-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathcache_dict.json
78 lines (78 loc) · 3.56 KB
/
cache_dict.json
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
{
"github.com/BurntSushi/toml v0.3.1": {
"name": "github.com/BurntSushi/toml",
"version": "v0.3.1",
"time": 1647013364.2849653,
"advisories": []
},
"github.com/gin-gonic/gin v1.6.0": {
"name": "github.com/gin-gonic/gin",
"version": "v1.6.0",
"time": 1647079513.4152226,
"advisories": [
{
"source": "GHSA",
"sourceID": "GHSA-h395-qcrw-5vmq",
"sourceURL": "https://github.com/advisories/GHSA-h395-qcrw-5vmq",
"title": "Inconsistent Interpretation of HTTP Requests in github.com/gin-gonic/gin",
"description": "This affects all versions of package github.com/gin-gonic/gin under 1.7.0. When gin is exposed directly to the internet, a client's IP can be spoofed by setting the X-Forwarded-For header.",
"referenceURLs": [
"https://nvd.nist.gov/vuln/detail/CVE-2020-28483",
"https://github.com/gin-gonic/gin/pull/2474%23issuecomment-729696437",
"https://github.com/gin-gonic/gin/pull/2632",
"https://github.com/gin-gonic/gin/commit/bfc8ca285eb46dad60e037d57c545cd260636711",
"https://github.com/gin-gonic/gin/releases/tag/v1.7.0",
"https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGINGONICGIN-1041736",
"https://github.com/advisories/GHSA-h395-qcrw-5vmq"
],
"severity": "HIGH",
"gitHubSeverity": "HIGH",
"scoreV3": 7.1,
"aliases": [
"CVE-2020-28483"
],
"disclosedAt": 1624470801,
"observedAt": 1639539014
},
{
"source": "OSV",
"sourceID": "GO-2021-0052",
"sourceURL": "https://osv.dev/vulnerability/GO-2021-0052",
"title": "GO-2021-0052",
"description": "Due to improper HTTP header santization, a malicious user can spoof their\nsource IP address by setting the X-Forwarded-For header. This may allow\na user to bypass IP based restrictions, or obfuscate their true source.\n",
"referenceURLs": [
"https://github.com/gin-gonic/gin/commit/bfc8ca285eb46dad60e037d57c545cd260636711",
"https://github.com/gin-gonic/gin/pull/2474",
"https://github.com/gin-gonic/gin/pull/2632",
"https://go.googlesource.com/vulndb/+/refs/heads/master/reports/GO-2021-0052.yaml",
"https://storage.googleapis.com/go-vulndb/byID/GO-2021-0052.json"
],
"severity": "UNKNOWN",
"gitHubSeverity": "UNKNOWN",
"aliases": [
"CVE-2020-28483"
],
"disclosedAt": 1618401600,
"observedAt": 1639517407
}
]
},
"github.com/influxdata/influx-cli/v2 v2.2.1-0.20211129214229-4c0fae3a4c0d": {
"name": "github.com/influxdata/influx-cli/v2",
"version": "v2.2.1-0.20211129214229-4c0fae3a4c0d",
"time": 1647079514.3242984,
"advisories": []
},
"gopkg.in/square/go-jose.v2 v2.3.1": {
"name": "gopkg.in/square/go-jose.v2",
"version": "v2.3.1",
"time": 1647079514.877068,
"advisories": []
},
"github.com/burntsushi/toml v0.3.1": {
"name": "github.com/burntsushi/toml",
"version": "v0.3.1",
"time": 1647079512.3689818,
"advisories": []
}
}