reports/GO-2020-0007.toml - vulndb - Git at Google

 module = "github.com/seccomp/libseccomp-golang"

 description = """
 Filters containing rules with multiple syscall arguments are improperly
 constructed, such that all arguments are required to match rather than
 any of the arguments (AND is used rather than OR). These filters can be
 bypassed by only specifying a subset of the arguments due to this
 behavior.
 """

 cve = "CVE-2017-18367"

 credit = "@ihac"

 symbols = ["ScmpFilter.addRuleGeneric"]

 published = "2021-04-14T12:00:00Z"

 [[versions]]
 fixed = "v0.9.1-0.20170424173420-06e7a29f36a3"

 [links]
 commit = "https://github.com/seccomp/libseccomp-golang/commit/06e7a29f36a34b8cf419aeb87b979ee508e58f9e"
	module = "github.com/seccomp/libseccomp-golang"

	description = """
	Filters containing rules with multiple syscall arguments are improperly
	constructed, such that all arguments are required to match rather than
	any of the arguments (AND is used rather than OR). These filters can be
	bypassed by only specifying a subset of the arguments due to this
	behavior.
	"""

	cve = "CVE-2017-18367"

	credit = "@ihac"

	symbols = ["ScmpFilter.addRuleGeneric"]

	published = "2021-04-14T12:00:00Z"

	[[versions]]
	fixed = "v0.9.1-0.20170424173420-06e7a29f36a3"

	[links]
	commit = "https://github.com/seccomp/libseccomp-golang/commit/06e7a29f36a34b8cf419aeb87b979ee508e58f9e"