data/reports/GO-2024-2864.yaml - vulndb - Git at Google

 id: GO-2024-2864
 modules:
     - module: github.com/stacklok/minder
       versions:
         - fixed: 0.0.49
       vulnerable_at: 0.0.48
 summary: Denial of service of Minder Server with attacker-controlled REST endpoint in github.com/stacklok/minder
 cves:
     - CVE-2024-35185
 ghsas:
     - GHSA-fjw8-3gp8-4cvx
 references:
     - advisory: https://github.com/stacklok/minder/security/advisories/GHSA-fjw8-3gp8-4cvx
     - advisory: https://nvd.nist.gov/vuln/detail/CVE-2024-35185
     - fix: https://github.com/stacklok/minder/commit/065049336aac0621ee00a0bb2211f8051d47c14b
 source:
     id: GHSA-fjw8-3gp8-4cvx
     created: 2024-05-16T17:13:21.902381-04:00
 review_status: UNREVIEWED
	id: GO-2024-2864
	modules:
	- module: github.com/stacklok/minder
	versions:
	- fixed: 0.0.49
	vulnerable_at: 0.0.48
	summary: Denial of service of Minder Server with attacker-controlled REST endpoint in github.com/stacklok/minder
	cves:
	- CVE-2024-35185
	ghsas:
	- GHSA-fjw8-3gp8-4cvx
	references:
	- advisory: https://github.com/stacklok/minder/security/advisories/GHSA-fjw8-3gp8-4cvx
	- advisory: https://nvd.nist.gov/vuln/detail/CVE-2024-35185
	- fix: https://github.com/stacklok/minder/commit/065049336aac0621ee00a0bb2211f8051d47c14b
	source:
	id: GHSA-fjw8-3gp8-4cvx
	created: 2024-05-16T17:13:21.902381-04:00
	review_status: UNREVIEWED