data/reports: de-duplicate summaries
In cases where two or more reports have the same summary, edit one or
both of them to be more specific. This is in preparation for a lint
check that ensures that no two reports have the exact same summary.
Change-Id: If483778119f0d9fa39cb400fecce9d8f6692aa60
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/543800
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Damien Neil <dneil@google.com>
diff --git a/data/cve/v5/GO-2022-0533.json b/data/cve/v5/GO-2022-0533.json
index 714e2a4..09e22ce 100644
--- a/data/cve/v5/GO-2022-0533.json
+++ b/data/cve/v5/GO-2022-0533.json
@@ -9,7 +9,7 @@
"providerMetadata": {
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc"
},
- "title": "Path traversal on Windows in path/filepath",
+ "title": "Path traversal via Clean on Windows in path/filepath",
"descriptions": [
{
"lang": "en",
diff --git a/data/cve/v5/GO-2022-0979.json b/data/cve/v5/GO-2022-0979.json
index d11f607..e896861 100644
--- a/data/cve/v5/GO-2022-0979.json
+++ b/data/cve/v5/GO-2022-0979.json
@@ -9,7 +9,7 @@
"providerMetadata": {
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc"
},
- "title": "Incorrect DNSSEC validation in github.com/peterzen/goresolver",
+ "title": "Incorrect DNSSEC validation due to unchecked owner names in github.com/peterzen/goresolver",
"descriptions": [
{
"lang": "en",
diff --git a/data/cve/v5/GO-2022-1026.json b/data/cve/v5/GO-2022-1026.json
index d1de35d..78acf58 100644
--- a/data/cve/v5/GO-2022-1026.json
+++ b/data/cve/v5/GO-2022-1026.json
@@ -9,7 +9,7 @@
"providerMetadata": {
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc"
},
- "title": "Incorrect DNSSEC validation in github.com/peterzen/goresolver",
+ "title": "Incorrect validation of root DNSSEC public keys in github.com/peterzen/goresolver",
"descriptions": [
{
"lang": "en",
diff --git a/data/cve/v5/GO-2023-1841.json b/data/cve/v5/GO-2023-1841.json
index f459b12..e04b948 100644
--- a/data/cve/v5/GO-2023-1841.json
+++ b/data/cve/v5/GO-2023-1841.json
@@ -9,7 +9,7 @@
"providerMetadata": {
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc"
},
- "title": "Improper sanitization of LDFLAGS in go command with cgo in cmd/go",
+ "title": "Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go",
"descriptions": [
{
"lang": "en",
diff --git a/data/cve/v5/GO-2023-1842.json b/data/cve/v5/GO-2023-1842.json
index 0fbb2e4..81cd786 100644
--- a/data/cve/v5/GO-2023-1842.json
+++ b/data/cve/v5/GO-2023-1842.json
@@ -9,7 +9,7 @@
"providerMetadata": {
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc"
},
- "title": "Improper sanitization of LDFLAGS in go command with cgo in cmd/go",
+ "title": "Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go",
"descriptions": [
{
"lang": "en",
diff --git a/data/osv/GO-2020-0006.json b/data/osv/GO-2020-0006.json
index bebe9c0..ff1ecd1 100644
--- a/data/osv/GO-2020-0006.json
+++ b/data/osv/GO-2020-0006.json
@@ -7,7 +7,7 @@
"CVE-2017-15133",
"GHSA-p55x-7x9v-q8m4"
],
- "summary": "Denial of service in github.com/miekg/dns",
+ "summary": "Denial of service via open idle connection in github.com/miekg/dns",
"details": "An attacker may prevent TCP connections to a Server by opening a connection and leaving it idle, until the connection is closed by the server no other connections will be accepted.",
"affected": [
{
diff --git a/data/osv/GO-2020-0028.json b/data/osv/GO-2020-0028.json
index c7695ea..5bef3da 100644
--- a/data/osv/GO-2020-0028.json
+++ b/data/osv/GO-2020-0028.json
@@ -7,7 +7,7 @@
"CVE-2018-17419",
"GHSA-9jcx-pr2f-qvq5"
],
- "summary": "Denial of service in github.com/miekg/dns",
+ "summary": "Denial of service via malformed zone file in github.com/miekg/dns",
"details": "Due to a nil pointer dereference, parsing a malformed zone file containing TA records may cause a panic. If parsing user supplied input, this may be used as a denial of service vector.",
"affected": [
{
diff --git a/data/osv/GO-2021-0054.json b/data/osv/GO-2021-0054.json
index ba1e94f..d21929c 100644
--- a/data/osv/GO-2021-0054.json
+++ b/data/osv/GO-2021-0054.json
@@ -7,7 +7,7 @@
"CVE-2020-36067",
"GHSA-p64j-r5f4-pwwx"
],
- "summary": "Panic due to improper input validation in github.com/tidwall/gjson",
+ "summary": "Panic due to improper input validation in ForEach in github.com/tidwall/gjson",
"details": "Due to improper bounds checking, maliciously crafted JSON objects can cause an out-of-bounds panic. If parsing user input, this may be used as a denial of service vector.",
"affected": [
{
diff --git a/data/osv/GO-2021-0059.json b/data/osv/GO-2021-0059.json
index 047f873..69215f8 100644
--- a/data/osv/GO-2021-0059.json
+++ b/data/osv/GO-2021-0059.json
@@ -7,7 +7,7 @@
"CVE-2020-35380",
"GHSA-w942-gw6m-p62c"
],
- "summary": "Panic due to improper input validation in github.com/tidwall/gjson",
+ "summary": "Panic due to improper input validation in Get in github.com/tidwall/gjson",
"details": "Due to improper bounds checking, maliciously crafted JSON objects can cause an out-of-bounds panic. If parsing user input, this may be used as a denial of service vector.",
"affected": [
{
diff --git a/data/osv/GO-2021-0063.json b/data/osv/GO-2021-0063.json
index f1c6df6..7efca47 100644
--- a/data/osv/GO-2021-0063.json
+++ b/data/osv/GO-2021-0063.json
@@ -7,7 +7,7 @@
"CVE-2020-26264",
"GHSA-r33q-22hv-j29q"
],
- "summary": "Panic in github.com/ethereum/go-ethereum",
+ "summary": "Nil pointer dereference via malicious RPC message in github.com/ethereum/go-ethereum",
"details": "Due to a nil pointer dereference, a maliciously crafted RPC message can cause a panic. If handling RPC messages from untrusted clients, this may be used as a denial of service vector.",
"affected": [
{
diff --git a/data/osv/GO-2021-0064.json b/data/osv/GO-2021-0064.json
index 30ae3d8..3b36831 100644
--- a/data/osv/GO-2021-0064.json
+++ b/data/osv/GO-2021-0064.json
@@ -7,8 +7,8 @@
"CVE-2020-8565",
"GHSA-8cfg-vx93-jvxw"
],
- "summary": "Unauthorized credential disclosure in k8s.io/kubernetes and k8s.io/client-go",
- "details": "Authorization tokens may be inappropriately logged if the verbosity level is set to a debug level.",
+ "summary": "Unauthorized credential disclosure via debug logs in k8s.io/kubernetes and k8s.io/client-go",
+ "details": "Authorization tokens may be inappropriately logged if the verbosity level is set to a debug level. This is due to an incomplete fix for CVE-2019-11250.",
"affected": [
{
"package": {
diff --git a/data/osv/GO-2021-0075.json b/data/osv/GO-2021-0075.json
index a063205..cb44091 100644
--- a/data/osv/GO-2021-0075.json
+++ b/data/osv/GO-2021-0075.json
@@ -7,7 +7,7 @@
"CVE-2018-12018",
"GHSA-p5gc-957x-gfw9"
],
- "summary": "Panic in github.com/ethereum/go-ethereum",
+ "summary": "Panic due to improper validation of RPC messages in github.com/ethereum/go-ethereum",
"details": "Due to improper argument validation in RPC messages, a maliciously crafted message can cause a panic, leading to denial of service.",
"affected": [
{
diff --git a/data/osv/GO-2021-0082.json b/data/osv/GO-2021-0082.json
index 8f65128..0179f2c 100644
--- a/data/osv/GO-2021-0082.json
+++ b/data/osv/GO-2021-0082.json
@@ -7,8 +7,8 @@
"CVE-2019-11939",
"GHSA-w3r9-r9w7-8h48"
],
- "summary": "Denial of service in github.com/facebook/fbthrift",
- "details": "Thirft Servers preallocate memory for the declared size of messages before checking the actual size of the message. This allows a malicious user to send messages that declare that they are significantly larger than they actually are, allowing them to force the server to allocate significant amounts of memory. This can be used as a denial of service vector.",
+ "summary": "Denial of service via malicious message size declaration in github.com/facebook/fbthrift",
+ "details": "Thrift Servers preallocate memory for the declared size of messages before checking the actual size of the message. This allows a malicious user to send messages that declare that they are significantly larger than they actually are, allowing them to force the server to allocate significant amounts of memory. This can be used as a denial of service vector.",
"affected": [
{
"package": {
diff --git a/data/osv/GO-2021-0088.json b/data/osv/GO-2021-0088.json
index 6d0a06a..77ab795 100644
--- a/data/osv/GO-2021-0088.json
+++ b/data/osv/GO-2021-0088.json
@@ -7,7 +7,7 @@
"CVE-2019-3564",
"GHSA-x4rg-4545-4w7w"
],
- "summary": "Denial of service in github.com/facebook/fbthrift",
+ "summary": "Denial of service via ignored unknown fields in github.com/facebook/fbthrift",
"details": "Skip ignores unknown fields, rather than failing. A malicious user can craft small messages with unknown fields which can take significant resources to parse. If a server accepts messages from an untrusted user, it may be used as a denial of service vector.",
"affected": [
{
diff --git a/data/osv/GO-2021-0265.json b/data/osv/GO-2021-0265.json
index 580ccc3..73cd2a5 100644
--- a/data/osv/GO-2021-0265.json
+++ b/data/osv/GO-2021-0265.json
@@ -9,7 +9,7 @@
"GHSA-c9gm-7rfj-8w5h",
"GHSA-ppj4-34rq-v8j9"
],
- "summary": "Denial of service in github.com/tidwall/gjson",
+ "summary": "Denial of service via maliciously crafted path in github.com/tidwall/gjson",
"details": "A maliciously crafted path can cause Get and other query functions to consume excessive amounts of CPU and time.",
"affected": [
{
diff --git a/data/osv/GO-2022-0192.json b/data/osv/GO-2022-0192.json
index 6d12235..bba377e 100644
--- a/data/osv/GO-2022-0192.json
+++ b/data/osv/GO-2022-0192.json
@@ -7,7 +7,7 @@
"CVE-2018-17142",
"GHSA-2wp2-chmh-r934"
],
- "summary": "Improper input validation in golang.org/x/net/html",
+ "summary": "Incorrect parsing of nested templates in golang.org/x/net/html",
"details": "The Parse function can panic on some invalid inputs.\n\nFor example, the Parse function panics on the input \"\u003cmath\u003e\u003ctemplate\u003e\u003cmo\u003e\u003ctemplate\u003e\".",
"affected": [
{
diff --git a/data/osv/GO-2022-0193.json b/data/osv/GO-2022-0193.json
index cf65ba8..55bd79e 100644
--- a/data/osv/GO-2022-0193.json
+++ b/data/osv/GO-2022-0193.json
@@ -7,7 +7,7 @@
"CVE-2018-17143",
"GHSA-fcf9-6fv2-fc5v"
],
- "summary": "Improper input validation in golang.org/x/net/html",
+ "summary": "Panic on unconsidered isindex and template combination in golang.org/x/net/html",
"details": "The Parse function can panic on some invalid inputs.\n\nFor example, the Parse function panics on the input \"\u003ctemplate\u003e\u003ctBody\u003e\u003cisindex/action=0\u003e\".",
"affected": [
{
diff --git a/data/osv/GO-2022-0463.json b/data/osv/GO-2022-0463.json
index 543aa80..1a062b1 100644
--- a/data/osv/GO-2022-0463.json
+++ b/data/osv/GO-2022-0463.json
@@ -7,7 +7,7 @@
"CVE-2022-31259",
"GHSA-qx32-f6g6-fcfr"
],
- "summary": "Access control bypass in github.com/beego/beego and beego/v2",
+ "summary": "Access control bypass due to broad route matching in github.com/beego/beego and beego/v2",
"details": "Routes in the beego HTTP router can match unintended patterns. This overly-broad matching may permit an attacker to bypass access controls.\n\nFor example, the pattern \"/a/b/:name\" can match the URL \"/a.xml/b/\". This may bypass access control applied to the prefix \"/a/\".",
"affected": [
{
diff --git a/data/osv/GO-2022-0533.json b/data/osv/GO-2022-0533.json
index a91ae93..77bb41c 100644
--- a/data/osv/GO-2022-0533.json
+++ b/data/osv/GO-2022-0533.json
@@ -6,7 +6,7 @@
"aliases": [
"CVE-2022-29804"
],
- "summary": "Path traversal on Windows in path/filepath",
+ "summary": "Path traversal via Clean on Windows in path/filepath",
"details": "On Windows, the filepath.Clean function can convert certain invalid paths to valid, absolute paths, potentially allowing a directory traversal attack.\n\nFor example, Clean(`.\\c:`) returns `c:`.",
"affected": [
{
diff --git a/data/osv/GO-2022-0572.json b/data/osv/GO-2022-0572.json
index 66bbd37..40cb040 100644
--- a/data/osv/GO-2022-0572.json
+++ b/data/osv/GO-2022-0572.json
@@ -7,7 +7,7 @@
"CVE-2021-30080",
"GHSA-28r6-jm5h-mrgg"
],
- "summary": "Access control bypass in github.com/beego/beego and beego/v2",
+ "summary": "Access control bypass via incorrect route lookup in github.com/beego/beego and beego/v2",
"details": "An issue was discovered in the route lookup process in beego which attackers to bypass access control.",
"affected": [
{
diff --git a/data/osv/GO-2022-0588.json b/data/osv/GO-2022-0588.json
index 460a0b7..7211368 100644
--- a/data/osv/GO-2022-0588.json
+++ b/data/osv/GO-2022-0588.json
@@ -7,7 +7,7 @@
"CVE-2021-42576",
"GHSA-x95h-979x-cf3j"
],
- "summary": "Cross-site scripting in github.com/microcosm-cc/bluemonday",
+ "summary": "Cross-site scripting via leaked style elements in github.com/microcosm-cc/bluemonday",
"details": "The bluemonday HTML sanitizer can leak the contents of a \"style\" element into HTML output, potentially causing XSS vulnerabilities.\n\nThe default bluemonday sanitization policies are not vulnerable. Only user-defined policies allowing \"select\", \"style\", and \"option\" elements are affected.\n\nPermitting the \"style\" element in policies is hazardous, because bluemonday does not contain a CSS sanitizer. Newer versions of bluemonday suppress \"style\" and \"script\" elements even when allowed by a policy unless the policy explicitly requests unsafe processing.",
"affected": [
{
diff --git a/data/osv/GO-2022-0762.json b/data/osv/GO-2022-0762.json
index fecae7c..34e6e31 100644
--- a/data/osv/GO-2022-0762.json
+++ b/data/osv/GO-2022-0762.json
@@ -7,7 +7,7 @@
"CVE-2021-29272",
"GHSA-3x58-xr87-2fcj"
],
- "summary": "Cross-site scripting in github.com/microcosm-cc/bluemonday",
+ "summary": "Cross-site scripting due to incorrect sanitization in github.com/microcosm-cc/bluemonday",
"details": "An XSS injection was possible because the sanitization of the Cyrillic character i bypass a protection mechanism against user-inputted HTML elements such as the \u003cscript\u003e tag.",
"affected": [
{
diff --git a/data/osv/GO-2022-0957.json b/data/osv/GO-2022-0957.json
index 85f6ef3..56fafff 100644
--- a/data/osv/GO-2022-0957.json
+++ b/data/osv/GO-2022-0957.json
@@ -7,7 +7,7 @@
"CVE-2020-36066",
"GHSA-wjm3-fq3r-5x46"
],
- "summary": "Denial of service in github.com/tidwall/gjson",
+ "summary": "Denial of service via maliciously crafted JSON in github.com/tidwall/gjson",
"details": "A maliciously crafted JSON input can cause a denial of service attack.",
"affected": [
{
diff --git a/data/osv/GO-2022-0979.json b/data/osv/GO-2022-0979.json
index e4f2a33..95d4659 100644
--- a/data/osv/GO-2022-0979.json
+++ b/data/osv/GO-2022-0979.json
@@ -7,7 +7,7 @@
"CVE-2022-3346",
"GHSA-87mm-qxm5-cp3f"
],
- "summary": "Incorrect DNSSEC validation in github.com/peterzen/goresolver",
+ "summary": "Incorrect DNSSEC validation due to unchecked owner names in github.com/peterzen/goresolver",
"details": "DNSSEC validation is not performed correctly. An attacker can cause this package to report successful validation for invalid, attacker-controlled records.\n\nThe owner name of RRSIG RRs is not validated, permitting an attacker to present the RRSIG for an attacker-controlled domain in a response for any other domain.",
"affected": [
{
diff --git a/data/osv/GO-2022-1026.json b/data/osv/GO-2022-1026.json
index 86a54cc..dc107d6 100644
--- a/data/osv/GO-2022-1026.json
+++ b/data/osv/GO-2022-1026.json
@@ -7,7 +7,7 @@
"CVE-2022-3347",
"GHSA-jr65-gpj5-cw74"
],
- "summary": "Incorrect DNSSEC validation in github.com/peterzen/goresolver",
+ "summary": "Incorrect validation of root DNSSEC public keys in github.com/peterzen/goresolver",
"details": "DNSSEC validation is not performed correctly. An attacker can cause this package to report successful validation for invalid, attacker-controlled records.\n\nRoot DNSSEC public keys are not validated, permitting an attacker to present a self-signed root key and delegation chain.",
"affected": [
{
diff --git a/data/osv/GO-2023-1841.json b/data/osv/GO-2023-1841.json
index 4f20df6..be404d2 100644
--- a/data/osv/GO-2023-1841.json
+++ b/data/osv/GO-2023-1841.json
@@ -6,7 +6,7 @@
"aliases": [
"CVE-2023-29404"
],
- "summary": "Improper sanitization of LDFLAGS in go command with cgo in cmd/go",
+ "summary": "Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go",
"details": "The go command may execute arbitrary code at build time when using cgo. This may occur when running \"go get\" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a \"#cgo LDFLAGS\" directive.\n\nThe arguments for a number of flags which are non-optional are incorrectly considered optional, allowing disallowed flags to be smuggled through the LDFLAGS sanitization. This affects usage of both the gc and gccgo compilers.",
"affected": [
{
diff --git a/data/osv/GO-2023-1842.json b/data/osv/GO-2023-1842.json
index 858a675..2748e3a 100644
--- a/data/osv/GO-2023-1842.json
+++ b/data/osv/GO-2023-1842.json
@@ -6,7 +6,7 @@
"aliases": [
"CVE-2023-29405"
],
- "summary": "Improper sanitization of LDFLAGS in go command with cgo in cmd/go",
+ "summary": "Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go",
"details": "The go command may execute arbitrary code at build time when using cgo. This may occur when running \"go get\" on a malicious module, or when running any other command which builds untrusted code. This is can by triggered by linker flags, specified via a \"#cgo LDFLAGS\" directive.\n\nFlags containing embedded spaces are mishandled, allowing disallowed flags to be smuggled through the LDFLAGS sanitization by including them in the argument of another flag. This only affects usage of the gccgo compiler.",
"affected": [
{
diff --git a/data/reports/GO-2020-0006.yaml b/data/reports/GO-2020-0006.yaml
index 84d5083..27c9518 100644
--- a/data/reports/GO-2020-0006.yaml
+++ b/data/reports/GO-2020-0006.yaml
@@ -14,7 +14,7 @@
- ListenAndServeTLS
- Server.ActivateAndServe
- Server.ListenAndServe
-summary: Denial of service in github.com/miekg/dns
+summary: Denial of service via open idle connection in github.com/miekg/dns
description: |-
An attacker may prevent TCP connections to a Server by opening a connection and
leaving it idle, until the connection is closed by the server no other
diff --git a/data/reports/GO-2020-0028.yaml b/data/reports/GO-2020-0028.yaml
index 1f36161..e6d2a93 100644
--- a/data/reports/GO-2020-0028.yaml
+++ b/data/reports/GO-2020-0028.yaml
@@ -12,7 +12,7 @@
- NewRR
- ParseZone
- ReadRR
-summary: Denial of service in github.com/miekg/dns
+summary: Denial of service via malformed zone file in github.com/miekg/dns
description: |-
Due to a nil pointer dereference, parsing a malformed zone file containing TA
records may cause a panic. If parsing user supplied input, this may be used as a
diff --git a/data/reports/GO-2021-0054.yaml b/data/reports/GO-2021-0054.yaml
index d9fa197..4f84fbe 100644
--- a/data/reports/GO-2021-0054.yaml
+++ b/data/reports/GO-2021-0054.yaml
@@ -10,7 +10,7 @@
- unwrap
derived_symbols:
- Result.ForEach
-summary: Panic due to improper input validation in github.com/tidwall/gjson
+summary: Panic due to improper input validation in ForEach in github.com/tidwall/gjson
description: |-
Due to improper bounds checking, maliciously crafted JSON objects can cause an
out-of-bounds panic. If parsing user input, this may be used as a denial of
diff --git a/data/reports/GO-2021-0059.yaml b/data/reports/GO-2021-0059.yaml
index c31d89a..b0cddfa 100644
--- a/data/reports/GO-2021-0059.yaml
+++ b/data/reports/GO-2021-0059.yaml
@@ -17,7 +17,7 @@
- Result.Get
- Result.Map
- Result.Value
-summary: Panic due to improper input validation in github.com/tidwall/gjson
+summary: Panic due to improper input validation in Get in github.com/tidwall/gjson
description: |-
Due to improper bounds checking, maliciously crafted JSON objects can cause an
out-of-bounds panic. If parsing user input, this may be used as a denial of
diff --git a/data/reports/GO-2021-0063.yaml b/data/reports/GO-2021-0063.yaml
index ee3b730..f198159 100644
--- a/data/reports/GO-2021-0063.yaml
+++ b/data/reports/GO-2021-0063.yaml
@@ -10,7 +10,7 @@
- serverHandler.handleMsg
derived_symbols:
- PrivateLightServerAPI.Benchmark
-summary: Panic in github.com/ethereum/go-ethereum
+summary: Nil pointer dereference via malicious RPC message in github.com/ethereum/go-ethereum
description: |-
Due to a nil pointer dereference, a maliciously crafted RPC message can cause a
panic. If handling RPC messages from untrusted clients, this may be used as a
diff --git a/data/reports/GO-2021-0064.yaml b/data/reports/GO-2021-0064.yaml
index 6ae0c96..c7aabe7 100644
--- a/data/reports/GO-2021-0064.yaml
+++ b/data/reports/GO-2021-0064.yaml
@@ -23,10 +23,10 @@
symbols:
- requestInfo.toCurl
skip_fix: 'TODO: revisit this reason (module does not contain package k8s.io/kubernetes/staging/src/k8s.io/client-go/transport)'
-summary: Unauthorized credential disclosure in k8s.io/kubernetes and k8s.io/client-go
+summary: Unauthorized credential disclosure via debug logs in k8s.io/kubernetes and k8s.io/client-go
description: |-
Authorization tokens may be inappropriately logged if the verbosity level is set
- to a debug level.
+ to a debug level. This is due to an incomplete fix for CVE-2019-11250.
published: 2021-04-14T20:04:52Z
cves:
- CVE-2020-8565
diff --git a/data/reports/GO-2021-0075.yaml b/data/reports/GO-2021-0075.yaml
index 5c7f329..3eda6f8 100644
--- a/data/reports/GO-2021-0075.yaml
+++ b/data/reports/GO-2021-0075.yaml
@@ -9,7 +9,7 @@
symbols:
- ProtocolManager.handleMsg
skip_fix: 'TODO: revisit this reason (cannot find module providing package github.com/hashicorp/golang-lru)'
-summary: Panic in github.com/ethereum/go-ethereum
+summary: Panic due to improper validation of RPC messages in github.com/ethereum/go-ethereum
description: |-
Due to improper argument validation in RPC messages, a maliciously crafted
message can cause a panic, leading to denial of service.
diff --git a/data/reports/GO-2021-0082.yaml b/data/reports/GO-2021-0082.yaml
index d082ad2..08f30fd 100644
--- a/data/reports/GO-2021-0082.yaml
+++ b/data/reports/GO-2021-0082.yaml
@@ -6,9 +6,9 @@
vulnerable_at: 0.31.1-0.20200311052902-c8800899625e
packages:
- package: github.com/facebook/fbthrift/thrift/lib/go/thrift
-summary: Denial of service in github.com/facebook/fbthrift
+summary: Denial of service via malicious message size declaration in github.com/facebook/fbthrift
description: |-
- Thirft Servers preallocate memory for the declared size of messages before
+ Thrift Servers preallocate memory for the declared size of messages before
checking the actual size of the message. This allows a malicious user to send
messages that declare that they are significantly larger than they actually are,
allowing them to force the server to allocate significant amounts of memory.
diff --git a/data/reports/GO-2021-0088.yaml b/data/reports/GO-2021-0088.yaml
index 968c1ce..b0cc54f 100644
--- a/data/reports/GO-2021-0088.yaml
+++ b/data/reports/GO-2021-0088.yaml
@@ -22,7 +22,7 @@
- SimpleServer.ServeContext
- SkipDefaultDepth
- applicationException.Read
-summary: Denial of service in github.com/facebook/fbthrift
+summary: Denial of service via ignored unknown fields in github.com/facebook/fbthrift
description: |-
Skip ignores unknown fields, rather than failing. A malicious user can craft
small messages with unknown fields which can take significant resources to
diff --git a/data/reports/GO-2021-0265.yaml b/data/reports/GO-2021-0265.yaml
index dc50ac0..87ec30d 100644
--- a/data/reports/GO-2021-0265.yaml
+++ b/data/reports/GO-2021-0265.yaml
@@ -15,7 +15,7 @@
- GetMany
- GetManyBytes
- Result.Get
-summary: Denial of service in github.com/tidwall/gjson
+summary: Denial of service via maliciously crafted path in github.com/tidwall/gjson
description: |-
A maliciously crafted path can cause Get and other query functions to consume
excessive amounts of CPU and time.
diff --git a/data/reports/GO-2022-0192.yaml b/data/reports/GO-2022-0192.yaml
index 4e21da3..9124b7e 100644
--- a/data/reports/GO-2022-0192.yaml
+++ b/data/reports/GO-2022-0192.yaml
@@ -11,7 +11,7 @@
derived_symbols:
- Parse
- ParseFragment
-summary: Improper input validation in golang.org/x/net/html
+summary: Incorrect parsing of nested templates in golang.org/x/net/html
description: |-
The Parse function can panic on some invalid inputs.
diff --git a/data/reports/GO-2022-0193.yaml b/data/reports/GO-2022-0193.yaml
index 584311d..8311261 100644
--- a/data/reports/GO-2022-0193.yaml
+++ b/data/reports/GO-2022-0193.yaml
@@ -11,7 +11,7 @@
derived_symbols:
- Parse
- ParseFragment
-summary: Improper input validation in golang.org/x/net/html
+summary: Panic on unconsidered isindex and template combination in golang.org/x/net/html
description: |-
The Parse function can panic on some invalid inputs.
diff --git a/data/reports/GO-2022-0463.yaml b/data/reports/GO-2022-0463.yaml
index 8be2bbf..4cc2581 100644
--- a/data/reports/GO-2022-0463.yaml
+++ b/data/reports/GO-2022-0463.yaml
@@ -266,7 +266,7 @@
- adminController.TaskStatus
- beegoAppConfig.Bool
- beegoAppConfig.DefaultBool
-summary: Access control bypass in github.com/beego/beego and beego/v2
+summary: Access control bypass due to broad route matching in github.com/beego/beego and beego/v2
description: |-
Routes in the beego HTTP router can match unintended patterns. This overly-broad
matching may permit an attacker to bypass access controls.
diff --git a/data/reports/GO-2022-0533.yaml b/data/reports/GO-2022-0533.yaml
index 282756e..2064fbf 100644
--- a/data/reports/GO-2022-0533.yaml
+++ b/data/reports/GO-2022-0533.yaml
@@ -12,7 +12,7 @@
- windows
symbols:
- Clean
-summary: Path traversal on Windows in path/filepath
+summary: Path traversal via Clean on Windows in path/filepath
description: |-
On Windows, the filepath.Clean function can convert certain invalid paths to
valid, absolute paths, potentially allowing a directory traversal attack.
diff --git a/data/reports/GO-2022-0572.yaml b/data/reports/GO-2022-0572.yaml
index 4b06332..41ef847 100644
--- a/data/reports/GO-2022-0572.yaml
+++ b/data/reports/GO-2022-0572.yaml
@@ -219,7 +219,7 @@
- adminController.TaskStatus
- beegoAppConfig.Bool
- beegoAppConfig.DefaultBool
-summary: Access control bypass in github.com/beego/beego and beego/v2
+summary: Access control bypass via incorrect route lookup in github.com/beego/beego and beego/v2
description: |-
An issue was discovered in the route lookup process in beego which attackers to
bypass access control.
diff --git a/data/reports/GO-2022-0588.yaml b/data/reports/GO-2022-0588.yaml
index 113edd5..7967643 100644
--- a/data/reports/GO-2022-0588.yaml
+++ b/data/reports/GO-2022-0588.yaml
@@ -13,7 +13,7 @@
- Policy.AllowLists
- Policy.AllowTables
- UGCPolicy
-summary: Cross-site scripting in github.com/microcosm-cc/bluemonday
+summary: Cross-site scripting via leaked style elements in github.com/microcosm-cc/bluemonday
description: |-
The bluemonday HTML sanitizer can leak the contents of a "style" element into
HTML output, potentially causing XSS vulnerabilities.
diff --git a/data/reports/GO-2022-0762.yaml b/data/reports/GO-2022-0762.yaml
index a2074b3..e8216a1 100644
--- a/data/reports/GO-2022-0762.yaml
+++ b/data/reports/GO-2022-0762.yaml
@@ -12,7 +12,7 @@
- Policy.Sanitize
- Policy.SanitizeBytes
- Policy.SanitizeReader
-summary: Cross-site scripting in github.com/microcosm-cc/bluemonday
+summary: Cross-site scripting due to incorrect sanitization in github.com/microcosm-cc/bluemonday
description: |-
An XSS injection was possible because the sanitization of the Cyrillic character
i bypass a protection mechanism against user-inputted HTML elements such as the
diff --git a/data/reports/GO-2022-0957.yaml b/data/reports/GO-2022-0957.yaml
index 1b7a913..66763b8 100644
--- a/data/reports/GO-2022-0957.yaml
+++ b/data/reports/GO-2022-0957.yaml
@@ -15,7 +15,7 @@
- GetMany
- GetManyBytes
- Result.Get
-summary: Denial of service in github.com/tidwall/gjson
+summary: Denial of service via maliciously crafted JSON in github.com/tidwall/gjson
description: A maliciously crafted JSON input can cause a denial of service attack.
published: 2022-08-25T06:28:20Z
cves:
diff --git a/data/reports/GO-2022-0979.yaml b/data/reports/GO-2022-0979.yaml
index fcdb188..3bfcc31 100644
--- a/data/reports/GO-2022-0979.yaml
+++ b/data/reports/GO-2022-0979.yaml
@@ -4,7 +4,7 @@
vulnerable_at: 1.0.2
packages:
- package: github.com/peterzen/goresolver
-summary: Incorrect DNSSEC validation in github.com/peterzen/goresolver
+summary: Incorrect DNSSEC validation due to unchecked owner names in github.com/peterzen/goresolver
description: |-
DNSSEC validation is not performed correctly. An attacker can cause this package
to report successful validation for invalid, attacker-controlled records.
diff --git a/data/reports/GO-2022-1026.yaml b/data/reports/GO-2022-1026.yaml
index cf1fdb3..2841175 100644
--- a/data/reports/GO-2022-1026.yaml
+++ b/data/reports/GO-2022-1026.yaml
@@ -4,7 +4,7 @@
vulnerable_at: 1.0.2
packages:
- package: github.com/peterzen/goresolver
-summary: Incorrect DNSSEC validation in github.com/peterzen/goresolver
+summary: Incorrect validation of root DNSSEC public keys in github.com/peterzen/goresolver
description: |-
DNSSEC validation is not performed correctly. An attacker can cause this package
to report successful validation for invalid, attacker-controlled records.
diff --git a/data/reports/GO-2023-1841.yaml b/data/reports/GO-2023-1841.yaml
index 88217bd..c91241d 100644
--- a/data/reports/GO-2023-1841.yaml
+++ b/data/reports/GO-2023-1841.yaml
@@ -8,7 +8,7 @@
vulnerable_at: 1.20.4
packages:
- package: cmd/go
-summary: Improper sanitization of LDFLAGS in go command with cgo in cmd/go
+summary: Improper handling of non-optional LDFLAGS in go command with cgo in cmd/go
description: |-
The go command may execute arbitrary code at build time when using cgo. This may
occur when running "go get" on a malicious module, or when running any other
diff --git a/data/reports/GO-2023-1842.yaml b/data/reports/GO-2023-1842.yaml
index 5637bd3..034d3c5 100644
--- a/data/reports/GO-2023-1842.yaml
+++ b/data/reports/GO-2023-1842.yaml
@@ -9,7 +9,7 @@
packages:
- package: cmd/go
- package: cmd/cgo
-summary: Improper sanitization of LDFLAGS in go command with cgo in cmd/go
+summary: Improper sanitization of LDFLAGS with embedded spaces in go command with cgo in cmd/go
description: |-
The go command may execute arbitrary code at build time when using cgo. This may
occur when running "go get" on a malicious module, or when running any other
