blob: 163bf9ca8eb5354727154591361201dd48614f78 [file] [log] [blame]
id: GO-2022-1002
modules:
- module: github.com/pandatix/go-cvss
versions:
- introduced: 0.2.0
- fixed: 0.4.0
vulnerable_at: 0.3.0
packages:
- package: github.com/pandatix/go-cvss/20
symbols:
- ParseVector
summary: Panic in github.com/pandatix/go-cvss
description: ParseVector can panic when provided with invalid input.
cves:
- CVE-2022-39213
ghsas:
- GHSA-xhmf-mmv2-4hhx
references:
- fix: https://github.com/pandatix/go-cvss/commit/d9d478ff0c13b8b09ace030db9262f3c2fe031f4
review_status: REVIEWED