{ "schema_version": "1.4.0", "id": "GHSA-wxwq-525w-hcqx", "modified": "2023-03-03T23:05:28Z", "published": "2023-03-03T23:05:28Z", "aliases": [], "summary": "Yapscan Denial of Service vulnerability in report server", "details": "### Impact\n\nIf you use the report server, it may be vulnerable to a Denial of Service attack.\n\n### Patches\n\nHas been patched in v0.19.2.\n\n### References\n\nThe vulnerability was inherited by the following upstream vulnerabilites\n\n- [golang.org/x/text < v0.3.7](https://github.com/advisories/GHSA-ppp9-7jff-5vj2)\n- [golang.org/x/net < 0.0.0-20220906165146-f3363e06e74c](https://github.com/advisories/GHSA-69cg-p879-7622)\n", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H" } ], "affected": [ { "package": { "ecosystem": "Go", "name": "github.com/fkie-cad/yapscan" }, "ranges": [ { "type": "ECOSYSTEM", "events": [ { "introduced": "0.18.0" }, { "fixed": "0.19.2" } ] } ] } ], "references": [ { "type": "WEB", "url": "https://github.com/fkie-cad/yapscan/security/advisories/GHSA-wxwq-525w-hcqx" }, { "type": "WEB", "url": "https://github.com/fkie-cad/yapscan/pull/46" }, { "type": "WEB", "url": "https://github.com/fkie-cad/yapscan/commit/242b4b25b107deacddd4ca276b45d23e16bb3b88" }, { "type": "WEB", "url": "https://github.com/fkie-cad/yapscan/commit/65f277662c6475eb3f592e0e4fdfee902ecd9326" }, { "type": "ADVISORY", "url": "https://github.com/advisories/GHSA-69cg-p879-7622" }, { "type": "ADVISORY", "url": "https://github.com/advisories/GHSA-ppp9-7jff-5vj2" }, { "type": "PACKAGE", "url": "https://github.com/fkie-cad/yapscan" }, { "type": "WEB", "url": "https://github.com/fkie-cad/yapscan/releases/tag/v0.19.2" } ], "database_specific": { "cwe_ids": [], "severity": "HIGH", "github_reviewed": true, "github_reviewed_at": "2023-03-03T23:05:28Z", "nvd_published_at": null } }