| id: GO-2022-0602 |
| modules: |
| - module: github.com/apache/trafficcontrol |
| versions: |
| - fixed: 5.1.3+incompatible |
| vulnerable_at: 5.1.2+incompatible |
| summary: Email relay in Apache Traffic Control in github.com/apache/trafficcontrol |
| cves: |
| - CVE-2021-42009 |
| ghsas: |
| - GHSA-gw97-f6h8-gm94 |
| references: |
| - advisory: https://github.com/advisories/GHSA-gw97-f6h8-gm94 |
| - advisory: https://nvd.nist.gov/vuln/detail/CVE-2021-42009 |
| - web: http://www.openwall.com/lists/oss-security/2021/10/12/1 |
| - web: https://lists.apache.org/thread.html/r78d471d8a4fd268a4c5ae6c47327c09d9d4b4467c31da2c97422febb@%3Cdev.trafficcontrol.apache.org%3E |
| - web: https://lists.apache.org/thread.html/r7dfa9a89b39d06caeeeb7b5cdc41b3493a9b86cc6cfa059d3f349d87@%3Cannounce.apache.org%3E |
| - web: https://lists.apache.org/thread.html/re384fd0f44c6d230f31376153c6e8b59e4a669f927c1533d06d702af%40%3Cdev.trafficcontrol.apache.org%3E |
| - web: https://lists.apache.org/thread.html/rf0481b9e38ece1ece458d3ce7b2d671df819e3555597f31fc34f084e%40%3Ccommits.trafficcontrol.apache.org%3E |
| source: |
| id: GHSA-gw97-f6h8-gm94 |
| created: 2024-08-20T14:06:40.261131-04:00 |
| review_status: UNREVIEWED |
| unexcluded: EFFECTIVELY_PRIVATE |
