x/vulndb: potential Go vuln in github.com/pritunl/pritunl-client-electron: CVE-2016-7064 #2196

tatianab · 2023-11-08T22:01:01Z

CVE-2016-7064 references github.com/pritunl/pritunl-client-electron, which may be a Go module.

Description:
A flaw was found in pritunl-client before version 1.0.1116.6. A lack of signature verification leads to sensitive information leakage

References:

Cross references:
No existing reports found with this module or alias.

See doc/triage.md for instructions on how to triage this report.

modules:
    - module: github.com/pritunl/pritunl-client-electron
      vulnerable_at: 0.0.0-20231108155932-13f71d94089e
      packages:
        - package: pritunl-client-electron
cves:
    - CVE-2016-7064
references:
    - web: https://lf.lc/CVE-2016-7064.txt
    - web: https://github.com/pritunl/pritunl-client-electron/releases/tag/1.0.1116.6

The text was updated successfully, but these errors were encountered:

gopherbot · 2023-11-08T22:29:20Z

Change https://go.dev/cl/540721 mentions this issue: data/excluded: batch add 135 excluded reports

tatianab added the excluded: LEGACY_FALSE_POSITIVE (DO NOT USE) Vulnerability marked as false positive before we introduced the triage process label Nov 8, 2023

gopherbot closed this as completed in 497caf9 Nov 8, 2023

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

x/vulndb: potential Go vuln in github.com/pritunl/pritunl-client-electron: CVE-2016-7064 #2196

x/vulndb: potential Go vuln in github.com/pritunl/pritunl-client-electron: CVE-2016-7064 #2196

tatianab commented Nov 8, 2023

gopherbot commented Nov 8, 2023

x/vulndb: potential Go vuln in github.com/pritunl/pritunl-client-electron: CVE-2016-7064 #2196

x/vulndb: potential Go vuln in github.com/pritunl/pritunl-client-electron: CVE-2016-7064 #2196

Comments

tatianab commented Nov 8, 2023

gopherbot commented Nov 8, 2023