data/reports: unexclude 20 reports (14)

  - data/reports/GO-2022-0314.yaml
  - data/reports/GO-2022-0315.yaml
  - data/reports/GO-2022-0325.yaml
  - data/reports/GO-2022-0328.yaml
  - data/reports/GO-2022-0329.yaml
  - data/reports/GO-2022-0339.yaml
  - data/reports/GO-2022-0340.yaml
  - data/reports/GO-2022-0342.yaml
  - data/reports/GO-2022-0344.yaml
  - data/reports/GO-2022-0348.yaml
  - data/reports/GO-2022-0350.yaml
  - data/reports/GO-2022-0351.yaml
  - data/reports/GO-2022-0353.yaml
  - data/reports/GO-2022-0354.yaml
  - data/reports/GO-2022-0357.yaml
  - data/reports/GO-2022-0358.yaml
  - data/reports/GO-2022-0359.yaml
  - data/reports/GO-2022-0360.yaml
  - data/reports/GO-2022-0363.yaml
  - data/reports/GO-2022-0365.yaml

Updates #314
Updates #315
Updates #325
Updates #328
Updates #329
Updates #339
Updates #340
Updates #342
Updates #344
Updates #348
Updates #350
Updates #351
Updates #353
Updates #354
Updates #357
Updates #358
Updates #359
Updates #360
Updates #363
Updates #365

Change-Id: I88cff49c8c254ce8df68a3fb336657e69cb8ed58
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/607216
Commit-Queue: Tatiana Bradley <tatianabradley@google.com>
Auto-Submit: Tatiana Bradley <tatianabradley@google.com>
Reviewed-by: Damien Neil <dneil@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>

data/osv/GO-2022-0314.json

@@ -0,0 +1,56 @@
+{
+  "schema_version": "1.3.1",
+  "id": "GO-2022-0314",
+  "modified": "0001-01-01T00:00:00Z",
+  "published": "0001-01-01T00:00:00Z",
+  "aliases": [
+    "CVE-2021-45329",
+    "GHSA-r3gq-wxqf-q4gh"
+  ],
+  "summary": "Cross-site Scripting in Gitea in github.com/go-gitea/gitea",
+  "details": "Cross-site Scripting in Gitea in github.com/go-gitea/gitea",
+  "affected": [
+    {
+      "package": {
+        "name": "github.com/go-gitea/gitea",
+        "ecosystem": "Go"
+      },
+      "ranges": [
+        {
+          "type": "SEMVER",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "fixed": "1.5.1"
+            }
+          ]
+        }
+      ],
+      "ecosystem_specific": {}
+    }
+  ],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://github.com/advisories/GHSA-r3gq-wxqf-q4gh"
+    },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45329"
+    },
+    {
+      "type": "FIX",
+      "url": "https://github.com/go-gitea/gitea/pull/4710"
+    },
+    {
+      "type": "WEB",
+      "url": "https://blog.gitea.io/2018/09/gitea-1.5.1-is-released"
+    }
+  ],
+  "database_specific": {
+    "url": "https://pkg.go.dev/vuln/GO-2022-0314",
+    "review_status": "UNREVIEWED"
+  }
+}

data/osv/GO-2022-0315.json

@@ -0,0 +1,56 @@
+{
+  "schema_version": "1.3.1",
+  "id": "GO-2022-0315",
+  "modified": "0001-01-01T00:00:00Z",
+  "published": "0001-01-01T00:00:00Z",
+  "aliases": [
+    "CVE-2021-45331",
+    "GHSA-hfmf-q69j-6m5p"
+  ],
+  "summary": "Reuse of one time passwords allowed in Gitea in code.gitea.io/gitea",
+  "details": "Reuse of one time passwords allowed in Gitea in code.gitea.io/gitea",
+  "affected": [
+    {
+      "package": {
+        "name": "code.gitea.io/gitea",
+        "ecosystem": "Go"
+      },
+      "ranges": [
+        {
+          "type": "SEMVER",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "fixed": "1.5.0"
+            }
+          ]
+        }
+      ],
+      "ecosystem_specific": {}
+    }
+  ],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://github.com/advisories/GHSA-hfmf-q69j-6m5p"
+    },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-45331"
+    },
+    {
+      "type": "WEB",
+      "url": "https://blog.gitea.io/2018/08/gitea-1.5.0-is-released"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/go-gitea/gitea/pull/3878"
+    }
+  ],
+  "database_specific": {
+    "url": "https://pkg.go.dev/vuln/GO-2022-0315",
+    "review_status": "UNREVIEWED"
+  }
+}

data/osv/GO-2022-0325.json

@@ -0,0 +1,77 @@
+{
+  "schema_version": "1.3.1",
+  "id": "GO-2022-0325",
+  "modified": "0001-01-01T00:00:00Z",
+  "published": "0001-01-01T00:00:00Z",
+  "aliases": [
+    "CVE-2022-23632",
+    "GHSA-hrhx-6h34-j5hc"
+  ],
+  "summary": "Skip the router TLS configuration when the host header is an FQDN in github.com/traefik/traefik",
+  "details": "Skip the router TLS configuration when the host header is an FQDN in github.com/traefik/traefik",
+  "affected": [
+    {
+      "package": {
+        "name": "github.com/traefik/traefik",
+        "ecosystem": "Go"
+      },
+      "ranges": [
+        {
+          "type": "SEMVER",
+          "events": [
+            {
+              "introduced": "0"
+            }
+          ]
+        }
+      ],
+      "ecosystem_specific": {}
+    },
+    {
+      "package": {
+        "name": "github.com/traefik/traefik/v2",
+        "ecosystem": "Go"
+      },
+      "ranges": [
+        {
+          "type": "SEMVER",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "fixed": "2.6.1"
+            }
+          ]
+        }
+      ],
+      "ecosystem_specific": {}
+    }
+  ],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://github.com/traefik/traefik/security/advisories/GHSA-hrhx-6h34-j5hc"
+    },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-23632"
+    },
+    {
+      "type": "FIX",
+      "url": "https://github.com/traefik/traefik/pull/8764"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/traefik/traefik/releases/tag/v2.6.1"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
+    }
+  ],
+  "database_specific": {
+    "url": "https://pkg.go.dev/vuln/GO-2022-0325",
+    "review_status": "UNREVIEWED"
+  }
+}