docs: vulnerabilities update (#28065)

This commit is contained in:
Martin Holst Swende 2023-09-06 09:31:11 +02:00 committed by GitHub
parent 5e3047dd7a
commit 4882133cd8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 19 additions and 3 deletions

View File

@ -166,5 +166,21 @@
"severity": "Low", "severity": "Low",
"CVE": "CVE-2022-29177", "CVE": "CVE-2022-29177",
"check": "(Geth\\/v1\\.10\\.(0|1|2|3|4|5|6|7|8|9|10|11|12|13|14|15|16)-.*)$" "check": "(Geth\\/v1\\.10\\.(0|1|2|3|4|5|6|7|8|9|10|11|12|13|14|15|16)-.*)$"
},
{
"name": "DoS via malicious p2p message",
"uid": "GETH-2023-01",
"summary": "A vulnerable node can be made to consume unbounded amounts of memory when handling specially crafted p2p messages sent from an attacker node.",
"description": "A vulnerable node, can be made to consume unbounded amounts of memory when handling specially crafted p2p messages sent from an attacker node. Full details will be available at the Github security [advisory](https://github.com/ethereum/go-ethereum/security/advisories/GHSA-ppjg-v974-84cm)",
"links": [
"https://github.com/ethereum/go-ethereum/security/advisories/GHSA-ppjg-v974-84cm",
"https://geth.ethereum.org/docs/vulnerabilities/vulnerabilities"
],
"introduced": "v1.10.0",
"fixed": "v1.12.1",
"published": "2023-09-06",
"severity": "High",
"CVE": "CVE-2023-40591 ",
"check": "(Geth\\/v1\\.(10|11)\\..*)|(Geth\\/v1\\.12\\.0-.*)$"
} }
] ]

View File

@ -1,4 +1,4 @@
untrusted comment: signature from minisign secret key untrusted comment: signature from minisign secret key
RWQk7Lo5TQgd+9DjD2nXoabMy0BkWSuMiePPOQ9rXlwzvjhRGzEtwPDK3YupbRT9/OmyykFLGHCzWTRKVtVfYqFHL07m0DOOnww= RWQk7Lo5TQgd+yNUDg5S/P8bgddJ1c/pzV2keGeTxMlRTXxQjn5H66khm06OrodLkmNm9jgLYiJ5GRt+C1CmwHty8U/xI+6WhwY=
trusted comment: timestamp:1652258428 file:vulnerabilities.json trusted comment: timestamp:1693984324 file:vulnerabilities.json
jtud9mtIiBRWA+krlBf1WCHgRzkcuzeoe9YLjLfHLEUQosbs+Ru1oaxx+nhxmjKdSRFwhPy1yoV5j9+rw55yCg== cfrt9ByMEn+s2BcMmtsS5AUNlTkhhU0rI0t5ggBPW8oT0tlkXYbsBrdlBvlPyOH3NJQNlbEYRb5Dq1XrQnd0BA==