blob: ca6842bbd9072e2190d2d7e77c6e6c40bc18ced5 [file] [log] [blame]
id: GO-2022-0643
modules:
- module: github.com/elastic/beats
versions:
- fixed: 6.1.0+incompatible
vulnerable_at: 6.0.0
packages:
- package: github.com/elastic/beats/packetbeat/protos/pgsql
symbols:
- pgsqlFieldsParser
derived_symbols:
- pgsqlPlugin.Parse
summary: Denial of service in github.com/elastic/beats
description: |-
A local attacker can cause a panic if they are able to send arbitrary traffic to
a monitored port, due to an out of bounds read.
published: 2022-02-15T01:57:18Z
cves:
- CVE-2017-11480
ghsas:
- GHSA-9q3g-m353-cp4p
references:
- fix: https://github.com/elastic/beats/pull/5457
- fix: https://github.com/elastic/beats/commit/aeca65779d573976981587ca1d1461399e1b59dd
review_status: REVIEWED