github.com/emicklei/go-restful: CVE-2022-1996 #2486
Assignees
Labels
kind/security
Categorizes issue or PR as related to Trivy's own security or internal vulnerabilities.
Comments
github-actions
bot
added
the
kind/security
|
just for information: $ go mod why github.com/emicklei/go-restful
# github.com/emicklei/go-restful
github.com/aquasecurity/trivy/pkg/k8s/commands
github.com/aquasecurity/trivy-kubernetes/pkg/k8s
k8s.io/cli-runtime/pkg/genericclioptions
k8s.io/client-go/discovery
k8s.io/client-go/openapi
k8s.io/kube-openapi/pkg/handler3
k8s.io/kube-openapi/pkg/common
github.com/emicklei/go-restful |
|
@DmitriyLewen Could you look into it? |
This was referenced Jul 12, 2022
|
Has this been fixed in version 0.30.0? |
|
We're waiting for this PR. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Title
go-restful: Authorization Bypass Through User-Controlled Key
Description
Authorization Bypass Through User-Controlled Key in GitHub repository emicklei/go-restful prior to v3.8.0.
Severity
CRITICAL
Primary URL
https://avd.aquasec.com/nvd/cve-2022-1996
References
The text was updated successfully, but these errors were encountered: