internal/osv,tests/screentest: support summary field and update vuln testdata
Adds support for the summary field in OSV, and updates vulnerability
testdata, and corresponding screentests, to pull in the
newly-populated "summary" field. This CL does not change how vulns are displayed.
Change-Id: Id4d74df06c1e4185ee7dc5816307867e89ab2587
Reviewed-on: https://go-review.googlesource.com/c/pkgsite/+/506956
TryBot-Result: kokoro <noreply+kokoro@google.com>
Reviewed-by: Jamal Carvalho <jamal@golang.org>
Run-TryBot: Tatiana Bradley <tatianabradley@google.com>
diff --git a/internal/osv/osv.go b/internal/osv/osv.go
index ebedbc2..a7bb639 100644
--- a/internal/osv/osv.go
+++ b/internal/osv/osv.go
@@ -197,8 +197,10 @@
// Aliases is a list of IDs for the same vulnerability in other
// databases.
Aliases []string `json:"aliases,omitempty"`
+ // Summary contains a short English textual summary of the vulnerability.
+ Summary string `json:"summary,omitempty"`
// Details contains English textual details about the vulnerability.
- Details string `json:"details"`
+ Details string `json:"details,omitempty"`
// Affected contains information on the modules and versions
// affected by the vulnerability.
Affected []Affected `json:"affected"`
diff --git a/tests/screentest/testdata/ci/vuln-540x1080.a.png b/tests/screentest/testdata/ci/vuln-540x1080.a.png
index 99af0a4..56a4ac7 100644
--- a/tests/screentest/testdata/ci/vuln-540x1080.a.png
+++ b/tests/screentest/testdata/ci/vuln-540x1080.a.png
Binary files differ
diff --git a/tests/screentest/testdata/ci/vuln-entry-540x1080.a.png b/tests/screentest/testdata/ci/vuln-entry-540x1080.a.png
index 5816884..d161ba8 100644
--- a/tests/screentest/testdata/ci/vuln-entry-540x1080.a.png
+++ b/tests/screentest/testdata/ci/vuln-entry-540x1080.a.png
Binary files differ
diff --git a/tests/screentest/testdata/ci/vuln-entry.a.png b/tests/screentest/testdata/ci/vuln-entry.a.png
index 6ed0956..f967095 100644
--- a/tests/screentest/testdata/ci/vuln-entry.a.png
+++ b/tests/screentest/testdata/ci/vuln-entry.a.png
Binary files differ
diff --git a/tests/screentest/testdata/ci/vuln-list-540x1080.a.png b/tests/screentest/testdata/ci/vuln-list-540x1080.a.png
index 2384335..e62ae05 100644
--- a/tests/screentest/testdata/ci/vuln-list-540x1080.a.png
+++ b/tests/screentest/testdata/ci/vuln-list-540x1080.a.png
Binary files differ
diff --git a/tests/screentest/testdata/ci/vuln-list.a.png b/tests/screentest/testdata/ci/vuln-list.a.png
index 2c1c677..bc0cb3e 100644
--- a/tests/screentest/testdata/ci/vuln-list.a.png
+++ b/tests/screentest/testdata/ci/vuln-list.a.png
Binary files differ
diff --git a/tests/screentest/testdata/ci/vuln-search-540x1080.a.png b/tests/screentest/testdata/ci/vuln-search-540x1080.a.png
index 62549b6..4639b3d 100644
--- a/tests/screentest/testdata/ci/vuln-search-540x1080.a.png
+++ b/tests/screentest/testdata/ci/vuln-search-540x1080.a.png
Binary files differ
diff --git a/tests/screentest/testdata/ci/vuln-search.a.png b/tests/screentest/testdata/ci/vuln-search.a.png
index 5d8817f..315ce5e 100644
--- a/tests/screentest/testdata/ci/vuln-search.a.png
+++ b/tests/screentest/testdata/ci/vuln-search.a.png
Binary files differ
diff --git a/tests/screentest/testdata/ci/vuln.a.png b/tests/screentest/testdata/ci/vuln.a.png
index 63cf6df..f70c30a 100644
--- a/tests/screentest/testdata/ci/vuln.a.png
+++ b/tests/screentest/testdata/ci/vuln.a.png
Binary files differ
diff --git a/tests/screentest/testdata/vulndb-v1/ID/GO-2021-0068.json b/tests/screentest/testdata/vulndb-v1/ID/GO-2021-0068.json
index 39b1045..818b718 100644
--- a/tests/screentest/testdata/vulndb-v1/ID/GO-2021-0068.json
+++ b/tests/screentest/testdata/vulndb-v1/ID/GO-2021-0068.json
@@ -1 +1 @@
-{"id":"GO-2021-0068","published":"2021-04-14T20:04:52Z","modified":"2022-11-21T19:50:45Z","aliases":["CVE-2021-3115"],"details":"The go command may execute arbitrary code at build time when using cgo on Windows. This can be triggered by running go get on a malicious module, or any other time the code is built.","affected":[{"package":{"name":"toolchain","ecosystem":"Go"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"1.14.14"},{"introduced":"1.15.0"},{"fixed":"1.15.7"}]}],"database_specific":{"url":"https://pkg.go.dev/vuln/GO-2021-0068"},"ecosystem_specific":{"imports":[{"path":"cmd/go","goos":["windows"]}]}}],"references":[{"type":"FIX","url":"https://go.dev/cl/284783"},{"type":"FIX","url":"https://go.googlesource.com/go/+/953d1feca9b21af075ad5fc8a3dad096d3ccc3a0"},{"type":"REPORT","url":"https://go.dev/issue/43783"},{"type":"WEB","url":"https://groups.google.com/g/golang-announce/c/mperVMGa98w/m/yo5W5wnvAAAJ"},{"type":"FIX","url":"https://go.dev/cl/284780"},{"type":"FIX","url":"https://go.googlesource.com/go/+/46e2e2e9d99925bbf724b12693c6d3e27a95d6a0"}],"credits":[{"name":"RyotaK"}],"schema_version":"1.3.1"}
\ No newline at end of file
+{"schema_version":"1.3.1","id":"GO-2021-0068","modified":"2023-06-12T18:45:41Z","published":"2021-04-14T20:04:52Z","aliases":["CVE-2021-3115"],"summary":"Arbitrary code injection via the go command with cgo on Windows in cmd/go","details":"The go command may execute arbitrary code at build time when using cgo on Windows. This can be triggered by running go get on a malicious module, or any other time the code is built.","affected":[{"package":{"name":"toolchain","ecosystem":"Go"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"1.14.14"},{"introduced":"1.15.0-0"},{"fixed":"1.15.7"}]}],"ecosystem_specific":{"imports":[{"path":"cmd/go","goos":["windows"]}]}}],"references":[{"type":"FIX","url":"https://go.dev/cl/284783"},{"type":"FIX","url":"https://go.googlesource.com/go/+/953d1feca9b21af075ad5fc8a3dad096d3ccc3a0"},{"type":"REPORT","url":"https://go.dev/issue/43783"},{"type":"WEB","url":"https://groups.google.com/g/golang-announce/c/mperVMGa98w/m/yo5W5wnvAAAJ"},{"type":"FIX","url":"https://go.dev/cl/284780"},{"type":"FIX","url":"https://go.googlesource.com/go/+/46e2e2e9d99925bbf724b12693c6d3e27a95d6a0"}],"credits":[{"name":"RyotaK"}],"database_specific":{"url":"https://pkg.go.dev/vuln/GO-2021-0068"}}
\ No newline at end of file
diff --git a/tests/screentest/testdata/vulndb-v1/ID/GO-2021-0068.json.gz b/tests/screentest/testdata/vulndb-v1/ID/GO-2021-0068.json.gz
index 45b7255..0bea45d 100644
--- a/tests/screentest/testdata/vulndb-v1/ID/GO-2021-0068.json.gz
+++ b/tests/screentest/testdata/vulndb-v1/ID/GO-2021-0068.json.gz
Binary files differ
diff --git a/tests/screentest/testdata/vulndb-v1/ID/GO-2021-0159.json b/tests/screentest/testdata/vulndb-v1/ID/GO-2021-0159.json
index 93bc52d..401e131 100644
--- a/tests/screentest/testdata/vulndb-v1/ID/GO-2021-0159.json
+++ b/tests/screentest/testdata/vulndb-v1/ID/GO-2021-0159.json
@@ -1 +1 @@
-{"id":"GO-2021-0159","published":"2022-01-05T21:39:14Z","modified":"2022-11-21T19:50:45Z","aliases":["CVE-2015-5739","CVE-2015-5740","CVE-2015-5741"],"details":"HTTP headers were not properly parsed, which allows remote attackers to conduct HTTP request smuggling attacks via a request that contains Content-Length and Transfer-Encoding header fields.","affected":[{"package":{"name":"stdlib","ecosystem":"Go"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"1.4.3"}]}],"database_specific":{"url":"https://pkg.go.dev/vuln/GO-2021-0159"},"ecosystem_specific":{"imports":[{"path":"net/http","symbols":["CanonicalMIMEHeaderKey","body.readLocked","canonicalMIMEHeaderKey","chunkWriter.writeHeader","fixLength","fixTransferEncoding","readTransfer","transferWriter.shouldSendContentLength","validHeaderFieldByte"]}]}}],"references":[{"type":"FIX","url":"https://go.dev/cl/13148"},{"type":"FIX","url":"https://go.googlesource.com/go/+/26049f6f9171d1190f3bbe05ec304845cfe6399f"},{"type":"FIX","url":"https://go.dev/cl/11772"},{"type":"FIX","url":"https://go.dev/cl/11810"},{"type":"FIX","url":"https://go.dev/cl/12865"},{"type":"FIX","url":"https://go.googlesource.com/go/+/117ddcb83d7f42d6aa72241240af99ded81118e9"},{"type":"FIX","url":"https://go.googlesource.com/go/+/300d9a21583e7cf0149a778a0611e76ff7c6680f"},{"type":"FIX","url":"https://go.googlesource.com/go/+/c2db5f4ccc61ba7df96a747e268a277b802cbb87"},{"type":"REPORT","url":"https://go.dev/issue/12027"},{"type":"REPORT","url":"https://go.dev/issue/11930"},{"type":"WEB","url":"https://groups.google.com/g/golang-announce/c/iSIyW4lM4hY/m/ADuQR4DiDwAJ"}],"credits":[{"name":"Jed Denlea and Régis Leroy"}],"schema_version":"1.3.1"}
\ No newline at end of file
+{"schema_version":"1.3.1","id":"GO-2021-0159","modified":"2023-06-12T18:45:41Z","published":"2022-01-05T21:39:14Z","aliases":["CVE-2015-5739","CVE-2015-5740","CVE-2015-5741"],"summary":"Request smuggling due to improper header parsing in net/http","details":"HTTP headers were not properly parsed, which allows remote attackers to conduct HTTP request smuggling attacks via a request that contains Content-Length and Transfer-Encoding header fields.","affected":[{"package":{"name":"stdlib","ecosystem":"Go"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"1.4.3"}]}],"ecosystem_specific":{"imports":[{"path":"net/http","symbols":["CanonicalMIMEHeaderKey","body.readLocked","canonicalMIMEHeaderKey","chunkWriter.writeHeader","fixLength","fixTransferEncoding","readTransfer","transferWriter.shouldSendContentLength","validHeaderFieldByte"]}]}}],"references":[{"type":"FIX","url":"https://go.dev/cl/13148"},{"type":"FIX","url":"https://go.googlesource.com/go/+/26049f6f9171d1190f3bbe05ec304845cfe6399f"},{"type":"FIX","url":"https://go.dev/cl/11772"},{"type":"FIX","url":"https://go.dev/cl/11810"},{"type":"FIX","url":"https://go.dev/cl/12865"},{"type":"FIX","url":"https://go.googlesource.com/go/+/117ddcb83d7f42d6aa72241240af99ded81118e9"},{"type":"FIX","url":"https://go.googlesource.com/go/+/300d9a21583e7cf0149a778a0611e76ff7c6680f"},{"type":"FIX","url":"https://go.googlesource.com/go/+/c2db5f4ccc61ba7df96a747e268a277b802cbb87"},{"type":"REPORT","url":"https://go.dev/issue/12027"},{"type":"REPORT","url":"https://go.dev/issue/11930"},{"type":"WEB","url":"https://groups.google.com/g/golang-announce/c/iSIyW4lM4hY/m/ADuQR4DiDwAJ"}],"credits":[{"name":"Jed Denlea"},{"name":"Régis Leroy"}],"database_specific":{"url":"https://pkg.go.dev/vuln/GO-2021-0159"}}
\ No newline at end of file
diff --git a/tests/screentest/testdata/vulndb-v1/ID/GO-2021-0159.json.gz b/tests/screentest/testdata/vulndb-v1/ID/GO-2021-0159.json.gz
index eca3079..474e31d 100644
--- a/tests/screentest/testdata/vulndb-v1/ID/GO-2021-0159.json.gz
+++ b/tests/screentest/testdata/vulndb-v1/ID/GO-2021-0159.json.gz
Binary files differ
diff --git a/tests/screentest/testdata/vulndb-v1/ID/GO-2021-0240.json b/tests/screentest/testdata/vulndb-v1/ID/GO-2021-0240.json
index fdcf9c8..27da31e 100644
--- a/tests/screentest/testdata/vulndb-v1/ID/GO-2021-0240.json
+++ b/tests/screentest/testdata/vulndb-v1/ID/GO-2021-0240.json
@@ -1 +1 @@
-{"id":"GO-2021-0240","published":"2022-02-17T17:33:25Z","modified":"2022-11-21T19:50:45Z","aliases":["CVE-2021-33196"],"details":"NewReader and OpenReader can cause a panic or an unrecoverable fatal error when reading an archive that claims to contain a large number of files, regardless of its actual size.","affected":[{"package":{"name":"stdlib","ecosystem":"Go"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"1.15.13"},{"introduced":"1.16.0"},{"fixed":"1.16.5"}]}],"database_specific":{"url":"https://pkg.go.dev/vuln/GO-2021-0240"},"ecosystem_specific":{"imports":[{"path":"archive/zip","symbols":["Reader.init"]}]}}],"references":[{"type":"FIX","url":"https://go.dev/cl/318909"},{"type":"FIX","url":"https://go.googlesource.com/go/+/74242baa4136c7a9132a8ccd9881354442788c8c"},{"type":"WEB","url":"https://groups.google.com/g/golang-announce/c/RgCMkAEQjSI"},{"type":"REPORT","url":"https://go.dev/issue/46242"}],"credits":[{"name":"the OSS-Fuzz project for discovering this issue and\nEmmanuel Odeke for reporting it\n"}],"schema_version":"1.3.1"}
\ No newline at end of file
+{"schema_version":"1.3.1","id":"GO-2021-0240","modified":"2023-06-12T18:45:41Z","published":"2022-02-17T17:33:25Z","aliases":["CVE-2021-33196"],"summary":"Panic when reading certain archives in archive/zip","details":"NewReader and OpenReader can cause a panic or an unrecoverable fatal error when reading an archive that claims to contain a large number of files, regardless of its actual size.","affected":[{"package":{"name":"stdlib","ecosystem":"Go"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"1.15.13"},{"introduced":"1.16.0-0"},{"fixed":"1.16.5"}]}],"ecosystem_specific":{"imports":[{"path":"archive/zip","symbols":["Reader.init"]}]}}],"references":[{"type":"FIX","url":"https://go.dev/cl/318909"},{"type":"FIX","url":"https://go.googlesource.com/go/+/74242baa4136c7a9132a8ccd9881354442788c8c"},{"type":"WEB","url":"https://groups.google.com/g/golang-announce/c/RgCMkAEQjSI"},{"type":"REPORT","url":"https://go.dev/issue/46242"}],"credits":[{"name":"OSS-Fuzz (discovery)"},{"name":"Emmanuel Odeke (reporter)"}],"database_specific":{"url":"https://pkg.go.dev/vuln/GO-2021-0240"}}
\ No newline at end of file
diff --git a/tests/screentest/testdata/vulndb-v1/ID/GO-2021-0240.json.gz b/tests/screentest/testdata/vulndb-v1/ID/GO-2021-0240.json.gz
index edc3f9c..62ca6f6 100644
--- a/tests/screentest/testdata/vulndb-v1/ID/GO-2021-0240.json.gz
+++ b/tests/screentest/testdata/vulndb-v1/ID/GO-2021-0240.json.gz
Binary files differ
diff --git a/tests/screentest/testdata/vulndb-v1/ID/GO-2021-0264.json b/tests/screentest/testdata/vulndb-v1/ID/GO-2021-0264.json
index b89efbf..b531d8e 100644
--- a/tests/screentest/testdata/vulndb-v1/ID/GO-2021-0264.json
+++ b/tests/screentest/testdata/vulndb-v1/ID/GO-2021-0264.json
@@ -1 +1 @@
-{"id":"GO-2021-0264","published":"2022-01-13T20:54:43Z","modified":"2022-11-21T19:50:45Z","aliases":["CVE-2021-41772"],"details":"Previously, opening a zip with (*Reader).Open could result in a panic if the zip contained a file whose name was exclusively made up of slash characters or \"..\" path elements.\n\nOpen could also panic if passed the empty string directly as an argument.\n\nNow, any files in the zip whose name could not be made valid for fs.FS.Open will be skipped, and no longer added to the fs.FS file list, although they are still accessible through (*Reader).File.\n\nNote that it was already the case that a file could be accessible from (*Reader).Open with a name different from the one in (*Reader).File, as the former is the cleaned name, while the latter is the original one.\n\nFinally, the actual panic site was made robust as a defense-in-depth measure.","affected":[{"package":{"name":"stdlib","ecosystem":"Go"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"1.16.10"},{"introduced":"1.17.0"},{"fixed":"1.17.3"}]}],"database_specific":{"url":"https://pkg.go.dev/vuln/GO-2021-0264"},"ecosystem_specific":{"imports":[{"path":"archive/zip","symbols":["Reader.Open","split"]}]}}],"references":[{"type":"FIX","url":"https://go.dev/cl/349770"},{"type":"FIX","url":"https://go.googlesource.com/go/+/b24687394b55a93449e2be4e6892ead58ea9a10f"},{"type":"WEB","url":"https://groups.google.com/g/golang-announce/c/0fM21h43arc"},{"type":"REPORT","url":"https://go.dev/issue/48085"}],"credits":[{"name":"Colin Arnott, SiteHost and Noah Santschi-Cooney, Sourcegraph Code Intelligence Team"}],"schema_version":"1.3.1"}
\ No newline at end of file
+{"schema_version":"1.3.1","id":"GO-2021-0264","modified":"2023-06-12T18:45:41Z","published":"2022-01-13T20:54:43Z","aliases":["CVE-2021-41772"],"summary":"Panic when opening certain archives in archive/zip","details":"Previously, opening a zip with (*Reader).Open could result in a panic if the zip contained a file whose name was exclusively made up of slash characters or \"..\" path elements.\n\nOpen could also panic if passed the empty string directly as an argument.\n\nNow, any files in the zip whose name could not be made valid for fs.FS.Open will be skipped, and no longer added to the fs.FS file list, although they are still accessible through (*Reader).File.\n\nNote that it was already the case that a file could be accessible from (*Reader).Open with a name different from the one in (*Reader).File, as the former is the cleaned name, while the latter is the original one.\n\nFinally, the actual panic site was made robust as a defense-in-depth measure.","affected":[{"package":{"name":"stdlib","ecosystem":"Go"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"1.16.10"},{"introduced":"1.17.0-0"},{"fixed":"1.17.3"}]}],"ecosystem_specific":{"imports":[{"path":"archive/zip","symbols":["Reader.Open","split"]}]}}],"references":[{"type":"FIX","url":"https://go.dev/cl/349770"},{"type":"FIX","url":"https://go.googlesource.com/go/+/b24687394b55a93449e2be4e6892ead58ea9a10f"},{"type":"WEB","url":"https://groups.google.com/g/golang-announce/c/0fM21h43arc"},{"type":"REPORT","url":"https://go.dev/issue/48085"}],"credits":[{"name":"Colin Arnott (SiteHost)"},{"name":"Noah Santschi-Cooney (Sourcegraph Code Intelligence Team)"}],"database_specific":{"url":"https://pkg.go.dev/vuln/GO-2021-0264"}}
\ No newline at end of file
diff --git a/tests/screentest/testdata/vulndb-v1/ID/GO-2021-0264.json.gz b/tests/screentest/testdata/vulndb-v1/ID/GO-2021-0264.json.gz
index c1f65a9..2f8a94b 100644
--- a/tests/screentest/testdata/vulndb-v1/ID/GO-2021-0264.json.gz
+++ b/tests/screentest/testdata/vulndb-v1/ID/GO-2021-0264.json.gz
Binary files differ
diff --git a/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0229.json b/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0229.json
index 6bc889d..798347e 100644
--- a/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0229.json
+++ b/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0229.json
@@ -1 +1 @@
-{"id":"GO-2022-0229","published":"2022-07-06T18:23:48Z","modified":"2022-11-21T19:50:45Z","aliases":["CVE-2020-7919","GHSA-cjjc-xp8v-855w"],"details":"On 32-bit architectures, a malformed input to crypto/x509 or the ASN.1 parsing functions of golang.org/x/crypto/cryptobyte can lead to a panic.\n\nThe malformed certificate can be delivered via a crypto/tls connection to a client, or to a server that accepts client certificates. net/http clients can be made to crash by an HTTPS server, while net/http servers that accept client certificates will recover the panic and are unaffected.","affected":[{"package":{"name":"stdlib","ecosystem":"Go"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"1.12.16"},{"introduced":"1.13.0"},{"fixed":"1.13.7"}]}],"database_specific":{"url":"https://pkg.go.dev/vuln/GO-2022-0229"},"ecosystem_specific":{"imports":[{"path":"crypto/x509"}]}},{"package":{"name":"golang.org/x/crypto","ecosystem":"Go"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"0.0.0-20200124225646-8b5121be2f68"}]}],"database_specific":{"url":"https://pkg.go.dev/vuln/GO-2022-0229"},"ecosystem_specific":{"imports":[{"path":"golang.org/x/crypto/cryptobyte"}]}}],"references":[{"type":"FIX","url":"https://go.dev/cl/216680"},{"type":"FIX","url":"https://go.googlesource.com/go/+/b13ce14c4a6aa59b7b041ad2b6eed2d23e15b574"},{"type":"FIX","url":"https://go.dev/cl/216677"},{"type":"REPORT","url":"https://go.dev/issue/36837"},{"type":"WEB","url":"https://groups.google.com/g/golang-announce/c/Hsw4mHYc470"}],"credits":[{"name":"Project Wycheproof"}],"schema_version":"1.3.1"}
\ No newline at end of file
+{"schema_version":"1.3.1","id":"GO-2022-0229","modified":"2023-06-12T18:45:41Z","published":"2022-07-06T18:23:48Z","aliases":["CVE-2020-7919","GHSA-cjjc-xp8v-855w"],"summary":"Panic in certificate parsing in crypto/x509 and golang.org/x/crypto/cryptobyte","details":"On 32-bit architectures, a malformed input to crypto/x509 or the ASN.1 parsing functions of golang.org/x/crypto/cryptobyte can lead to a panic.\n\nThe malformed certificate can be delivered via a crypto/tls connection to a client, or to a server that accepts client certificates. net/http clients can be made to crash by an HTTPS server, while net/http servers that accept client certificates will recover the panic and are unaffected.","affected":[{"package":{"name":"stdlib","ecosystem":"Go"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"1.12.16"},{"introduced":"1.13.0-0"},{"fixed":"1.13.7"}]}],"ecosystem_specific":{"imports":[{"path":"crypto/x509"}]}},{"package":{"name":"golang.org/x/crypto","ecosystem":"Go"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"0.0.0-20200124225646-8b5121be2f68"}]}],"ecosystem_specific":{"imports":[{"path":"golang.org/x/crypto/cryptobyte"}]}}],"references":[{"type":"FIX","url":"https://go.dev/cl/216680"},{"type":"FIX","url":"https://go.googlesource.com/go/+/b13ce14c4a6aa59b7b041ad2b6eed2d23e15b574"},{"type":"FIX","url":"https://go.dev/cl/216677"},{"type":"REPORT","url":"https://go.dev/issue/36837"},{"type":"WEB","url":"https://groups.google.com/g/golang-announce/c/Hsw4mHYc470"}],"credits":[{"name":"Project Wycheproof"}],"database_specific":{"url":"https://pkg.go.dev/vuln/GO-2022-0229"}}
\ No newline at end of file
diff --git a/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0229.json.gz b/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0229.json.gz
index 8e9dd7d..c36f933 100644
--- a/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0229.json.gz
+++ b/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0229.json.gz
Binary files differ
diff --git a/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0273.json b/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0273.json
index e3a18cc..7e30215 100644
--- a/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0273.json
+++ b/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0273.json
@@ -1 +1 @@
-{"id":"GO-2022-0273","published":"2022-05-18T18:23:31Z","modified":"2022-11-21T19:50:45Z","aliases":["CVE-2021-39293"],"details":"The NewReader and OpenReader functions in archive/zip can cause a panic or an unrecoverable fatal error when reading an archive that claims to contain a large number of files, regardless of its actual size. This is caused by an incomplete fix for CVE-2021-33196.","affected":[{"package":{"name":"stdlib","ecosystem":"Go"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"1.16.8"},{"introduced":"1.17.0"},{"fixed":"1.17.1"}]}],"database_specific":{"url":"https://pkg.go.dev/vuln/GO-2022-0273"},"ecosystem_specific":{"imports":[{"path":"archive/zip","symbols":["NewReader","OpenReader"]}]}}],"references":[{"type":"FIX","url":"https://go.dev/cl/343434"},{"type":"FIX","url":"https://go.googlesource.com/go/+/bacbc33439b124ffd7392c91a5f5d96eca8c0c0b"},{"type":"REPORT","url":"https://go.dev/issue/47801"},{"type":"WEB","url":"https://groups.google.com/g/golang-announce/c/dx9d7IOseHw"}],"credits":[{"name":"OSS-Fuzz Project and Emmanuel Odeke"}],"schema_version":"1.3.1"}
\ No newline at end of file
+{"schema_version":"1.3.1","id":"GO-2022-0273","modified":"2023-06-12T18:45:41Z","published":"2022-05-18T18:23:31Z","aliases":["CVE-2021-39293"],"summary":"Panic due to crafted inputs in archive/zip","details":"The NewReader and OpenReader functions in archive/zip can cause a panic or an unrecoverable fatal error when reading an archive that claims to contain a large number of files, regardless of its actual size. This is caused by an incomplete fix for CVE-2021-33196.","affected":[{"package":{"name":"stdlib","ecosystem":"Go"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"1.16.8"},{"introduced":"1.17.0-0"},{"fixed":"1.17.1"}]}],"ecosystem_specific":{"imports":[{"path":"archive/zip","symbols":["NewReader","OpenReader"]}]}}],"references":[{"type":"FIX","url":"https://go.dev/cl/343434"},{"type":"FIX","url":"https://go.googlesource.com/go/+/bacbc33439b124ffd7392c91a5f5d96eca8c0c0b"},{"type":"REPORT","url":"https://go.dev/issue/47801"},{"type":"WEB","url":"https://groups.google.com/g/golang-announce/c/dx9d7IOseHw"}],"credits":[{"name":"OSS-Fuzz Project"},{"name":"Emmanuel Odeke"}],"database_specific":{"url":"https://pkg.go.dev/vuln/GO-2022-0273"}}
\ No newline at end of file
diff --git a/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0273.json.gz b/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0273.json.gz
index 52401b2..39c9d66 100644
--- a/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0273.json.gz
+++ b/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0273.json.gz
Binary files differ
diff --git a/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0463.json b/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0463.json
index f75ec37..d6b13a7 100644
--- a/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0463.json
+++ b/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0463.json
@@ -1 +1 @@
-{"id":"GO-2022-0463","published":"2022-07-01T20:06:59Z","modified":"2023-02-28T17:16:51Z","aliases":["CVE-2022-31259","GHSA-qx32-f6g6-fcfr"],"details":"Routes in the beego HTTP router can match unintended patterns. This overly-broad matching may permit an attacker to bypass access controls.\n\nFor example, the pattern \"/a/b/:name\" can match the URL \"/a.xml/b/\". This may bypass access control applied to the prefix \"/a/\".","affected":[{"package":{"name":"github.com/astaxie/beego","ecosystem":"Go"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"}]}],"database_specific":{"url":"https://pkg.go.dev/vuln/GO-2022-0463"},"ecosystem_specific":{"imports":[{"path":"github.com/astaxie/beego","symbols":["App.Run","ControllerRegister.FindPolicy","ControllerRegister.FindRouter","ControllerRegister.ServeHTTP","FilterRouter.ValidRouter","InitBeegoBeforeTest","Run","RunWithMiddleWares","TestBeegoInit","Tree.Match","adminApp.Run"]}]}},{"package":{"name":"github.com/beego/beego","ecosystem":"Go"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"1.12.9"}]}],"database_specific":{"url":"https://pkg.go.dev/vuln/GO-2022-0463"},"ecosystem_specific":{"imports":[{"path":"github.com/beego/beego","symbols":["App.Run","ControllerRegister.FindPolicy","ControllerRegister.FindRouter","ControllerRegister.ServeHTTP","FilterRouter.ValidRouter","InitBeegoBeforeTest","Run","RunWithMiddleWares","TestBeegoInit","Tree.Match","Tree.match","adminApp.Run"]}]}},{"package":{"name":"github.com/beego/beego/v2","ecosystem":"Go"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"2.0.3"}]}],"database_specific":{"url":"https://pkg.go.dev/vuln/GO-2022-0463"},"ecosystem_specific":{"imports":[{"path":"github.com/beego/beego/v2/server/web","symbols":["AddNamespace","AddViewPath","Any","AutoPrefix","AutoRouter","BuildTemplate","Compare","CompareNot","Controller.Abort","Controller.Bind","Controller.BindForm","Controller.BindJSON","Controller.BindProtobuf","Controller.BindXML","Controller.BindYAML","Controller.CheckXSRFCookie","Controller.CustomAbort","Controller.Delete","Controller.DestroySession","Controller.Get","Controller.GetBool","Controller.GetFile","Controller.GetFloat","Controller.GetInt","Controller.GetInt16","Controller.GetInt32","Controller.GetInt64","Controller.GetInt8","Controller.GetSecureCookie","Controller.GetString","Controller.GetStrings","Controller.GetUint16","Controller.GetUint32","Controller.GetUint64","Controller.GetUint8","Controller.Head","Controller.Input","Controller.IsAjax","Controller.JSONResp","Controller.Options","Controller.ParseForm","Controller.Patch","Controller.Post","Controller.Put","Controller.Redirect","Controller.Render","Controller.RenderBytes","Controller.RenderString","Controller.Resp","Controller.SaveToFile","Controller.SaveToFileWithBuffer","Controller.ServeFormatted","Controller.ServeJSON","Controller.ServeJSONP","Controller.ServeXML","Controller.ServeYAML","Controller.SessionRegenerateID","Controller.SetData","Controller.SetSecureCookie","Controller.Trace","Controller.URLFor","Controller.XMLResp","Controller.XSRFFormHTML","Controller.XSRFToken","Controller.YamlResp","ControllerRegister.Add","ControllerRegister.AddAuto","ControllerRegister.AddAutoPrefix","ControllerRegister.AddMethod","ControllerRegister.AddRouterMethod","ControllerRegister.Any","ControllerRegister.CtrlAny","ControllerRegister.CtrlDelete","ControllerRegister.CtrlGet","ControllerRegister.CtrlHead","ControllerRegister.CtrlOptions","ControllerRegister.CtrlPatch","ControllerRegister.CtrlPost","ControllerRegister.CtrlPut","ControllerRegister.Delete","ControllerRegister.FindPolicy","ControllerRegister.FindRouter","ControllerRegister.Get","ControllerRegister.GetContext","ControllerRegister.Handler","ControllerRegister.Head","ControllerRegister.Include","ControllerRegister.Init","ControllerRegister.InsertFilter","ControllerRegister.Options","ControllerRegister.Patch","ControllerRegister.Post","ControllerRegister.Put","ControllerRegister.ServeHTTP","ControllerRegister.URLFor","CtrlAny","CtrlDelete","CtrlGet","CtrlHead","CtrlOptions","CtrlPatch","CtrlPost","CtrlPut","Date","DateFormat","DateParse","Delete","Exception","ExecuteTemplate","ExecuteViewPathTemplate","FileSystem.Open","FilterRouter.ValidRouter","FlashData.Error","FlashData.Notice","FlashData.Set","FlashData.Store","FlashData.Success","FlashData.Warning","Get","GetConfig","HTML2str","Handler","Head","Htmlquote","Htmlunquote","HttpServer.Any","HttpServer.AutoPrefix","HttpServer.AutoRouter","HttpServer.CtrlAny","HttpServer.CtrlDelete","HttpServer.CtrlGet","HttpServer.CtrlHead","HttpServer.CtrlOptions","HttpServer.CtrlPatch","HttpServer.CtrlPost","HttpServer.CtrlPut","HttpServer.Delete","HttpServer.Get","HttpServer.Handler","HttpServer.Head","HttpServer.Include","HttpServer.InsertFilter","HttpServer.LogAccess","HttpServer.Options","HttpServer.Patch","HttpServer.Post","HttpServer.PrintTree","HttpServer.Put","HttpServer.RESTRouter","HttpServer.Router","HttpServer.RouterWithOpts","HttpServer.Run","Include","InitBeegoBeforeTest","InsertFilter","LoadAppConfig","LogAccess","MapGet","Namespace.Any","Namespace.AutoPrefix","Namespace.AutoRouter","Namespace.Cond","Namespace.CtrlAny","Namespace.CtrlDelete","Namespace.CtrlGet","Namespace.CtrlHead","Namespace.CtrlOptions","Namespace.CtrlPatch","Namespace.CtrlPost","Namespace.CtrlPut","Namespace.Delete","Namespace.Filter","Namespace.Get","Namespace.Handler","Namespace.Head","Namespace.Include","Namespace.Namespace","Namespace.Options","Namespace.Patch","Namespace.Post","Namespace.Put","Namespace.Router","NewControllerRegister","NewControllerRegisterWithCfg","NewHttpServerWithCfg","NewHttpSever","NewNamespace","NotNil","Options","ParseForm","Patch","Policy","Post","PrintTree","Put","RESTRouter","ReadFromRequest","RenderForm","Router","RouterWithOpts","Run","RunWithMiddleWares","TestBeegoInit","Tree.AddRouter","Tree.AddTree","Tree.Match","Tree.match","URLFor","URLMap.GetMap","URLMap.GetMapData","Walk","adminApp.Run","adminController.AdminIndex","adminController.Healthcheck","adminController.ListConf","adminController.ProfIndex","adminController.PrometheusMetrics","adminController.QpsIndex","adminController.TaskStatus","beegoAppConfig.Bool","beegoAppConfig.DefaultBool"]}]}}],"references":[{"type":"FIX","url":"https://github.com/beego/beego/pull/4958"},{"type":"FIX","url":"https://github.com/beego/beego/commit/64cf44d725c8cc35d782327d333df9cbeb1bf2dd"},{"type":"WEB","url":"https://beego.vip"},{"type":"WEB","url":"https://github.com/beego/beego/issues/4946"},{"type":"WEB","url":"https://github.com/beego/beego/pull/4954"}],"schema_version":"1.3.1"}
\ No newline at end of file
+{"schema_version":"1.3.1","id":"GO-2022-0463","modified":"2023-06-12T18:45:41Z","published":"2022-07-01T20:06:59Z","aliases":["CVE-2022-31259","GHSA-qx32-f6g6-fcfr"],"summary":"Access control bypass in github.com/beego/beego and beego/v2","details":"Routes in the beego HTTP router can match unintended patterns. This overly-broad matching may permit an attacker to bypass access controls.\n\nFor example, the pattern \"/a/b/:name\" can match the URL \"/a.xml/b/\". This may bypass access control applied to the prefix \"/a/\".","affected":[{"package":{"name":"github.com/astaxie/beego","ecosystem":"Go"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"}]}],"ecosystem_specific":{"imports":[{"path":"github.com/astaxie/beego","symbols":["App.Run","ControllerRegister.FindPolicy","ControllerRegister.FindRouter","ControllerRegister.ServeHTTP","FilterRouter.ValidRouter","InitBeegoBeforeTest","Run","RunWithMiddleWares","TestBeegoInit","Tree.Match","adminApp.Run"]}]}},{"package":{"name":"github.com/beego/beego","ecosystem":"Go"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"1.12.9"}]}],"ecosystem_specific":{"imports":[{"path":"github.com/beego/beego","symbols":["App.Run","ControllerRegister.FindPolicy","ControllerRegister.FindRouter","ControllerRegister.ServeHTTP","FilterRouter.ValidRouter","InitBeegoBeforeTest","Run","RunWithMiddleWares","TestBeegoInit","Tree.Match","Tree.match","adminApp.Run"]}]}},{"package":{"name":"github.com/beego/beego/v2","ecosystem":"Go"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"2.0.3"}]}],"ecosystem_specific":{"imports":[{"path":"github.com/beego/beego/v2/server/web","symbols":["AddNamespace","AddViewPath","Any","AutoPrefix","AutoRouter","BuildTemplate","Compare","CompareNot","Controller.Abort","Controller.Bind","Controller.BindForm","Controller.BindJSON","Controller.BindProtobuf","Controller.BindXML","Controller.BindYAML","Controller.CheckXSRFCookie","Controller.CustomAbort","Controller.Delete","Controller.DestroySession","Controller.Get","Controller.GetBool","Controller.GetFile","Controller.GetFloat","Controller.GetInt","Controller.GetInt16","Controller.GetInt32","Controller.GetInt64","Controller.GetInt8","Controller.GetSecureCookie","Controller.GetString","Controller.GetStrings","Controller.GetUint16","Controller.GetUint32","Controller.GetUint64","Controller.GetUint8","Controller.Head","Controller.Input","Controller.IsAjax","Controller.JSONResp","Controller.Options","Controller.ParseForm","Controller.Patch","Controller.Post","Controller.Put","Controller.Redirect","Controller.Render","Controller.RenderBytes","Controller.RenderString","Controller.Resp","Controller.SaveToFile","Controller.SaveToFileWithBuffer","Controller.ServeFormatted","Controller.ServeJSON","Controller.ServeJSONP","Controller.ServeXML","Controller.ServeYAML","Controller.SessionRegenerateID","Controller.SetData","Controller.SetSecureCookie","Controller.Trace","Controller.URLFor","Controller.XMLResp","Controller.XSRFFormHTML","Controller.XSRFToken","Controller.YamlResp","ControllerRegister.Add","ControllerRegister.AddAuto","ControllerRegister.AddAutoPrefix","ControllerRegister.AddMethod","ControllerRegister.AddRouterMethod","ControllerRegister.Any","ControllerRegister.CtrlAny","ControllerRegister.CtrlDelete","ControllerRegister.CtrlGet","ControllerRegister.CtrlHead","ControllerRegister.CtrlOptions","ControllerRegister.CtrlPatch","ControllerRegister.CtrlPost","ControllerRegister.CtrlPut","ControllerRegister.Delete","ControllerRegister.FindPolicy","ControllerRegister.FindRouter","ControllerRegister.Get","ControllerRegister.GetContext","ControllerRegister.Handler","ControllerRegister.Head","ControllerRegister.Include","ControllerRegister.Init","ControllerRegister.InsertFilter","ControllerRegister.Options","ControllerRegister.Patch","ControllerRegister.Post","ControllerRegister.Put","ControllerRegister.ServeHTTP","ControllerRegister.URLFor","CtrlAny","CtrlDelete","CtrlGet","CtrlHead","CtrlOptions","CtrlPatch","CtrlPost","CtrlPut","Date","DateFormat","DateParse","Delete","Exception","ExecuteTemplate","ExecuteViewPathTemplate","FileSystem.Open","FilterRouter.ValidRouter","FlashData.Error","FlashData.Notice","FlashData.Set","FlashData.Store","FlashData.Success","FlashData.Warning","Get","GetConfig","HTML2str","Handler","Head","Htmlquote","Htmlunquote","HttpServer.Any","HttpServer.AutoPrefix","HttpServer.AutoRouter","HttpServer.CtrlAny","HttpServer.CtrlDelete","HttpServer.CtrlGet","HttpServer.CtrlHead","HttpServer.CtrlOptions","HttpServer.CtrlPatch","HttpServer.CtrlPost","HttpServer.CtrlPut","HttpServer.Delete","HttpServer.Get","HttpServer.Handler","HttpServer.Head","HttpServer.Include","HttpServer.InsertFilter","HttpServer.LogAccess","HttpServer.Options","HttpServer.Patch","HttpServer.Post","HttpServer.PrintTree","HttpServer.Put","HttpServer.RESTRouter","HttpServer.Router","HttpServer.RouterWithOpts","HttpServer.Run","Include","InitBeegoBeforeTest","InsertFilter","LoadAppConfig","LogAccess","MapGet","Namespace.Any","Namespace.AutoPrefix","Namespace.AutoRouter","Namespace.Cond","Namespace.CtrlAny","Namespace.CtrlDelete","Namespace.CtrlGet","Namespace.CtrlHead","Namespace.CtrlOptions","Namespace.CtrlPatch","Namespace.CtrlPost","Namespace.CtrlPut","Namespace.Delete","Namespace.Filter","Namespace.Get","Namespace.Handler","Namespace.Head","Namespace.Include","Namespace.Namespace","Namespace.Options","Namespace.Patch","Namespace.Post","Namespace.Put","Namespace.Router","NewControllerRegister","NewControllerRegisterWithCfg","NewHttpServerWithCfg","NewHttpSever","NewNamespace","NotNil","Options","ParseForm","Patch","Policy","Post","PrintTree","Put","RESTRouter","ReadFromRequest","RenderForm","Router","RouterWithOpts","Run","RunWithMiddleWares","TestBeegoInit","Tree.AddRouter","Tree.AddTree","Tree.Match","Tree.match","URLFor","URLMap.GetMap","URLMap.GetMapData","Walk","adminApp.Run","adminController.AdminIndex","adminController.Healthcheck","adminController.ListConf","adminController.ProfIndex","adminController.PrometheusMetrics","adminController.QpsIndex","adminController.TaskStatus","beegoAppConfig.Bool","beegoAppConfig.DefaultBool"]}]}}],"references":[{"type":"FIX","url":"https://github.com/beego/beego/pull/4958"},{"type":"FIX","url":"https://github.com/beego/beego/commit/64cf44d725c8cc35d782327d333df9cbeb1bf2dd"},{"type":"WEB","url":"https://beego.vip"},{"type":"WEB","url":"https://github.com/beego/beego/issues/4946"},{"type":"WEB","url":"https://github.com/beego/beego/pull/4954"}],"database_specific":{"url":"https://pkg.go.dev/vuln/GO-2022-0463"}}
\ No newline at end of file
diff --git a/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0463.json.gz b/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0463.json.gz
index 0c9966e..02572be 100644
--- a/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0463.json.gz
+++ b/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0463.json.gz
Binary files differ
diff --git a/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0475.json b/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0475.json
index c6db4e1..71c537e 100644
--- a/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0475.json
+++ b/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0475.json
@@ -1 +1 @@
-{"id":"GO-2022-0475","published":"2022-07-28T17:24:30Z","modified":"2022-11-21T19:50:45Z","aliases":["CVE-2020-28366"],"details":"The go command may execute arbitrary code at build time when cgo is in use. This may occur when running go get on a malicious package, or any other command that builds untrusted code.\n\nThis can be caused by malicious unquoted symbol name in a linked object file.","affected":[{"package":{"name":"toolchain","ecosystem":"Go"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"1.14.12"},{"introduced":"1.15.0"},{"fixed":"1.15.5"}]}],"database_specific":{"url":"https://pkg.go.dev/vuln/GO-2022-0475"},"ecosystem_specific":{"imports":[{"path":"cmd/go","symbols":["Builder.cgo"]},{"path":"cmd/cgo","symbols":["dynimport"]}]}}],"references":[{"type":"FIX","url":"https://go.dev/cl/269658"},{"type":"FIX","url":"https://go.googlesource.com/go/+/062e0e5ce6df339dc26732438ad771f73dbf2292"},{"type":"REPORT","url":"https://go.dev/issue/42559"},{"type":"WEB","url":"https://groups.google.com/g/golang-announce/c/NpBGTTmKzpM"}],"credits":[{"name":"Chris Brown and Tempus Ex"}],"schema_version":"1.3.1"}
\ No newline at end of file
+{"schema_version":"1.3.1","id":"GO-2022-0475","modified":"2023-06-12T18:45:41Z","published":"2022-07-28T17:24:30Z","aliases":["CVE-2020-28366"],"summary":"Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo","details":"The go command may execute arbitrary code at build time when cgo is in use. This may occur when running go get on a malicious package, or any other command that builds untrusted code.\n\nThis can be caused by malicious unquoted symbol name in a linked object file.","affected":[{"package":{"name":"toolchain","ecosystem":"Go"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"1.14.12"},{"introduced":"1.15.0-0"},{"fixed":"1.15.5"}]}],"ecosystem_specific":{"imports":[{"path":"cmd/go","symbols":["Builder.cgo"]},{"path":"cmd/cgo","symbols":["dynimport"]}]}}],"references":[{"type":"FIX","url":"https://go.dev/cl/269658"},{"type":"FIX","url":"https://go.googlesource.com/go/+/062e0e5ce6df339dc26732438ad771f73dbf2292"},{"type":"REPORT","url":"https://go.dev/issue/42559"},{"type":"WEB","url":"https://groups.google.com/g/golang-announce/c/NpBGTTmKzpM"}],"credits":[{"name":"Chris Brown (Tempus Ex)"}],"database_specific":{"url":"https://pkg.go.dev/vuln/GO-2022-0475"}}
\ No newline at end of file
diff --git a/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0475.json.gz b/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0475.json.gz
index efb58f3..ca07ea4 100644
--- a/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0475.json.gz
+++ b/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0475.json.gz
Binary files differ
diff --git a/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0476.json b/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0476.json
index 9356263..f481aee 100644
--- a/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0476.json
+++ b/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0476.json
@@ -1 +1 @@
-{"id":"GO-2022-0476","published":"2022-07-28T17:24:43Z","modified":"2022-11-21T19:50:45Z","aliases":["CVE-2020-28367"],"details":"The go command may execute arbitrary code at build time when cgo is in use. This may occur when running go get on a malicious package, or any other command that builds untrusted code.\n\nThis can be caused by malicious gcc flags specified via a cgo directive.","affected":[{"package":{"name":"toolchain","ecosystem":"Go"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"1.14.12"},{"introduced":"1.15.0"},{"fixed":"1.15.5"}]}],"database_specific":{"url":"https://pkg.go.dev/vuln/GO-2022-0476"},"ecosystem_specific":{"imports":[{"path":"cmd/go","symbols":["validCompilerFlags"]}]}}],"references":[{"type":"FIX","url":"https://go.dev/cl/267277"},{"type":"FIX","url":"https://go.googlesource.com/go/+/da7aa86917811a571e6634b45a457f918b8e6561"},{"type":"REPORT","url":"https://go.dev/issue/42556"},{"type":"WEB","url":"https://groups.google.com/g/golang-announce/c/NpBGTTmKzpM"}],"credits":[{"name":"Imre Rad"}],"schema_version":"1.3.1"}
\ No newline at end of file
+{"schema_version":"1.3.1","id":"GO-2022-0476","modified":"2023-06-12T18:45:41Z","published":"2022-07-28T17:24:43Z","aliases":["CVE-2020-28367"],"summary":"Arbitrary code execution via the go command with cgo in cmd/go","details":"The go command may execute arbitrary code at build time when cgo is in use. This may occur when running go get on a malicious package, or any other command that builds untrusted code.\n\nThis can be caused by malicious gcc flags specified via a cgo directive.","affected":[{"package":{"name":"toolchain","ecosystem":"Go"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"1.14.12"},{"introduced":"1.15.0-0"},{"fixed":"1.15.5"}]}],"ecosystem_specific":{"imports":[{"path":"cmd/go","symbols":["validCompilerFlags"]}]}}],"references":[{"type":"FIX","url":"https://go.dev/cl/267277"},{"type":"FIX","url":"https://go.googlesource.com/go/+/da7aa86917811a571e6634b45a457f918b8e6561"},{"type":"REPORT","url":"https://go.dev/issue/42556"},{"type":"WEB","url":"https://groups.google.com/g/golang-announce/c/NpBGTTmKzpM"}],"credits":[{"name":"Imre Rad"}],"database_specific":{"url":"https://pkg.go.dev/vuln/GO-2022-0476"}}
\ No newline at end of file
diff --git a/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0476.json.gz b/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0476.json.gz
index 7e0d2d0..373aafd 100644
--- a/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0476.json.gz
+++ b/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0476.json.gz
Binary files differ
diff --git a/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0569.json b/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0569.json
index bef1c96..a465a59 100644
--- a/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0569.json
+++ b/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0569.json
@@ -1 +1 @@
-{"id":"GO-2022-0569","published":"2022-08-23T13:24:17Z","modified":"2023-02-28T17:16:51Z","aliases":["CVE-2022-31836","GHSA-95f9-94vc-665h"],"details":"The leafInfo.match() function uses path.join() to deal with wildcard values which can lead to cross directory risk.","affected":[{"package":{"name":"github.com/astaxie/beego","ecosystem":"Go"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"}]}],"database_specific":{"url":"https://pkg.go.dev/vuln/GO-2022-0569"},"ecosystem_specific":{"imports":[{"path":"github.com/astaxie/beego","symbols":["App.Run","ControllerRegister.FindPolicy","ControllerRegister.FindRouter","ControllerRegister.ServeHTTP","FilterRouter.ValidRouter","InitBeegoBeforeTest","Run","RunWithMiddleWares","TestBeegoInit","Tree.Match","adminApp.Run"]}]}},{"package":{"name":"github.com/beego/beego","ecosystem":"Go"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"1.12.11"}]}],"database_specific":{"url":"https://pkg.go.dev/vuln/GO-2022-0569"},"ecosystem_specific":{"imports":[{"path":"github.com/beego/beego","symbols":["App.Run","ControllerRegister.FindPolicy","ControllerRegister.FindRouter","ControllerRegister.ServeHTTP","FilterRouter.ValidRouter","InitBeegoBeforeTest","Run","RunWithMiddleWares","TestBeegoInit","Tree.Match","adminApp.Run"]}]}},{"package":{"name":"github.com/beego/beego/v2","ecosystem":"Go"},"ranges":[{"type":"SEMVER","events":[{"introduced":"2.0.0"},{"fixed":"2.0.4"}]}],"database_specific":{"url":"https://pkg.go.dev/vuln/GO-2022-0569"},"ecosystem_specific":{"imports":[{"path":"github.com/beego/beego/v2/server/web","symbols":["AddNamespace","AddViewPath","Any","AutoPrefix","AutoRouter","BuildTemplate","Compare","CompareNot","Controller.Abort","Controller.Bind","Controller.BindForm","Controller.BindJSON","Controller.BindProtobuf","Controller.BindXML","Controller.BindYAML","Controller.CheckXSRFCookie","Controller.CustomAbort","Controller.Delete","Controller.DestroySession","Controller.Get","Controller.GetBool","Controller.GetFile","Controller.GetFloat","Controller.GetInt","Controller.GetInt16","Controller.GetInt32","Controller.GetInt64","Controller.GetInt8","Controller.GetSecureCookie","Controller.GetString","Controller.GetStrings","Controller.GetUint16","Controller.GetUint32","Controller.GetUint64","Controller.GetUint8","Controller.Head","Controller.Input","Controller.IsAjax","Controller.JSONResp","Controller.Options","Controller.ParseForm","Controller.Patch","Controller.Post","Controller.Put","Controller.Redirect","Controller.Render","Controller.RenderBytes","Controller.RenderString","Controller.Resp","Controller.SaveToFile","Controller.SaveToFileWithBuffer","Controller.ServeFormatted","Controller.ServeJSON","Controller.ServeJSONP","Controller.ServeXML","Controller.ServeYAML","Controller.SessionRegenerateID","Controller.SetData","Controller.SetSecureCookie","Controller.Trace","Controller.URLFor","Controller.XMLResp","Controller.XSRFFormHTML","Controller.XSRFToken","Controller.YamlResp","ControllerRegister.Add","ControllerRegister.AddAuto","ControllerRegister.AddAutoPrefix","ControllerRegister.AddMethod","ControllerRegister.AddRouterMethod","ControllerRegister.Any","ControllerRegister.CtrlAny","ControllerRegister.CtrlDelete","ControllerRegister.CtrlGet","ControllerRegister.CtrlHead","ControllerRegister.CtrlOptions","ControllerRegister.CtrlPatch","ControllerRegister.CtrlPost","ControllerRegister.CtrlPut","ControllerRegister.Delete","ControllerRegister.FindPolicy","ControllerRegister.FindRouter","ControllerRegister.Get","ControllerRegister.GetContext","ControllerRegister.Handler","ControllerRegister.Head","ControllerRegister.Include","ControllerRegister.Init","ControllerRegister.InsertFilter","ControllerRegister.Options","ControllerRegister.Patch","ControllerRegister.Post","ControllerRegister.Put","ControllerRegister.ServeHTTP","ControllerRegister.URLFor","CtrlAny","CtrlDelete","CtrlGet","CtrlHead","CtrlOptions","CtrlPatch","CtrlPost","CtrlPut","Date","DateFormat","DateParse","Delete","Exception","ExecuteTemplate","ExecuteViewPathTemplate","FileSystem.Open","FilterRouter.ValidRouter","FlashData.Error","FlashData.Notice","FlashData.Set","FlashData.Store","FlashData.Success","FlashData.Warning","Get","GetConfig","HTML2str","Handler","Head","Htmlquote","Htmlunquote","HttpServer.Any","HttpServer.AutoPrefix","HttpServer.AutoRouter","HttpServer.CtrlAny","HttpServer.CtrlDelete","HttpServer.CtrlGet","HttpServer.CtrlHead","HttpServer.CtrlOptions","HttpServer.CtrlPatch","HttpServer.CtrlPost","HttpServer.CtrlPut","HttpServer.Delete","HttpServer.Get","HttpServer.Handler","HttpServer.Head","HttpServer.Include","HttpServer.InsertFilter","HttpServer.LogAccess","HttpServer.Options","HttpServer.Patch","HttpServer.Post","HttpServer.PrintTree","HttpServer.Put","HttpServer.RESTRouter","HttpServer.Router","HttpServer.RouterWithOpts","HttpServer.Run","Include","InitBeegoBeforeTest","InsertFilter","LoadAppConfig","LogAccess","MapGet","Namespace.Any","Namespace.AutoPrefix","Namespace.AutoRouter","Namespace.Cond","Namespace.CtrlAny","Namespace.CtrlDelete","Namespace.CtrlGet","Namespace.CtrlHead","Namespace.CtrlOptions","Namespace.CtrlPatch","Namespace.CtrlPost","Namespace.CtrlPut","Namespace.Delete","Namespace.Filter","Namespace.Get","Namespace.Handler","Namespace.Head","Namespace.Include","Namespace.Namespace","Namespace.Options","Namespace.Patch","Namespace.Post","Namespace.Put","Namespace.Router","NewControllerRegister","NewControllerRegisterWithCfg","NewHttpServerWithCfg","NewHttpSever","NewNamespace","NotNil","Options","ParseForm","Patch","Policy","Post","PrintTree","Put","RESTRouter","ReadFromRequest","RenderForm","Router","RouterWithOpts","Run","RunWithMiddleWares","TestBeegoInit","Tree.AddRouter","Tree.AddTree","Tree.Match","URLFor","URLMap.GetMap","URLMap.GetMapData","Walk","adminApp.Run","adminController.AdminIndex","adminController.Healthcheck","adminController.ListConf","adminController.ProfIndex","adminController.PrometheusMetrics","adminController.QpsIndex","adminController.TaskStatus","beegoAppConfig.Bool","beegoAppConfig.DefaultBool"]}]}}],"references":[{"type":"FIX","url":"https://github.com/beego/beego/pull/5025"},{"type":"FIX","url":"https://github.com/beego/beego/pull/5025/commits/ea5ae58d40589d249cf577a053e490509de2bf57"}],"schema_version":"1.3.1"}
\ No newline at end of file
+{"schema_version":"1.3.1","id":"GO-2022-0569","modified":"2023-06-12T18:45:41Z","published":"2022-08-23T13:24:17Z","aliases":["CVE-2022-31836","GHSA-95f9-94vc-665h"],"summary":"Path traversal in github.com/beego/beego and beego/v2","details":"The leafInfo.match() function uses path.join() to deal with wildcard values which can lead to cross directory risk.","affected":[{"package":{"name":"github.com/astaxie/beego","ecosystem":"Go"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"}]}],"ecosystem_specific":{"imports":[{"path":"github.com/astaxie/beego","symbols":["App.Run","ControllerRegister.FindPolicy","ControllerRegister.FindRouter","ControllerRegister.ServeHTTP","FilterRouter.ValidRouter","InitBeegoBeforeTest","Run","RunWithMiddleWares","TestBeegoInit","Tree.Match","adminApp.Run"]}]}},{"package":{"name":"github.com/beego/beego","ecosystem":"Go"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"1.12.11"}]}],"ecosystem_specific":{"imports":[{"path":"github.com/beego/beego","symbols":["App.Run","ControllerRegister.FindPolicy","ControllerRegister.FindRouter","ControllerRegister.ServeHTTP","FilterRouter.ValidRouter","InitBeegoBeforeTest","Run","RunWithMiddleWares","TestBeegoInit","Tree.Match","adminApp.Run"]}]}},{"package":{"name":"github.com/beego/beego/v2","ecosystem":"Go"},"ranges":[{"type":"SEMVER","events":[{"introduced":"2.0.0"},{"fixed":"2.0.4"}]}],"ecosystem_specific":{"imports":[{"path":"github.com/beego/beego/v2/server/web","symbols":["AddNamespace","AddViewPath","Any","AutoPrefix","AutoRouter","BuildTemplate","Compare","CompareNot","Controller.Abort","Controller.Bind","Controller.BindForm","Controller.BindJSON","Controller.BindProtobuf","Controller.BindXML","Controller.BindYAML","Controller.CheckXSRFCookie","Controller.CustomAbort","Controller.Delete","Controller.DestroySession","Controller.Get","Controller.GetBool","Controller.GetFile","Controller.GetFloat","Controller.GetInt","Controller.GetInt16","Controller.GetInt32","Controller.GetInt64","Controller.GetInt8","Controller.GetSecureCookie","Controller.GetString","Controller.GetStrings","Controller.GetUint16","Controller.GetUint32","Controller.GetUint64","Controller.GetUint8","Controller.Head","Controller.Input","Controller.IsAjax","Controller.JSONResp","Controller.Options","Controller.ParseForm","Controller.Patch","Controller.Post","Controller.Put","Controller.Redirect","Controller.Render","Controller.RenderBytes","Controller.RenderString","Controller.Resp","Controller.SaveToFile","Controller.SaveToFileWithBuffer","Controller.ServeFormatted","Controller.ServeJSON","Controller.ServeJSONP","Controller.ServeXML","Controller.ServeYAML","Controller.SessionRegenerateID","Controller.SetData","Controller.SetSecureCookie","Controller.Trace","Controller.URLFor","Controller.XMLResp","Controller.XSRFFormHTML","Controller.XSRFToken","Controller.YamlResp","ControllerRegister.Add","ControllerRegister.AddAuto","ControllerRegister.AddAutoPrefix","ControllerRegister.AddMethod","ControllerRegister.AddRouterMethod","ControllerRegister.Any","ControllerRegister.CtrlAny","ControllerRegister.CtrlDelete","ControllerRegister.CtrlGet","ControllerRegister.CtrlHead","ControllerRegister.CtrlOptions","ControllerRegister.CtrlPatch","ControllerRegister.CtrlPost","ControllerRegister.CtrlPut","ControllerRegister.Delete","ControllerRegister.FindPolicy","ControllerRegister.FindRouter","ControllerRegister.Get","ControllerRegister.GetContext","ControllerRegister.Handler","ControllerRegister.Head","ControllerRegister.Include","ControllerRegister.Init","ControllerRegister.InsertFilter","ControllerRegister.Options","ControllerRegister.Patch","ControllerRegister.Post","ControllerRegister.Put","ControllerRegister.ServeHTTP","ControllerRegister.URLFor","CtrlAny","CtrlDelete","CtrlGet","CtrlHead","CtrlOptions","CtrlPatch","CtrlPost","CtrlPut","Date","DateFormat","DateParse","Delete","Exception","ExecuteTemplate","ExecuteViewPathTemplate","FileSystem.Open","FilterRouter.ValidRouter","FlashData.Error","FlashData.Notice","FlashData.Set","FlashData.Store","FlashData.Success","FlashData.Warning","Get","GetConfig","HTML2str","Handler","Head","Htmlquote","Htmlunquote","HttpServer.Any","HttpServer.AutoPrefix","HttpServer.AutoRouter","HttpServer.CtrlAny","HttpServer.CtrlDelete","HttpServer.CtrlGet","HttpServer.CtrlHead","HttpServer.CtrlOptions","HttpServer.CtrlPatch","HttpServer.CtrlPost","HttpServer.CtrlPut","HttpServer.Delete","HttpServer.Get","HttpServer.Handler","HttpServer.Head","HttpServer.Include","HttpServer.InsertFilter","HttpServer.LogAccess","HttpServer.Options","HttpServer.Patch","HttpServer.Post","HttpServer.PrintTree","HttpServer.Put","HttpServer.RESTRouter","HttpServer.Router","HttpServer.RouterWithOpts","HttpServer.Run","Include","InitBeegoBeforeTest","InsertFilter","LoadAppConfig","LogAccess","MapGet","Namespace.Any","Namespace.AutoPrefix","Namespace.AutoRouter","Namespace.Cond","Namespace.CtrlAny","Namespace.CtrlDelete","Namespace.CtrlGet","Namespace.CtrlHead","Namespace.CtrlOptions","Namespace.CtrlPatch","Namespace.CtrlPost","Namespace.CtrlPut","Namespace.Delete","Namespace.Filter","Namespace.Get","Namespace.Handler","Namespace.Head","Namespace.Include","Namespace.Namespace","Namespace.Options","Namespace.Patch","Namespace.Post","Namespace.Put","Namespace.Router","NewControllerRegister","NewControllerRegisterWithCfg","NewHttpServerWithCfg","NewHttpSever","NewNamespace","NotNil","Options","ParseForm","Patch","Policy","Post","PrintTree","Put","RESTRouter","ReadFromRequest","RenderForm","Router","RouterWithOpts","Run","RunWithMiddleWares","TestBeegoInit","Tree.AddRouter","Tree.AddTree","Tree.Match","URLFor","URLMap.GetMap","URLMap.GetMapData","Walk","adminApp.Run","adminController.AdminIndex","adminController.Healthcheck","adminController.ListConf","adminController.ProfIndex","adminController.PrometheusMetrics","adminController.QpsIndex","adminController.TaskStatus","beegoAppConfig.Bool","beegoAppConfig.DefaultBool"]}]}}],"references":[{"type":"FIX","url":"https://github.com/beego/beego/pull/5025"},{"type":"FIX","url":"https://github.com/beego/beego/pull/5025/commits/ea5ae58d40589d249cf577a053e490509de2bf57"}],"database_specific":{"url":"https://pkg.go.dev/vuln/GO-2022-0569"}}
\ No newline at end of file
diff --git a/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0569.json.gz b/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0569.json.gz
index c155300..ec7e9f3 100644
--- a/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0569.json.gz
+++ b/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0569.json.gz
Binary files differ
diff --git a/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0572.json b/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0572.json
index 5709665..a2bb6f4 100644
--- a/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0572.json
+++ b/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0572.json
@@ -1 +1 @@
-{"id":"GO-2022-0572","published":"2022-08-22T17:56:17Z","modified":"2023-02-28T17:16:51Z","aliases":["CVE-2021-30080","GHSA-28r6-jm5h-mrgg"],"details":"An issue was discovered in the route lookup process in beego which attackers to bypass access control.","affected":[{"package":{"name":"github.com/astaxie/beego","ecosystem":"Go"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"}]}],"database_specific":{"url":"https://pkg.go.dev/vuln/GO-2022-0572"},"ecosystem_specific":{"imports":[{"path":"github.com/astaxie/beego","symbols":["App.Run","ControllerRegister.FindPolicy","ControllerRegister.FindRouter","ControllerRegister.ServeHTTP","FilterRouter.ValidRouter","InitBeegoBeforeTest","Run","RunWithMiddleWares","TestBeegoInit","Tree.Match","adminApp.Run"]}]}},{"package":{"name":"github.com/beego/beego","ecosystem":"Go"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"}]}],"database_specific":{"url":"https://pkg.go.dev/vuln/GO-2022-0572"},"ecosystem_specific":{"imports":[{"path":"github.com/beego/beego","symbols":["App.Run","ControllerRegister.FindPolicy","ControllerRegister.FindRouter","ControllerRegister.ServeHTTP","FilterRouter.ValidRouter","InitBeegoBeforeTest","Run","RunWithMiddleWares","TestBeegoInit","Tree.Match","adminApp.Run"]}]}},{"package":{"name":"github.com/beego/beego/v2","ecosystem":"Go"},"ranges":[{"type":"SEMVER","events":[{"introduced":"2.0.0"},{"fixed":"2.0.3"}]}],"database_specific":{"url":"https://pkg.go.dev/vuln/GO-2022-0572"},"ecosystem_specific":{"imports":[{"path":"github.com/beego/beego/v2/server/web","symbols":["AddNamespace","AddViewPath","Any","AutoPrefix","AutoRouter","BuildTemplate","Compare","CompareNot","Controller.Abort","Controller.CheckXSRFCookie","Controller.CustomAbort","Controller.Delete","Controller.DestroySession","Controller.Get","Controller.GetBool","Controller.GetFile","Controller.GetFloat","Controller.GetInt","Controller.GetInt16","Controller.GetInt32","Controller.GetInt64","Controller.GetInt8","Controller.GetSecureCookie","Controller.GetString","Controller.GetStrings","Controller.GetUint16","Controller.GetUint32","Controller.GetUint64","Controller.GetUint8","Controller.Head","Controller.Input","Controller.IsAjax","Controller.Options","Controller.ParseForm","Controller.Patch","Controller.Post","Controller.Put","Controller.Redirect","Controller.Render","Controller.RenderBytes","Controller.RenderString","Controller.SaveToFile","Controller.ServeFormatted","Controller.ServeJSON","Controller.ServeJSONP","Controller.ServeXML","Controller.ServeYAML","Controller.SessionRegenerateID","Controller.SetData","Controller.SetSecureCookie","Controller.Trace","Controller.URLFor","Controller.XSRFFormHTML","Controller.XSRFToken","ControllerRegister.Add","ControllerRegister.AddAuto","ControllerRegister.AddAutoPrefix","ControllerRegister.AddMethod","ControllerRegister.Any","ControllerRegister.Delete","ControllerRegister.FindPolicy","ControllerRegister.FindRouter","ControllerRegister.Get","ControllerRegister.GetContext","ControllerRegister.Handler","ControllerRegister.Head","ControllerRegister.Include","ControllerRegister.InsertFilter","ControllerRegister.InsertFilterChain","ControllerRegister.Options","ControllerRegister.Patch","ControllerRegister.Post","ControllerRegister.Put","ControllerRegister.ServeHTTP","ControllerRegister.URLFor","Date","DateFormat","DateParse","Delete","Exception","ExecuteTemplate","ExecuteViewPathTemplate","FileSystem.Open","FilterRouter.ValidRouter","FlashData.Error","FlashData.Notice","FlashData.Set","FlashData.Store","FlashData.Success","FlashData.Warning","Get","GetConfig","HTML2str","Handler","Head","Htmlquote","Htmlunquote","HttpServer.Any","HttpServer.AutoPrefix","HttpServer.AutoRouter","HttpServer.Delete","HttpServer.Get","HttpServer.Handler","HttpServer.Head","HttpServer.Include","HttpServer.InsertFilter","HttpServer.InsertFilterChain","HttpServer.LogAccess","HttpServer.Options","HttpServer.Patch","HttpServer.Post","HttpServer.PrintTree","HttpServer.Put","HttpServer.RESTRouter","HttpServer.Router","HttpServer.Run","Include","InitBeegoBeforeTest","InsertFilter","InsertFilterChain","LoadAppConfig","LogAccess","MapGet","Namespace.Any","Namespace.AutoPrefix","Namespace.AutoRouter","Namespace.Cond","Namespace.Delete","Namespace.Filter","Namespace.Get","Namespace.Handler","Namespace.Head","Namespace.Include","Namespace.Namespace","Namespace.Options","Namespace.Patch","Namespace.Post","Namespace.Put","Namespace.Router","NewControllerRegister","NewControllerRegisterWithCfg","NewHttpServerWithCfg","NewHttpSever","NewNamespace","NotNil","Options","ParseForm","Patch","Policy","Post","PrintTree","Put","RESTRouter","ReadFromRequest","RenderForm","Router","Run","RunWithMiddleWares","TestBeegoInit","Tree.AddRouter","Tree.AddTree","Tree.Match","URLFor","URLMap.GetMap","URLMap.GetMapData","Walk","adminApp.Run","adminController.AdminIndex","adminController.Healthcheck","adminController.ListConf","adminController.ProfIndex","adminController.PrometheusMetrics","adminController.QpsIndex","adminController.TaskStatus","beegoAppConfig.Bool","beegoAppConfig.DefaultBool"]}]}}],"references":[{"type":"FIX","url":"https://github.com/beego/beego/pull/4459"},{"type":"FIX","url":"https://github.com/beego/beego/commit/d5df5e470d0a8ed291930ae802fd7e6b95226519"}],"schema_version":"1.3.1"}
\ No newline at end of file
+{"schema_version":"1.3.1","id":"GO-2022-0572","modified":"2023-06-12T18:45:41Z","published":"2022-08-22T17:56:17Z","aliases":["CVE-2021-30080","GHSA-28r6-jm5h-mrgg"],"summary":"Access control bypass in github.com/beego/beego and beego/v2","details":"An issue was discovered in the route lookup process in beego which attackers to bypass access control.","affected":[{"package":{"name":"github.com/astaxie/beego","ecosystem":"Go"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"}]}],"ecosystem_specific":{"imports":[{"path":"github.com/astaxie/beego","symbols":["App.Run","ControllerRegister.FindPolicy","ControllerRegister.FindRouter","ControllerRegister.ServeHTTP","FilterRouter.ValidRouter","InitBeegoBeforeTest","Run","RunWithMiddleWares","TestBeegoInit","Tree.Match","adminApp.Run"]}]}},{"package":{"name":"github.com/beego/beego","ecosystem":"Go"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"}]}],"ecosystem_specific":{"imports":[{"path":"github.com/beego/beego","symbols":["App.Run","ControllerRegister.FindPolicy","ControllerRegister.FindRouter","ControllerRegister.ServeHTTP","FilterRouter.ValidRouter","InitBeegoBeforeTest","Run","RunWithMiddleWares","TestBeegoInit","Tree.Match","adminApp.Run"]}]}},{"package":{"name":"github.com/beego/beego/v2","ecosystem":"Go"},"ranges":[{"type":"SEMVER","events":[{"introduced":"2.0.0"},{"fixed":"2.0.3"}]}],"ecosystem_specific":{"imports":[{"path":"github.com/beego/beego/v2/server/web","symbols":["AddNamespace","AddViewPath","Any","AutoPrefix","AutoRouter","BuildTemplate","Compare","CompareNot","Controller.Abort","Controller.CheckXSRFCookie","Controller.CustomAbort","Controller.Delete","Controller.DestroySession","Controller.Get","Controller.GetBool","Controller.GetFile","Controller.GetFloat","Controller.GetInt","Controller.GetInt16","Controller.GetInt32","Controller.GetInt64","Controller.GetInt8","Controller.GetSecureCookie","Controller.GetString","Controller.GetStrings","Controller.GetUint16","Controller.GetUint32","Controller.GetUint64","Controller.GetUint8","Controller.Head","Controller.Input","Controller.IsAjax","Controller.Options","Controller.ParseForm","Controller.Patch","Controller.Post","Controller.Put","Controller.Redirect","Controller.Render","Controller.RenderBytes","Controller.RenderString","Controller.SaveToFile","Controller.ServeFormatted","Controller.ServeJSON","Controller.ServeJSONP","Controller.ServeXML","Controller.ServeYAML","Controller.SessionRegenerateID","Controller.SetData","Controller.SetSecureCookie","Controller.Trace","Controller.URLFor","Controller.XSRFFormHTML","Controller.XSRFToken","ControllerRegister.Add","ControllerRegister.AddAuto","ControllerRegister.AddAutoPrefix","ControllerRegister.AddMethod","ControllerRegister.Any","ControllerRegister.Delete","ControllerRegister.FindPolicy","ControllerRegister.FindRouter","ControllerRegister.Get","ControllerRegister.GetContext","ControllerRegister.Handler","ControllerRegister.Head","ControllerRegister.Include","ControllerRegister.InsertFilter","ControllerRegister.InsertFilterChain","ControllerRegister.Options","ControllerRegister.Patch","ControllerRegister.Post","ControllerRegister.Put","ControllerRegister.ServeHTTP","ControllerRegister.URLFor","Date","DateFormat","DateParse","Delete","Exception","ExecuteTemplate","ExecuteViewPathTemplate","FileSystem.Open","FilterRouter.ValidRouter","FlashData.Error","FlashData.Notice","FlashData.Set","FlashData.Store","FlashData.Success","FlashData.Warning","Get","GetConfig","HTML2str","Handler","Head","Htmlquote","Htmlunquote","HttpServer.Any","HttpServer.AutoPrefix","HttpServer.AutoRouter","HttpServer.Delete","HttpServer.Get","HttpServer.Handler","HttpServer.Head","HttpServer.Include","HttpServer.InsertFilter","HttpServer.InsertFilterChain","HttpServer.LogAccess","HttpServer.Options","HttpServer.Patch","HttpServer.Post","HttpServer.PrintTree","HttpServer.Put","HttpServer.RESTRouter","HttpServer.Router","HttpServer.Run","Include","InitBeegoBeforeTest","InsertFilter","InsertFilterChain","LoadAppConfig","LogAccess","MapGet","Namespace.Any","Namespace.AutoPrefix","Namespace.AutoRouter","Namespace.Cond","Namespace.Delete","Namespace.Filter","Namespace.Get","Namespace.Handler","Namespace.Head","Namespace.Include","Namespace.Namespace","Namespace.Options","Namespace.Patch","Namespace.Post","Namespace.Put","Namespace.Router","NewControllerRegister","NewControllerRegisterWithCfg","NewHttpServerWithCfg","NewHttpSever","NewNamespace","NotNil","Options","ParseForm","Patch","Policy","Post","PrintTree","Put","RESTRouter","ReadFromRequest","RenderForm","Router","Run","RunWithMiddleWares","TestBeegoInit","Tree.AddRouter","Tree.AddTree","Tree.Match","URLFor","URLMap.GetMap","URLMap.GetMapData","Walk","adminApp.Run","adminController.AdminIndex","adminController.Healthcheck","adminController.ListConf","adminController.ProfIndex","adminController.PrometheusMetrics","adminController.QpsIndex","adminController.TaskStatus","beegoAppConfig.Bool","beegoAppConfig.DefaultBool"]}]}}],"references":[{"type":"FIX","url":"https://github.com/beego/beego/pull/4459"},{"type":"FIX","url":"https://github.com/beego/beego/commit/d5df5e470d0a8ed291930ae802fd7e6b95226519"}],"database_specific":{"url":"https://pkg.go.dev/vuln/GO-2022-0572"}}
\ No newline at end of file
diff --git a/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0572.json.gz b/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0572.json.gz
index 75a5089..618c6aa 100644
--- a/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0572.json.gz
+++ b/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0572.json.gz
Binary files differ
diff --git a/tests/screentest/testdata/vulndb-v1/index/db.json b/tests/screentest/testdata/vulndb-v1/index/db.json
index 96723ee..1e4784c 100644
--- a/tests/screentest/testdata/vulndb-v1/index/db.json
+++ b/tests/screentest/testdata/vulndb-v1/index/db.json
@@ -1 +1 @@
-{"modified":"2023-02-28T17:16:51Z"}
\ No newline at end of file
+{"modified":"2023-06-12T18:45:41Z"}
\ No newline at end of file
diff --git a/tests/screentest/testdata/vulndb-v1/index/db.json.gz b/tests/screentest/testdata/vulndb-v1/index/db.json.gz
index b3692cf..8bebbe2 100644
--- a/tests/screentest/testdata/vulndb-v1/index/db.json.gz
+++ b/tests/screentest/testdata/vulndb-v1/index/db.json.gz
Binary files differ
diff --git a/tests/screentest/testdata/vulndb-v1/index/modules.json b/tests/screentest/testdata/vulndb-v1/index/modules.json
index 82c4b1e..15142ef 100644
--- a/tests/screentest/testdata/vulndb-v1/index/modules.json
+++ b/tests/screentest/testdata/vulndb-v1/index/modules.json
@@ -1 +1 @@
-[{"path":"github.com/astaxie/beego","vulns":[{"id":"GO-2022-0463","modified":"2023-02-28T17:16:51Z"},{"id":"GO-2022-0569","modified":"2023-02-28T17:16:51Z"},{"id":"GO-2022-0572","modified":"2023-02-28T17:16:51Z"}]},{"path":"github.com/beego/beego","vulns":[{"id":"GO-2022-0463","modified":"2023-02-28T17:16:51Z","fixed":"1.12.9"},{"id":"GO-2022-0569","modified":"2023-02-28T17:16:51Z","fixed":"1.12.11"},{"id":"GO-2022-0572","modified":"2023-02-28T17:16:51Z"}]},{"path":"github.com/beego/beego/v2","vulns":[{"id":"GO-2022-0463","modified":"2023-02-28T17:16:51Z","fixed":"2.0.3"},{"id":"GO-2022-0569","modified":"2023-02-28T17:16:51Z","fixed":"2.0.4"},{"id":"GO-2022-0572","modified":"2023-02-28T17:16:51Z","fixed":"2.0.3"}]},{"path":"golang.org/x/crypto","vulns":[{"id":"GO-2022-0229","modified":"2022-11-21T19:50:45Z","fixed":"0.0.0-20200124225646-8b5121be2f68"}]},{"path":"stdlib","vulns":[{"id":"GO-2021-0159","modified":"2022-11-21T19:50:45Z","fixed":"1.4.3"},{"id":"GO-2021-0240","modified":"2022-11-21T19:50:45Z","fixed":"1.16.5"},{"id":"GO-2021-0264","modified":"2022-11-21T19:50:45Z","fixed":"1.17.3"},{"id":"GO-2022-0229","modified":"2022-11-21T19:50:45Z","fixed":"1.13.7"},{"id":"GO-2022-0273","modified":"2022-11-21T19:50:45Z","fixed":"1.17.1"}]},{"path":"toolchain","vulns":[{"id":"GO-2021-0068","modified":"2022-11-21T19:50:45Z","fixed":"1.15.7"},{"id":"GO-2022-0475","modified":"2022-11-21T19:50:45Z","fixed":"1.15.5"},{"id":"GO-2022-0476","modified":"2022-11-21T19:50:45Z","fixed":"1.15.5"}]}]
\ No newline at end of file
+[{"path":"github.com/astaxie/beego","vulns":[{"id":"GO-2022-0463","modified":"2023-06-12T18:45:41Z"},{"id":"GO-2022-0569","modified":"2023-06-12T18:45:41Z"},{"id":"GO-2022-0572","modified":"2023-06-12T18:45:41Z"}]},{"path":"github.com/beego/beego","vulns":[{"id":"GO-2022-0463","modified":"2023-06-12T18:45:41Z","fixed":"1.12.9"},{"id":"GO-2022-0569","modified":"2023-06-12T18:45:41Z","fixed":"1.12.11"},{"id":"GO-2022-0572","modified":"2023-06-12T18:45:41Z"}]},{"path":"github.com/beego/beego/v2","vulns":[{"id":"GO-2022-0463","modified":"2023-06-12T18:45:41Z","fixed":"2.0.3"},{"id":"GO-2022-0569","modified":"2023-06-12T18:45:41Z","fixed":"2.0.4"},{"id":"GO-2022-0572","modified":"2023-06-12T18:45:41Z","fixed":"2.0.3"}]},{"path":"golang.org/x/crypto","vulns":[{"id":"GO-2022-0229","modified":"2023-06-12T18:45:41Z","fixed":"0.0.0-20200124225646-8b5121be2f68"}]},{"path":"stdlib","vulns":[{"id":"GO-2021-0159","modified":"2023-06-12T18:45:41Z","fixed":"1.4.3"},{"id":"GO-2021-0240","modified":"2023-06-12T18:45:41Z","fixed":"1.16.5"},{"id":"GO-2021-0264","modified":"2023-06-12T18:45:41Z","fixed":"1.17.3"},{"id":"GO-2022-0229","modified":"2023-06-12T18:45:41Z","fixed":"1.13.7"},{"id":"GO-2022-0273","modified":"2023-06-12T18:45:41Z","fixed":"1.17.1"}]},{"path":"toolchain","vulns":[{"id":"GO-2021-0068","modified":"2023-06-12T18:45:41Z","fixed":"1.15.7"},{"id":"GO-2022-0475","modified":"2023-06-12T18:45:41Z","fixed":"1.15.5"},{"id":"GO-2022-0476","modified":"2023-06-12T18:45:41Z","fixed":"1.15.5"}]}]
\ No newline at end of file
diff --git a/tests/screentest/testdata/vulndb-v1/index/modules.json.gz b/tests/screentest/testdata/vulndb-v1/index/modules.json.gz
index 38654b3..ebd6df4 100644
--- a/tests/screentest/testdata/vulndb-v1/index/modules.json.gz
+++ b/tests/screentest/testdata/vulndb-v1/index/modules.json.gz
Binary files differ
diff --git a/tests/screentest/testdata/vulndb-v1/index/vulns.json b/tests/screentest/testdata/vulndb-v1/index/vulns.json
index 877c3d9..372459b 100644
--- a/tests/screentest/testdata/vulndb-v1/index/vulns.json
+++ b/tests/screentest/testdata/vulndb-v1/index/vulns.json
@@ -1 +1 @@
-[{"id":"GO-2021-0068","modified":"2022-11-21T19:50:45Z","aliases":["CVE-2021-3115"]},{"id":"GO-2021-0159","modified":"2022-11-21T19:50:45Z","aliases":["CVE-2015-5739","CVE-2015-5740","CVE-2015-5741"]},{"id":"GO-2021-0240","modified":"2022-11-21T19:50:45Z","aliases":["CVE-2021-33196"]},{"id":"GO-2021-0264","modified":"2022-11-21T19:50:45Z","aliases":["CVE-2021-41772"]},{"id":"GO-2022-0229","modified":"2022-11-21T19:50:45Z","aliases":["CVE-2020-7919","GHSA-cjjc-xp8v-855w"]},{"id":"GO-2022-0273","modified":"2022-11-21T19:50:45Z","aliases":["CVE-2021-39293"]},{"id":"GO-2022-0463","modified":"2023-02-28T17:16:51Z","aliases":["CVE-2022-31259","GHSA-qx32-f6g6-fcfr"]},{"id":"GO-2022-0475","modified":"2022-11-21T19:50:45Z","aliases":["CVE-2020-28366"]},{"id":"GO-2022-0476","modified":"2022-11-21T19:50:45Z","aliases":["CVE-2020-28367"]},{"id":"GO-2022-0569","modified":"2023-02-28T17:16:51Z","aliases":["CVE-2022-31836","GHSA-95f9-94vc-665h"]},{"id":"GO-2022-0572","modified":"2023-02-28T17:16:51Z","aliases":["CVE-2021-30080","GHSA-28r6-jm5h-mrgg"]}]
\ No newline at end of file
+[{"id":"GO-2021-0068","modified":"2023-06-12T18:45:41Z","aliases":["CVE-2021-3115"]},{"id":"GO-2021-0159","modified":"2023-06-12T18:45:41Z","aliases":["CVE-2015-5739","CVE-2015-5740","CVE-2015-5741"]},{"id":"GO-2021-0240","modified":"2023-06-12T18:45:41Z","aliases":["CVE-2021-33196"]},{"id":"GO-2021-0264","modified":"2023-06-12T18:45:41Z","aliases":["CVE-2021-41772"]},{"id":"GO-2022-0229","modified":"2023-06-12T18:45:41Z","aliases":["CVE-2020-7919","GHSA-cjjc-xp8v-855w"]},{"id":"GO-2022-0273","modified":"2023-06-12T18:45:41Z","aliases":["CVE-2021-39293"]},{"id":"GO-2022-0463","modified":"2023-06-12T18:45:41Z","aliases":["CVE-2022-31259","GHSA-qx32-f6g6-fcfr"]},{"id":"GO-2022-0475","modified":"2023-06-12T18:45:41Z","aliases":["CVE-2020-28366"]},{"id":"GO-2022-0476","modified":"2023-06-12T18:45:41Z","aliases":["CVE-2020-28367"]},{"id":"GO-2022-0569","modified":"2023-06-12T18:45:41Z","aliases":["CVE-2022-31836","GHSA-95f9-94vc-665h"]},{"id":"GO-2022-0572","modified":"2023-06-12T18:45:41Z","aliases":["CVE-2021-30080","GHSA-28r6-jm5h-mrgg"]}]
\ No newline at end of file
diff --git a/tests/screentest/testdata/vulndb-v1/index/vulns.json.gz b/tests/screentest/testdata/vulndb-v1/index/vulns.json.gz
index 5e53a0f..d0c036d 100644
--- a/tests/screentest/testdata/vulndb-v1/index/vulns.json.gz
+++ b/tests/screentest/testdata/vulndb-v1/index/vulns.json.gz
Binary files differ
