reports/GO-2022-0244.yaml - vulndb - Git at Google

 packages:
   - module: github.com/satori/go.uuid
     symbols:
       - rfc4122Generator.NewV4
       - rfc4122Generator.getClockSequence
       - rfc4122Generator.getHardwareAddr
     derived_symbols:
       - NewV1
       - NewV2
       - NewV4
       - rfc4122Generator.NewV1
       - rfc4122Generator.NewV2
     versions:
       - introduced: 1.2.1-0.20180103161547-0ef6afb2f6cd
         fixed: 1.2.1-0.20180404165556-75cca531ea76
     vulnerable_at: 1.2.1-0.20180103161547-0ef6afb2f6cd
 description: |
     Random data used to create UUIDs can contain zeros, resulting in
     predictable UUIDs and possible collisions.
 cves:
   - CVE-2021-3538
 links:
     pr: https://github.com/satori/go.uuid/pull/75
     commit: https://github.com/satori/go.uuid/commit/75cca531ea763666bc46e531da3b4c3b95f64557
     context:
       - https://github.com/satori/go.uuid/issues/73
	packages:
	- module: github.com/satori/go.uuid
	symbols:
	- rfc4122Generator.NewV4
	- rfc4122Generator.getClockSequence
	- rfc4122Generator.getHardwareAddr
	derived_symbols:
	- NewV1
	- NewV2
	- NewV4
	- rfc4122Generator.NewV1
	- rfc4122Generator.NewV2
	versions:
	- introduced: 1.2.1-0.20180103161547-0ef6afb2f6cd
	fixed: 1.2.1-0.20180404165556-75cca531ea76
	vulnerable_at: 1.2.1-0.20180103161547-0ef6afb2f6cd
	description: \|
	Random data used to create UUIDs can contain zeros, resulting in
	predictable UUIDs and possible collisions.
	cves:
	- CVE-2021-3538
	links:
	pr: https://github.com/satori/go.uuid/pull/75
	commit: https://github.com/satori/go.uuid/commit/75cca531ea763666bc46e531da3b4c3b95f64557
	context:
	- https://github.com/satori/go.uuid/issues/73