commit | 6e79558bfff5183485bdaea08a120f6aae9179cd | [log] [tgz] |
---|---|---|
author | Tatiana Bradley <tatianabradley@google.com> | Wed Apr 24 17:09:05 2024 -0400 |
committer | Gopher Robot <gobot@golang.org> | Fri Apr 26 21:22:29 2024 +0000 |
tree | 748c19582266bd4a5008806cbb9b621bf8de3542 | |
parent | ed921e3e73ca7806597d968df51e4c9451a056bc [diff] |
data/excluded: add missing/related aliases for excluded reports Quite a few missing aliases were found via the osv.dev API. In many cases, these are derived from GHSAs which have a "repo-level" advisory but not a "global-level" advisory, and are therefore not accessible via the Github GraphQL API. The osv.dev database in some cases considers two IDs to be aliases which we would consider only "related". A best-effort attempt was made to distinguish between false-positives (which were placed in the "related" section), and true positives. Change-Id: Ic418d8f6cf40658098e56eafafcc44434dae0ebd Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/581715 LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Auto-Submit: Tatiana Bradley <tatianabradley@google.com> Reviewed-by: Damien Neil <dneil@google.com>
This repository contains the infrastructure and internal reports to create the Go Vulnerability Database.
Check out https://go.dev/security/vuln for more information about the Go vulnerability management system.
Click here to report a public vulnerability in the Go ecosystem, or give feedback about the project.
The privacy policy for govulncheck
can be found at https://vuln.go.dev/privacy.
Unless otherwise noted, the Go source files are distributed under the BSD-style license found in the LICENSE file.
Database entries are distributed under the terms of the CC-BY-4.0 license. See go.dev/security/vuln/database for information on how to access these entries.