0059.yaml
+++ /dev/null
@@ -1,16 +0,0 @@
-module: github.com/tidwall/gjson
-versions:
- - fixed: v1.6.4
-description: |
- Due to improper bounds checking, maliciously crafted JSON objects
- can cause an out-of-bounds panic. If parsing user input, this may
- be used as a denial of service vector.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2020-35380
-credit: "@toptotu"
-symbols:
- - sqaush
-links:
- commit: https://github.com/tidwall/gjson/commit/f0ee9ebde4b619767ae4ac03e8e42addb530f6bc
- context:
- - https://github.com/tidwall/gjson/issues/192
diff --git a/reports/GO-2021-0060.yaml b/reports/GO-2021-0060.yaml
deleted file mode 100644
index eff84db..0000000
--- a/reports/GO-2021-0060.yaml
+++ /dev/null
@@ -1,16 +0,0 @@
-module: github.com/russellhaering/gosaml2
-versions:
- - fixed: v0.6.0
-description: |
- Due to the behavior of encoding/xml, a crafted XML document may cause
- XML Digital Signature validation to be entirely bypassed, causing an
- unsigned document to appear signed.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2020-29509
-credit: Juho Nurminen
-symbols:
- - parseResponse
-links:
- commit: https://github.com/russellhaering/gosaml2/commit/42606dafba60c58c458f14f75c4c230459672ab9
- context:
- - https://github.com/russellhaering/gosaml2/security/advisories/GHSA-xhqq-x44f-9fgg
diff --git a/reports/GO-2021-0061.yaml b/reports/GO-2021-0061.yaml
deleted file mode 100644
index af187e4..0000000
--- a/reports/GO-2021-0061.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-module: gopkg.in/yaml.v2
-additional_packages:
- # all of the incompatible versions of github.com/go-yaml/yaml
- # are affected
- - module: github.com/go-yaml/yaml
- symbols:
- - decoder.unmarshal
-versions:
- - fixed: v2.2.3
-description: |
- Due to unbounded alias chasing, a maliciously crafted YAML file
- can cause the system to consume significant system resources. If
- parsing user input, this may be used as a denial of service vector.
-published: 2021-04-14T12:00:00Z
-credit: "@simonferquel"
-symbols:
- - decoder.unmarshal
-links:
- pr: https://github.com/go-yaml/yaml/pull/375
- commit: https://github.com/go-yaml/yaml/commit/bb4e33bf68bf89cad44d386192cbed201f35b241
diff --git a/reports/GO-2021-0063.yaml b/reports/GO-2021-0063.yaml
deleted file mode 100644
index 516e301..0000000
--- a/reports/GO-2021-0063.yaml
+++ /dev/null
@@ -1,16 +0,0 @@
-module: github.com/ethereum/go-ethereum
-package: github.com/ethereum/go-ethereum/les
-versions:
- - fixed: v1.9.25
-description: |
- Due to a nil pointer dereference, a malicously crafted RPC message
- can cause a panic. If handling RPC messages from untrusted clients,
- this may be used as a denial of service vector.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2020-26264
-credit: "@zsfelfoldi"
-symbols:
- - serverHandler.handleMsg
-links:
- pr: https://github.com/ethereum/go-ethereum/pull/21896
- commit: https://github.com/ethereum/go-ethereum/commit/bddd103a9f0af27ef533f04e06ea429cf76b6d46
diff --git a/reports/GO-2021-0064.yaml b/reports/GO-2021-0064.yaml
deleted file mode 100644
index 2b7e628..0000000
--- a/reports/GO-2021-0064.yaml
+++ /dev/null
@@ -1,24 +0,0 @@
-module: k8s.io/client-go
-package: k8s.io/client-go/transport
-additional_packages:
- - module: k8s.io/kubernetes
- package: k8s.io/kubernetes/staging/src/k8s.io/client-go/transport
- symbols:
- - requestInfo.toCurl
- versions:
- - fixed: v1.20.0-alpha.2
-versions:
- - fixed: v0.20.0-alpha.2
-description: |
- Authorization tokens may be inappropriately logged if the verbosity
- level is set to a debug level.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2020-8565
-credit: "@sfowl"
-symbols:
- - requestInfo.toCurl
-links:
- pr: https://github.com/kubernetes/kubernetes/pull/95316
- commit: https://github.com/kubernetes/kubernetes/commit/e99df0e5a75eb6e86123b56d53e9b7ca0fd00419
- context:
- - https://github.com/kubernetes/kubernetes/issues/95623
diff --git a/reports/GO-2021-0065.yaml b/reports/GO-2021-0065.yaml
deleted file mode 100644
index acefdbd..0000000
--- a/reports/GO-2021-0065.yaml
+++ /dev/null
@@ -1,23 +0,0 @@
-module: k8s.io/client-go
-package: k8s.io/client-go/transport
-additional_packages:
- - module: k8s.io/kubernetes
- package: k8s.io/kubernetes/staging/src/k8s.io/client-go/transport
- symbols:
- - debuggingRoundTripper.RoundTrip
- versions:
- - fixed: v1.16.0-beta.1
-versions:
- - fixed: v0.17.0
-description: |
- Authorization tokens may be inappropriately logged if the verbosity
- level is set to a debug level.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2019-11250
-symbols:
- - debuggingRoundTripper.RoundTrip
-links:
- pr: https://github.com/kubernetes/kubernetes/pull/81330
- commit: https://github.com/kubernetes/kubernetes/commit/4441f1d9c3e94d9a3d93b4f184a591cab02a5245
- context:
- - https://github.com/kubernetes/kubernetes/issues/81114
diff --git a/reports/GO-2021-0066.yaml b/reports/GO-2021-0066.yaml
deleted file mode 100644
index 9be09eb..0000000
--- a/reports/GO-2021-0066.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-module: k8s.io/kubernetes
-package: k8s.io/kubernetes/pkg/credentialprovider
-versions:
- - fixed: v1.20.0-alpha.1
-description: |
- Attempting to read a malformed .dockercfg may cause secrets to be
- inappropriately logged.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2020-8564
-credit: "@sfowl"
-symbols:
- - readDockerConfigFileFromBytes
- - readDockerConfigJSONFileFromBytes
-links:
- pr: https://github.com/kubernetes/kubernetes/pull/94712
- commit: https://github.com/kubernetes/kubernetes/commit/11793434dac97a49bfed0150b56ac63e5dc34634
- context:
- - https://github.com/kubernetes/kubernetes/issues/95622
diff --git a/reports/GO-2021-0067.yaml b/reports/GO-2021-0067.yaml
deleted file mode 100644
index 56c67f5..0000000
--- a/reports/GO-2021-0067.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-package: archive/zip
-stdlib: true
-versions:
- - introduced: go1.16
- fixed: go1.16.1
-description: |
- Using Reader.Open on an archive containing a file with a path
- prefixed by "../" will cause a panic due to a stack overflow.
- If parsing user supplied archives, this may be used as a
- denial of service vector.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2021-27919
-symbols:
- - toValidName
-links:
- pr: https://go-review.googlesource.com/c/go/+/300489
- commit: https://github.com/golang/go/commit/cd3b4ca9f20fd14187ed4cdfdee1a02ea87e5cd8
- context:
- - https://github.com/golang/go/issues/44916
diff --git a/reports/GO-2021-0068.yaml b/reports/GO-2021-0068.yaml
deleted file mode 100644
index 7a4b86e..0000000
--- a/reports/GO-2021-0068.yaml
+++ /dev/null
@@ -1,22 +0,0 @@
-package: cmd/go
-do_not_export: true
-stdlib: true
-versions:
- - fixed: go1.14.14
- - fixed: go1.15.7
-description: |
- The go command may execute arbitrary code at build time when using cgo on Windows.
- This can be triggered by running go get on a malicious module, or any other time
- the code is built.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2021-3115
-credit: RyotaK
-os:
- - windows
-links:
- pr: https://golang.org/cl/284783
- commit: https://github.com/golang/go/commit/953d1feca9b21af075ad5fc8a3dad096d3ccc3a0
- context:
- - https://github.com/golang/go/issues/43783
- - https://golang.org/cl/284780
- - https://github.com/golang/go/commit/46e2e2e9d99925bbf724b12693c6d3e27a95d6a0
diff --git a/reports/GO-2021-0069.yaml b/reports/GO-2021-0069.yaml
deleted file mode 100644
index 038259b..0000000
--- a/reports/GO-2021-0069.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-package: math/big
-stdlib: true
-versions:
- - introduced: go1.14
- fixed: go1.14.12
- - introduced: go1.15
- fixed: go1.15.5
-description: |
- A number of math/big.Int methods can panic when provided large inputs due
- to a flawed division method.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2020-28362
-symbols:
- - nat.divRecursiveStep
-links:
- pr: https://go-review.googlesource.com/c/go/+/269657
- commit: https://github.com/golang/go/commit/1e1fa5903b760c6714ba17e50bf850b01f49135c
- context:
- - https://github.com/golang/go/issues/42552
diff --git a/reports/GO-2021-0070.yaml b/reports/GO-2021-0070.yaml
deleted file mode 100644
index a786e70..0000000
--- a/reports/GO-2021-0070.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-module: github.com/opencontainers/runc
-package: github.com/opencontainers/runc/libcontainer/user
-versions:
- - fixed: v0.1.0
-description: |
- GetExecUser in the github.com/opencontainers/runc/libcontainer/user package will
- improperly interpred numeric UIDs as usernames. If the method is used without
- verify usernames are formatted as expected, it may allow a user to gain unexpected
- privileges.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2016-3697
-symbols:
- - GetExecUser
-links:
- pr: https://github.com/opencontainers/runc/pull/708
- commit: https://github.com/opencontainers/runc/commit/69af385de62ea68e2e608335cffbb0f4aa3db091
- context:
- - https://github.com/docker/docker/issues/21436
- - http://rhn.redhat.com/errata/RHSA-2016-1034.html
- - http://rhn.redhat.com/errata/RHSA-2016-2634.html
- - https://security.gentoo.org/glsa/201612-28
diff --git a/reports/GO-2021-0071.yaml b/reports/GO-2021-0071.yaml
deleted file mode 100644
index 1edd995..0000000
--- a/reports/GO-2021-0071.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-module: github.com/lxc/lxd
-package: github.com/lxc/lxd/shared
-versions:
- - fixed: v0.0.0-20151004155856-19c6961cc101
-description: |
- A race between chown and chmod operations during a container filesystem shift
- may allow a user who can modify the filesystem to chmod an arbitary path of
- their choice, rather than the expected path.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2015-1340
-credit: Seth Arnold
-symbols:
- - IdmapSet.doUidshiftIntoContainer
-links:
- pr: https://github.com/lxc/lxd/pull/1189
- commit: https://github.com/lxc/lxd/commit/19c6961cc1012c8a529f20807328a9357f5034f4
- context:
- - https://bugs.launchpad.net/ubuntu/+source/lxd/+bug/1502270
diff --git a/reports/GO-2021-0072.yaml b/reports/GO-2021-0072.yaml
deleted file mode 100644
index f5a39a8..0000000
--- a/reports/GO-2021-0072.yaml
+++ /dev/null
@@ -1,25 +0,0 @@
-module: github.com/docker/distribution
-package: github.com/docker/distribution/registry/handlers
-additional_packages:
- - module: github.com/docker/distribution
- package: github.com/docker/distribution/registry/storage
- symbols:
- - blobStore.Get
- versions:
- - fixed: v2.7.0-rc.0+incompatible
-versions:
- - fixed: v2.7.0-rc.0+incompatible
-description: |
- Various storage methods do not impose limits on how much content is accepted
- from user requests, allowing a malicious user to force the caller to allocate
- an arbitary amount of memory.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2017-11468
-symbols:
- - copyFullPayload
-links:
- pr: https://github.com/distribution/distribution/pull/2340
- commit: https://github.com/distribution/distribution/commit/91c507a39abfce14b5c8541cf284330e22208c0f
- context:
- - https://access.redhat.com/errata/RHSA-2017:2603
- - http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00047.html
diff --git a/reports/GO-2021-0073.yaml b/reports/GO-2021-0073.yaml
deleted file mode 100644
index 6c488f4..0000000
--- a/reports/GO-2021-0073.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-module: github.com/git-lfs/git-lfs
-package: github.com/git-lfs/git-lfs/lfsapi
-versions:
- - fixed: v2.1.1-0.20170519163204-f913f5f9c7c6+incompatible
-description: |
- Arbitary command execution can be triggered by improperly
- sanitized SSH URLs in LFS configuration files. This can be
- triggered by cloning a malicious repoistory.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2017-17831
-symbols:
- - sshGetLFSExeAndArgs
-links:
- pr: https://github.com/git-lfs/git-lfs/pull/2241
- commit: https://github.com/git-lfs/git-lfs/commit/f913f5f9c7c6d1301785fdf9884a2942d59cdf19
- context:
- - http://blog.recurity-labs.com/2017-08-10/scm-vulns
- - https://confluence.atlassian.com/sourcetreekb/sourcetree-security-advisory-2018-01-24-942834324.html
- - http://www.securityfocus.com/bid/102926
diff --git a/reports/GO-2021-0075.yaml b/reports/GO-2021-0075.yaml
deleted file mode 100644
index 40511e7..0000000
--- a/reports/GO-2021-0075.yaml
+++ /dev/null
@@ -1,16 +0,0 @@
-module: github.com/ethereum/go-ethereum
-package: github.com/ethereum/go-ethereum/les
-versions:
- - fixed: v1.8.11
-description: |
- Due to improper argument validation in RPC messages, a maliciously crafted
- message can cause a panic, leading to denial of service.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2018-12018
-symbols:
- - protocolManager.handleMsg
-links:
- pr: https://github.com/ethereum/go-ethereum/pull/16891
- commit: https://github.com/ethereum/go-ethereum/commit/a5237a27eaf81946a3edb4fafe13ed6359d119e4
- context:
- - https://peckshield.com/2018/06/27/EPoD/
diff --git a/reports/GO-2021-0076.yaml b/reports/GO-2021-0076.yaml
deleted file mode 100644
index 54c3d0a..0000000
--- a/reports/GO-2021-0076.yaml
+++ /dev/null
@@ -1,14 +0,0 @@
-module: github.com/evanphx/json-patch
-versions:
- - fixed: v0.5.2
-description: |
- A malicious JSON patch can cause a panic due to an out-of-bounds
- write attempt. This can be used as a denial of service vector if
- exposed to arbitary user input.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2018-14632
-symbols:
- - partialArray.add
-links:
- pr: https://github.com/evanphx/json-patch/pull/57
- commit: https://github.com/evanphx/json-patch/commit/4c9aadca8f89e349c999f04e28199e96e81aba03
diff --git a/reports/GO-2021-0077.yaml b/reports/GO-2021-0077.yaml
deleted file mode 100644
index 820389e..0000000
--- a/reports/GO-2021-0077.yaml
+++ /dev/null
@@ -1,16 +0,0 @@
-module: go.etcd.io/etcd
-package: go.etcd.io/etcd/auth
-versions:
- - fixed: v0.5.0-alpha.5.0.20190108173120-83c051b701d3
-description: |
- A user can use a valid client certificate that contains a CommonName that matches a
- valid RBAC username to authenticate themselves as that user, despite lacking the
- required credentials. This may allow authentication bypass, but requires a certificate
- that is issued by a CA trusted by the server.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2018-16886
-symbols:
- - authStore.AuthInfoFromTLS
-links:
- pr: https://github.com/etcd-io/etcd/pull/10366
- commit: https://github.com/etcd-io/etcd/commit/bf9d0d8291dc71ecbfb2690612954e1a298154b2
diff --git a/reports/GO-2021-0078.yaml b/reports/GO-2021-0078.yaml
deleted file mode 100644
index cd4faea..0000000
--- a/reports/GO-2021-0078.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-module: golang.org/x/net
-package: golang.org/x/net/html
-versions:
- - fixed: v0.0.0-20180816102801-aaf60122140d
-description: |
- The HTML parser does not properly handle "in frameset" insertion mode, and can be made
- to panic when operating on malformed HTML that contains <template> tags. If operating
- on user input, this may be a vector for a denial of service attack.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2018-17075
-credit: Kunpei Sakai
-symbols:
- - inBodyIM
- - inFramesetIM
-links:
- pr: https://go-review.googlesource.com/123776
- commit: https://github.com/golang/net/commit/aaf60122140d3fcf75376d319f0554393160eb50
- context:
- - https://github.com/golang/go/issues/27016
- - https://bugs.chromium.org/p/chromium/issues/detail?id=829668
- - https://go-review.googlesource.com/c/net/+/94838/9/html/parse.go#1906
diff --git a/reports/GO-2021-0079.yaml b/reports/GO-2021-0079.yaml
deleted file mode 100644
index 24e7357..0000000
--- a/reports/GO-2021-0079.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-module: github.com/bytom/bytom
-package: github.com/bytom/bytom/p2p/discover
-versions:
- - fixed: v1.0.4-0.20180831054840-1ac3c8ac4f2b
-description: |
- A malformed query can cause an out-of-bounds panic due to improper
- validation of arguments. If processing queries from untrusted
- parties, this may be used as a vector for denial of service
- attacks.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2018-18206
-credit: "@yahtoo"
-symbols:
- - Network.checkTopicRegister
-links:
- pr: https://github.com/Bytom/bytom/pull/1307
- commit: https://github.com/Bytom/bytom/commit/1ac3c8ac4f2b1e1df9675228290bda6b9586ba42
diff --git a/reports/GO-2021-0081.yaml b/reports/GO-2021-0081.yaml
deleted file mode 100644
index 8d960eb..0000000
--- a/reports/GO-2021-0081.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-module: github.com/containers/image
-package: github.com/containers/image/docker
-versions:
- - fixed: v2.0.2-0.20190802080134-634605d06e73+incompatible
-description: |
- The HTTP client used to connect to the container registry authorization
- service explicitly disables TLS verification, allowing an attacker that
- is able to MITM the connection to steal credentials.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2019-10214
-symbols:
- - dockerClient.getBearerToken
-links:
- pr: https://github.com/containers/image/pull/669
- commit: https://github.com/containers/image/commit/634605d06e738aec8332bcfd69162e7509ac7aaf
- context:
- - https://github.com/containers/image/issues/654
- - https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10214
diff --git a/reports/GO-2021-0082.yaml b/reports/GO-2021-0082.yaml
deleted file mode 100644
index 4010d36..0000000
--- a/reports/GO-2021-0082.yaml
+++ /dev/null
@@ -1,16 +0,0 @@
-module: github.com/facebook/fbthrift
-package: github.com/facebook/fbthrift/thrift/lib/go/thrift
-versions:
- - fixed: v0.31.1-0.20200311080807-483ed864d69f
-description: |
- Thirft Servers preallocate memory for the declared size of messages before
- checking the actual size of the message. This allows a malicious user to
- send messages that declare that they are significantly larger than they
- actually are, allowing them to force the server to allocate significant
- amounts of memory. This can be used as a denial of service vector.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2019-11939
-links:
- commit: https://github.com/facebook/fbthrift/commit/483ed864d69f307e9e3b9dadec048216100c0757
- context:
- - https://www.facebook.com/security/advisories/cve-2019-11939
diff --git a/reports/GO-2021-0083.yaml b/reports/GO-2021-0083.yaml
deleted file mode 100644
index 8ba2dfb..0000000
--- a/reports/GO-2021-0083.yaml
+++ /dev/null
@@ -1,16 +0,0 @@
-module: github.com/hybridgroup/gobot
-package: github.com/hybridgroup/gobot/platforms/mqtt
-versions:
- - fixed: v1.12.1-0.20190521122906-c1aa4f867846
-description: |
- TLS certificate verification is skipped when connecting to a MQTT server.
- This allows an attacker who can MITM the connection to read, or forge,
- messages passed between the client and server.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2019-12496
-symbols:
- - Adaptor.newTLSConfig
-links:
- commit: https://github.com/hybridgroup/gobot/commit/c1aa4f867846da4669ecf3bc3318bd96b7ee6f3f
- context:
- - https://github.com/hybridgroup/gobot/releases/tag/v1.13.0
diff --git a/reports/GO-2021-0084.yaml b/reports/GO-2021-0084.yaml
deleted file mode 100644
index c48183d..0000000
--- a/reports/GO-2021-0084.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-module: github.com/astaxie/beego
-package: github.com/astaxie/beego/session
-versions:
- - fixed: v1.12.2-0.20200613154013-bac2b31afecc
-description: |
- Session data is stored using permissive permissions, allowing local users
- with filesystem access to read arbitary data.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2019-16354
-credit: "@nicowaisman"
-symbols:
- - FileProvider.SessionRead
- - FileProvider.SessionRegenerate
-links:
- pr: https://github.com/beego/beego/pull/3975
- commit: https://github.com/beego/beego/commit/bac2b31afecc65d9a89f9e473b8006c5edc0c8d1
- context:
- - https://github.com/beego/beego/issues/3763
diff --git a/reports/GO-2021-0085.yaml b/reports/GO-2021-0085.yaml
deleted file mode 100644
index 64625d9..0000000
--- a/reports/GO-2021-0085.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-module: github.com/opencontainers/runc
-package: github.com/opencontainers/runc/libcontainer
-additional_packages:
- - module: github.com/opencontainers/selinux
- package: github.com/opencontainers/selinux/go-selinux
- versions:
- - fixed: v1.3.1-0.20190929122143-5215b1806f52
-versions:
- - fixed: v1.0.0-rc8.0.20190930145003-cad42f6e0932
-description: |
- AppArmor restrictions may be bypassed due to improper validation of mount
- targets, allowing a malicious image to mount volumes over e.g. /proc.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2019-16884
-credit: Leopold Schabel
-links:
- pr: https://github.com/opencontainers/runc/pull/2130
- commit: https://github.com/opencontainers/runc/commit/cad42f6e0932db0ce08c3a3d9e89e6063ec283e4
- context:
- - https://github.com/opencontainers/runc/issues/2128
diff --git a/reports/GO-2021-0086.yaml b/reports/GO-2021-0086.yaml
deleted file mode 100644
index c48288b..0000000
--- a/reports/GO-2021-0086.yaml
+++ /dev/null
@@ -1,13 +0,0 @@
-module: github.com/documize/community
-package: github.com/documize/community/domain/section/markdown
-versions:
- - fixed: v1.76.3-0.20191119114751-a4384210d4d0
-description: |
- HTML content in mardkwon is not santized during rendering, possibly allowing
- XSS if used to render untrusted user input.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2019-19619
-symbols:
- - Provider.Render
-links:
- commit: https://github.com/documize/community/commit/a4384210d4d0d6b18e6fdb7e155de96d4a1cf9f3
diff --git a/reports/GO-2021-0087.yaml b/reports/GO-2021-0087.yaml
deleted file mode 100644
index 6ba1483..0000000
--- a/reports/GO-2021-0087.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-module: github.com/opencontainers/runc
-package: github.com/opencontainers/runc/libcontainer
-versions:
- - fixed: v1.0.0-rc9.0.20200122160610-2fc03cc11c77
-description: |+
- A race while mounting volumes allows a possible symlink-exchange
- attack, allowing a user whom can start multiple containers with
- custom volume mount configurations to escape the container.
-
-published: 2021-04-14T12:00:00Z
-cve: CVE-2019-19921
-credit: Leopold Schabel
-symbols:
- - mountToRootfs
-links:
- pr: https://github.com/opencontainers/runc/pull/2207
- commit: https://github.com/opencontainers/runc/commit/2fc03cc11c775b7a8b2e48d7ee447cb9bef32ad0
- context:
- - https://github.com/opencontainers/runc/issues/2197
diff --git a/reports/GO-2021-0088.yaml b/reports/GO-2021-0088.yaml
deleted file mode 100644
index f3d7749..0000000
--- a/reports/GO-2021-0088.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-module: github.com/facebook/fbthrift
-package: github.com/facebook/fbthrift/thrift/lib/go/thrift
-versions:
- - fixed: v0.31.1-0.20190225164308-c461c1bd1a3e
-description: |
- Skip ignores unknown fields, rather than failing. A malicious user can craft small
- messages with unknown fields which can take significant resources to parse. If a
- server accepts messages from an untrusted user, it may be used as a denial of service
- vector.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2019-3564
-symbols:
- - Skip
-links:
- commit: https://github.com/facebook/fbthrift/commit/c461c1bd1a3e130b181aa9c854da3030cd4b5156
- context:
- - https://www.facebook.com/security/advisories/cve-2019-3564
diff --git a/reports/GO-2021-0089.yaml b/reports/GO-2021-0089.yaml
deleted file mode 100644
index 60bfe0d..0000000
--- a/reports/GO-2021-0089.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-module: github.com/buger/jsonparser
-versions:
- - fixed: v0.0.0-20200321185410-91ac96899e49
-description: |
- Parsing malformed JSON which contain opening brackets, but not closing brackes,
- leads to an infinite loop. If operating on untrusted user input this can be
- used as a denial of service vector.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2020-10675
-credit: Cong Wang
-symbols:
- - findKeyStart
-links:
- pr: https://github.com/buger/jsonparser/pull/192
- commit: https://github.com/buger/jsonparser/commit/91ac96899e492584984ded0c8f9a08f10b473717
- context:
- - https://github.com/buger/jsonparser/issues/188
diff --git a/reports/GO-2021-0090.yaml b/reports/GO-2021-0090.yaml
deleted file mode 100644
index 97352db..0000000
--- a/reports/GO-2021-0090.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-module: github.com/tendermint/tendermint
-package: github.com/tendermint/tendermint/types
-versions:
- - introduced: v0.33.0
- fixed: v0.34.0-dev1.0.20200702134149-480b995a3172
-description: |
- Proposed commits may contain signatures for blocks not contained within the commit. Instead of skipping
- these signatures, they cause failure during verification. A malicious proposer can use this to force
- consensus failures.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2020-15091
-credit: Neeraj Murarka
-symbols:
- - VoteSet.MakeCommit
-links:
- pr: https://github.com/tendermint/tendermint/pull/5426
- commit: https://github.com/tendermint/tendermint/commit/480b995a31727593f58b361af979054d17d84340
- context:
- - https://github.com/tendermint/tendermint/issues/4926
diff --git a/reports/GO-2021-0091.yaml b/reports/GO-2021-0091.yaml
deleted file mode 100644
index a72a3cd..0000000
--- a/reports/GO-2021-0091.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-module: github.com/gofiber/fiber
-versions:
- - fixed: v1.12.6-0.20200710202935-a8ad5454363f
-description: |
- Due to improper input validation when uploading a file, a malicious user may
- force the server to return arbitary HTTP headers when the uploaded file
- is downloaded.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2020-15111
-credit: Hasibul Hasan and Abdullah Shaleh
-symbols:
- - Ctx.Attachment
-links:
- pr: github.com/gofiber/fiber/pull/579
- commit: https://github.com/gofiber/fiber/commit/a8ad5454363f627c3f9469c56c5faaf1b943f06a
- context:
- - https://github.com/gofiber/fiber/security/advisories/GHSA-9cx9-x2gp-9qvh
diff --git a/reports/GO-2021-0092.yaml b/reports/GO-2021-0092.yaml
deleted file mode 100644
index 9d829be..0000000
--- a/reports/GO-2021-0092.yaml
+++ /dev/null
@@ -1,14 +0,0 @@
-module: github.com/ory/fosite
-versions:
- - fixed: v0.31.0
-description: |
- Uniqueness of JWT IDs (jti) are not checked, allowing the JWT to be
- replayed.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2020-15222
-symbols:
- - Fosite.AuthenticateClient
-links:
- commit: https://github.com/ory/fosite/commit/0c9e0f6d654913ad57c507dd9a36631e1858a3e9
- context:
- - https://github.com/ory/fosite/security/advisories/GHSA-v3q9-2p3m-7g43
diff --git a/reports/GO-2021-0094.yaml b/reports/GO-2021-0094.yaml
deleted file mode 100644
index 5665df9..0000000
--- a/reports/GO-2021-0094.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-module: github.com/hashicorp/go-slug
-versions:
- - fixed: v0.5.0
-description: |
- Protections against directory traversal during archive extraction can be
- bypassed by chaining multiple symbolic links within the archive. This allows
- a malicious attacker to cause files to be created outside of the target
- directory. Additionally if the attacker is able to read extracted files
- they may create symbolic links to arbitary files on the system which the
- unpacker has permissions to read.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2020-29529
-symbols:
- - Unpack
-links:
- pr: https://github.com/hashicorp/go-slug/pull/12
- commit: https://github.com/hashicorp/go-slug/commit/28cafc59c8da6126a3ae94dfa84181df4073454f
- context:
- - https://securitylab.github.com/advisories/GHSL-2020-262-zipslip-go-slug
diff --git a/reports/GO-2021-0095.yaml b/reports/GO-2021-0095.yaml
deleted file mode 100644
index 8cf15c2..0000000
--- a/reports/GO-2021-0095.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-module: github.com/google/go-tpm
-package: github.com/google/go-tpm/tpm
-versions:
- - fixed: v0.3.0
-description: |
- Due to repeated usage of a XOR key an attacker that can eavesdrop on the TPM 1.2 transport
- is able to calculate usageAuth for keys created using CreateWrapKey, despite it being encrypted,
- allowing them to use the created key.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2020-8918
-credit: Chris Fenner
-symbols:
- - CreateWrapKey
-links:
- pr: https://github.com/google/go-tpm/pull/195
- commit: https://github.com/google/go-tpm/commit/d7806cce857a1a020190c03348e5361725d8f141
- context:
- - https://github.com/google/go-tpm/security/advisories/GHSA-5x29-3hr9-6wpw
diff --git a/reports/GO-2021-0096.yaml b/reports/GO-2021-0096.yaml
deleted file mode 100644
index 0019569..0000000
--- a/reports/GO-2021-0096.yaml
+++ /dev/null
@@ -1,12 +0,0 @@
-module: github.com/proglottis/gpgme
-versions:
- - fixed: v0.1.1
-description: |
- Due to improper setting of finalizers, memory passed to C may be freed before it is used,
- leading to crashes due to memory corruption or possible code execution.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2020-8945
-credit: Ulrich Obergfell
-links:
- pr: https://github.com/proglottis/gpgme/pull/23
- commit: https://github.com/proglottis/gpgme/commit/92153bcb59bd2f511e502262c46c7bd660e21733
diff --git a/reports/GO-2021-0097.yaml b/reports/GO-2021-0097.yaml
deleted file mode 100644
index 4717a52..0000000
--- a/reports/GO-2021-0097.yaml
+++ /dev/null
@@ -1,21 +0,0 @@
-module: github.com/dhowden/tag
-versions:
- - fixed: v0.0.0-20201120070457-d52dcb253c63
-description: |
- Due to improper bounds checking a number of methods can trigger a panic due to attempted
- out-of-bounds reads. If the package is used to parse user supplied input this may be
- used as a vector for a denial of service attack.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2020-29242
-credit: "@Jayl1n"
-symbols:
- - readPICFrame
- - readAPICFrame
- - readTextWithDescrFrame
- - readAtomData
-links:
- commit: https://github.com/dhowden/tag/commit/d52dcb253c63a153632bfee5f269dd411dcd8e96
- context:
- - https://github.com/dhowden/tag/commit/a92213460e4838490ce3066ef11dc823cdc1740e
- - https://github.com/dhowden/tag/commit/4b595ed4fac79f467594aa92f8953f90f817116e
- - https://github.com/dhowden/tag/commit/6b18201aa5c5535511802ddfb4e4117686b4866d
diff --git a/reports/GO-2021-0098.yaml b/reports/GO-2021-0098.yaml
deleted file mode 100644
index b2b3676..0000000
--- a/reports/GO-2021-0098.yaml
+++ /dev/null
@@ -1,38 +0,0 @@
-module: github.com/git-lfs/git-lfs
-package: github.com/git-lfs/git-lfs/commands
-additional_packages:
- - module: github.com/git-lfs/git-lfs
- package: github.com/git-lfs/git-lfs/creds
- symbols:
- - AskPassCredentialHelper.getFromProgram
- - commandCredentialHelper.Approve
- versions:
- - fixed: v1.5.1-0.20210113180018-fc664697ed2c
- - module: github.com/git-lfs/git-lfs
- package: github.com/git-lfs/git-lfs/lfs
- symbols:
- - pipeExtensions
- versions:
- - fixed: v1.5.1-0.20210113180018-fc664697ed2c
- - module: github.com/git-lfs/git-lfs
- package: github.com/git-lfs/git-lfs/lfshttp
- symbols:
- - sshAuthClient.Resolve
- versions:
- - fixed: v1.5.1-0.20210113180018-fc664697ed2c
-versions:
- - fixed: v1.5.1-0.20210113180018-fc664697ed2c
-description: |
- Due to the standard library behavior of exec.LookPath on Windows a number of methods may
- result in arbitary code execution when cloning or operating on untrusted Git repositories.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2021-21237
-credit: "@Ry0taK"
-symbols:
- - PipeCommand
-os:
- - windows
-links:
- commit: https://github.com/git-lfs/git-lfs/commit/fc664697ed2c2081ee9633010de0a7f9debea72a
- context:
- - https://github.com/git-lfs/git-lfs/security/advisories/GHSA-cx3w-xqmc-84g5
diff --git a/reports/GO-2021-0099.yaml b/reports/GO-2021-0099.yaml
deleted file mode 100644
index ff69acc..0000000
--- a/reports/GO-2021-0099.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-module: github.com/deislabs/oras
-package: github.com/deislabs/oras/pkg/content
-versions:
- - fixed: v0.9.0
-description: |
- Due to improper path validation, using the github.com/deislabs/oras/pkg/content.FileStore
- content store may result in directory traversal during archive extraction, allowing a
- malicious archive to write paths to arbitary paths that the process can write to.
-published: 2021-04-14T12:00:00Z
-cve: CVE-2021-21272
-credit: Chris Smowton
-symbols:
- - extractTarDirectory
-links:
- commit: https://github.com/deislabs/oras/commit/96cd90423303f1bb42bd043cb4c36085e6e91e8e
- context:
- - https://github.com/deislabs/oras/security/advisories/GHSA-g5v4-5x39-vwhx
diff --git a/reports/GO-2021-0100.yaml b/reports/GO-2021-0100.yaml
deleted file mode 100644
index fc356d7..0000000
--- a/reports/GO-2021-0100.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-module: github.com/containers/storage
-package: github.com/containers/storage/pkg/archive
-versions:
- - fixed: v1.28.1
-description: |
- Due to a goroutine deadlock, using github.com/containers/storage/pkg/archive.DecompressStream
- on a xz archive returns a reader which will hang indefinitely when Close is called. An attacker
- can use this to cause denial of service if they are able to cause the caller to attempt to
- decompress an archive they control.
-published: 2021-07-28T12:00:00Z
-cve: CVE-2021-20291
-credit: Aviv Sasson (Palo Alto Networks)
-symbols:
- - cmdStream
-links:
- commit: https://github.com/containers/storage/commit/306fcabc964470e4b3b87a43a8f6b7d698209ee1
- pr: https://github.com/containers/storage/pull/860
- context:
- - https://github.com/advisories/GHSA-7qw8-847f-pggm
- - https://bugzilla.redhat.com/show_bug.cgi?id=1939485
diff --git a/reports/GO-2021-0101.yaml b/reports/GO-2021-0101.yaml
deleted file mode 100644
index 6c070ee..0000000
--- a/reports/GO-2021-0101.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-module: github.com/apache/thrift
-package: github.com/apache/thrift/lib/go/thrift
-versions:
- - introduced: v0.0.0-20151001171628-53dd39833a08
- - fixed: v0.13.0
-description: |
- Due to an improper bounds check, parsing maliciously crafted messages can cause panics. If
- this package is used to parse untrusted input, this may be used as a vector for a denial of
- service attack.
-cve: CVE-2019-0210
-symbols:
- - TSimpleJSONProtocol.safePeekContains
-published: 2021-07-28T12:00:00Z
-links:
- commit: https://github.com/apache/thrift/commit/264a3f318ed3e9e51573f67f963c8509786bcec2
- context:
- - https://github.com/advisories/GHSA-jq7p-26h5-w78r
\ No newline at end of file
diff --git a/reports/GO-2021-0102.yaml b/reports/GO-2021-0102.yaml
deleted file mode 100644
index 65e7f4d..0000000
--- a/reports/GO-2021-0102.yaml
+++ /dev/null
@@ -1,24 +0,0 @@
-module: code.cloudfoundry.org/gorouter
-package: code.cloudfoundry.org/gorouter/common/secure
-additional_packages:
- - module: github.com/cloudfoundry/gorouter
- package: github.com/cloudfoundry/gorouter/common/secure
- symbols:
- - AesGCM.Decrypt
- versions:
- - fixed: v0.0.0-20191101214924-b1b5c44e050f
-versions:
- - fixed: v0.0.0-20191101214924-b1b5c44e050f
-description: |
- Due to improper input validation, a maliciously crafted input can cause a panic, due to incorrect
- nonce size. If this package is used to decrypt user supplied messages without checking the size of
- supplied nonces, this may be used as a vector for a denial of service attack.
-cve: CVE-2019-11289
-symbols:
- - AesGCM.Decrypt
-published: 2021-07-28T12:00:00Z
-links:
- commit: https://github.com/cloudfoundry/gorouter/commit/b1b5c44e050f73b399b379ca63a42a2c5780a83f
- context:
- - https://github.com/advisories/GHSA-5796-p3m6-9qj4
- - https://www.cloudfoundry.org/blog/cve-2019-11289/
\ No newline at end of file
diff --git a/reports/GO-2021-0103.yaml b/reports/GO-2021-0103.yaml
deleted file mode 100644
index 01b38ba..0000000
--- a/reports/GO-2021-0103.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-module: github.com/holiman/uint256
-versions:
- - introduced: v0.1.0
- - fixed: v1.1.1
-description: |
- Due to improper bounds checking, certain mathmatical operations can cause a panic, due to an
- out of bounds read. If this package is used to process untrusted user inputs, this may be used
- as a vector for a denial of service attack.
-cve: CVE-2020-26242
-credit: Dima Stebaev
-symbols:
- - udivrem
-published: 2021-07-28T12:00:00Z
-links:
- commit: https://github.com/holiman/uint256/commit/6785da6e3eea403260a5760029e722aa4ff1716d
- pr: https://github.com/holiman/uint256/pull/80
- context:
- - https://github.com/ethereum/go-ethereum/security/advisories/GHSA-jm5c-rv3w-w83m
\ No newline at end of file
diff --git a/reports/GO-2021-0104.yaml b/reports/GO-2021-0104.yaml
deleted file mode 100644
index 040def9..0000000
--- a/reports/GO-2021-0104.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-module: github.com/pion/webrtc/v3
-versions:
- - fixed: v3.0.15
-description: |
- Due to improper error handling, DTLS connections were not killed when certificate verification
- failed, causing users who did not check the connection state to continue to use the connection.
- This could allow allow an attacker which holds the ICE password, but not a valid certificate,
- to bypass this restriction.
-cve: CVE-2021-28681
-credit: Gaukas Wang (@Gaukas)
-symbols:
- - DTLSTransport.Start
-published: 2021-07-28T12:00:00Z
-links:
- commit: https://github.com/pion/webrtc/commit/545613dcdeb5dedb01cce94175f40bcbe045df2e
- pr: https://github.com/pion/webrtc/pull/1709
- context:
- - https://github.com/pion/webrtc/issues/1708
- - https://github.com/advisories/GHSA-74xm-qj29-cq8p
\ No newline at end of file
diff --git a/reports/GO-2021-0105.yaml b/reports/GO-2021-0105.yaml
deleted file mode 100644
index 5ebc8ce..0000000
--- a/reports/GO-2021-0105.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-module: github.com/ethereum/go-ethereum
-package: github.com/ethereum/go-ethereum/core
-versions:
- - introduced: v1.9.4
- - fixed: v1.9.20
-description: |
- Due to an incorrect state calculation, a specific set of transactions could cause a consensus disagreement,
- causing users of this package to reject a canonical chain.
-cve: CVE-2020-26265
-credit: John Youngseok Yang (Software Platform Lab)
-symbols:
- - StateDB.createObject
-published: 2021-07-28T12:00:00Z
-links:
- commit: https://github.com/ethereum/go-ethereum/commit/87c0ba92136a75db0ab2aba1046d4a9860375d6a
- pr: https://github.com/ethereum/go-ethereum/pull/21080
- context:
- - https://github.com/advisories/GHSA-xw37-57qp-9mm4
\ No newline at end of file
diff --git a/reports/GO-2021-0106.yaml b/reports/GO-2021-0106.yaml
deleted file mode 100644
index 0befd7b..0000000
--- a/reports/GO-2021-0106.yaml
+++ /dev/null
@@ -1,14 +0,0 @@
-module: github.com/whyrusleeping/tar-utils
-versions:
- - fixed: v0.0.0-20201201191210-20a61371de5b
-description: |
- Due to improper path santization, archives containing relative file
- paths can cause files to be written (or overwritten) outside of the
- target directory.
-symbols:
- - Extractor.outputPath
-published: 2021-07-28T12:00:00Z
-links:
- commit: https://github.com/whyrusleeping/tar-utils/commit/20a61371de5b51380bbdb0c7935b30b0625ac227
- context:
- - https://snyk.io/research/zip-slip-vulnerability
\ No newline at end of file
diff --git a/reports/GO-2021-0107.yaml b/reports/GO-2021-0107.yaml
deleted file mode 100644
index f61260e..0000000
--- a/reports/GO-2021-0107.yaml
+++ /dev/null
@@ -1,14 +0,0 @@
-module: github.com/ecnepsnai/web
-versions:
- - fixed: v1.5.2
-description: |
- Web Sockets do not execute any AuthenticateMethod methods which may be set, leading to a
- nil pointer dereference if the returned UserData pointer is assumed to be non-nil, or
- authentication bypass.
-symbols:
- - Server.socketHandler
-published: 2021-07-28T12:00:00Z
-links:
- commit: https://github.com/ecnepsnai/web/commit/5a78f8d5c41ce60dcf9f61aaf47a7a8dc3e0002f
- context:
- - https://github.com/advisories/GHSA-5gjg-jgh4-gppm
\ No newline at end of file
diff --git a/reports/GO-2021-0108.yaml b/reports/GO-2021-0108.yaml
deleted file mode 100644
index 0422185..0000000
--- a/reports/GO-2021-0108.yaml
+++ /dev/null
@@ -1,17 +0,0 @@
-module: github.com/gofiber/fiber
-versions:
- - fixed: v1.12.6
-description: |
- Due to improper input sanitization, a maliciously constructed filename could cause a file
- download to use an attacker controlled filename, as well as injecting additional headers
- into a HTTP response.
-cve: CVE-2020-15111
-credit: Hasibul Hasan and Abdullah Shaleh
-symbols:
- - Ctx.Attachment
-published: 2021-07-28T12:00:00Z
-links:
- commit: https://github.com/gofiber/fiber/commit/f698b5d5066cfe594102ae252cd58a1fe57cf56f
- pr: https://github.com/gofiber/fiber/pull/579
- context:
- - https://github.com/advisories/GHSA-9cx9-x2gp-9qvh
\ No newline at end of file
diff --git a/reports/GO-2021-0109.yaml b/reports/GO-2021-0109.yaml
deleted file mode 100644
index ae9d32e..0000000
--- a/reports/GO-2021-0109.yaml
+++ /dev/null
@@ -1,15 +0,0 @@
-module: github.com/ory/fosite
-versions:
- - fixed: v0.34.0
-description: |
- Due to improper error handling, an error with the underlying token storage may cause a user
- to believe a token has been successfully revoked when it is in fact still valid. An attackers
- ability to exploit this relies on an ability to trigger errors in the underlying storage.
-published: 2021-07-28T12:00:00Z
-cve: CVE-2020-15223
-symbols:
- - TokenRevocationHandler.RevokeToken
-links:
- commit: https://github.com/ory/fosite/commit/03dd55813f5521985f7dd64277b7ba0cf1441319
- context:
- - https://github.com/advisories/GHSA-7mqr-2v3q-v2wm
diff --git a/reports/GO-2021-0110.yaml b/reports/GO-2021-0110.yaml
deleted file mode 100644
index 5aa1f63..0000000
--- a/reports/GO-2021-0110.yaml
+++ /dev/null
@@ -1,14 +0,0 @@
-module: github.com/ory/fosite
-versions:
- - fixed: v0.31.0
-description: |
- Uniqueness of JWT IDs (jti) are not checked, allowing the JWT to be
- replayed.
-published: 2021-07-28T12:00:00Z
-cve: CVE-2020-15222
-symbols:
- - Fosite.AuthenticateClient
-links:
- commit: https://github.com/ory/fosite/commit/0c9e0f6d654913ad57c507dd9a36631e1858a3e9
- context:
- - https://github.com/ory/fosite/security/advisories/GHSA-v3q9-2p3m-7g43
diff --git a/reports/GO-2021-0111.yaml b/reports/GO-2021-0111.yaml
deleted file mode 100644
index 09288cd..0000000
--- a/reports/GO-2021-0111.yaml
+++ /dev/null
@@ -1,18 +0,0 @@
-module: go.mongodb.org/mongo-driver # there is also a non-canonical import since <v2
-package: go.mongodb.org/mongo-driver/bson/bsonrw
-versions:
- - fixed: v1.5.1
-description: |
- Due to improper input sanitization when marshalling Go objects into BSON, a maliciously constructed
- Go structure could allow an attacker to inject additional fields into a MongoDB document. Users are
- affected if they use this package to handle untrusted user input.
-cve: CVE-2021-20329
-symbols:
- - valueWriter.writeElementHeader
-published: 2021-07-28T12:00:00Z
-links:
- commit: https://github.com/mongodb/mongo-go-driver/commit/2aca31d5986a9e1c65a92264736de9fdc3b9b4ca
- pr: https://github.com/mongodb/mongo-go-driver/pull/622
- context:
- - https://github.com/advisories/GHSA-f6mq-5m25-4r72
- - https://jira.mongodb.org/browse/GODRIVER-1923
\ No newline at end of file
diff --git a/reports/GO-2021-0112.yaml b/reports/GO-2021-0112.yaml
deleted file mode 100644
index a432fb2..0000000
--- a/reports/GO-2021-0112.yaml
+++ /dev/null
@@ -1,19 +0,0 @@
-module: go.mongodb.org/mongo-driver # there is also a non-canonical import since <v2
-package: go.mongodb.org/mongo-driver/x/bsonx/bsoncore
-versions:
- - fixed: v1.5.1
-description: |
- Due to improper input sanitization when marshalling Go objects into BSON, a maliciously constructed
- Go structure could allow an attacker to inject additional fields into a MongoDB document. Users are
- affected if they use this package to handle untrusted user input.
-cve: CVE-2021-20329
-symbols:
- - AppendHeader
- - AppendRegex
-published: 2021-07-28T12:00:00Z
-links:
- commit: https://github.com/mongodb/mongo-go-driver/commit/2aca31d5986a9e1c65a92264736de9fdc3b9b4ca
- pr: https://github.com/mongodb/mongo-go-driver/pull/622
- context:
- - https://github.com/advisories/GHSA-f6mq-5m25-4r72
- - https://jira.mongodb.org/browse/GODRIVER-1923
\ No newline at end of file
diff --git a/reports/GO-2021-0113.yaml b/reports/GO-2021-0113.yaml
deleted file mode 100644
index bce14c8..0000000
--- a/reports/GO-2021-0113.yaml
+++ /dev/null
@@ -1,16 +0,0 @@
-module: golang.org/x/text
-package: golang.org/x/text/language
-versions:
- - fixed: v0.3.7
-description: |
- Due to improper index calculation, an incorrectly formatted language tag can cause Parse
- to panic, due to an out of bounds read. If Parse is used to process untrusted user inputs,
- this may be used as a vector for a denial of service attack.
-cve: CVE-2021-38561
-credit: Guido Vranken
-symbols:
- - Parse
-published: 2021-10-06T12:00:00Z
-links:
- commit: https://go.googlesource.com/text/+/383b2e75a7a4198c42f8f87833eefb772868a56f
- pr: https://go-review.googlesource.com/c/text/+/340830
\ No newline at end of file
