data/reports: unexclude 20 reports (22)

- data/reports/GO-2022-0771.yaml - data/reports/GO-2022-0774.yaml - data/reports/GO-2022-0775.yaml - data/reports/GO-2022-0776.yaml - data/reports/GO-2022-0778.yaml - data/reports/GO-2022-0779.yaml - data/reports/GO-2022-0780.yaml - data/reports/GO-2022-0781.yaml - data/reports/GO-2022-0782.yaml - data/reports/GO-2022-0783.yaml - data/reports/GO-2022-0784.yaml - data/reports/GO-2022-0785.yaml - data/reports/GO-2022-0786.yaml - data/reports/GO-2022-0787.yaml - data/reports/GO-2022-0788.yaml - data/reports/GO-2022-0790.yaml - data/reports/GO-2022-0792.yaml - data/reports/GO-2022-0793.yaml - data/reports/GO-2022-0794.yaml - data/reports/GO-2022-0797.yaml Updates #771 Updates #774 Updates #775 Updates #776 Updates #778 Updates #779 Updates #780 Updates #781 Updates #782 Updates #783 Updates #784 Updates #785 Updates #786 Updates #787 Updates #788 Updates #790 Updates #792 Updates #793 Updates #794 Updates #797 Change-Id: I8fb284b8da3fc24fb554a952c67601a715b55428 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/607224 Auto-Submit: Tatiana Bradley <tatianabradley@google.com> LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Damien Neil <dneil@google.com>
golang · Aug 21, 2024 · 9ef3199 · 9ef3199
1 parent e715f25
commit 9ef3199
Show file tree

Hide file tree

Showing 60 changed files with 1,838 additions and 160 deletions.
diff --git a/data/excluded/GO-2022-0771.yaml b/data/excluded/GO-2022-0771.yaml
diff --git a/data/excluded/GO-2022-0774.yaml b/data/excluded/GO-2022-0774.yaml
diff --git a/data/excluded/GO-2022-0775.yaml b/data/excluded/GO-2022-0775.yaml
diff --git a/data/excluded/GO-2022-0776.yaml b/data/excluded/GO-2022-0776.yaml
diff --git a/data/excluded/GO-2022-0778.yaml b/data/excluded/GO-2022-0778.yaml
diff --git a/data/excluded/GO-2022-0779.yaml b/data/excluded/GO-2022-0779.yaml
diff --git a/data/excluded/GO-2022-0780.yaml b/data/excluded/GO-2022-0780.yaml
diff --git a/data/excluded/GO-2022-0781.yaml b/data/excluded/GO-2022-0781.yaml
diff --git a/data/excluded/GO-2022-0782.yaml b/data/excluded/GO-2022-0782.yaml
diff --git a/data/excluded/GO-2022-0783.yaml b/data/excluded/GO-2022-0783.yaml
diff --git a/data/excluded/GO-2022-0784.yaml b/data/excluded/GO-2022-0784.yaml
diff --git a/data/excluded/GO-2022-0785.yaml b/data/excluded/GO-2022-0785.yaml
diff --git a/data/excluded/GO-2022-0786.yaml b/data/excluded/GO-2022-0786.yaml
diff --git a/data/excluded/GO-2022-0787.yaml b/data/excluded/GO-2022-0787.yaml
diff --git a/data/excluded/GO-2022-0788.yaml b/data/excluded/GO-2022-0788.yaml
diff --git a/data/excluded/GO-2022-0790.yaml b/data/excluded/GO-2022-0790.yaml
diff --git a/data/excluded/GO-2022-0792.yaml b/data/excluded/GO-2022-0792.yaml
diff --git a/data/excluded/GO-2022-0793.yaml b/data/excluded/GO-2022-0793.yaml
diff --git a/data/excluded/GO-2022-0794.yaml b/data/excluded/GO-2022-0794.yaml
diff --git a/data/excluded/GO-2022-0797.yaml b/data/excluded/GO-2022-0797.yaml
diff --git a/data/osv/GO-2022-0771.json b/data/osv/GO-2022-0771.json
@@ -0,0 +1,52 @@
+{
+  "schema_version": "1.3.1",
+  "id": "GO-2022-0771",
+  "modified": "0001-01-01T00:00:00Z",
+  "published": "0001-01-01T00:00:00Z",
+  "aliases": [
+    "CVE-2020-26241",
+    "GHSA-69v6-xc2j-r2jf"
+  ],
+  "summary": "Shallow copy bug in geth in github.com/ethereum/go-ethereum",
+  "details": "Shallow copy bug in geth in github.com/ethereum/go-ethereum",
+  "affected": [
+    {
+      "package": {
+        "name": "github.com/ethereum/go-ethereum",
+        "ecosystem": "Go"
+      },
+      "ranges": [
+        {
+          "type": "SEMVER",
+          "events": [
+            {
+              "introduced": "1.9.7"
+            },
+            {
+              "fixed": "1.9.17"
+            }
+          ]
+        }
+      ],
+      "ecosystem_specific": {}
+    }
+  ],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://github.com/ethereum/go-ethereum/security/advisories/GHSA-69v6-xc2j-r2jf"
+    },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26241"
+    },
+    {
+      "type": "FIX",
+      "url": "https://github.com/ethereum/go-ethereum/commit/295693759e5ded05fec0b2fb39359965b60da785"
+    }
+  ],
+  "database_specific": {
+    "url": "https://pkg.go.dev/vuln/GO-2022-0771",
+    "review_status": "UNREVIEWED"
+  }
+}
diff --git a/data/osv/GO-2022-0774.json b/data/osv/GO-2022-0774.json
@@ -0,0 +1,77 @@
+{
+  "schema_version": "1.3.1",
+  "id": "GO-2022-0774",
+  "modified": "0001-01-01T00:00:00Z",
+  "published": "0001-01-01T00:00:00Z",
+  "aliases": [
+    "CVE-2019-20894",
+    "GHSA-q9mp-79cp-9g8j"
+  ],
+  "summary": "Improper Authentication in github.com/containous/traefik",
+  "details": "Improper Authentication in github.com/containous/traefik",
+  "affected": [
+    {
+      "package": {
+        "name": "github.com/containous/traefik",
+        "ecosystem": "Go"
+      },
+      "ranges": [
+        {
+          "type": "SEMVER",
+          "events": [
+            {
+              "introduced": "0"
+            }
+          ]
+        }
+      ],
+      "ecosystem_specific": {}
+    },
+    {
+      "package": {
+        "name": "github.com/containous/traefik/v2",
+        "ecosystem": "Go"
+      },
+      "ranges": [
+        {
+          "type": "SEMVER",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "fixed": "2.2.2"
+            }
+          ]
+        }
+      ],
+      "ecosystem_specific": {}
+    }
+  ],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://github.com/advisories/GHSA-q9mp-79cp-9g8j"
+    },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2019-20894"
+    },
+    {
+      "type": "FIX",
+      "url": "https://github.com/containous/traefik/commit/2b353971696717e980521b0e4baa1eba66c8d2bf"
+    },
+    {
+      "type": "FIX",
+      "url": "https://github.com/containous/traefik/pull/7008"
+    },
+    {
+      "type": "REPORT",
+      "url": "https://github.com/containous/traefik/issues/5312"
+    }
+  ],
+  "database_specific": {
+    "url": "https://pkg.go.dev/vuln/GO-2022-0774",
+    "review_status": "UNREVIEWED"
+  }
+}
diff --git a/data/osv/GO-2022-0775.json b/data/osv/GO-2022-0775.json
@@ -0,0 +1,56 @@
+{
+  "schema_version": "1.3.1",
+  "id": "GO-2022-0775",
+  "modified": "0001-01-01T00:00:00Z",
+  "published": "0001-01-01T00:00:00Z",
+  "aliases": [
+    "CVE-2020-26240",
+    "GHSA-v592-xf75-856p"
+  ],
+  "summary": "Erroneous Proof of Work calculation in geth in github.com/ethereum/go-ethereum",
+  "details": "Erroneous Proof of Work calculation in geth in github.com/ethereum/go-ethereum",
+  "affected": [
+    {
+      "package": {
+        "name": "github.com/ethereum/go-ethereum",
+        "ecosystem": "Go"
+      },
+      "ranges": [
+        {
+          "type": "SEMVER",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "fixed": "1.9.24"
+            }
+          ]
+        }
+      ],
+      "ecosystem_specific": {}
+    }
+  ],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://github.com/ethereum/go-ethereum/security/advisories/GHSA-v592-xf75-856p"
+    },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2020-26240"
+    },
+    {
+      "type": "FIX",
+      "url": "https://github.com/ethereum/go-ethereum/commit/d990df909d7839640143344e79356754384dcdd0"
+    },
+    {
+      "type": "FIX",
+      "url": "https://github.com/ethereum/go-ethereum/pull/21793"
+    }
+  ],
+  "database_specific": {
+    "url": "https://pkg.go.dev/vuln/GO-2022-0775",
+    "review_status": "UNREVIEWED"
+  }
+}