data/reports/GO-2024-3349.yaml - vulndb - Git at Google

 id: GO-2024-3349
 modules:
     - module: github.com/openshift/must-gather
       non_go_versions:
         - fixed: 0.0.0-20240604173837-d1557bc283dd
       vulnerable_at: 0.0.0-20241205040457-6d3faa8f95b3
 summary: OpenShift Must Gather Operator Improper Input Validation vulnerability in github.com/openshift/must-gather
 cves:
     - CVE-2024-25131
 ghsas:
     - GHSA-77c2-c35q-254w
 references:
     - advisory: https://github.com/advisories/GHSA-77c2-c35q-254w
     - advisory: https://nvd.nist.gov/vuln/detail/CVE-2024-25131
     - web: https://access.redhat.com/security/cve/CVE-2024-25131
     - web: https://bugzilla.redhat.com/show_bug.cgi?id=2258856
     - web: https://github.com/openshift/must-gather-operator/pull/135
     - web: https://github.com/openshift/must-gather-operator/pull/138
 source:
     id: GHSA-77c2-c35q-254w
     created: 2024-12-20T10:03:24.327468-10:00
 review_status: UNREVIEWED
	id: GO-2024-3349
	modules:
	- module: github.com/openshift/must-gather
	non_go_versions:
	- fixed: 0.0.0-20240604173837-d1557bc283dd
	vulnerable_at: 0.0.0-20241205040457-6d3faa8f95b3
	summary: OpenShift Must Gather Operator Improper Input Validation vulnerability in github.com/openshift/must-gather
	cves:
	- CVE-2024-25131
	ghsas:
	- GHSA-77c2-c35q-254w
	references:
	- advisory: https://github.com/advisories/GHSA-77c2-c35q-254w
	- advisory: https://nvd.nist.gov/vuln/detail/CVE-2024-25131
	- web: https://access.redhat.com/security/cve/CVE-2024-25131
	- web: https://bugzilla.redhat.com/show_bug.cgi?id=2258856
	- web: https://github.com/openshift/must-gather-operator/pull/135
	- web: https://github.com/openshift/must-gather-operator/pull/138
	source:
	id: GHSA-77c2-c35q-254w
	created: 2024-12-20T10:03:24.327468-10:00
	review_status: UNREVIEWED