From 24390983429a3a98e92afaf65945a8eadc1f96fb Mon Sep 17 00:00:00 2001 From: Damien Neil Date: Mon, 31 Jul 2023 13:49:32 -0700 Subject: [PATCH] data/excluded: batch add 31 excluded reports Adds excluded reports: - data/excluded/GO-2023-1980.yaml - data/excluded/GO-2023-1979.yaml - data/excluded/GO-2023-1978.yaml - data/excluded/GO-2023-1977.yaml - data/excluded/GO-2023-1976.yaml - data/excluded/GO-2023-1975.yaml - data/excluded/GO-2023-1973.yaml - data/excluded/GO-2023-1965.yaml - data/excluded/GO-2023-1964.yaml - data/excluded/GO-2023-1963.yaml - data/excluded/GO-2023-1962.yaml - data/excluded/GO-2023-1961.yaml - data/excluded/GO-2023-1960.yaml - data/excluded/GO-2023-1959.yaml - data/excluded/GO-2023-1957.yaml - data/excluded/GO-2023-1956.yaml - data/excluded/GO-2023-1952.yaml - data/excluded/GO-2023-1950.yaml - data/excluded/GO-2023-1948.yaml - data/excluded/GO-2023-1947.yaml - data/excluded/GO-2023-1951.yaml - data/excluded/GO-2023-1970.yaml - data/excluded/GO-2023-1969.yaml - data/excluded/GO-2023-1968.yaml - data/excluded/GO-2023-1966.yaml - data/excluded/GO-2023-1954.yaml - data/excluded/GO-2023-1949.yaml - data/excluded/GO-2023-1972.yaml - data/excluded/GO-2023-1971.yaml - data/excluded/GO-2023-1967.yaml - data/excluded/GO-2023-1953.yaml Fixes golang/vulndb#1980 Fixes golang/vulndb#1979 Fixes golang/vulndb#1978 Fixes golang/vulndb#1977 Fixes golang/vulndb#1976 Fixes golang/vulndb#1975 Fixes golang/vulndb#1973 Fixes golang/vulndb#1965 Fixes golang/vulndb#1964 Fixes golang/vulndb#1963 Fixes golang/vulndb#1962 Fixes golang/vulndb#1961 Fixes golang/vulndb#1960 Fixes golang/vulndb#1959 Fixes golang/vulndb#1957 Fixes golang/vulndb#1956 Fixes golang/vulndb#1952 Fixes golang/vulndb#1950 Fixes golang/vulndb#1948 Fixes golang/vulndb#1947 Fixes golang/vulndb#1951 Fixes golang/vulndb#1970 Fixes golang/vulndb#1969 Fixes golang/vulndb#1968 Fixes golang/vulndb#1966 Fixes golang/vulndb#1954 Fixes golang/vulndb#1949 Fixes golang/vulndb#1972 Fixes golang/vulndb#1971 Fixes golang/vulndb#1967 Fixes golang/vulndb#1953 Change-Id: I7ff736f14a3b5121cfc3735939336d8a094b030b Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/514636 Reviewed-by: Tatiana Bradley Run-TryBot: Damien Neil TryBot-Result: Gopher Robot --- data/excluded/GO-2023-1947.yaml | 8 ++++++++ data/excluded/GO-2023-1948.yaml | 8 ++++++++ data/excluded/GO-2023-1949.yaml | 8 ++++++++ data/excluded/GO-2023-1950.yaml | 8 ++++++++ data/excluded/GO-2023-1951.yaml | 8 ++++++++ data/excluded/GO-2023-1952.yaml | 8 ++++++++ data/excluded/GO-2023-1953.yaml | 8 ++++++++ data/excluded/GO-2023-1954.yaml | 6 ++++++ data/excluded/GO-2023-1956.yaml | 8 ++++++++ data/excluded/GO-2023-1957.yaml | 8 ++++++++ data/excluded/GO-2023-1959.yaml | 8 ++++++++ data/excluded/GO-2023-1960.yaml | 8 ++++++++ data/excluded/GO-2023-1961.yaml | 8 ++++++++ data/excluded/GO-2023-1962.yaml | 8 ++++++++ data/excluded/GO-2023-1963.yaml | 8 ++++++++ data/excluded/GO-2023-1964.yaml | 8 ++++++++ data/excluded/GO-2023-1965.yaml | 8 ++++++++ data/excluded/GO-2023-1966.yaml | 6 ++++++ data/excluded/GO-2023-1967.yaml | 8 ++++++++ data/excluded/GO-2023-1968.yaml | 6 ++++++ data/excluded/GO-2023-1969.yaml | 6 ++++++ data/excluded/GO-2023-1970.yaml | 6 ++++++ data/excluded/GO-2023-1971.yaml | 8 ++++++++ data/excluded/GO-2023-1972.yaml | 8 ++++++++ data/excluded/GO-2023-1973.yaml | 8 ++++++++ data/excluded/GO-2023-1975.yaml | 6 ++++++ data/excluded/GO-2023-1976.yaml | 8 ++++++++ data/excluded/GO-2023-1977.yaml | 8 ++++++++ data/excluded/GO-2023-1978.yaml | 8 ++++++++ data/excluded/GO-2023-1979.yaml | 8 ++++++++ data/excluded/GO-2023-1980.yaml | 8 ++++++++ 31 files changed, 236 insertions(+) create mode 100644 data/excluded/GO-2023-1947.yaml create mode 100644 data/excluded/GO-2023-1948.yaml create mode 100644 data/excluded/GO-2023-1949.yaml create mode 100644 data/excluded/GO-2023-1950.yaml create mode 100644 data/excluded/GO-2023-1951.yaml create mode 100644 data/excluded/GO-2023-1952.yaml create mode 100644 data/excluded/GO-2023-1953.yaml create mode 100644 data/excluded/GO-2023-1954.yaml create mode 100644 data/excluded/GO-2023-1956.yaml create mode 100644 data/excluded/GO-2023-1957.yaml create mode 100644 data/excluded/GO-2023-1959.yaml create mode 100644 data/excluded/GO-2023-1960.yaml create mode 100644 data/excluded/GO-2023-1961.yaml create mode 100644 data/excluded/GO-2023-1962.yaml create mode 100644 data/excluded/GO-2023-1963.yaml create mode 100644 data/excluded/GO-2023-1964.yaml create mode 100644 data/excluded/GO-2023-1965.yaml create mode 100644 data/excluded/GO-2023-1966.yaml create mode 100644 data/excluded/GO-2023-1967.yaml create mode 100644 data/excluded/GO-2023-1968.yaml create mode 100644 data/excluded/GO-2023-1969.yaml create mode 100644 data/excluded/GO-2023-1970.yaml create mode 100644 data/excluded/GO-2023-1971.yaml create mode 100644 data/excluded/GO-2023-1972.yaml create mode 100644 data/excluded/GO-2023-1973.yaml create mode 100644 data/excluded/GO-2023-1975.yaml create mode 100644 data/excluded/GO-2023-1976.yaml create mode 100644 data/excluded/GO-2023-1977.yaml create mode 100644 data/excluded/GO-2023-1978.yaml create mode 100644 data/excluded/GO-2023-1979.yaml create mode 100644 data/excluded/GO-2023-1980.yaml diff --git a/data/excluded/GO-2023-1947.yaml b/data/excluded/GO-2023-1947.yaml new file mode 100644 index 00000000..7b26ad6e --- /dev/null +++ b/data/excluded/GO-2023-1947.yaml @@ -0,0 +1,8 @@ +id: GO-2023-1947 +excluded: EFFECTIVELY_PRIVATE +modules: + - module: github.com/openshift/oauth-apiserver +cves: + - CVE-2019-3876 +ghsas: + - GHSA-jgwg-35hf-xqrr diff --git a/data/excluded/GO-2023-1948.yaml b/data/excluded/GO-2023-1948.yaml new file mode 100644 index 00000000..80e97f4e --- /dev/null +++ b/data/excluded/GO-2023-1948.yaml @@ -0,0 +1,8 @@ +id: GO-2023-1948 +excluded: EFFECTIVELY_PRIVATE +modules: + - module: helm.sh/helm/v3 +cves: + - CVE-2019-1000008 +ghsas: + - GHSA-xrxm-mvqm-r553 diff --git a/data/excluded/GO-2023-1949.yaml b/data/excluded/GO-2023-1949.yaml new file mode 100644 index 00000000..9d863413 --- /dev/null +++ b/data/excluded/GO-2023-1949.yaml @@ -0,0 +1,8 @@ +id: GO-2023-1949 +excluded: NOT_GO_CODE +modules: + - module: github.com/getgrav/grav +cves: + - CVE-2023-37897 +ghsas: + - GHSA-9436-3gmp-4f53 diff --git a/data/excluded/GO-2023-1950.yaml b/data/excluded/GO-2023-1950.yaml new file mode 100644 index 00000000..fb5989f8 --- /dev/null +++ b/data/excluded/GO-2023-1950.yaml @@ -0,0 +1,8 @@ +id: GO-2023-1950 +excluded: EFFECTIVELY_PRIVATE +modules: + - module: github.com/traefik/traefik/v3 +cves: + - CVE-2018-15598 +ghsas: + - GHSA-2cjc-rgmp-x649 diff --git a/data/excluded/GO-2023-1951.yaml b/data/excluded/GO-2023-1951.yaml new file mode 100644 index 00000000..ec6b7df6 --- /dev/null +++ b/data/excluded/GO-2023-1951.yaml @@ -0,0 +1,8 @@ +id: GO-2023-1951 +excluded: NOT_A_VULNERABILITY +modules: + - module: github.com/prasmussen/glot-code-runner +cves: + - CVE-2018-15747 +ghsas: + - GHSA-vj95-2f9q-x7h6 diff --git a/data/excluded/GO-2023-1952.yaml b/data/excluded/GO-2023-1952.yaml new file mode 100644 index 00000000..b4cab187 --- /dev/null +++ b/data/excluded/GO-2023-1952.yaml @@ -0,0 +1,8 @@ +id: GO-2023-1952 +excluded: EFFECTIVELY_PRIVATE +modules: + - module: github.com/argoproj/argo-cd/v2 +cves: + - CVE-2018-21034 +ghsas: + - GHSA-xj7v-c82w-92q2 diff --git a/data/excluded/GO-2023-1953.yaml b/data/excluded/GO-2023-1953.yaml new file mode 100644 index 00000000..71ae4a89 --- /dev/null +++ b/data/excluded/GO-2023-1953.yaml @@ -0,0 +1,8 @@ +id: GO-2023-1953 +excluded: NOT_IMPORTABLE +modules: + - module: k8s.io/ingress-nginx +cves: + - CVE-2018-1002104 +ghsas: + - GHSA-p3x5-5xpx-9phm diff --git a/data/excluded/GO-2023-1954.yaml b/data/excluded/GO-2023-1954.yaml new file mode 100644 index 00000000..c63781c7 --- /dev/null +++ b/data/excluded/GO-2023-1954.yaml @@ -0,0 +1,6 @@ +id: GO-2023-1954 +excluded: NOT_GO_CODE +modules: + - module: github.com/swoole/swoole-src +cves: + - CVE-2020-24275 diff --git a/data/excluded/GO-2023-1956.yaml b/data/excluded/GO-2023-1956.yaml new file mode 100644 index 00000000..96ed2c1f --- /dev/null +++ b/data/excluded/GO-2023-1956.yaml @@ -0,0 +1,8 @@ +id: GO-2023-1956 +excluded: EFFECTIVELY_PRIVATE +modules: + - module: github.com/KubeOperator/kubepi +cves: + - CVE-2023-37917 +ghsas: + - GHSA-757p-vx43-fp9r diff --git a/data/excluded/GO-2023-1957.yaml b/data/excluded/GO-2023-1957.yaml new file mode 100644 index 00000000..46c8c901 --- /dev/null +++ b/data/excluded/GO-2023-1957.yaml @@ -0,0 +1,8 @@ +id: GO-2023-1957 +excluded: EFFECTIVELY_PRIVATE +modules: + - module: github.com/KubeOperator/kubepi +cves: + - CVE-2023-37916 +ghsas: + - GHSA-87f6-8gr7-pc6h diff --git a/data/excluded/GO-2023-1959.yaml b/data/excluded/GO-2023-1959.yaml new file mode 100644 index 00000000..ab5b632d --- /dev/null +++ b/data/excluded/GO-2023-1959.yaml @@ -0,0 +1,8 @@ +id: GO-2023-1959 +excluded: EFFECTIVELY_PRIVATE +modules: + - module: k8s.io/kubernetes +cves: + - CVE-2018-1002100 +ghsas: + - GHSA-2jq6-ffph-p4h8 diff --git a/data/excluded/GO-2023-1960.yaml b/data/excluded/GO-2023-1960.yaml new file mode 100644 index 00000000..e1b55de4 --- /dev/null +++ b/data/excluded/GO-2023-1960.yaml @@ -0,0 +1,8 @@ +id: GO-2023-1960 +excluded: EFFECTIVELY_PRIVATE +modules: + - module: github.com/hpcng/singularity +cves: + - CVE-2018-12021 +ghsas: + - GHSA-4x32-h296-rg6j diff --git a/data/excluded/GO-2023-1961.yaml b/data/excluded/GO-2023-1961.yaml new file mode 100644 index 00000000..f0c0bd20 --- /dev/null +++ b/data/excluded/GO-2023-1961.yaml @@ -0,0 +1,8 @@ +id: GO-2023-1961 +excluded: EFFECTIVELY_PRIVATE +modules: + - module: k8s.io/minikube +cves: + - CVE-2018-1002103 +ghsas: + - GHSA-6pcv-qqx4-mxm3 diff --git a/data/excluded/GO-2023-1962.yaml b/data/excluded/GO-2023-1962.yaml new file mode 100644 index 00000000..f5a89aec --- /dev/null +++ b/data/excluded/GO-2023-1962.yaml @@ -0,0 +1,8 @@ +id: GO-2023-1962 +excluded: EFFECTIVELY_PRIVATE +modules: + - module: github.com/containers/podman/v4 +cves: + - CVE-2018-10856 +ghsas: + - GHSA-wp7w-vx86-vj9h diff --git a/data/excluded/GO-2023-1963.yaml b/data/excluded/GO-2023-1963.yaml new file mode 100644 index 00000000..e4694ea6 --- /dev/null +++ b/data/excluded/GO-2023-1963.yaml @@ -0,0 +1,8 @@ +id: GO-2023-1963 +excluded: EFFECTIVELY_PRIVATE +modules: + - module: github.com/sylabs/singularity +cves: + - CVE-2018-19295 +ghsas: + - GHSA-p83v-8vmr-qfv9 diff --git a/data/excluded/GO-2023-1964.yaml b/data/excluded/GO-2023-1964.yaml new file mode 100644 index 00000000..fb22c389 --- /dev/null +++ b/data/excluded/GO-2023-1964.yaml @@ -0,0 +1,8 @@ +id: GO-2023-1964 +excluded: EFFECTIVELY_PRIVATE +modules: + - module: github.com/grafana/grafana +cves: + - CVE-2018-1000816 +ghsas: + - GHSA-x5fh-fvvr-892f diff --git a/data/excluded/GO-2023-1965.yaml b/data/excluded/GO-2023-1965.yaml new file mode 100644 index 00000000..14118c47 --- /dev/null +++ b/data/excluded/GO-2023-1965.yaml @@ -0,0 +1,8 @@ +id: GO-2023-1965 +excluded: EFFECTIVELY_PRIVATE +modules: + - module: github.com/apptainer/apptainer +cves: + - CVE-2023-38496 +ghsas: + - GHSA-mmx5-32m4-wxvx diff --git a/data/excluded/GO-2023-1966.yaml b/data/excluded/GO-2023-1966.yaml new file mode 100644 index 00000000..3c7760bd --- /dev/null +++ b/data/excluded/GO-2023-1966.yaml @@ -0,0 +1,6 @@ +id: GO-2023-1966 +excluded: NOT_GO_CODE +modules: + - module: github.com/envoyproxy/envoy +cves: + - CVE-2023-35941 diff --git a/data/excluded/GO-2023-1967.yaml b/data/excluded/GO-2023-1967.yaml new file mode 100644 index 00000000..51550a1c --- /dev/null +++ b/data/excluded/GO-2023-1967.yaml @@ -0,0 +1,8 @@ +id: GO-2023-1967 +excluded: NOT_IMPORTABLE +modules: + - module: gogs.io/gogs +cves: + - CVE-2018-20303 +ghsas: + - GHSA-9hxg-w7qf-hh93 diff --git a/data/excluded/GO-2023-1968.yaml b/data/excluded/GO-2023-1968.yaml new file mode 100644 index 00000000..af1d791b --- /dev/null +++ b/data/excluded/GO-2023-1968.yaml @@ -0,0 +1,6 @@ +id: GO-2023-1968 +excluded: NOT_GO_CODE +modules: + - module: github.com/envoyproxy/envoy +cves: + - CVE-2023-35942 diff --git a/data/excluded/GO-2023-1969.yaml b/data/excluded/GO-2023-1969.yaml new file mode 100644 index 00000000..8e44b7b3 --- /dev/null +++ b/data/excluded/GO-2023-1969.yaml @@ -0,0 +1,6 @@ +id: GO-2023-1969 +excluded: NOT_GO_CODE +modules: + - module: github.com/envoyproxy/envoy +cves: + - CVE-2023-35943 diff --git a/data/excluded/GO-2023-1970.yaml b/data/excluded/GO-2023-1970.yaml new file mode 100644 index 00000000..15c5fb54 --- /dev/null +++ b/data/excluded/GO-2023-1970.yaml @@ -0,0 +1,6 @@ +id: GO-2023-1970 +excluded: NOT_GO_CODE +modules: + - module: github.com/envoyproxy/envoy +cves: + - CVE-2023-35944 diff --git a/data/excluded/GO-2023-1971.yaml b/data/excluded/GO-2023-1971.yaml new file mode 100644 index 00000000..43ed7372 --- /dev/null +++ b/data/excluded/GO-2023-1971.yaml @@ -0,0 +1,8 @@ +id: GO-2023-1971 +excluded: NOT_IMPORTABLE +modules: + - module: gogs.io/gogs +cves: + - CVE-2018-15192 +ghsas: + - GHSA-fg3x-rwq9-74cw diff --git a/data/excluded/GO-2023-1972.yaml b/data/excluded/GO-2023-1972.yaml new file mode 100644 index 00000000..817d86f0 --- /dev/null +++ b/data/excluded/GO-2023-1972.yaml @@ -0,0 +1,8 @@ +id: GO-2023-1972 +excluded: NOT_IMPORTABLE +modules: + - module: gogs.io/gogs +cves: + - CVE-2018-17031 +ghsas: + - GHSA-px5r-fqj6-r2f8 diff --git a/data/excluded/GO-2023-1973.yaml b/data/excluded/GO-2023-1973.yaml new file mode 100644 index 00000000..40bc73b6 --- /dev/null +++ b/data/excluded/GO-2023-1973.yaml @@ -0,0 +1,8 @@ +id: GO-2023-1973 +excluded: EFFECTIVELY_PRIVATE +modules: + - module: github.com/rancher/rancher +cves: + - CVE-2017-7297 +ghsas: + - GHSA-w3x4-9854-95x8 diff --git a/data/excluded/GO-2023-1975.yaml b/data/excluded/GO-2023-1975.yaml new file mode 100644 index 00000000..8faf8776 --- /dev/null +++ b/data/excluded/GO-2023-1975.yaml @@ -0,0 +1,6 @@ +id: GO-2023-1975 +excluded: EFFECTIVELY_PRIVATE +modules: + - module: github.com/taosdata/TDengine +cves: + - CVE-2023-38502 diff --git a/data/excluded/GO-2023-1976.yaml b/data/excluded/GO-2023-1976.yaml new file mode 100644 index 00000000..d0b81a72 --- /dev/null +++ b/data/excluded/GO-2023-1976.yaml @@ -0,0 +1,8 @@ +id: GO-2023-1976 +excluded: EFFECTIVELY_PRIVATE +modules: + - module: istio.io/istio +cves: + - CVE-2019-14993 +ghsas: + - GHSA-qcvw-82hh-gq38 diff --git a/data/excluded/GO-2023-1977.yaml b/data/excluded/GO-2023-1977.yaml new file mode 100644 index 00000000..0589cfa7 --- /dev/null +++ b/data/excluded/GO-2023-1977.yaml @@ -0,0 +1,8 @@ +id: GO-2023-1977 +excluded: EFFECTIVELY_PRIVATE +modules: + - module: k8s.io/kubernetes +cves: + - CVE-2017-1002102 +ghsas: + - GHSA-mm7g-f2gg-cw8g diff --git a/data/excluded/GO-2023-1978.yaml b/data/excluded/GO-2023-1978.yaml new file mode 100644 index 00000000..24671eb6 --- /dev/null +++ b/data/excluded/GO-2023-1978.yaml @@ -0,0 +1,8 @@ +id: GO-2023-1978 +excluded: EFFECTIVELY_PRIVATE +modules: + - module: github.com/syncthing/syncthing +cves: + - CVE-2017-1000420 +ghsas: + - GHSA-28xp-g7f6-7mhf diff --git a/data/excluded/GO-2023-1979.yaml b/data/excluded/GO-2023-1979.yaml new file mode 100644 index 00000000..4064ac97 --- /dev/null +++ b/data/excluded/GO-2023-1979.yaml @@ -0,0 +1,8 @@ +id: GO-2023-1979 +excluded: EFFECTIVELY_PRIVATE +modules: + - module: github.com/crossplane/crossplane +cves: + - CVE-2023-37900 +ghsas: + - GHSA-68p4-95xf-7gx8 diff --git a/data/excluded/GO-2023-1980.yaml b/data/excluded/GO-2023-1980.yaml new file mode 100644 index 00000000..5890dff6 --- /dev/null +++ b/data/excluded/GO-2023-1980.yaml @@ -0,0 +1,8 @@ +id: GO-2023-1980 +excluded: EFFECTIVELY_PRIVATE +modules: + - module: github.com/crossplane/crossplane +cves: + - CVE-2023-38495 +ghsas: + - GHSA-pj4x-2xr5-w87m