Google Git
Sign in
go / vulndb / eb8100e07ee2ab7e66b2dad40b311acc127c8a5e^! / .
commiteb8100e07ee2ab7e66b2dad40b311acc127c8a5e[log] [tgz]
authorJonathan Amsterdam <jba@google.com>Wed Jan 12 14:19:52 2022 -0500
committerJonathan Amsterdam <jba@google.com>Thu Jan 13 12:04:20 2022 +0000
tree67447bcbb74fb641109ad330cd85c2b2728f68a2
parent02b2aa2e1c4439a017eebf10939c24f2488636cc [diff]
reports: fix typos and remove markdown

This CL covers the range 2021-0046 to 2021-0079.

Change-Id: Iffc09bc898bd33ecfdafcfa48deb4b3e643e6561
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/378114
Trust: Jonathan Amsterdam <jba@google.com>
Run-TryBot: Jonathan Amsterdam <jba@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Julie Qiu <julie@golang.org>

diff --git a/reports/GO-2020-0048.yaml b/reports/GO-2020-0048.yaml
index cc2e11d..8e52b06 100644
--- a/reports/GO-2020-0048.yaml
+++ b/reports/GO-2020-0048.yaml

@@ -2,7 +2,7 @@
 versions:
   - fixed: v1.3.1
 description: |
-  [`LoadURL`] does not check the Content-Type of loaded resources,
+  LoadURL does not check the Content-Type of loaded resources,
   which can cause a panic due to nil pointer deference if the loaded
   resource is not XML. If user supplied URLs are loaded, this may be
   used as a denial of service vector.

diff --git a/reports/GO-2021-0051.yaml b/reports/GO-2021-0051.yaml
index 390d43b..22c9f8a 100644
--- a/reports/GO-2021-0051.yaml
+++ b/reports/GO-2021-0051.yaml

@@ -2,7 +2,7 @@
 versions:
   - fixed: v4.1.18-0.20201215153152-4422e3b66b9f
 description: |
-  Due to improper santization of user input on Windows, the static file handler
+  Due to improper sanitization of user input on Windows, the static file handler
   allows for directory traversal, allowing an attacker to read files outside of
   the target directory that the server has permission to read.
 credit: "@little-cui (Apache ServiceComb)"

diff --git a/reports/GO-2021-0070.yaml b/reports/GO-2021-0070.yaml
index 4575ce2..46e3605 100644
--- a/reports/GO-2021-0070.yaml
+++ b/reports/GO-2021-0070.yaml

@@ -4,9 +4,9 @@
   - fixed: v0.1.0
 description: |
   GetExecUser in the github.com/opencontainers/runc/libcontainer/user package will
-  improperly interpred numeric UIDs as usernames. If the method is used without
-  verify usernames are formatted as expected, it may allow a user to gain unexpected
-  privileges.
+  improperly interpret numeric UIDs as usernames. If the method is used without
+  verifying that usernames are formatted as expected, it may allow a user to
+  gain unexpected privileges.
 cves:
   - CVE-2016-3697
 symbols: