{"schema_version":"1.3.1","id":"GO-2023-1377","modified":"2024-08-20T20:25:58Z","published":"2024-08-20T20:25:58Z","aliases":["CVE-2022-23508","GHSA-wr3c-g326-486c"],"summary":"GitOps Run allows for Kubernetes workload injection in github.com/weaveworks/weave-gitops","details":"GitOps Run allows for Kubernetes workload injection in github.com/weaveworks/weave-gitops","affected":[{"package":{"name":"github.com/weaveworks/weave-gitops","ecosystem":"Go"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"0.12.0"}]}],"ecosystem_specific":{}}],"references":[{"type":"ADVISORY","url":"https://github.com/weaveworks/weave-gitops/security/advisories/GHSA-wr3c-g326-486c"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-23508"},{"type":"FIX","url":"https://github.com/weaveworks/weave-gitops/pull/3102/commits/966823bbda8c539a4661e2a4f8607c9307ba6225"},{"type":"FIX","url":"https://github.com/weaveworks/weave-gitops/pull/3114/commits/75268c4d2c8f7e4db22c63d76b451ba6545d117f"}],"database_specific":{"url":"https://pkg.go.dev/vuln/GO-2023-1377","review_status":"UNREVIEWED"}}