test/screentest: add withdrawn vuln and update screentests
Add a "withdrawn" vulnerability example to the screentests
so we can more easily test upcoming functionality that will
handle withdrawn vulns.
Change-Id: I3c373927055e3ce4a0f93fc1f1608596c9889c0a
Reviewed-on: https://go-review.googlesource.com/c/pkgsite/+/579916
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Tatiana Bradley <tatianabradley@google.com>
Reviewed-by: Jonathan Amsterdam <jba@google.com>
Run-TryBot: Tatiana Bradley <tatianabradley@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Hyang-Ah Hana Kim <hyangah@gmail.com>
kokoro-CI: kokoro <noreply+kokoro@google.com>
diff --git a/devtools/snapshot_vulndb_v1.sh b/devtools/snapshot_vulndb_v1.sh
index 077d2c4..650aa38 100755
--- a/devtools/snapshot_vulndb_v1.sh
+++ b/devtools/snapshot_vulndb_v1.sh
@@ -23,6 +23,7 @@
"ID/GO-2021-0240.json"
"ID/GO-2021-0264.json"
"ID/GO-2022-0273.json"
+ "ID/GO-2024-2730.json"
)
go install golang.org/x/vulndb/cmd/indexdb@latest
diff --git a/tests/screentest/testcases.ci.txt b/tests/screentest/testcases.ci.txt
index baa8ec9..7523578 100644
--- a/tests/screentest/testcases.ci.txt
+++ b/tests/screentest/testcases.ci.txt
@@ -19,6 +19,11 @@
capture fullscreen
capture fullscreen 540x1080
+test vuln entry withdrawn
+pathname /vuln/GO-2024-2730
+capture fullscreen
+capture fullscreen 540x1080
+
test vuln stdlib module
pathname /archive/zip@go1.16.4
capture viewport
diff --git a/tests/screentest/testdata/ci/vuln-540x1080.a.png b/tests/screentest/testdata/ci/vuln-540x1080.a.png
index 3fe2943..2064d2a 100644
--- a/tests/screentest/testdata/ci/vuln-540x1080.a.png
+++ b/tests/screentest/testdata/ci/vuln-540x1080.a.png
Binary files differ
diff --git a/tests/screentest/testdata/ci/vuln-entry-withdrawn-540x1080.a.png b/tests/screentest/testdata/ci/vuln-entry-withdrawn-540x1080.a.png
new file mode 100644
index 0000000..298fd5c
--- /dev/null
+++ b/tests/screentest/testdata/ci/vuln-entry-withdrawn-540x1080.a.png
Binary files differ
diff --git a/tests/screentest/testdata/ci/vuln-entry-withdrawn.a.png b/tests/screentest/testdata/ci/vuln-entry-withdrawn.a.png
new file mode 100644
index 0000000..a6d21e9
--- /dev/null
+++ b/tests/screentest/testdata/ci/vuln-entry-withdrawn.a.png
Binary files differ
diff --git a/tests/screentest/testdata/ci/vuln-list-540x1080.a.png b/tests/screentest/testdata/ci/vuln-list-540x1080.a.png
index 0df90c0..3cc9ddb 100644
--- a/tests/screentest/testdata/ci/vuln-list-540x1080.a.png
+++ b/tests/screentest/testdata/ci/vuln-list-540x1080.a.png
Binary files differ
diff --git a/tests/screentest/testdata/ci/vuln-list.a.png b/tests/screentest/testdata/ci/vuln-list.a.png
index 762c952..48fb08e 100644
--- a/tests/screentest/testdata/ci/vuln-list.a.png
+++ b/tests/screentest/testdata/ci/vuln-list.a.png
Binary files differ
diff --git a/tests/screentest/testdata/ci/vuln-search-540x1080.a.png b/tests/screentest/testdata/ci/vuln-search-540x1080.a.png
index 4639b3d..432afcd 100644
--- a/tests/screentest/testdata/ci/vuln-search-540x1080.a.png
+++ b/tests/screentest/testdata/ci/vuln-search-540x1080.a.png
Binary files differ
diff --git a/tests/screentest/testdata/ci/vuln-search.a.png b/tests/screentest/testdata/ci/vuln-search.a.png
index 315ce5e..f128e89 100644
--- a/tests/screentest/testdata/ci/vuln-search.a.png
+++ b/tests/screentest/testdata/ci/vuln-search.a.png
Binary files differ
diff --git a/tests/screentest/testdata/ci/vuln.a.png b/tests/screentest/testdata/ci/vuln.a.png
index df15030..ccbdb52 100644
--- a/tests/screentest/testdata/ci/vuln.a.png
+++ b/tests/screentest/testdata/ci/vuln.a.png
Binary files differ
diff --git a/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0463.json b/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0463.json
index d6b13a7..47c98fe 100644
--- a/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0463.json
+++ b/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0463.json
@@ -1 +1 @@
-{"schema_version":"1.3.1","id":"GO-2022-0463","modified":"2023-06-12T18:45:41Z","published":"2022-07-01T20:06:59Z","aliases":["CVE-2022-31259","GHSA-qx32-f6g6-fcfr"],"summary":"Access control bypass in github.com/beego/beego and beego/v2","details":"Routes in the beego HTTP router can match unintended patterns. This overly-broad matching may permit an attacker to bypass access controls.\n\nFor example, the pattern \"/a/b/:name\" can match the URL \"/a.xml/b/\". This may bypass access control applied to the prefix \"/a/\".","affected":[{"package":{"name":"github.com/astaxie/beego","ecosystem":"Go"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"}]}],"ecosystem_specific":{"imports":[{"path":"github.com/astaxie/beego","symbols":["App.Run","ControllerRegister.FindPolicy","ControllerRegister.FindRouter","ControllerRegister.ServeHTTP","FilterRouter.ValidRouter","InitBeegoBeforeTest","Run","RunWithMiddleWares","TestBeegoInit","Tree.Match","adminApp.Run"]}]}},{"package":{"name":"github.com/beego/beego","ecosystem":"Go"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"1.12.9"}]}],"ecosystem_specific":{"imports":[{"path":"github.com/beego/beego","symbols":["App.Run","ControllerRegister.FindPolicy","ControllerRegister.FindRouter","ControllerRegister.ServeHTTP","FilterRouter.ValidRouter","InitBeegoBeforeTest","Run","RunWithMiddleWares","TestBeegoInit","Tree.Match","Tree.match","adminApp.Run"]}]}},{"package":{"name":"github.com/beego/beego/v2","ecosystem":"Go"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"2.0.3"}]}],"ecosystem_specific":{"imports":[{"path":"github.com/beego/beego/v2/server/web","symbols":["AddNamespace","AddViewPath","Any","AutoPrefix","AutoRouter","BuildTemplate","Compare","CompareNot","Controller.Abort","Controller.Bind","Controller.BindForm","Controller.BindJSON","Controller.BindProtobuf","Controller.BindXML","Controller.BindYAML","Controller.CheckXSRFCookie","Controller.CustomAbort","Controller.Delete","Controller.DestroySession","Controller.Get","Controller.GetBool","Controller.GetFile","Controller.GetFloat","Controller.GetInt","Controller.GetInt16","Controller.GetInt32","Controller.GetInt64","Controller.GetInt8","Controller.GetSecureCookie","Controller.GetString","Controller.GetStrings","Controller.GetUint16","Controller.GetUint32","Controller.GetUint64","Controller.GetUint8","Controller.Head","Controller.Input","Controller.IsAjax","Controller.JSONResp","Controller.Options","Controller.ParseForm","Controller.Patch","Controller.Post","Controller.Put","Controller.Redirect","Controller.Render","Controller.RenderBytes","Controller.RenderString","Controller.Resp","Controller.SaveToFile","Controller.SaveToFileWithBuffer","Controller.ServeFormatted","Controller.ServeJSON","Controller.ServeJSONP","Controller.ServeXML","Controller.ServeYAML","Controller.SessionRegenerateID","Controller.SetData","Controller.SetSecureCookie","Controller.Trace","Controller.URLFor","Controller.XMLResp","Controller.XSRFFormHTML","Controller.XSRFToken","Controller.YamlResp","ControllerRegister.Add","ControllerRegister.AddAuto","ControllerRegister.AddAutoPrefix","ControllerRegister.AddMethod","ControllerRegister.AddRouterMethod","ControllerRegister.Any","ControllerRegister.CtrlAny","ControllerRegister.CtrlDelete","ControllerRegister.CtrlGet","ControllerRegister.CtrlHead","ControllerRegister.CtrlOptions","ControllerRegister.CtrlPatch","ControllerRegister.CtrlPost","ControllerRegister.CtrlPut","ControllerRegister.Delete","ControllerRegister.FindPolicy","ControllerRegister.FindRouter","ControllerRegister.Get","ControllerRegister.GetContext","ControllerRegister.Handler","ControllerRegister.Head","ControllerRegister.Include","ControllerRegister.Init","ControllerRegister.InsertFilter","ControllerRegister.Options","ControllerRegister.Patch","ControllerRegister.Post","ControllerRegister.Put","ControllerRegister.ServeHTTP","ControllerRegister.URLFor","CtrlAny","CtrlDelete","CtrlGet","CtrlHead","CtrlOptions","CtrlPatch","CtrlPost","CtrlPut","Date","DateFormat","DateParse","Delete","Exception","ExecuteTemplate","ExecuteViewPathTemplate","FileSystem.Open","FilterRouter.ValidRouter","FlashData.Error","FlashData.Notice","FlashData.Set","FlashData.Store","FlashData.Success","FlashData.Warning","Get","GetConfig","HTML2str","Handler","Head","Htmlquote","Htmlunquote","HttpServer.Any","HttpServer.AutoPrefix","HttpServer.AutoRouter","HttpServer.CtrlAny","HttpServer.CtrlDelete","HttpServer.CtrlGet","HttpServer.CtrlHead","HttpServer.CtrlOptions","HttpServer.CtrlPatch","HttpServer.CtrlPost","HttpServer.CtrlPut","HttpServer.Delete","HttpServer.Get","HttpServer.Handler","HttpServer.Head","HttpServer.Include","HttpServer.InsertFilter","HttpServer.LogAccess","HttpServer.Options","HttpServer.Patch","HttpServer.Post","HttpServer.PrintTree","HttpServer.Put","HttpServer.RESTRouter","HttpServer.Router","HttpServer.RouterWithOpts","HttpServer.Run","Include","InitBeegoBeforeTest","InsertFilter","LoadAppConfig","LogAccess","MapGet","Namespace.Any","Namespace.AutoPrefix","Namespace.AutoRouter","Namespace.Cond","Namespace.CtrlAny","Namespace.CtrlDelete","Namespace.CtrlGet","Namespace.CtrlHead","Namespace.CtrlOptions","Namespace.CtrlPatch","Namespace.CtrlPost","Namespace.CtrlPut","Namespace.Delete","Namespace.Filter","Namespace.Get","Namespace.Handler","Namespace.Head","Namespace.Include","Namespace.Namespace","Namespace.Options","Namespace.Patch","Namespace.Post","Namespace.Put","Namespace.Router","NewControllerRegister","NewControllerRegisterWithCfg","NewHttpServerWithCfg","NewHttpSever","NewNamespace","NotNil","Options","ParseForm","Patch","Policy","Post","PrintTree","Put","RESTRouter","ReadFromRequest","RenderForm","Router","RouterWithOpts","Run","RunWithMiddleWares","TestBeegoInit","Tree.AddRouter","Tree.AddTree","Tree.Match","Tree.match","URLFor","URLMap.GetMap","URLMap.GetMapData","Walk","adminApp.Run","adminController.AdminIndex","adminController.Healthcheck","adminController.ListConf","adminController.ProfIndex","adminController.PrometheusMetrics","adminController.QpsIndex","adminController.TaskStatus","beegoAppConfig.Bool","beegoAppConfig.DefaultBool"]}]}}],"references":[{"type":"FIX","url":"https://github.com/beego/beego/pull/4958"},{"type":"FIX","url":"https://github.com/beego/beego/commit/64cf44d725c8cc35d782327d333df9cbeb1bf2dd"},{"type":"WEB","url":"https://beego.vip"},{"type":"WEB","url":"https://github.com/beego/beego/issues/4946"},{"type":"WEB","url":"https://github.com/beego/beego/pull/4954"}],"database_specific":{"url":"https://pkg.go.dev/vuln/GO-2022-0463"}}
\ No newline at end of file
+{"schema_version":"1.3.1","id":"GO-2022-0463","modified":"2023-12-14T15:51:14Z","published":"2022-07-01T20:06:59Z","aliases":["CVE-2022-31259","GHSA-qx32-f6g6-fcfr"],"summary":"Access control bypass due to broad route matching in github.com/beego/beego and beego/v2","details":"Routes in the beego HTTP router can match unintended patterns. This overly-broad matching may permit an attacker to bypass access controls.\n\nFor example, the pattern \"/a/b/:name\" can match the URL \"/a.xml/b/\". This may bypass access control applied to the prefix \"/a/\".","affected":[{"package":{"name":"github.com/astaxie/beego","ecosystem":"Go"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"}]}],"ecosystem_specific":{"imports":[{"path":"github.com/astaxie/beego","symbols":["App.Run","ControllerRegister.FindPolicy","ControllerRegister.FindRouter","ControllerRegister.ServeHTTP","FilterRouter.ValidRouter","InitBeegoBeforeTest","Run","RunWithMiddleWares","TestBeegoInit","Tree.Match","adminApp.Run"]}]}},{"package":{"name":"github.com/beego/beego","ecosystem":"Go"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"1.12.9"}]}],"ecosystem_specific":{"imports":[{"path":"github.com/beego/beego","symbols":["App.Run","ControllerRegister.FindPolicy","ControllerRegister.FindRouter","ControllerRegister.ServeHTTP","FilterRouter.ValidRouter","InitBeegoBeforeTest","Run","RunWithMiddleWares","TestBeegoInit","Tree.Match","Tree.match","adminApp.Run"]}]}},{"package":{"name":"github.com/beego/beego/v2","ecosystem":"Go"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"2.0.3"}]}],"ecosystem_specific":{"imports":[{"path":"github.com/beego/beego/v2/server/web","symbols":["AddNamespace","AddViewPath","Any","AutoPrefix","AutoRouter","BuildTemplate","Compare","CompareNot","Controller.Abort","Controller.Bind","Controller.BindForm","Controller.BindJSON","Controller.BindProtobuf","Controller.BindXML","Controller.BindYAML","Controller.CheckXSRFCookie","Controller.CustomAbort","Controller.Delete","Controller.DestroySession","Controller.Get","Controller.GetBool","Controller.GetFile","Controller.GetFloat","Controller.GetInt","Controller.GetInt16","Controller.GetInt32","Controller.GetInt64","Controller.GetInt8","Controller.GetSecureCookie","Controller.GetString","Controller.GetStrings","Controller.GetUint16","Controller.GetUint32","Controller.GetUint64","Controller.GetUint8","Controller.Head","Controller.Input","Controller.IsAjax","Controller.JSONResp","Controller.Options","Controller.ParseForm","Controller.Patch","Controller.Post","Controller.Put","Controller.Redirect","Controller.Render","Controller.RenderBytes","Controller.RenderString","Controller.Resp","Controller.SaveToFile","Controller.SaveToFileWithBuffer","Controller.ServeFormatted","Controller.ServeJSON","Controller.ServeJSONP","Controller.ServeXML","Controller.ServeYAML","Controller.SessionRegenerateID","Controller.SetData","Controller.SetSecureCookie","Controller.Trace","Controller.URLFor","Controller.XMLResp","Controller.XSRFFormHTML","Controller.XSRFToken","Controller.YamlResp","ControllerRegister.Add","ControllerRegister.AddAuto","ControllerRegister.AddAutoPrefix","ControllerRegister.AddMethod","ControllerRegister.AddRouterMethod","ControllerRegister.Any","ControllerRegister.CtrlAny","ControllerRegister.CtrlDelete","ControllerRegister.CtrlGet","ControllerRegister.CtrlHead","ControllerRegister.CtrlOptions","ControllerRegister.CtrlPatch","ControllerRegister.CtrlPost","ControllerRegister.CtrlPut","ControllerRegister.Delete","ControllerRegister.FindPolicy","ControllerRegister.FindRouter","ControllerRegister.Get","ControllerRegister.GetContext","ControllerRegister.Handler","ControllerRegister.Head","ControllerRegister.Include","ControllerRegister.Init","ControllerRegister.InsertFilter","ControllerRegister.Options","ControllerRegister.Patch","ControllerRegister.Post","ControllerRegister.Put","ControllerRegister.ServeHTTP","ControllerRegister.URLFor","CtrlAny","CtrlDelete","CtrlGet","CtrlHead","CtrlOptions","CtrlPatch","CtrlPost","CtrlPut","Date","DateFormat","DateParse","Delete","Exception","ExecuteTemplate","ExecuteViewPathTemplate","FileSystem.Open","FilterRouter.ValidRouter","FlashData.Error","FlashData.Notice","FlashData.Set","FlashData.Store","FlashData.Success","FlashData.Warning","Get","GetConfig","HTML2str","Handler","Head","Htmlquote","Htmlunquote","HttpServer.Any","HttpServer.AutoPrefix","HttpServer.AutoRouter","HttpServer.CtrlAny","HttpServer.CtrlDelete","HttpServer.CtrlGet","HttpServer.CtrlHead","HttpServer.CtrlOptions","HttpServer.CtrlPatch","HttpServer.CtrlPost","HttpServer.CtrlPut","HttpServer.Delete","HttpServer.Get","HttpServer.Handler","HttpServer.Head","HttpServer.Include","HttpServer.InsertFilter","HttpServer.LogAccess","HttpServer.Options","HttpServer.Patch","HttpServer.Post","HttpServer.PrintTree","HttpServer.Put","HttpServer.RESTRouter","HttpServer.Router","HttpServer.RouterWithOpts","HttpServer.Run","Include","InitBeegoBeforeTest","InsertFilter","LoadAppConfig","LogAccess","MapGet","Namespace.Any","Namespace.AutoPrefix","Namespace.AutoRouter","Namespace.Cond","Namespace.CtrlAny","Namespace.CtrlDelete","Namespace.CtrlGet","Namespace.CtrlHead","Namespace.CtrlOptions","Namespace.CtrlPatch","Namespace.CtrlPost","Namespace.CtrlPut","Namespace.Delete","Namespace.Filter","Namespace.Get","Namespace.Handler","Namespace.Head","Namespace.Include","Namespace.Namespace","Namespace.Options","Namespace.Patch","Namespace.Post","Namespace.Put","Namespace.Router","NewControllerRegister","NewControllerRegisterWithCfg","NewHttpServerWithCfg","NewHttpSever","NewNamespace","NotNil","Options","ParseForm","Patch","Policy","Post","PrintTree","Put","RESTRouter","ReadFromRequest","RenderForm","Router","RouterWithOpts","Run","RunWithMiddleWares","TestBeegoInit","Tree.AddRouter","Tree.AddTree","Tree.Match","Tree.match","URLFor","URLMap.GetMap","URLMap.GetMapData","Walk","adminApp.Run","adminController.AdminIndex","adminController.Healthcheck","adminController.ListConf","adminController.ProfIndex","adminController.PrometheusMetrics","adminController.QpsIndex","adminController.TaskStatus","beegoAppConfig.Bool","beegoAppConfig.DefaultBool"]}]}}],"references":[{"type":"FIX","url":"https://github.com/beego/beego/pull/4958"},{"type":"FIX","url":"https://github.com/beego/beego/commit/64cf44d725c8cc35d782327d333df9cbeb1bf2dd"},{"type":"WEB","url":"https://beego.vip"},{"type":"WEB","url":"https://github.com/beego/beego/issues/4946"},{"type":"WEB","url":"https://github.com/beego/beego/pull/4954"}],"database_specific":{"url":"https://pkg.go.dev/vuln/GO-2022-0463"}}
\ No newline at end of file
diff --git a/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0463.json.gz b/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0463.json.gz
index 02572be..3e9fbef 100644
--- a/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0463.json.gz
+++ b/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0463.json.gz
Binary files differ
diff --git a/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0572.json b/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0572.json
index a2bb6f4..79d55a4 100644
--- a/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0572.json
+++ b/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0572.json
@@ -1 +1 @@
-{"schema_version":"1.3.1","id":"GO-2022-0572","modified":"2023-06-12T18:45:41Z","published":"2022-08-22T17:56:17Z","aliases":["CVE-2021-30080","GHSA-28r6-jm5h-mrgg"],"summary":"Access control bypass in github.com/beego/beego and beego/v2","details":"An issue was discovered in the route lookup process in beego which attackers to bypass access control.","affected":[{"package":{"name":"github.com/astaxie/beego","ecosystem":"Go"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"}]}],"ecosystem_specific":{"imports":[{"path":"github.com/astaxie/beego","symbols":["App.Run","ControllerRegister.FindPolicy","ControllerRegister.FindRouter","ControllerRegister.ServeHTTP","FilterRouter.ValidRouter","InitBeegoBeforeTest","Run","RunWithMiddleWares","TestBeegoInit","Tree.Match","adminApp.Run"]}]}},{"package":{"name":"github.com/beego/beego","ecosystem":"Go"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"}]}],"ecosystem_specific":{"imports":[{"path":"github.com/beego/beego","symbols":["App.Run","ControllerRegister.FindPolicy","ControllerRegister.FindRouter","ControllerRegister.ServeHTTP","FilterRouter.ValidRouter","InitBeegoBeforeTest","Run","RunWithMiddleWares","TestBeegoInit","Tree.Match","adminApp.Run"]}]}},{"package":{"name":"github.com/beego/beego/v2","ecosystem":"Go"},"ranges":[{"type":"SEMVER","events":[{"introduced":"2.0.0"},{"fixed":"2.0.3"}]}],"ecosystem_specific":{"imports":[{"path":"github.com/beego/beego/v2/server/web","symbols":["AddNamespace","AddViewPath","Any","AutoPrefix","AutoRouter","BuildTemplate","Compare","CompareNot","Controller.Abort","Controller.CheckXSRFCookie","Controller.CustomAbort","Controller.Delete","Controller.DestroySession","Controller.Get","Controller.GetBool","Controller.GetFile","Controller.GetFloat","Controller.GetInt","Controller.GetInt16","Controller.GetInt32","Controller.GetInt64","Controller.GetInt8","Controller.GetSecureCookie","Controller.GetString","Controller.GetStrings","Controller.GetUint16","Controller.GetUint32","Controller.GetUint64","Controller.GetUint8","Controller.Head","Controller.Input","Controller.IsAjax","Controller.Options","Controller.ParseForm","Controller.Patch","Controller.Post","Controller.Put","Controller.Redirect","Controller.Render","Controller.RenderBytes","Controller.RenderString","Controller.SaveToFile","Controller.ServeFormatted","Controller.ServeJSON","Controller.ServeJSONP","Controller.ServeXML","Controller.ServeYAML","Controller.SessionRegenerateID","Controller.SetData","Controller.SetSecureCookie","Controller.Trace","Controller.URLFor","Controller.XSRFFormHTML","Controller.XSRFToken","ControllerRegister.Add","ControllerRegister.AddAuto","ControllerRegister.AddAutoPrefix","ControllerRegister.AddMethod","ControllerRegister.Any","ControllerRegister.Delete","ControllerRegister.FindPolicy","ControllerRegister.FindRouter","ControllerRegister.Get","ControllerRegister.GetContext","ControllerRegister.Handler","ControllerRegister.Head","ControllerRegister.Include","ControllerRegister.InsertFilter","ControllerRegister.InsertFilterChain","ControllerRegister.Options","ControllerRegister.Patch","ControllerRegister.Post","ControllerRegister.Put","ControllerRegister.ServeHTTP","ControllerRegister.URLFor","Date","DateFormat","DateParse","Delete","Exception","ExecuteTemplate","ExecuteViewPathTemplate","FileSystem.Open","FilterRouter.ValidRouter","FlashData.Error","FlashData.Notice","FlashData.Set","FlashData.Store","FlashData.Success","FlashData.Warning","Get","GetConfig","HTML2str","Handler","Head","Htmlquote","Htmlunquote","HttpServer.Any","HttpServer.AutoPrefix","HttpServer.AutoRouter","HttpServer.Delete","HttpServer.Get","HttpServer.Handler","HttpServer.Head","HttpServer.Include","HttpServer.InsertFilter","HttpServer.InsertFilterChain","HttpServer.LogAccess","HttpServer.Options","HttpServer.Patch","HttpServer.Post","HttpServer.PrintTree","HttpServer.Put","HttpServer.RESTRouter","HttpServer.Router","HttpServer.Run","Include","InitBeegoBeforeTest","InsertFilter","InsertFilterChain","LoadAppConfig","LogAccess","MapGet","Namespace.Any","Namespace.AutoPrefix","Namespace.AutoRouter","Namespace.Cond","Namespace.Delete","Namespace.Filter","Namespace.Get","Namespace.Handler","Namespace.Head","Namespace.Include","Namespace.Namespace","Namespace.Options","Namespace.Patch","Namespace.Post","Namespace.Put","Namespace.Router","NewControllerRegister","NewControllerRegisterWithCfg","NewHttpServerWithCfg","NewHttpSever","NewNamespace","NotNil","Options","ParseForm","Patch","Policy","Post","PrintTree","Put","RESTRouter","ReadFromRequest","RenderForm","Router","Run","RunWithMiddleWares","TestBeegoInit","Tree.AddRouter","Tree.AddTree","Tree.Match","URLFor","URLMap.GetMap","URLMap.GetMapData","Walk","adminApp.Run","adminController.AdminIndex","adminController.Healthcheck","adminController.ListConf","adminController.ProfIndex","adminController.PrometheusMetrics","adminController.QpsIndex","adminController.TaskStatus","beegoAppConfig.Bool","beegoAppConfig.DefaultBool"]}]}}],"references":[{"type":"FIX","url":"https://github.com/beego/beego/pull/4459"},{"type":"FIX","url":"https://github.com/beego/beego/commit/d5df5e470d0a8ed291930ae802fd7e6b95226519"}],"database_specific":{"url":"https://pkg.go.dev/vuln/GO-2022-0572"}}
\ No newline at end of file
+{"schema_version":"1.3.1","id":"GO-2022-0572","modified":"2023-12-14T15:51:14Z","published":"2022-08-22T17:56:17Z","aliases":["CVE-2021-30080","GHSA-28r6-jm5h-mrgg"],"summary":"Access control bypass via incorrect route lookup in github.com/beego/beego and beego/v2","details":"An issue was discovered in the route lookup process in beego which attackers to bypass access control.","affected":[{"package":{"name":"github.com/astaxie/beego","ecosystem":"Go"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"}]}],"ecosystem_specific":{"imports":[{"path":"github.com/astaxie/beego","symbols":["App.Run","ControllerRegister.FindPolicy","ControllerRegister.FindRouter","ControllerRegister.ServeHTTP","FilterRouter.ValidRouter","InitBeegoBeforeTest","Run","RunWithMiddleWares","TestBeegoInit","Tree.Match","adminApp.Run"]}]}},{"package":{"name":"github.com/beego/beego","ecosystem":"Go"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"}]}],"ecosystem_specific":{"imports":[{"path":"github.com/beego/beego","symbols":["App.Run","ControllerRegister.FindPolicy","ControllerRegister.FindRouter","ControllerRegister.ServeHTTP","FilterRouter.ValidRouter","InitBeegoBeforeTest","Run","RunWithMiddleWares","TestBeegoInit","Tree.Match","adminApp.Run"]}]}},{"package":{"name":"github.com/beego/beego/v2","ecosystem":"Go"},"ranges":[{"type":"SEMVER","events":[{"introduced":"2.0.0"},{"fixed":"2.0.3"}]}],"ecosystem_specific":{"imports":[{"path":"github.com/beego/beego/v2/server/web","symbols":["AddNamespace","AddViewPath","Any","AutoPrefix","AutoRouter","BuildTemplate","Compare","CompareNot","Controller.Abort","Controller.CheckXSRFCookie","Controller.CustomAbort","Controller.Delete","Controller.DestroySession","Controller.Get","Controller.GetBool","Controller.GetFile","Controller.GetFloat","Controller.GetInt","Controller.GetInt16","Controller.GetInt32","Controller.GetInt64","Controller.GetInt8","Controller.GetSecureCookie","Controller.GetString","Controller.GetStrings","Controller.GetUint16","Controller.GetUint32","Controller.GetUint64","Controller.GetUint8","Controller.Head","Controller.Input","Controller.IsAjax","Controller.Options","Controller.ParseForm","Controller.Patch","Controller.Post","Controller.Put","Controller.Redirect","Controller.Render","Controller.RenderBytes","Controller.RenderString","Controller.SaveToFile","Controller.ServeFormatted","Controller.ServeJSON","Controller.ServeJSONP","Controller.ServeXML","Controller.ServeYAML","Controller.SessionRegenerateID","Controller.SetData","Controller.SetSecureCookie","Controller.Trace","Controller.URLFor","Controller.XSRFFormHTML","Controller.XSRFToken","ControllerRegister.Add","ControllerRegister.AddAuto","ControllerRegister.AddAutoPrefix","ControllerRegister.AddMethod","ControllerRegister.Any","ControllerRegister.Delete","ControllerRegister.FindPolicy","ControllerRegister.FindRouter","ControllerRegister.Get","ControllerRegister.GetContext","ControllerRegister.Handler","ControllerRegister.Head","ControllerRegister.Include","ControllerRegister.InsertFilter","ControllerRegister.InsertFilterChain","ControllerRegister.Options","ControllerRegister.Patch","ControllerRegister.Post","ControllerRegister.Put","ControllerRegister.ServeHTTP","ControllerRegister.URLFor","Date","DateFormat","DateParse","Delete","Exception","ExecuteTemplate","ExecuteViewPathTemplate","FileSystem.Open","FilterRouter.ValidRouter","FlashData.Error","FlashData.Notice","FlashData.Set","FlashData.Store","FlashData.Success","FlashData.Warning","Get","GetConfig","HTML2str","Handler","Head","Htmlquote","Htmlunquote","HttpServer.Any","HttpServer.AutoPrefix","HttpServer.AutoRouter","HttpServer.Delete","HttpServer.Get","HttpServer.Handler","HttpServer.Head","HttpServer.Include","HttpServer.InsertFilter","HttpServer.InsertFilterChain","HttpServer.LogAccess","HttpServer.Options","HttpServer.Patch","HttpServer.Post","HttpServer.PrintTree","HttpServer.Put","HttpServer.RESTRouter","HttpServer.Router","HttpServer.Run","Include","InitBeegoBeforeTest","InsertFilter","InsertFilterChain","LoadAppConfig","LogAccess","MapGet","Namespace.Any","Namespace.AutoPrefix","Namespace.AutoRouter","Namespace.Cond","Namespace.Delete","Namespace.Filter","Namespace.Get","Namespace.Handler","Namespace.Head","Namespace.Include","Namespace.Namespace","Namespace.Options","Namespace.Patch","Namespace.Post","Namespace.Put","Namespace.Router","NewControllerRegister","NewControllerRegisterWithCfg","NewHttpServerWithCfg","NewHttpSever","NewNamespace","NotNil","Options","ParseForm","Patch","Policy","Post","PrintTree","Put","RESTRouter","ReadFromRequest","RenderForm","Router","Run","RunWithMiddleWares","TestBeegoInit","Tree.AddRouter","Tree.AddTree","Tree.Match","URLFor","URLMap.GetMap","URLMap.GetMapData","Walk","adminApp.Run","adminController.AdminIndex","adminController.Healthcheck","adminController.ListConf","adminController.ProfIndex","adminController.PrometheusMetrics","adminController.QpsIndex","adminController.TaskStatus","beegoAppConfig.Bool","beegoAppConfig.DefaultBool"]}]}}],"references":[{"type":"FIX","url":"https://github.com/beego/beego/pull/4459"},{"type":"FIX","url":"https://github.com/beego/beego/commit/d5df5e470d0a8ed291930ae802fd7e6b95226519"}],"database_specific":{"url":"https://pkg.go.dev/vuln/GO-2022-0572"}}
\ No newline at end of file
diff --git a/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0572.json.gz b/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0572.json.gz
index 618c6aa..9c1d0d2 100644
--- a/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0572.json.gz
+++ b/tests/screentest/testdata/vulndb-v1/ID/GO-2022-0572.json.gz
Binary files differ
diff --git a/tests/screentest/testdata/vulndb-v1/ID/GO-2024-2730.json b/tests/screentest/testdata/vulndb-v1/ID/GO-2024-2730.json
new file mode 100644
index 0000000..b557a83
--- /dev/null
+++ b/tests/screentest/testdata/vulndb-v1/ID/GO-2024-2730.json
@@ -0,0 +1 @@
+{"schema_version":"1.3.1","id":"GO-2024-2730","modified":"2024-04-17T19:55:00Z","published":"2024-04-17T15:34:19Z","withdrawn":"2024-04-17T18:06:23Z","related":["CVE-2024-3400"],"summary":"WITHDRAWN: Directory traversal in FilesystemStore in github.com/gorilla/sessions","details":"(This report has been withdrawn on the grounds that it generates too many false positives. Session IDs are documented as not being suitable to hold user-provided data.)\n\nFilesystemStore does not sanitize the Session.ID value, making it vulnerable to directory traversal attacks. If an attacker has control over the contents of the session ID, this can be exploited to write to arbitrary files in the filesystem.\n\nPrograms which do not set session IDs explicitly, or which only set session IDs that will not be interpreted by the filesystem, are not vulnerable.","affected":[{"package":{"name":"github.com/gorilla/sessions","ecosystem":"Go"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"}]}],"ecosystem_specific":{"imports":[{"path":"github.com/gorilla/sessions","symbols":["CookieStore.Get","FilesystemStore.Get","FilesystemStore.New","FilesystemStore.Save","FilesystemStore.erase","FilesystemStore.load","FilesystemStore.save","Registry.Get","Registry.Save","Save","Session.Save"]}]}}],"references":[{"type":"FIX","url":"https://github.com/gorilla/sessions/pull/274"}],"database_specific":{"url":"https://pkg.go.dev/vuln/GO-2024-2730"}}
\ No newline at end of file
diff --git a/tests/screentest/testdata/vulndb-v1/ID/GO-2024-2730.json.gz b/tests/screentest/testdata/vulndb-v1/ID/GO-2024-2730.json.gz
new file mode 100644
index 0000000..1eb640d
--- /dev/null
+++ b/tests/screentest/testdata/vulndb-v1/ID/GO-2024-2730.json.gz
Binary files differ
diff --git a/tests/screentest/testdata/vulndb-v1/index/db.json b/tests/screentest/testdata/vulndb-v1/index/db.json
index 1e4784c..d4c17c2 100644
--- a/tests/screentest/testdata/vulndb-v1/index/db.json
+++ b/tests/screentest/testdata/vulndb-v1/index/db.json
@@ -1 +1 @@
-{"modified":"2023-06-12T18:45:41Z"}
\ No newline at end of file
+{"modified":"2024-04-17T19:55:00Z"}
\ No newline at end of file
diff --git a/tests/screentest/testdata/vulndb-v1/index/db.json.gz b/tests/screentest/testdata/vulndb-v1/index/db.json.gz
index 8bebbe2..55493aa 100644
--- a/tests/screentest/testdata/vulndb-v1/index/db.json.gz
+++ b/tests/screentest/testdata/vulndb-v1/index/db.json.gz
Binary files differ
diff --git a/tests/screentest/testdata/vulndb-v1/index/modules.json b/tests/screentest/testdata/vulndb-v1/index/modules.json
index 15142ef..a9329cd 100644
--- a/tests/screentest/testdata/vulndb-v1/index/modules.json
+++ b/tests/screentest/testdata/vulndb-v1/index/modules.json
@@ -1 +1 @@
-[{"path":"github.com/astaxie/beego","vulns":[{"id":"GO-2022-0463","modified":"2023-06-12T18:45:41Z"},{"id":"GO-2022-0569","modified":"2023-06-12T18:45:41Z"},{"id":"GO-2022-0572","modified":"2023-06-12T18:45:41Z"}]},{"path":"github.com/beego/beego","vulns":[{"id":"GO-2022-0463","modified":"2023-06-12T18:45:41Z","fixed":"1.12.9"},{"id":"GO-2022-0569","modified":"2023-06-12T18:45:41Z","fixed":"1.12.11"},{"id":"GO-2022-0572","modified":"2023-06-12T18:45:41Z"}]},{"path":"github.com/beego/beego/v2","vulns":[{"id":"GO-2022-0463","modified":"2023-06-12T18:45:41Z","fixed":"2.0.3"},{"id":"GO-2022-0569","modified":"2023-06-12T18:45:41Z","fixed":"2.0.4"},{"id":"GO-2022-0572","modified":"2023-06-12T18:45:41Z","fixed":"2.0.3"}]},{"path":"golang.org/x/crypto","vulns":[{"id":"GO-2022-0229","modified":"2023-06-12T18:45:41Z","fixed":"0.0.0-20200124225646-8b5121be2f68"}]},{"path":"stdlib","vulns":[{"id":"GO-2021-0159","modified":"2023-06-12T18:45:41Z","fixed":"1.4.3"},{"id":"GO-2021-0240","modified":"2023-06-12T18:45:41Z","fixed":"1.16.5"},{"id":"GO-2021-0264","modified":"2023-06-12T18:45:41Z","fixed":"1.17.3"},{"id":"GO-2022-0229","modified":"2023-06-12T18:45:41Z","fixed":"1.13.7"},{"id":"GO-2022-0273","modified":"2023-06-12T18:45:41Z","fixed":"1.17.1"}]},{"path":"toolchain","vulns":[{"id":"GO-2021-0068","modified":"2023-06-12T18:45:41Z","fixed":"1.15.7"},{"id":"GO-2022-0475","modified":"2023-06-12T18:45:41Z","fixed":"1.15.5"},{"id":"GO-2022-0476","modified":"2023-06-12T18:45:41Z","fixed":"1.15.5"}]}]
\ No newline at end of file
+[{"path":"github.com/astaxie/beego","vulns":[{"id":"GO-2022-0463","modified":"2023-12-14T15:51:14Z"},{"id":"GO-2022-0569","modified":"2023-06-12T18:45:41Z"},{"id":"GO-2022-0572","modified":"2023-12-14T15:51:14Z"}]},{"path":"github.com/beego/beego","vulns":[{"id":"GO-2022-0463","modified":"2023-12-14T15:51:14Z","fixed":"1.12.9"},{"id":"GO-2022-0569","modified":"2023-06-12T18:45:41Z","fixed":"1.12.11"},{"id":"GO-2022-0572","modified":"2023-12-14T15:51:14Z"}]},{"path":"github.com/beego/beego/v2","vulns":[{"id":"GO-2022-0463","modified":"2023-12-14T15:51:14Z","fixed":"2.0.3"},{"id":"GO-2022-0569","modified":"2023-06-12T18:45:41Z","fixed":"2.0.4"},{"id":"GO-2022-0572","modified":"2023-12-14T15:51:14Z","fixed":"2.0.3"}]},{"path":"github.com/gorilla/sessions","vulns":[{"id":"GO-2024-2730","modified":"2024-04-17T19:55:00Z"}]},{"path":"golang.org/x/crypto","vulns":[{"id":"GO-2022-0229","modified":"2023-06-12T18:45:41Z","fixed":"0.0.0-20200124225646-8b5121be2f68"}]},{"path":"stdlib","vulns":[{"id":"GO-2021-0159","modified":"2023-06-12T18:45:41Z","fixed":"1.4.3"},{"id":"GO-2021-0240","modified":"2023-06-12T18:45:41Z","fixed":"1.16.5"},{"id":"GO-2021-0264","modified":"2023-06-12T18:45:41Z","fixed":"1.17.3"},{"id":"GO-2022-0229","modified":"2023-06-12T18:45:41Z","fixed":"1.13.7"},{"id":"GO-2022-0273","modified":"2023-06-12T18:45:41Z","fixed":"1.17.1"}]},{"path":"toolchain","vulns":[{"id":"GO-2021-0068","modified":"2023-06-12T18:45:41Z","fixed":"1.15.7"},{"id":"GO-2022-0475","modified":"2023-06-12T18:45:41Z","fixed":"1.15.5"},{"id":"GO-2022-0476","modified":"2023-06-12T18:45:41Z","fixed":"1.15.5"}]}]
\ No newline at end of file
diff --git a/tests/screentest/testdata/vulndb-v1/index/modules.json.gz b/tests/screentest/testdata/vulndb-v1/index/modules.json.gz
index ebd6df4..b9af784 100644
--- a/tests/screentest/testdata/vulndb-v1/index/modules.json.gz
+++ b/tests/screentest/testdata/vulndb-v1/index/modules.json.gz
Binary files differ
diff --git a/tests/screentest/testdata/vulndb-v1/index/vulns.json b/tests/screentest/testdata/vulndb-v1/index/vulns.json
index 372459b..285b338 100644
--- a/tests/screentest/testdata/vulndb-v1/index/vulns.json
+++ b/tests/screentest/testdata/vulndb-v1/index/vulns.json
@@ -1 +1 @@
-[{"id":"GO-2021-0068","modified":"2023-06-12T18:45:41Z","aliases":["CVE-2021-3115"]},{"id":"GO-2021-0159","modified":"2023-06-12T18:45:41Z","aliases":["CVE-2015-5739","CVE-2015-5740","CVE-2015-5741"]},{"id":"GO-2021-0240","modified":"2023-06-12T18:45:41Z","aliases":["CVE-2021-33196"]},{"id":"GO-2021-0264","modified":"2023-06-12T18:45:41Z","aliases":["CVE-2021-41772"]},{"id":"GO-2022-0229","modified":"2023-06-12T18:45:41Z","aliases":["CVE-2020-7919","GHSA-cjjc-xp8v-855w"]},{"id":"GO-2022-0273","modified":"2023-06-12T18:45:41Z","aliases":["CVE-2021-39293"]},{"id":"GO-2022-0463","modified":"2023-06-12T18:45:41Z","aliases":["CVE-2022-31259","GHSA-qx32-f6g6-fcfr"]},{"id":"GO-2022-0475","modified":"2023-06-12T18:45:41Z","aliases":["CVE-2020-28366"]},{"id":"GO-2022-0476","modified":"2023-06-12T18:45:41Z","aliases":["CVE-2020-28367"]},{"id":"GO-2022-0569","modified":"2023-06-12T18:45:41Z","aliases":["CVE-2022-31836","GHSA-95f9-94vc-665h"]},{"id":"GO-2022-0572","modified":"2023-06-12T18:45:41Z","aliases":["CVE-2021-30080","GHSA-28r6-jm5h-mrgg"]}]
\ No newline at end of file
+[{"id":"GO-2021-0068","modified":"2023-06-12T18:45:41Z","aliases":["CVE-2021-3115"]},{"id":"GO-2021-0159","modified":"2023-06-12T18:45:41Z","aliases":["CVE-2015-5739","CVE-2015-5740","CVE-2015-5741"]},{"id":"GO-2021-0240","modified":"2023-06-12T18:45:41Z","aliases":["CVE-2021-33196"]},{"id":"GO-2021-0264","modified":"2023-06-12T18:45:41Z","aliases":["CVE-2021-41772"]},{"id":"GO-2022-0229","modified":"2023-06-12T18:45:41Z","aliases":["CVE-2020-7919","GHSA-cjjc-xp8v-855w"]},{"id":"GO-2022-0273","modified":"2023-06-12T18:45:41Z","aliases":["CVE-2021-39293"]},{"id":"GO-2022-0463","modified":"2023-12-14T15:51:14Z","aliases":["CVE-2022-31259","GHSA-qx32-f6g6-fcfr"]},{"id":"GO-2022-0475","modified":"2023-06-12T18:45:41Z","aliases":["CVE-2020-28366"]},{"id":"GO-2022-0476","modified":"2023-06-12T18:45:41Z","aliases":["CVE-2020-28367"]},{"id":"GO-2022-0569","modified":"2023-06-12T18:45:41Z","aliases":["CVE-2022-31836","GHSA-95f9-94vc-665h"]},{"id":"GO-2022-0572","modified":"2023-12-14T15:51:14Z","aliases":["CVE-2021-30080","GHSA-28r6-jm5h-mrgg"]},{"id":"GO-2024-2730","modified":"2024-04-17T19:55:00Z"}]
\ No newline at end of file
diff --git a/tests/screentest/testdata/vulndb-v1/index/vulns.json.gz b/tests/screentest/testdata/vulndb-v1/index/vulns.json.gz
index d0c036d..8bd161d 100644
--- a/tests/screentest/testdata/vulndb-v1/index/vulns.json.gz
+++ b/tests/screentest/testdata/vulndb-v1/index/vulns.json.gz
Binary files differ
