Skip to content

Commit

Permalink
data/reports: update GO-2023-1946
Browse files Browse the repository at this point in the history
Fix error in affected versions.

  - data/reports/GO-2023-1946.yaml

Updates #1946

Change-Id: I6d2d7b61c6a70fa7ee7a6bb9a77fea54c2ca7c54
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/607375
Auto-Submit: Tatiana Bradley <tatianabradley@google.com>
Reviewed-by: Zvonimir Pavlinovic <zpavlinovic@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
  • Loading branch information
tatianab authored and gopherbot committed Aug 21, 2024
1 parent 229cf45 commit 3111a49
Show file tree
Hide file tree
Showing 2 changed files with 1 addition and 24 deletions.
17 changes: 0 additions & 17 deletions data/osv/GO-2023-1946.json
Original file line number Diff line number Diff line change
Expand Up @@ -10,23 +10,6 @@
"summary": "Kubernetes DoS Vulnerability in k8s.io/kubernetes",
"details": "Kubernetes DoS Vulnerability in k8s.io/kubernetes",
"affected": [
{
"package": {
"name": "k8s.io/kubernetes",
"ecosystem": "Go"
},
"ranges": [
{
"type": "SEMVER",
"events": [
{
"introduced": "1.0.0"
}
]
}
],
"ecosystem_specific": {}
},
{
"package": {
"name": "k8s.io/kubernetes",
Expand Down
8 changes: 1 addition & 7 deletions data/reports/GO-2023-1946.yaml
Original file line number Diff line number Diff line change
@@ -1,11 +1,5 @@
id: GO-2023-1946
modules:
- module: k8s.io/kubernetes
versions:
- introduced: 1.0.0
unsupported_versions:
- last_affected: 1.10.0
vulnerable_at: 1.31.0
- module: k8s.io/kubernetes
versions:
- introduced: 1.11.0
Expand Down Expand Up @@ -36,7 +30,7 @@ references:
- web: https://security.netapp.com/advisory/ntap-20190416-0002
- web: https://web.archive.org/web/20210125011246/https://www.securityfocus.com/bid/107290
notes:
- fix: 'module merge error: could not merge versions of module k8s.io/kubernetes: introduced and fixed versions must alternate'
- manually removed block containing introduced 1.0.0 and last affected because it was incorrectly flagging the entire module as vulnerable
source:
id: GHSA-q4rr-64r9-fwgf
created: 2024-08-20T11:53:57.834032-04:00
Expand Down

0 comments on commit 3111a49

Please sign in to comment.