Ecosyste.ms: Advisories

An open API service providing security vulnerability metadata for many open source software ecosystems.

Security Advisories: GSA_kwCzR0hTQS1xanZmLTg3NDgtOXc3aM4AA9gc

github.com/google/nftable IP addresses were encoded in the wrong byte order

In https://github.com/google/nftables IP addresses were encoded in the wrong byte order, resulting in an nftables configuration which does not work as intended (might block or not block the desired addresses).

This issue affects:  https://pkg.go.dev/github.com/google/[email protected]

The bug was fixed in the next released version:  https://pkg.go.dev/github.com/google/[email protected]

Permalink: https://github.com/advisories/GHSA-qjvf-8748-9w7h
JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1xanZmLTg3NDgtOXc3aM4AA9gc
Source: GitHub Advisory Database
Origin: Unspecified
Severity: Moderate
Classification: General
Published: 11 days ago
Updated: 5 days ago


Identifiers: GHSA-qjvf-8748-9w7h, CVE-2024-6284
References: Repository: https://github.com/crowdsecurity/cs-firewall-bouncer
Blast Radius: 0.0

Affected Packages

go:github.com/google/nftables
Dependent packages: 239
Dependent repositories: 357
Downloads:
Affected Version Ranges: >= 0.1.0, < 0.2.0
Fixed in: 0.2.0
All affected versions: 0.1.0
All unaffected versions: