8000 x/vulndb: potential Go vuln in github.com/usememos/memos: GHSA-pp3p-6jjh-rmg7 · Issue #1261 · golang/vulndb · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content
x/vulndb: potential Go vuln in github.com/usememos/memos: GHSA-pp3p-6jjh-rmg7 #1261
New issue
New issue
Closed
Closed
x/vulndb: potential Go vuln in github.com/usememos/memos: GHSA-pp3p-6jjh-rmg7#1261
Assignees
zpavlinovic
Labels
excluded: EFFECTIVELY_PRIVATEThis vulnerability exists in a package can be imported, but isn't meant to be outside that module.
@GoVulnBot

Description

@GoVulnBot
GoVulnBot
opened on Dec 31, 2022

In GitHub Security Advisory GHSA-pp3p-6jjh-rmg7, there is a vulnerability in the following Go packages or modules:

Unit Fixed Vulnerable Ranges
github.com/usememos/memos <= 0.9.0

Cross references:
No existing reports found with this module or alias.

See doc/triage.md for instructions on how to triage this report.

modules:
  - module: TODO
    versions:
      - {}
    packages:
      - package: github.com/usememos/memos
description: An Improper Access Control vulnerability in usememos/memos 0.9.0 and
    prior can result in a user deleting others' public and private memos.
cves:
  - CVE-2022-4806
ghsas:
  - GHSA-pp3p-6jjh-rmg7

Metadata

Metadata

Assignees

Labels

excluded: EFFECTIVELY_PRIVATEThis vulnerability exists in a package can be imported, but isn't meant to be outside that module.

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions
    0