data/reports: unexclude 20 reports (3)

- data/reports/GO-2023-1590.yaml - data/reports/GO-2023-1592.yaml - data/reports/GO-2023-1596.yaml - data/reports/GO-2023-1607.yaml - data/reports/GO-2023-1612.yaml - data/reports/GO-2023-1613.yaml - data/reports/GO-2023-1614.yaml - data/reports/GO-2023-1615.yaml - data/reports/GO-2023-1616.yaml - data/reports/GO-2023-1617.yaml - data/reports/GO-2023-1618.yaml - data/reports/GO-2023-1619.yaml - data/reports/GO-2023-1620.yaml - data/reports/GO-2023-1622.yaml - data/reports/GO-2023-1627.yaml - data/reports/GO-2023-1628.yaml - data/reports/GO-2023-1629.yaml - data/reports/GO-2023-1630.yaml - data/reports/GO-2023-1633.yaml - data/reports/GO-2023-1639.yaml Updates #1590 Updates #1592 Updates #1596 Updates #1607 Updates #1612 Updates #1613 Updates #1614 Updates #1615 Updates #1616 Updates #1617 Updates #1618 Updates #1619 Updates #1620 Updates #1622 Updates #1627 Updates #1628 Updates #1629 Updates #1630 Updates #1633 Updates #1639 Change-Id: I2441a82107b88955ddb98c7d3c55b7b2fe3e3aa7 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/606783 LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Reviewed-by: Damien Neil <dneil@google.com> Auto-Submit: Tatiana Bradley <tatianabradley@google.com>
golang · Aug 20, 2024 · f2aa411 · f2aa411
1 parent a585aa5
commit f2aa411
Show file tree

Hide file tree

Showing 60 changed files with 1,726 additions and 156 deletions.
diff --git a/data/excluded/GO-2023-1590.yaml b/data/excluded/GO-2023-1590.yaml
diff --git a/data/excluded/GO-2023-1592.yaml b/data/excluded/GO-2023-1592.yaml
diff --git a/data/excluded/GO-2023-1596.yaml b/data/excluded/GO-2023-1596.yaml
diff --git a/data/excluded/GO-2023-1607.yaml b/data/excluded/GO-2023-1607.yaml
diff --git a/data/excluded/GO-2023-1612.yaml b/data/excluded/GO-2023-1612.yaml
diff --git a/data/excluded/GO-2023-1613.yaml b/data/excluded/GO-2023-1613.yaml
diff --git a/data/excluded/GO-2023-1614.yaml b/data/excluded/GO-2023-1614.yaml
diff --git a/data/excluded/GO-2023-1615.yaml b/data/excluded/GO-2023-1615.yaml
diff --git a/data/excluded/GO-2023-1616.yaml b/data/excluded/GO-2023-1616.yaml
diff --git a/data/excluded/GO-2023-1617.yaml b/data/excluded/GO-2023-1617.yaml
diff --git a/data/excluded/GO-2023-1618.yaml b/data/excluded/GO-2023-1618.yaml
diff --git a/data/excluded/GO-2023-1619.yaml b/data/excluded/GO-2023-1619.yaml
diff --git a/data/excluded/GO-2023-1620.yaml b/data/excluded/GO-2023-1620.yaml
diff --git a/data/excluded/GO-2023-1622.yaml b/data/excluded/GO-2023-1622.yaml
diff --git a/data/excluded/GO-2023-1627.yaml b/data/excluded/GO-2023-1627.yaml
diff --git a/data/excluded/GO-2023-1628.yaml b/data/excluded/GO-2023-1628.yaml
diff --git a/data/excluded/GO-2023-1629.yaml b/data/excluded/GO-2023-1629.yaml
diff --git a/data/excluded/GO-2023-1630.yaml b/data/excluded/GO-2023-1630.yaml
diff --git a/data/excluded/GO-2023-1633.yaml b/data/excluded/GO-2023-1633.yaml
diff --git a/data/excluded/GO-2023-1639.yaml b/data/excluded/GO-2023-1639.yaml
diff --git a/data/osv/GO-2023-1590.json b/data/osv/GO-2023-1590.json
@@ -0,0 +1,64 @@
+{
+  "schema_version": "1.3.1",
+  "id": "GO-2023-1590",
+  "modified": "0001-01-01T00:00:00Z",
+  "published": "0001-01-01T00:00:00Z",
+  "aliases": [
+    "CVE-2015-10085",
+    "GHSA-wr8h-w969-36m8"
+  ],
+  "summary": "GoPistolet vulnerable to Improper Resource Shutdown or Release in github.com/gopistolet/gopistolet",
+  "details": "GoPistolet vulnerable to Improper Resource Shutdown or Release in github.com/gopistolet/gopistolet",
+  "affected": [
+    {
+      "package": {
+        "name": "github.com/gopistolet/gopistolet",
+        "ecosystem": "Go"
+      },
+      "ranges": [
+        {
+          "type": "SEMVER",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "fixed": "0.0.0-20210418093520-a5395f728f8d"
+            }
+          ]
+        }
+      ],
+      "ecosystem_specific": {}
+    }
+  ],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://github.com/advisories/GHSA-wr8h-w969-36m8"
+    },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-10085"
+    },
+    {
+      "type": "FIX",
+      "url": "https://github.com/gopistolet/gopistolet/commit/b91aa4674d460993765884e8463c70e6d886bc90"
+    },
+    {
+      "type": "FIX",
+      "url": "https://github.com/gopistolet/gopistolet/pull/27"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?ctiid.221506"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?id.221506"
+    }
+  ],
+  "database_specific": {
+    "url": "https://pkg.go.dev/vuln/GO-2023-1590",
+    "review_status": "UNREVIEWED"
+  }
+}
diff --git a/data/osv/GO-2023-1592.json b/data/osv/GO-2023-1592.json
@@ -0,0 +1,56 @@
+{
+  "schema_version": "1.3.1",
+  "id": "GO-2023-1592",
+  "modified": "0001-01-01T00:00:00Z",
+  "published": "0001-01-01T00:00:00Z",
+  "aliases": [
+    "CVE-2023-0934",
+    "GHSA-6cvf-m58q-h9wf"
+  ],
+  "summary": "Answer vulnerable to Cross-site Scripting in github.com/answerdev/answer",
+  "details": "Answer vulnerable to Cross-site Scripting in github.com/answerdev/answer",
+  "affected": [
+    {
+      "package": {
+        "name": "github.com/answerdev/answer",
+        "ecosystem": "Go"
+      },
+      "ranges": [
+        {
+          "type": "SEMVER",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "fixed": "1.0.5"
+            }
+          ]
+        }
+      ],
+      "ecosystem_specific": {}
+    }
+  ],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://github.com/advisories/GHSA-6cvf-m58q-h9wf"
+    },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-0934"
+    },
+    {
+      "type": "FIX",
+      "url": "https://github.com/answerdev/answer/commit/edc06942d51fa8e56a134c5c7e5c8826d9260da0"
+    },
+    {
+      "type": "WEB",
+      "url": "https://huntr.dev/bounties/cd213098-5bab-487f-82c7-13698ad43b51"
+    }
+  ],
+  "database_specific": {
+    "url": "https://pkg.go.dev/vuln/GO-2023-1592",
+    "review_status": "UNREVIEWED"
+  }
+}
diff --git a/data/osv/GO-2023-1596.json b/data/osv/GO-2023-1596.json
@@ -0,0 +1,64 @@
+{
+  "schema_version": "1.3.1",
+  "id": "GO-2023-1596",
+  "modified": "0001-01-01T00:00:00Z",
+  "published": "0001-01-01T00:00:00Z",
+  "aliases": [
+    "CVE-2022-2024",
+    "GHSA-pfvh-p8qp-9ww9"
+  ],
+  "summary": "Gogs OS Command Injection vulnerability in gogs.io/gogs",
+  "details": "Gogs OS Command Injection vulnerability in gogs.io/gogs",
+  "affected": [
+    {
+      "package": {
+        "name": "gogs.io/gogs",
+        "ecosystem": "Go"
+      },
+      "ranges": [
+        {
+          "type": "SEMVER",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "fixed": "0.12.11"
+            }
+          ]
+        }
+      ],
+      "ecosystem_specific": {}
+    }
+  ],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://github.com/gogs/gogs/security/advisories/GHSA-pfvh-p8qp-9ww9"
+    },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-2024"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/gogs/gogs/blob/f36eeedbf89328ee70cc3a2e239f6314f9021f58/conf/app.ini#L127-L129"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/gogs/gogs/commit/15d0d6a94be0098a8227b6b95bdf2daed105ec41"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/gogs/gogs/issues/7030"
+    },
+    {
+      "type": "WEB",
+      "url": "https://huntr.dev/bounties/18cf9256-23ab-4098-a769-85f8da130f97"
+    }
+  ],
+  "database_specific": {
+    "url": "https://pkg.go.dev/vuln/GO-2023-1596",
+    "review_status": "UNREVIEWED"
+  }
+}