{"id":"GHSA-fgwp-pwqq-g3w4","summary":"Bloom Uncontrolled Search Path Element vulnerability","details":"Uncontrolled Search Path Element in GitHub repository bits-and-blooms/bloom prior to 3.3.1.","aliases":["CVE-2023-0247"],"modified":"2023-11-08T04:11:06.754326Z","published":"2023-01-12T18:30:28Z","database_specific":{"cwe_ids":["CWE-427"],"nvd_published_at":"2023-01-12T17:15:00Z","github_reviewed_at":"2023-01-12T23:41:33Z","github_reviewed":true,"severity":"HIGH"},"references":[{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-0247"},{"type":"WEB","url":"https://github.com/bits-and-blooms/bloom/commit/658f1393d4c52254a3d22f5f64f217405ec5fefb"},{"type":"PACKAGE","url":"https://github.com/bits-and-blooms/bloom"},{"type":"WEB","url":"https://huntr.dev/bounties/cab50e44-0995-4ac1-a5d5-889293b9704f"}],"affected":[{"package":{"name":"github.com/bits-and-blooms/bloom","ecosystem":"Go","purl":"pkg:golang/github.com/bits-and-blooms/bloom"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"3.3.1"}]}],"database_specific":{"source":"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2023/01/GHSA-fgwp-pwqq-g3w4/GHSA-fgwp-pwqq-g3w4.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}]}