-
Notifications
You must be signed in to change notification settings - Fork 61
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
x/vulndb: potential Go vuln in github.com/coredns/coredns: GHSA-gv9j-4w24-q7vx #368
Labels
excluded: DEPENDENT_VULNERABILITY
This vulnerability is downstream of another existing vulnerability report.
Comments
Vulnerability in tool. |
julieqiu
changed the title
x/vulndb: potential Go vuln in github.com/coredns/coredns: GHSA-gv9j-4w24-q7vx
x/vulndb: potential Go vuln in github.com/coredns/coredns: GHSA-gv9j-4w24-q7vx and CVE-2019-19794
Aug 1, 2022
neild
added
excluded: EFFECTIVELY_PRIVATE
This vulnerability exists in a package can be imported, but isn't meant to be outside that module.
and removed
NotGoVuln
labels
Aug 11, 2022
tatianab
added
excluded: DEPENDENT_VULNERABILITY
This vulnerability is downstream of another existing vulnerability report.
and removed
excluded: EFFECTIVELY_PRIVATE
This vulnerability exists in a package can be imported, but isn't meant to be outside that module.
labels
Nov 18, 2022
Downstream of #8 |
tatianab
changed the title
x/vulndb: potential Go vuln in github.com/coredns/coredns: GHSA-gv9j-4w24-q7vx and CVE-2019-19794
x/vulndb: potential Go vuln in github.com/coredns/coredns: GHSA-gv9j-4w24-q7vx
Nov 18, 2022
Change https://go.dev/cl/451280 mentions this issue: |
gopherbot
pushed a commit
that referenced
this issue
Nov 18, 2022
GO-2022-0368 is dependent on GO-2020-0008. Remove the CVE, which actually refers to the upstream vuln, and re-classify as DEPENDENT_VULNERABILITY. Aliases: GHSA-gv9j-4w24-q7vx Updates #368, #8 Change-Id: Ide59a0ef1c529d66fb5511cafeea9559b372ca07 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/451280 Run-TryBot: Tatiana Bradley <[email protected]> Reviewed-by: Damien Neil <[email protected]> TryBot-Result: Gopher Robot <[email protected]> Reviewed-by: Tatiana Bradley <[email protected]>
This was referenced Mar 4, 2023
Change https://go.dev/cl/592767 mentions this issue: |
Change https://go.dev/cl/607217 mentions this issue: |
gopherbot
pushed a commit
that referenced
this issue
Aug 21, 2024
- data/reports/GO-2022-0367.yaml - data/reports/GO-2022-0368.yaml - data/reports/GO-2022-0369.yaml - data/reports/GO-2022-0372.yaml - data/reports/GO-2022-0374.yaml - data/reports/GO-2022-0375.yaml - data/reports/GO-2022-0377.yaml - data/reports/GO-2022-0378.yaml - data/reports/GO-2022-0381.yaml - data/reports/GO-2022-0387.yaml - data/reports/GO-2022-0388.yaml - data/reports/GO-2022-0389.yaml - data/reports/GO-2022-0390.yaml - data/reports/GO-2022-0392.yaml - data/reports/GO-2022-0393.yaml - data/reports/GO-2022-0395.yaml - data/reports/GO-2022-0396.yaml - data/reports/GO-2022-0398.yaml - data/reports/GO-2022-0405.yaml - data/reports/GO-2022-0406.yaml Updates #367 Updates #368 Updates #369 Updates #372 Updates #374 Updates #375 Updates #377 Updates #378 Updates #381 Updates #387 Updates #388 Updates #389 Updates #390 Updates #392 Updates #393 Updates #395 Updates #396 Updates #398 Updates #405 Updates #406 Change-Id: I001f245aa4d9225668c2b30e3d5b4ca7a7e9b3b3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/607217 Commit-Queue: Tatiana Bradley <[email protected]> Auto-Submit: Tatiana Bradley <[email protected]> LUCI-TryBot-Result: Go LUCI <[email protected]> Reviewed-by: Damien Neil <[email protected]>
This was referenced Sep 18, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
excluded: DEPENDENT_VULNERABILITY
This vulnerability is downstream of another existing vulnerability report.
In GitHub Security Advisory GHSA-gv9j-4w24-q7vx, there is a vulnerability in the following Go packages or modules:
See doc/triage.md for instructions on how to triage this report.
The text was updated successfully, but these errors were encountered: