GO-2024-2977

See a problem?
Please try reporting it to the source first.

Source

https://pkg.go.dev/vuln/GO-2024-2977

Import Source

https://vuln.go.dev/ID/GO-2024-2977.json

JSON Data

https://api.osv.dev/v1/vulns/GO-2024-2977

Aliases

Published

2024-07-09T16:55:06Z

Modified

2024-07-09T17:29:54.092575Z

Summary

IP addresses were encoded in the wrong byte order in github.com/google/nftables

Details

IP addresses were encoded in the wrong byte order, resulting in an nftables configuration which did not work as intended (might block or not block the desired addresses).

Database specific

{
    "url": "https://pkg.go.dev/vuln/GO-2024-2977",
    "review_status": "REVIEWED"
}

References

Affected packages

Go / github.com/google/nftables

Package

Name: github.com/google/nftables; View open source insights on deps.dev
Purl: pkg:golang/github.com/google/nftables

Affected ranges

Type: SEMVER
Events: Introduced

0.1.0

Fixed

0.2.0

Ecosystem specific

{
    "imports": [
        {
            "symbols": [
                "Conn.AddSet"
            ],
            "path": "github.com/google/nftables"
        }
    ]
}