gopherbot
commented
1 year ago Change https://go.dev/cl/507896 mentions this issue: data/excluded: batch add 10 excluded reports
Closed GoVulnBot closed 1 year ago
gopherbot
commented
1 year ago Change https://go.dev/cl/507896 mentions this issue: data/excluded: batch add 10 excluded reports
gopherbot
commented
1 year ago Change https://go.dev/cl/507901 mentions this issue: data/excluded: batch add 8 excluded reports
gopherbot
commented
1 year ago Change https://go.dev/cl/507904 mentions this issue: data/excluded: batch add 8 excluded reports
gopherbot
commented
4 months ago Change https://go.dev/cl/592761 mentions this issue: data/reports: unexclude 75 reports
CVE-2023-33190 references github.com/labring/sealos, which may be a Go module.
Description: Sealos is an open source cloud operating system distribution based on the Kubernetes kernel. In versions of Sealos prior to 4.2.0 an improper configuration of role based access control (RBAC) permissions resulted in an attacker being able to obtain cluster control permissions, which could control the entire cluster deployed with Sealos, as well as hundreds of pods and other resources within the cluster. This issue has been addressed in version 4.2.0. Users are advised to upgrade. There are no known workarounds for this vulnerability.
References:
Cross references: No existing reports found with this module or alias.
See doc/triage.md for instructions on how to triage this report.