From bcb698b62a8f42f209bd8a61c42a7817c346f720 Mon Sep 17 00:00:00 2001 From: Tatiana Bradley Date: Tue, 5 Dec 2023 12:33:14 -0500 Subject: [PATCH] data/reports: preserve CVE refs added by CVE program Change-Id: I55d25aa87779cdbe74479cf3bc4df6c2a49ef819 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/547495 LUCI-TryBot-Result: Go LUCI Reviewed-by: Damien Neil --- data/cve/v5/GO-2022-1037.json | 3 ++ data/cve/v5/GO-2022-1038.json | 3 ++ data/cve/v5/GO-2022-1039.json | 3 ++ data/cve/v5/GO-2022-1144.json | 15 ++++++++++ data/cve/v5/GO-2023-1569.json | 3 ++ data/cve/v5/GO-2023-1570.json | 3 ++ data/cve/v5/GO-2023-1571.json | 12 ++++++++ data/cve/v5/GO-2023-1702.json | 3 ++ data/cve/v5/GO-2023-1703.json | 3 ++ data/cve/v5/GO-2023-1704.json | 3 ++ data/cve/v5/GO-2023-1705.json | 3 ++ data/cve/v5/GO-2023-1839.json | 3 ++ data/cve/v5/GO-2023-1840.json | 3 ++ data/cve/v5/GO-2023-1841.json | 3 ++ data/cve/v5/GO-2023-1842.json | 3 ++ data/cve/v5/GO-2023-1878.json | 3 ++ data/cve/v5/GO-2023-1987.json | 3 ++ data/cve/v5/GO-2023-2041.json | 3 ++ data/cve/v5/GO-2023-2042.json | 3 ++ data/cve/v5/GO-2023-2043.json | 3 ++ data/cve/v5/GO-2023-2044.json | 3 ++ data/cve/v5/GO-2023-2045.json | 3 ++ data/cve/v5/GO-2023-2095.json | 3 ++ data/cve/v5/GO-2023-2102.json | 54 ++++++++++++++++++++++++++++++++++ data/reports/GO-2022-1037.yaml | 2 ++ data/reports/GO-2022-1038.yaml | 2 ++ data/reports/GO-2022-1039.yaml | 2 ++ data/reports/GO-2022-1144.yaml | 5 ++++ data/reports/GO-2023-1569.yaml | 2 ++ data/reports/GO-2023-1570.yaml | 2 ++ data/reports/GO-2023-1571.yaml | 4 +++ data/reports/GO-2023-1702.yaml | 2 ++ data/reports/GO-2023-1703.yaml | 2 ++ data/reports/GO-2023-1704.yaml | 1 + data/reports/GO-2023-1705.yaml | 1 + data/reports/GO-2023-1839.yaml | 1 + data/reports/GO-2023-1840.yaml | 1 + data/reports/GO-2023-1841.yaml | 1 + data/reports/GO-2023-1842.yaml | 1 + data/reports/GO-2023-1878.yaml | 1 + data/reports/GO-2023-1987.yaml | 1 + data/reports/GO-2023-2041.yaml | 1 + data/reports/GO-2023-2042.yaml | 1 + data/reports/GO-2023-2043.yaml | 1 + data/reports/GO-2023-2044.yaml | 1 + data/reports/GO-2023-2045.yaml | 1 + data/reports/GO-2023-2095.yaml | 1 + data/reports/GO-2023-2102.yaml | 18 ++++++++++++ 48 files changed, 199 insertions(+) diff --git a/data/cve/v5/GO-2022-1037.json b/data/cve/v5/GO-2022-1037.json index 0be76906..70505a6f 100644 --- a/data/cve/v5/GO-2022-1037.json +++ b/data/cve/v5/GO-2022-1037.json @@ -78,6 +78,9 @@ }, { "url": "https://pkg.go.dev/vuln/GO-2022-1037" + }, + { + "url": "https://security.gentoo.org/glsa/202311-09" } ], "credits": [ diff --git a/data/cve/v5/GO-2022-1038.json b/data/cve/v5/GO-2022-1038.json index 16efa176..a207dfcd 100644 --- a/data/cve/v5/GO-2022-1038.json +++ b/data/cve/v5/GO-2022-1038.json @@ -66,6 +66,9 @@ }, { "url": "https://pkg.go.dev/vuln/GO-2022-1038" + }, + { + "url": "https://security.gentoo.org/glsa/202311-09" } ], "credits": [ diff --git a/data/cve/v5/GO-2022-1039.json b/data/cve/v5/GO-2022-1039.json index de6086eb..f14ee91d 100644 --- a/data/cve/v5/GO-2022-1039.json +++ b/data/cve/v5/GO-2022-1039.json @@ -78,6 +78,9 @@ }, { "url": "https://pkg.go.dev/vuln/GO-2022-1039" + }, + { + "url": "https://security.gentoo.org/glsa/202311-09" } ], "credits": [ diff --git a/data/cve/v5/GO-2022-1144.json b/data/cve/v5/GO-2022-1144.json index d65b834a..e4470214 100644 --- a/data/cve/v5/GO-2022-1144.json +++ b/data/cve/v5/GO-2022-1144.json @@ -146,6 +146,21 @@ }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WPEIZ7AMEJCZXU3FEJZMVRNHQZXX5P3I/" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/" + }, + { + "url": "https://security.gentoo.org/glsa/202311-09" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CSVIS6MTMFVBA7JPMRAUNKUOYEVSJYSB/" } ], "credits": [ diff --git a/data/cve/v5/GO-2023-1569.json b/data/cve/v5/GO-2023-1569.json index 6b6da59f..68d869bf 100644 --- a/data/cve/v5/GO-2023-1569.json +++ b/data/cve/v5/GO-2023-1569.json @@ -66,6 +66,9 @@ }, { "url": "https://pkg.go.dev/vuln/GO-2023-1569" + }, + { + "url": "https://security.gentoo.org/glsa/202311-09" } ], "credits": [ diff --git a/data/cve/v5/GO-2023-1570.json b/data/cve/v5/GO-2023-1570.json index 4448f259..7f8f9f3b 100644 --- a/data/cve/v5/GO-2023-1570.json +++ b/data/cve/v5/GO-2023-1570.json @@ -267,6 +267,9 @@ }, { "url": "https://pkg.go.dev/vuln/GO-2023-1570" + }, + { + "url": "https://security.gentoo.org/glsa/202311-09" } ], "credits": [ diff --git a/data/cve/v5/GO-2023-1571.json b/data/cve/v5/GO-2023-1571.json index ce17f40c..47602d3e 100644 --- a/data/cve/v5/GO-2023-1571.json +++ b/data/cve/v5/GO-2023-1571.json @@ -391,6 +391,18 @@ }, { "url": "https://www.couchbase.com/alerts/" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/" + }, + { + "url": "https://security.gentoo.org/glsa/202311-09" } ], "credits": [ diff --git a/data/cve/v5/GO-2023-1702.json b/data/cve/v5/GO-2023-1702.json index d50d339d..9eb9de50 100644 --- a/data/cve/v5/GO-2023-1702.json +++ b/data/cve/v5/GO-2023-1702.json @@ -69,6 +69,9 @@ }, { "url": "https://pkg.go.dev/vuln/GO-2023-1702" + }, + { + "url": "https://security.gentoo.org/glsa/202311-09" } ], "credits": [ diff --git a/data/cve/v5/GO-2023-1703.json b/data/cve/v5/GO-2023-1703.json index 4543e73f..77779ea2 100644 --- a/data/cve/v5/GO-2023-1703.json +++ b/data/cve/v5/GO-2023-1703.json @@ -75,6 +75,9 @@ }, { "url": "https://pkg.go.dev/vuln/GO-2023-1703" + }, + { + "url": "https://security.gentoo.org/glsa/202311-09" } ], "credits": [ diff --git a/data/cve/v5/GO-2023-1704.json b/data/cve/v5/GO-2023-1704.json index 315b6f28..32150790 100644 --- a/data/cve/v5/GO-2023-1704.json +++ b/data/cve/v5/GO-2023-1704.json @@ -75,6 +75,9 @@ }, { "url": "https://security.netapp.com/advisory/ntap-20230526-0007/" + }, + { + "url": "https://security.gentoo.org/glsa/202311-09" } ], "credits": [ diff --git a/data/cve/v5/GO-2023-1705.json b/data/cve/v5/GO-2023-1705.json index b6847832..e00a5453 100644 --- a/data/cve/v5/GO-2023-1705.json +++ b/data/cve/v5/GO-2023-1705.json @@ -128,6 +128,9 @@ }, { "url": "https://security.netapp.com/advisory/ntap-20230526-0007/" + }, + { + "url": "https://security.gentoo.org/glsa/202311-09" } ], "credits": [ diff --git a/data/cve/v5/GO-2023-1839.json b/data/cve/v5/GO-2023-1839.json index 91bc904b..b706b04f 100644 --- a/data/cve/v5/GO-2023-1839.json +++ b/data/cve/v5/GO-2023-1839.json @@ -67,6 +67,9 @@ }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZ2O6YCO2IZMZJELQGZYR2WAUNEDLYV6/" + }, + { + "url": "https://security.gentoo.org/glsa/202311-09" } ], "credits": [ diff --git a/data/cve/v5/GO-2023-1840.json b/data/cve/v5/GO-2023-1840.json index e4eef3ad..0af38ccf 100644 --- a/data/cve/v5/GO-2023-1840.json +++ b/data/cve/v5/GO-2023-1840.json @@ -67,6 +67,9 @@ }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZ2O6YCO2IZMZJELQGZYR2WAUNEDLYV6/" + }, + { + "url": "https://security.gentoo.org/glsa/202311-09" } ], "credits": [ diff --git a/data/cve/v5/GO-2023-1841.json b/data/cve/v5/GO-2023-1841.json index 50ca12cd..f459b129 100644 --- a/data/cve/v5/GO-2023-1841.json +++ b/data/cve/v5/GO-2023-1841.json @@ -67,6 +67,9 @@ }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZ2O6YCO2IZMZJELQGZYR2WAUNEDLYV6/" + }, + { + "url": "https://security.gentoo.org/glsa/202311-09" } ], "credits": [ diff --git a/data/cve/v5/GO-2023-1842.json b/data/cve/v5/GO-2023-1842.json index 06e46d0a..0fbb2e43 100644 --- a/data/cve/v5/GO-2023-1842.json +++ b/data/cve/v5/GO-2023-1842.json @@ -88,6 +88,9 @@ }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZ2O6YCO2IZMZJELQGZYR2WAUNEDLYV6/" + }, + { + "url": "https://security.gentoo.org/glsa/202311-09" } ], "credits": [ diff --git a/data/cve/v5/GO-2023-1878.json b/data/cve/v5/GO-2023-1878.json index 6fcac14a..085f3526 100644 --- a/data/cve/v5/GO-2023-1878.json +++ b/data/cve/v5/GO-2023-1878.json @@ -114,6 +114,9 @@ }, { "url": "https://security.netapp.com/advisory/ntap-20230814-0002/" + }, + { + "url": "https://security.gentoo.org/glsa/202311-09" } ], "credits": [ diff --git a/data/cve/v5/GO-2023-1987.json b/data/cve/v5/GO-2023-1987.json index 4b2d159b..ddbff010 100644 --- a/data/cve/v5/GO-2023-1987.json +++ b/data/cve/v5/GO-2023-1987.json @@ -102,6 +102,9 @@ }, { "url": "https://security.netapp.com/advisory/ntap-20230831-0010/" + }, + { + "url": "https://security.gentoo.org/glsa/202311-09" } ], "credits": [ diff --git a/data/cve/v5/GO-2023-2041.json b/data/cve/v5/GO-2023-2041.json index b38b86d5..750d57c0 100644 --- a/data/cve/v5/GO-2023-2041.json +++ b/data/cve/v5/GO-2023-2041.json @@ -84,6 +84,9 @@ }, { "url": "https://security.netapp.com/advisory/ntap-20231020-0009/" + }, + { + "url": "https://security.gentoo.org/glsa/202311-09" } ], "credits": [ diff --git a/data/cve/v5/GO-2023-2042.json b/data/cve/v5/GO-2023-2042.json index c2e32d83..2c271365 100644 --- a/data/cve/v5/GO-2023-2042.json +++ b/data/cve/v5/GO-2023-2042.json @@ -58,6 +58,9 @@ }, { "url": "https://security.netapp.com/advisory/ntap-20231020-0004/" + }, + { + "url": "https://security.gentoo.org/glsa/202311-09" } ], "credits": [ diff --git a/data/cve/v5/GO-2023-2043.json b/data/cve/v5/GO-2023-2043.json index 79ef63b0..69f209ca 100644 --- a/data/cve/v5/GO-2023-2043.json +++ b/data/cve/v5/GO-2023-2043.json @@ -81,6 +81,9 @@ }, { "url": "https://security.netapp.com/advisory/ntap-20231020-0009/" + }, + { + "url": "https://security.gentoo.org/glsa/202311-09" } ], "credits": [ diff --git a/data/cve/v5/GO-2023-2044.json b/data/cve/v5/GO-2023-2044.json index 24f7e5d9..61510603 100644 --- a/data/cve/v5/GO-2023-2044.json +++ b/data/cve/v5/GO-2023-2044.json @@ -63,6 +63,9 @@ }, { "url": "https://security.netapp.com/advisory/ntap-20231020-0004/" + }, + { + "url": "https://security.gentoo.org/glsa/202311-09" } ], "credits": [ diff --git a/data/cve/v5/GO-2023-2045.json b/data/cve/v5/GO-2023-2045.json index 6c81aaf5..3813c835 100644 --- a/data/cve/v5/GO-2023-2045.json +++ b/data/cve/v5/GO-2023-2045.json @@ -63,6 +63,9 @@ }, { "url": "https://security.netapp.com/advisory/ntap-20231020-0004/" + }, + { + "url": "https://security.gentoo.org/glsa/202311-09" } ], "credits": [ diff --git a/data/cve/v5/GO-2023-2095.json b/data/cve/v5/GO-2023-2095.json index b4b803e3..4689f437 100644 --- a/data/cve/v5/GO-2023-2095.json +++ b/data/cve/v5/GO-2023-2095.json @@ -73,6 +73,9 @@ }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/" + }, + { + "url": "https://security.gentoo.org/glsa/202311-09" } ] } diff --git a/data/cve/v5/GO-2023-2102.json b/data/cve/v5/GO-2023-2102.json index 118a8dbd..774a45cb 100644 --- a/data/cve/v5/GO-2023-2102.json +++ b/data/cve/v5/GO-2023-2102.json @@ -146,6 +146,60 @@ }, { "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/" + }, + { + "url": "https://security.netapp.com/advisory/ntap-20231110-0008/" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/" + }, + { + "url": "https://security.gentoo.org/glsa/202311-09" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/" } ] } diff --git a/data/reports/GO-2022-1037.yaml b/data/reports/GO-2022-1037.yaml index 7cac22b1..66776384 100644 --- a/data/reports/GO-2022-1037.yaml +++ b/data/reports/GO-2022-1037.yaml @@ -31,3 +31,5 @@ references: cve_metadata: id: CVE-2022-2879 cwe: 'CWE 400: Uncontrolled Resource Consumption' + references: + - https://security.gentoo.org/glsa/202311-09 diff --git a/data/reports/GO-2022-1038.yaml b/data/reports/GO-2022-1038.yaml index b6aa6dc8..a138e2b8 100644 --- a/data/reports/GO-2022-1038.yaml +++ b/data/reports/GO-2022-1038.yaml @@ -32,3 +32,5 @@ references: cve_metadata: id: CVE-2022-2880 cwe: 'CWE-444: Inconsistent Interpretation of HTTP Requests' + references: + - https://security.gentoo.org/glsa/202311-09 diff --git a/data/reports/GO-2022-1039.yaml b/data/reports/GO-2022-1039.yaml index 2699e10c..19c05d48 100644 --- a/data/reports/GO-2022-1039.yaml +++ b/data/reports/GO-2022-1039.yaml @@ -37,3 +37,5 @@ references: cve_metadata: id: CVE-2022-41715 cwe: 'CWE 400: Uncontrolled Resource Consumption' + references: + - https://security.gentoo.org/glsa/202311-09 diff --git a/data/reports/GO-2022-1144.yaml b/data/reports/GO-2022-1144.yaml index bb66eeaf..23727429 100644 --- a/data/reports/GO-2022-1144.yaml +++ b/data/reports/GO-2022-1144.yaml @@ -61,3 +61,8 @@ cve_metadata: - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/56B2FFESRYYP6IY2AZ3UWXLWKZ5IYZN4/ - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ANIOPUXWIHVRA6CEWXCGOMX3YYS6KFHG/ - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WPEIZ7AMEJCZXU3FEJZMVRNHQZXX5P3I/ + - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ + - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ + - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ + - https://security.gentoo.org/glsa/202311-09 + - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CSVIS6MTMFVBA7JPMRAUNKUOYEVSJYSB/ diff --git a/data/reports/GO-2023-1569.yaml b/data/reports/GO-2023-1569.yaml index 32500e74..00a302e4 100644 --- a/data/reports/GO-2023-1569.yaml +++ b/data/reports/GO-2023-1569.yaml @@ -57,3 +57,5 @@ references: cve_metadata: id: CVE-2022-41725 cwe: 'CWE-400: Uncontrolled Resource Consumption' + references: + - https://security.gentoo.org/glsa/202311-09 diff --git a/data/reports/GO-2023-1570.yaml b/data/reports/GO-2023-1570.yaml index 7681815d..54ef68e3 100644 --- a/data/reports/GO-2023-1570.yaml +++ b/data/reports/GO-2023-1570.yaml @@ -99,3 +99,5 @@ references: cve_metadata: id: CVE-2022-41724 cwe: 'CWE-400: Uncontrolled Resource Consumption' + references: + - https://security.gentoo.org/glsa/202311-09 diff --git a/data/reports/GO-2023-1571.yaml b/data/reports/GO-2023-1571.yaml index 959b06ae..5c96f638 100644 --- a/data/reports/GO-2023-1571.yaml +++ b/data/reports/GO-2023-1571.yaml @@ -136,3 +136,7 @@ cve_metadata: - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RGW7GE2Z32ZT47UFAQFDRQE33B7Q7LMT/ - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XX3IMUTZKRQ73PBZM4E2JP4BKYH4C6XE/ - https://www.couchbase.com/alerts/ + - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ + - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ + - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ + - https://security.gentoo.org/glsa/202311-09 diff --git a/data/reports/GO-2023-1702.yaml b/data/reports/GO-2023-1702.yaml index 6bdcd482..e914a5b8 100644 --- a/data/reports/GO-2023-1702.yaml +++ b/data/reports/GO-2023-1702.yaml @@ -26,3 +26,5 @@ references: cve_metadata: id: CVE-2023-24537 cwe: 'CWE-835: Loop with Unreachable Exit Condition (''Infinite Loop'')' + references: + - https://security.gentoo.org/glsa/202311-09 diff --git a/data/reports/GO-2023-1703.yaml b/data/reports/GO-2023-1703.yaml index 21d95b31..1d0aee23 100644 --- a/data/reports/GO-2023-1703.yaml +++ b/data/reports/GO-2023-1703.yaml @@ -46,3 +46,5 @@ references: cve_metadata: id: CVE-2023-24538 cwe: 'CWE-94: Improper Control of Generation of Code (''Code Injection'')' + references: + - https://security.gentoo.org/glsa/202311-09 diff --git a/data/reports/GO-2023-1704.yaml b/data/reports/GO-2023-1704.yaml index f6d337a5..7be713c1 100644 --- a/data/reports/GO-2023-1704.yaml +++ b/data/reports/GO-2023-1704.yaml @@ -37,3 +37,4 @@ cve_metadata: cwe: 'CWE-400: Uncontrolled Resource Consumption' references: - https://security.netapp.com/advisory/ntap-20230526-0007/ + - https://security.gentoo.org/glsa/202311-09 diff --git a/data/reports/GO-2023-1705.yaml b/data/reports/GO-2023-1705.yaml index 41d20661..66e93b3c 100644 --- a/data/reports/GO-2023-1705.yaml +++ b/data/reports/GO-2023-1705.yaml @@ -71,3 +71,4 @@ cve_metadata: cwe: 'CWE-400: Uncontrolled Resource Consumption' references: - https://security.netapp.com/advisory/ntap-20230526-0007/ + - https://security.gentoo.org/glsa/202311-09 diff --git a/data/reports/GO-2023-1839.yaml b/data/reports/GO-2023-1839.yaml index 5a565006..d6352387 100644 --- a/data/reports/GO-2023-1839.yaml +++ b/data/reports/GO-2023-1839.yaml @@ -29,3 +29,4 @@ cve_metadata: references: - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XBS3IIK6ADV24C5ULQU55QLT2UE762ZX/ - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZ2O6YCO2IZMZJELQGZYR2WAUNEDLYV6/ + - https://security.gentoo.org/glsa/202311-09 diff --git a/data/reports/GO-2023-1840.yaml b/data/reports/GO-2023-1840.yaml index d591bec7..c418fe43 100644 --- a/data/reports/GO-2023-1840.yaml +++ b/data/reports/GO-2023-1840.yaml @@ -31,3 +31,4 @@ cve_metadata: references: - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XBS3IIK6ADV24C5ULQU55QLT2UE762ZX/ - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZ2O6YCO2IZMZJELQGZYR2WAUNEDLYV6/ + - https://security.gentoo.org/glsa/202311-09 diff --git a/data/reports/GO-2023-1841.yaml b/data/reports/GO-2023-1841.yaml index e0251b9f..88217bd7 100644 --- a/data/reports/GO-2023-1841.yaml +++ b/data/reports/GO-2023-1841.yaml @@ -30,3 +30,4 @@ cve_metadata: references: - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XBS3IIK6ADV24C5ULQU55QLT2UE762ZX/ - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZ2O6YCO2IZMZJELQGZYR2WAUNEDLYV6/ + - https://security.gentoo.org/glsa/202311-09 diff --git a/data/reports/GO-2023-1842.yaml b/data/reports/GO-2023-1842.yaml index fe7e7492..5637bd36 100644 --- a/data/reports/GO-2023-1842.yaml +++ b/data/reports/GO-2023-1842.yaml @@ -31,3 +31,4 @@ cve_metadata: references: - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XBS3IIK6ADV24C5ULQU55QLT2UE762ZX/ - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NZ2O6YCO2IZMZJELQGZYR2WAUNEDLYV6/ + - https://security.gentoo.org/glsa/202311-09 diff --git a/data/reports/GO-2023-1878.yaml b/data/reports/GO-2023-1878.yaml index d38d17c0..d9c57926 100644 --- a/data/reports/GO-2023-1878.yaml +++ b/data/reports/GO-2023-1878.yaml @@ -45,3 +45,4 @@ cve_metadata: cwe: 'CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers (''HTTP Request/Response Splitting'')' references: - https://security.netapp.com/advisory/ntap-20230814-0002/ + - https://security.gentoo.org/glsa/202311-09 diff --git a/data/reports/GO-2023-1987.yaml b/data/reports/GO-2023-1987.yaml index 3edaf195..e8a772ab 100644 --- a/data/reports/GO-2023-1987.yaml +++ b/data/reports/GO-2023-1987.yaml @@ -47,3 +47,4 @@ cve_metadata: cwe: 'CWE-400: Uncontrolled Resource Consumption' references: - https://security.netapp.com/advisory/ntap-20230831-0010/ + - https://security.gentoo.org/glsa/202311-09 diff --git a/data/reports/GO-2023-2041.yaml b/data/reports/GO-2023-2041.yaml index e9451193..52e22495 100644 --- a/data/reports/GO-2023-2041.yaml +++ b/data/reports/GO-2023-2041.yaml @@ -34,3 +34,4 @@ cve_metadata: cwe: 'CWE-79: Improper Neutralization of Input During Web Page Generation (''Cross-site Scripting'')' references: - https://security.netapp.com/advisory/ntap-20231020-0009/ + - https://security.gentoo.org/glsa/202311-09 diff --git a/data/reports/GO-2023-2042.yaml b/data/reports/GO-2023-2042.yaml index 6c2bdea2..ba5c19ab 100644 --- a/data/reports/GO-2023-2042.yaml +++ b/data/reports/GO-2023-2042.yaml @@ -25,3 +25,4 @@ cve_metadata: cwe: 'CWE-94: Improper Control of Generation of Code (''Code Injection'')' references: - https://security.netapp.com/advisory/ntap-20231020-0004/ + - https://security.gentoo.org/glsa/202311-09 diff --git a/data/reports/GO-2023-2043.yaml b/data/reports/GO-2023-2043.yaml index f6ac49bb..819e70df 100644 --- a/data/reports/GO-2023-2043.yaml +++ b/data/reports/GO-2023-2043.yaml @@ -33,3 +33,4 @@ cve_metadata: cwe: 'CWE-79: Improper Neutralization of Input During Web Page Generation (''Cross-site Scripting'')' references: - https://security.netapp.com/advisory/ntap-20231020-0009/ + - https://security.gentoo.org/glsa/202311-09 diff --git a/data/reports/GO-2023-2044.yaml b/data/reports/GO-2023-2044.yaml index a2fb49cc..e4a6e859 100644 --- a/data/reports/GO-2023-2044.yaml +++ b/data/reports/GO-2023-2044.yaml @@ -24,3 +24,4 @@ cve_metadata: cwe: 'CWE-400: Uncontrolled Resource Consumption' references: - https://security.netapp.com/advisory/ntap-20231020-0004/ + - https://security.gentoo.org/glsa/202311-09 diff --git a/data/reports/GO-2023-2045.yaml b/data/reports/GO-2023-2045.yaml index 92046858..6b577063 100644 --- a/data/reports/GO-2023-2045.yaml +++ b/data/reports/GO-2023-2045.yaml @@ -28,3 +28,4 @@ cve_metadata: cwe: 'CWE-400: Uncontrolled Resource Consumption' references: - https://security.netapp.com/advisory/ntap-20231020-0004/ + - https://security.gentoo.org/glsa/202311-09 diff --git a/data/reports/GO-2023-2095.yaml b/data/reports/GO-2023-2095.yaml index 36a6500e..6009596d 100644 --- a/data/reports/GO-2023-2095.yaml +++ b/data/reports/GO-2023-2095.yaml @@ -28,3 +28,4 @@ cve_metadata: - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ + - https://security.gentoo.org/glsa/202311-09 diff --git a/data/reports/GO-2023-2102.yaml b/data/reports/GO-2023-2102.yaml index f0a66114..38212441 100644 --- a/data/reports/GO-2023-2102.yaml +++ b/data/reports/GO-2023-2102.yaml @@ -73,3 +73,21 @@ cve_metadata: - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/ - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/ - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/ + - https://security.netapp.com/advisory/ntap-20231110-0008/ + - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OXGWPQOJ3JNDW2XIYKIVJ7N7QUIFNM2Q/ + - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HZQIELEIRSZUYTFFH5KTH2YJ4IIQG2KE/ + - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QF5QSYAOPDOWLY6DUHID56Q4HQFYB45I/ + - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XTNLSL44Y5FB6JWADSZH6DCV4JJAAEQY/ + - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ECRC75BQJP6FJN2L7KCKYZW4DSBD7QSD/ + - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BUK2ZIAGCULOOYDNH25JPU6JBES5NF2/ + - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YRKEXKANQ7BKJW2YTAMP625LJUJZLJ4P/ + - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D2BBIDR2ZMB3X5BC7SR4SLQMHRMVPY6L/ + - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T7N5GV4CHH6WAGX3GFMDD3COEOVCZ4RI/ + - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/REMHVVIBDNKSRKNOTV7EQSB7CYQWOUOU/ + - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UTT7DG3QOF5ZNJLUGHDNLRUIN6OWZARP/ + - https://security.gentoo.org/glsa/202311-09 + - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ULQQONMSCQSH5Z5OWFFQHCGEZ3NL4DRJ/ + - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R3UETKPUB3V5JS5TLZOF3SMTGT5K5APS/ + - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3SZN67IL7HMGMNAVLOTIXLIHUDXZK4LH/ + - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NG7IMPL55MVWU3LCI4JQJT3K2U5CHDV7/ + - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GSY7SXFFTPZFWDM6XELSDSHZLVW3AHK7/