id: GO-2022-1002 | |
modules: | |
- module: github.com/pandatix/go-cvss | |
versions: | |
- introduced: 0.2.0 | |
- fixed: 0.4.0 | |
vulnerable_at: 0.3.0 | |
packages: | |
- package: github.com/pandatix/go-cvss/20 | |
symbols: | |
- ParseVector | |
summary: Panic in github.com/pandatix/go-cvss | |
description: ParseVector can panic when provided with invalid input. | |
cves: | |
- CVE-2022-39213 | |
ghsas: | |
- GHSA-xhmf-mmv2-4hhx | |
references: | |
- fix: https://github.com/pandatix/go-cvss/commit/d9d478ff0c13b8b09ace030db9262f3c2fe031f4 | |
review_status: REVIEWED |