x/vulndb: potential Go vuln in github.com/fkie-cad/yapscan: GHSA-wxwq-525w-hcqx

[GoVulnBot]

In GitHub Security Advisory GHSA-wxwq-525w-hcqx, there is a vulnerability in the following Go packages or modules:

Unit	Fixed	Vulnerable Ranges
github.com/fkie-cad/yapscan	0.19.2	>= 0.18.0, < 0.19.2

Cross references:

• Module github.com/fkie-cad/yapscan appears in issue #1204 EFFECTIVELY_PRIVATE

See doc/triage.md for instructions on how to triage this report.

modules:
  - module: github.com/fkie-cad/yapscan
    versions:
      - introduced: 0.18.0
        fixed: 0.19.2
    packages:
      - package: github.com/fkie-cad/yapscan
description: |
    ### Impact

    If you use the report server, it may be vulnerable to a Denial of Service attack.

    ### Patches

    Has been patched in v0.19.2.

    ### References

    The vulnerability was inherited by the following upstream vulnerabilites

    - [golang.org/x/text < v0.3.7](https://github.com/advisories/GHSA-ppp9-7jff-5vj2)
    - [golang.org/x/net < 0.0.0-20220906165146-f3363e06e74c](https://github.com/advisories/GHSA-69cg-p879-7622)
ghsas:
  - GHSA-wxwq-525w-hcqx
references:
  - advisory: https://github.com/fkie-cad/yapscan/security/advisories/GHSA-wxwq-525w-hcqx
  - fix: https://github.com/fkie-cad/yapscan/pull/46
  - fix: https://github.com/fkie-cad/yapscan/commit/242b4b25b107deacddd4ca276b45d23e16bb3b88
  - fix: https://github.com/fkie-cad/yapscan/commit/65f277662c6475eb3f592e0e4fdfee902ecd9326
  - advisory: https://github.com/advisories/GHSA-69cg-p879-7622
  - advisory: https://github.com/advisories/GHSA-ppp9-7jff-5vj2
  - web: https://github.com/fkie-cad/yapscan/releases/tag/v0.19.2
  - advisory: https://github.com/advisories/GHSA-wxwq-525w-hcqx

[gopherbot]

Change https://go.dev/cl/473376 mentions this issue: data/excluded: batch add GO-2023-1607

[gopherbot]

Change https://go.dev/cl/592759 mentions this issue: data/reports: unexclude 75 reports

[gopherbot]

Change https://go.dev/cl/606783 mentions this issue: data/reports: unexclude 20 reports (3)