| route-pattern | /_view_fragments/voltron/pull_requests/show/:user_id/:repository/:id/pull_request_layout(.:format) |
| route-controller | voltron_pull_requests_fragments |
| route-action | pull_request_layout |
| fetch-nonce | v2:5abff4e2-998c-5408-5f66-a257f323084e |
| current-catalog-service-hash | ae870bc5e265a340912cde392f23dad3671a0a881730ffdadd82f2f57d81641b |
| request-id | 89D2:352AFE:C89170:10D1D04:6A4D47FA |
| html-safe-nonce | 92fa9f7a5577c1bcdaeae715e9a44d3a376fc9d4de2cc08eedbdd3e9eb105def |
| visitor-payload | eyJyZWZlcnJlciI6IiIsInJlcXVlc3RfaWQiOiI4OUQyOjM1MkFGRTpDODkxNzA6MTBEMUQwNDo2QTRENDdGQSIsInZpc2l0b3JfaWQiOiIxMzkzNTIxMDgxNzc2NDI0OTU0IiwicmVnaW9uX2VkZ2UiOiJpYWQiLCJyZWdpb25fcmVuZGVyIjoiaWFkIn0= |
| visitor-hmac | 19b4bd11c901e08dbe01648b5532899e49555336a119f0746dfeb0f935864c92 |
| hovercard-subject-tag | pull_request:892867005 |
| github-keyboard-shortcuts | repository,pull-request-list,pull-request-conversation,pull-request-files-changed,copilot |
| google-site-verification | Apib7-x98H0j5cPqHWwSMm6dNU4GmODRoqxLiDzdx9I |
| octolytics-url | https://collector.github.com/github/collect |
| analytics-location | ///voltron/pull_requests_fragments/pull_request_layout |
| fb:app_id | 1401488693436528 |
| apple-itunes-app | app-id=1477376905, app-argument=https://github.com/_view_fragments/voltron/pull_requests/show/github/codeql-go/709/pull_request_layout |
| twitter:image | https://opengraph.githubassets.com/a95f3765bb67dc7b3c4ca2188e4f262b472bf93d7895d6d2b413547270b1d137/github/codeql-go/pull/709 |
| twitter:card | summary_large_image |
| og:image | https://opengraph.githubassets.com/a95f3765bb67dc7b3c4ca2188e4f262b472bf93d7895d6d2b413547270b1d137/github/codeql-go/pull/709 |
| og:image:alt | Using merely pam_authneticate call to grant access to a user can cause security issue. The pam_authenticate call only checks if the username and the password match. It does not check if the account... |
| og:image:width | 1200 |
| og:image:height | 600 |
| og:site_name | GitHub |
| og:type | object |
| hostname | github.com |
| expected-hostname | github.com |
| None | 92571a8944142227b7e19cd10918b1ddd06e5066c1ad5bc7e4769cf6140a87e6 |
| turbo-cache-control | no-cache |
| go-import | github.com/github/codeql-go git https://github.com/github/codeql-go.git |
| octolytics-dimension-user_id | 9919 |
| octolytics-dimension-user_login | github |
| octolytics-dimension-repository_id | 218150891 |
| octolytics-dimension-repository_nwo | github/codeql-go |
| octolytics-dimension-repository_public | true |
| octolytics-dimension-repository_is_fork | false |
| octolytics-dimension-repository_network_root_id | 218150891 |
| octolytics-dimension-repository_network_root_nwo | github/codeql-go |
| turbo-body-classes | logged-out env-production page-responsive |
| disable-turbo | false |
| browser-stats-url | https://api.github.com/_private/browser/stats |
| browser-errors-url | https://api.github.com/_private/browser/errors |
| release | 56fc8347865a14e2ec811533d68f929cf4e0ec19 |
| ui-target | full |
| theme-color | #1e2327 |
| color-scheme | light dark |
| Skip to content | https://github.com/github/codeql-go/pull/709#start-of-content |
|
| https://github.com/ |
|
Sign in
| https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fgithub%2Fcodeql-go%2Fpull%2F709 |
| GitHub CopilotWrite better code with AI | https://github.com/features/copilot |
| GitHub Copilot appDirect agents from issue to merge | https://github.com/features/ai/github-app |
| MCP RegistryNewIntegrate external tools | https://github.com/mcp |
| ActionsAutomate any workflow | https://github.com/features/actions |
| CodespacesInstant dev environments | https://github.com/features/codespaces |
| IssuesPlan and track work | https://github.com/features/issues |
| Code ReviewManage code changes | https://github.com/features/code-review |
| GitHub Advanced SecurityFind and fix vulnerabilities | https://github.com/security/advanced-security |
| Code securitySecure your code as you build | https://github.com/security/advanced-security/code-security |
| Secret protectionStop leaks before they start | https://github.com/security/advanced-security/secret-protection |
| Why GitHub | https://github.com/why-github |
| Documentation | https://docs.github.com |
| Blog | https://github.blog |
| Changelog | https://github.blog/changelog |
| Marketplace | https://github.com/marketplace |
| View all features | https://github.com/features |
| Enterprises | https://github.com/enterprise |
| Small and medium teams | https://github.com/team |
| Startups | https://github.com/enterprise/startups |
| Nonprofits | https://github.com/solutions/industry/nonprofits |
| App Modernization | https://github.com/solutions/use-case/app-modernization |
| DevSecOps | https://github.com/solutions/use-case/devsecops |
| DevOps | https://github.com/solutions/use-case/devops |
| CI/CD | https://github.com/solutions/use-case/ci-cd |
| View all use cases | https://github.com/solutions/use-case |
| Healthcare | https://github.com/solutions/industry/healthcare |
| Financial services | https://github.com/solutions/industry/financial-services |
| Manufacturing | https://github.com/solutions/industry/manufacturing |
| Government | https://github.com/solutions/industry/government |
| View all industries | https://github.com/solutions/industry |
| View all solutions | https://github.com/solutions |
| AI | https://github.com/resources/articles?topic=ai |
| Software Development | https://github.com/resources/articles?topic=software-development |
| DevOps | https://github.com/resources/articles?topic=devops |
| Security | https://github.com/resources/articles?topic=security |
| View all topics | https://github.com/resources/articles |
| Customer stories | https://github.com/customer-stories |
| Events & webinars | https://github.com/resources/events |
| Ebooks & reports | https://github.com/resources/whitepapers |
| Business insights | https://github.com/solutions/executive-insights |
| GitHub Skills | https://skills.github.com |
| Documentation | https://docs.github.com |
| Customer support | https://support.github.com |
| Community forum | https://github.com/orgs/community/discussions |
| Trust center | https://github.com/trust-center |
| Partners | https://github.com/partners |
| View all resources | https://github.com/resources |
| GitHub SponsorsFund open source developers | https://github.com/sponsors |
| Security Lab | https://securitylab.github.com |
| Maintainer Community | https://maintainers.github.com |
| Accelerator | https://github.com/accelerator |
| GitHub Stars | https://stars.github.com |
| Archive Program | https://archiveprogram.github.com |
| Topics | https://github.com/topics |
| Trending | https://github.com/trending |
| Collections | https://github.com/collections |
| Enterprise platformAI-powered developer platform | https://github.com/enterprise |
| GitHub Advanced SecurityEnterprise-grade security features | https://github.com/security/advanced-security |
| Copilot for BusinessEnterprise-grade AI features | https://github.com/features/copilot/copilot-business |
| Premium SupportEnterprise-grade 24/7 support | https://github.com/premium-support |
| Pricing | https://github.com/pricing |
| Search syntax tips | https://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax |
| documentation | https://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax |
|
Sign in
| https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fgithub%2Fcodeql-go%2Fpull%2F709 |
|
Sign up
| https://github.com/signup?ref_cta=Sign+up&ref_loc=header+logged+out&ref_page=%2F%3Cuser-name%3E%2F%3Crepo-name%3E%2Fvoltron%2Fpull_requests_fragments%2Fpull_request_layout&source=header-repo&source_repo=github%2Fcodeql-go |
| Reload | https://github.com/github/codeql-go/pull/709 |
| Reload | https://github.com/github/codeql-go/pull/709 |
| Reload | https://github.com/github/codeql-go/pull/709 |
| Please reload this page | https://github.com/github/codeql-go/pull/709 |
|
github
| https://github.com/github |
| codeql-go | https://github.com/github/codeql-go |
|
Notifications
| https://github.com/login?return_to=%2Fgithub%2Fcodeql-go |
|
Fork
128
| https://github.com/login?return_to=%2Fgithub%2Fcodeql-go |
|
Star
470
| https://github.com/login?return_to=%2Fgithub%2Fcodeql-go |
|
Code
| https://github.com/github/codeql-go |
|
Issues
1
| https://github.com/github/codeql-go/issues |
|
Pull requests
6
| https://github.com/github/codeql-go/pulls |
|
Actions
| https://github.com/github/codeql-go/actions |
|
Projects
| https://github.com/github/codeql-go/projects |
|
Models
| https://github.com/github/codeql-go/models |
|
Security and quality
0
| https://github.com/github/codeql-go/security |
|
Insights
| https://github.com/github/codeql-go/pulse |
|
Code
| https://github.com/github/codeql-go |
|
Issues
| https://github.com/github/codeql-go/issues |
|
Pull requests
| https://github.com/github/codeql-go/pulls |
|
Actions
| https://github.com/github/codeql-go/actions |
|
Projects
| https://github.com/github/codeql-go/projects |
|
Models
| https://github.com/github/codeql-go/models |
|
Security and quality
| https://github.com/github/codeql-go/security |
|
Insights
| https://github.com/github/codeql-go/pulse |
| ghost | https://github.com/ghost |
| main | https://github.com/github/codeql-go/tree/main |
| Conversation | https://github.com/github/codeql-go/pull/709 |
| Commits1 (1) | https://github.com/github/codeql-go/pull/709/commits |
| Checks | https://github.com/github/codeql-go/pull/709/checks |
| Files changed | https://github.com/github/codeql-go/pull/709/files |
| Golang : Add Query To Detect PAM Authorization Bugs | https://github.com/github/codeql-go/pull/709#top |
| ghost | https://github.com/ghost |
| main | https://github.com/github/codeql-go/tree/main |
|
| https://github.com/ghost |
| ghost | https://github.com/ghost |
| Mar 29, 2022 | https://github.com/github/codeql-go/pull/709#issue-1184652850 |
| Please reload this page | https://github.com/github/codeql-go/pull/709 |
| gogs/gogs | https://www.github.com/gogs/gogs |
| go-gitea/gitea | https://www.github.com/go-gitea/gitea |
| CVE-2022-0871 | https://nvd.nist.gov/vuln/detail/CVE-2022-0871 |
| CVE-2022-0905 | https://nvd.nist.gov/vuln/detail/CVE-2022-0905 |
| global taint flow | https://lgtm.com/query/8603256578345367962/ |
| local data flow | https://lgtm.com/query/5088026685932206344/ |
| Please reload this page | https://github.com/github/codeql-go/pull/709 |
| code owner | https://github.com/github/codeql-go/blob/be412b1b5d4abada88f6de1f70b72ba027778a75/CODEOWNERS#L1 |
| March 29, 2022 10:30 | https://github.com/github/codeql-go/pull/709#event-6325428668 |
| https://github.com/smowton |
| smowton | https://github.com/smowton |
| Mar 29, 2022 | https://github.com/github/codeql-go/pull/709#issuecomment-1082078880 |
| Please reload this page | https://github.com/github/codeql-go/pull/709 |
|
Mar 29, 2022
| https://github.com/github/codeql-go/pull/709#ref-issue-1185351317 |
|
Golang : Add Query To Detect PAM Authorization Bugs
github/securitylab#562
| https://github.com/github/securitylab/issues/562 |
| Golang : Add Query To Detect PAM Authorization Bugs | https://github.com/github/codeql-go/pull/709/commits/1264180503ee3e1a7add3420e8d7faae67b2fef3 |
| 1264180 | https://github.com/github/codeql-go/pull/709/commits/1264180503ee3e1a7add3420e8d7faae67b2fef3 |
| https://www.github.com/gogs/gogs | https://www.github.com/gogs/gogs |
| https://www.github.com/go-gitea/gitea | https://www.github.com/go-gitea/gitea |
| CVE-2022-0871 | https://github.com/advisories/GHSA-gw5h-h6hj-f56g |
| https://nvd.nist.gov/vuln/detail/CVE-2022-0871 | https://nvd.nist.gov/vuln/detail/CVE-2022-0871 |
| CVE-2022-0905 | https://github.com/advisories/GHSA-jr9c-h74f-2v28 |
| https://nvd.nist.gov/vuln/detail/CVE-2022-0905 | https://nvd.nist.gov/vuln/detail/CVE-2022-0905 |
| https://lgtm.com/query/8603256578345367962/ | https://lgtm.com/query/8603256578345367962/ |
| https://lgtm.com/query/5088026685932206344/ | https://lgtm.com/query/5088026685932206344/ |
|
Apr 19, 2022
| https://github.com/github/codeql-go/pull/709#ref-pullrequest-1208290358 |
|
CPP: PAM Authorization Bypass
github/codeql#8775
| https://github.com/github/codeql/pull/8775 |
|
Security Vulnerability Found
rtgnx/PAMAuthd#2
| https://github.com/rtgnx/PAMAuthd/issues/2 |
|
Security Vulnerability Found
rtgnx/PAMAuthd#3
| https://github.com/rtgnx/PAMAuthd/issues/3 |
|
Security Vulnerability Found
emersion/webpass#10
| https://github.com/emersion/webpass/issues/10 |
|
Security Vulnerability Found
hsukvn/go-gin-graphql-template#3
| https://github.com/hsukvn/go-gin-graphql-template/issues/3 |
|
Security Vulnerability Found
inoc603/go-sshd#1
| https://github.com/inoc603/go-sshd/issues/1 |
|
Security Vulnerability Found
metrumresearchgroup/tekmor#1
| https://github.com/metrumresearchgroup/tekmor/issues/1 |
|
Security Vulnerability Found
nDenerserve/SmartPi#120
| https://github.com/nDenerserve/SmartPi/issues/120 |
|
Security Vulnerability Found
netsec-ethz/scion-apps#228
| https://github.com/netsec-ethz/scion-apps/issues/228 |
|
Security Vulnerability Found
scusi/spipe#1
| https://github.com/scusi/spipe/issues/1 |
| emersion | https://github.com/emersion |
|
May 24, 2022
| https://github.com/github/codeql-go/pull/709#ref-commit-1f543fd |
|
| https://github.com/emersion |
| # Authorization Bypass due to incorrect usage of PAM library | https://github.com/emersion/webpass/commit/1f543fdea8adee31c13b9cba5980a7985de84a50 |
| 1f543fd | https://github.com/emersion/webpass/commit/1f543fdea8adee31c13b9cba5980a7985de84a50 |
| https://lgtm.com/projects/g/emersion/webpass/snapshot/c3217efc9100880b960b1e085c30d5f95c3d3471/files/config/auth_pam.go#x72bc4d6069cdb224:1 | https://lgtm.com/projects/g/emersion/webpass/snapshot/c3217efc9100880b960b1e085c30d5f95c3d3471/files/config/auth_pam.go#x72bc4d6069cdb224:1 |
| https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L&version=3.1 | https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L&version=3.1 |
| https://man7.org/linux/man-pages/man3/pam_acct_mgmt.3.html | https://man7.org/linux/man-pages/man3/pam_acct_mgmt.3.html |
| http://cwe.mitre.org/data/definitions/863.html | http://cwe.mitre.org/data/definitions/863.html |
| http://cwe.mitre.org/data/definitions/285.html | http://cwe.mitre.org/data/definitions/285.html |
| github/securitylab#561 | https://github.com/github/securitylab/issues/561 |
| github/codeql-go#709 | https://github.com/github/codeql-go/pull/709 |
| https://codeql.github.com/)* | https://codeql.github.com/)* |
|
Authorization Bypass due to incorrect usage of PAM library
nethesis/nethvoice-report#172
| https://github.com/nethesis/nethvoice-report/pull/172 |
|
Authorization Bypass due to incorrect usage of PAM library
linuxdeepin/dde-daemon#202
| https://github.com/linuxdeepin/dde-daemon/pull/202 |
| matzf | https://github.com/matzf |
|
May 27, 2022
| https://github.com/github/codeql-go/pull/709#ref-commit-ad219e2 |
| sshd: fix authorization bypass due to incorrect usage of PAM library ( | https://github.com/netsec-ethz/scion-apps/commit/ad219e27ae84473c95bc78728b5a1f8e0cc6996d |
| #… | https://github.com/netsec-ethz/scion-apps/pull/229 |
| ad219e2 | https://github.com/netsec-ethz/scion-apps/commit/ad219e27ae84473c95bc78728b5a1f8e0cc6996d |
| …229 | https://github.com/netsec-ethz/scion-apps/pull/229 |
| https://lgtm.com/projects/g/netsec-ethz/scion-apps/snapshot/52ffbbafc507ba067d56eb9ec482b41c19fc84ed/files/ssh/server/ssh/authcallbacks.go#xecf1a4150da8e10d:1 | https://lgtm.com/projects/g/netsec-ethz/scion-apps/snapshot/52ffbbafc507ba067d56eb9ec482b41c19fc84ed/files/ssh/server/ssh/authcallbacks.go#xecf1a4150da8e10d:1 |
| https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L&version=3.1 | https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L&version=3.1 |
| https://man7.org/linux/man-pages/man3/pam_acct_mgmt.3.html | https://man7.org/linux/man-pages/man3/pam_acct_mgmt.3.html |
| http://cwe.mitre.org/data/definitions/863.html | http://cwe.mitre.org/data/definitions/863.html |
| http://cwe.mitre.org/data/definitions/285.html | http://cwe.mitre.org/data/definitions/285.html |
| github/securitylab#561 | https://github.com/github/securitylab/issues/561 |
| github/codeql-go#709 | https://github.com/github/codeql-go/pull/709 |
| https://codeql.github.com/)* | https://codeql.github.com/)* |
| edospadoni | https://github.com/edospadoni |
|
May 27, 2022
| https://github.com/github/codeql-go/pull/709#ref-commit-2f69d7e |
| Not using pam_acct_mgmt after pam_authenticate to check the valid… | https://github.com/nethesis/nethvoice-report/commit/2f69d7ec62c56b3fedbdb09e3fd653a672a81714 |
| 2f69d7e | https://github.com/nethesis/nethvoice-report/commit/2f69d7ec62c56b3fedbdb09e3fd653a672a81714 |
| #172 | https://github.com/nethesis/nethvoice-report/pull/172 |
| https://lgtm.com/projects/g/nethesis/nethvoice-report/snapshot/4c37ee73a69564895b9db44ec2959766f0fa7bfe/files/api/methods/auth.go#x4b20c1ca54cad81d:1 | https://lgtm.com/projects/g/nethesis/nethvoice-report/snapshot/4c37ee73a69564895b9db44ec2959766f0fa7bfe/files/api/methods/auth.go#x4b20c1ca54cad81d:1 |
| https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L&version=3.1 | https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L&version=3.1 |
| https://man7.org/linux/man-pages/man3/pam_acct_mgmt.3.html | https://man7.org/linux/man-pages/man3/pam_acct_mgmt.3.html |
| http://cwe.mitre.org/data/definitions/863.html | http://cwe.mitre.org/data/definitions/863.html |
| http://cwe.mitre.org/data/definitions/285.html | http://cwe.mitre.org/data/definitions/285.html |
| github/securitylab#561 | https://github.com/github/securitylab/issues/561 |
| github/codeql-go#709 | https://github.com/github/codeql-go/pull/709 |
| https://github.com/smowton |
| smowton | https://github.com/smowton |
|
May 30, 2022
| https://github.com/github/codeql-go/pull/709#pullrequestreview-989629176 |
|
View reviewed changes
| https://github.com/github/codeql-go/pull/709/files/1264180503ee3e1a7add3420e8d7faae67b2fef3 |
| smowton | https://github.com/smowton |
| https://github.com/github/codeql-go/pull/709#pullrequestreview-989629176 |
| Learn more | https://docs.github.com/articles/managing-disruptive-comments/#hiding-a-comment |
| https://github.com/github/codeql/tree/main/go | https://github.com/github/codeql/tree/main/go |
| Please reload this page | https://github.com/github/codeql-go/pull/709 |
| ql/src/experimental/CWE-285/PamAuthBypass.ql | https://github.com/github/codeql-go/pull/709/files/1264180503ee3e1a7add3420e8d7faae67b2fef3#diff-7dd4cbba0ced3be6482be143cd2493f2641d464c16a79b815f16bfbb95330b69 |
| Please reload this page | https://github.com/github/codeql-go/pull/709 |
| ql/src/experimental/CWE-285/PamAuthBypass.ql | https://github.com/github/codeql-go/pull/709/files/1264180503ee3e1a7add3420e8d7faae67b2fef3#diff-7dd4cbba0ced3be6482be143cd2493f2641d464c16a79b815f16bfbb95330b69 |
| Please reload this page | https://github.com/github/codeql-go/pull/709 |
| ql/src/experimental/CWE-285/PamAuthBypassLocal.ql | https://github.com/github/codeql-go/pull/709/files/1264180503ee3e1a7add3420e8d7faae67b2fef3#diff-f39b5b0071a9d0cf7cae0ade77b00863609b08a68ea3794b53a8d69ec2a36e50 |
| smowton | https://github.com/smowton |
| May 30, 2022 | https://github.com/github/codeql-go/pull/709#discussion_r885037953 |
| Learn more | https://docs.github.com/articles/managing-disruptive-comments/#hiding-a-comment |
| Please reload this page | https://github.com/github/codeql-go/pull/709 |
| ghost | https://github.com/ghost |
| May 30, 2022 | https://github.com/github/codeql-go/pull/709#discussion_r885048561 |
| Learn more | https://docs.github.com/articles/managing-disruptive-comments/#hiding-a-comment |
| Please reload this page | https://github.com/github/codeql-go/pull/709 |
|
May 30, 2022
| https://github.com/github/codeql-go/pull/709#ref-pullrequest-1253082442 |
|
Golang : Add Query To Detect PAM Authorization Bugs
github/codeql#9377
| https://github.com/github/codeql/pull/9377 |
| https://github.com/ghost |
| ghost | https://github.com/ghost |
| May 30, 2022 | https://github.com/github/codeql-go/pull/709#issuecomment-1141448489 |
| @smowton | https://github.com/smowton |
| github/codeql#9377 | https://github.com/github/codeql/pull/9377 |
| Please reload this page | https://github.com/github/codeql-go/pull/709 |
| May 30, 2022 | https://github.com/github/codeql-go/pull/709#event-6705000274 |
| May 30, 2022 20:04 | https://github.com/github/codeql-go/pull/709#event-6705003160 |
| https://github.co/hiddenchars |
| https://github.com/github/codeql-go/pull/{{ revealButtonHref }} |
| Sign up for free | https://github.com/join?source=comment-repo |
| Sign in | https://github.com/login?return_to=https%3A%2F%2Fgithub.com%2Fgithub%2Fcodeql-go%2Fpull%2F709 |
| Please reload this page | https://github.com/github/codeql-go/pull/709 |
|
| https://github.com/smowton |
|
| https://github.com |
| Terms | https://docs.github.com/site-policy/github-terms/github-terms-of-service |
| Privacy | https://docs.github.com/site-policy/privacy-policies/github-privacy-statement |
| Security | https://github.com/security |
| Status | https://www.githubstatus.com/ |
| Community | https://github.community/ |
| Docs | https://docs.github.com/ |
| Contact | https://support.github.com?tags=dotcom-footer |