internal/worker: add more false positives
Add recently identified false positives to the list used
to initialize the DB.
Change-Id: I96a57b408ddd1f268020fbabe0ee5b5751a0c033
Reviewed-on: https://go-review.googlesource.com/c/vuln/+/371594
Trust: Jonathan Amsterdam <jba@google.com>
Run-TryBot: Jonathan Amsterdam <jba@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Julie Qiu <julie@golang.org>
diff --git a/internal/worker/false_positive_records.gen.go b/internal/worker/false_positive_records.gen.go
index dbd5aae..038e97a 100644
--- a/internal/worker/false_positive_records.gen.go
+++ b/internal/worker/false_positive_records.gen.go
@@ -7379,4 +7379,4326 @@
"https://github.com/optiv/rustyIron",
},
},
+ {
+ ID: "CVE-2020-27847",
+ Path: "2020/27xxx/CVE-2020-27847.json",
+ BlobHash: "7a69948e5eed4bfed39f606583914f2983ea3007",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://mattermost.com/blog/coordinated-disclosure-go-xml-vulnerabilities/",
+ "https://bugzilla.redhat.com/show_bug.cgi?id=1907732",
+ "https://github.com/dexidp/dex/security/advisories/GHSA-m9hp-7r99-94h5",
+ },
+ },
+ {
+ ID: "CVE-2020-7731",
+ Path: "2020/7xxx/CVE-2020-7731.json",
+ BlobHash: "84d3ee645657f3058b9e470f634c775105214c73",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMRUSSELLHAERINGGOSAML2-608302",
+ "https://github.com/russellhaering/gosaml2/issues/59",
+ },
+ },
+ {
+ ID: "CVE-2020-28851",
+ Path: "2020/28xxx/CVE-2020-28851.json",
+ BlobHash: "236c70a1561d1bb784e225ed716d42127133b482",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/golang/go/issues/42535",
+ "https://security.netapp.com/advisory/ntap-20210212-0004/",
+ },
+ },
+ {
+ ID: "CVE-2020-28852",
+ Path: "2020/28xxx/CVE-2020-28852.json",
+ BlobHash: "1c5f2daee464e715687e3423febc10cd4c76d1f5",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/golang/go/issues/42536",
+ "https://security.netapp.com/advisory/ntap-20210212-0004/",
+ },
+ },
+ {
+ ID: "CVE-2020-10729",
+ Path: "2020/10xxx/CVE-2020-10729.json",
+ BlobHash: "8b8bbd0c954d31aa029e8cd777837545d31a2bcd",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://bugzilla.redhat.com/show_bug.cgi?id=1831089",
+ "https://github.com/ansible/ansible/issues/34144",
+ "https://www.debian.org/security/2021/dsa-4950",
+ },
+ },
+ {
+ ID: "CVE-2020-10808",
+ Path: "2020/10xxx/CVE-2020-10808.json",
+ BlobHash: "1554aedd6d7c7fc2d8d957e056697277433c61d1",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://forum.vestacp.com/viewforum.php?f=25",
+ "https://pentest.blog/vesta-control-panel-second-order-remote-code-execution-0day-step-by-step-analysis/",
+ "https://github.com/rapid7/metasploit-framework/pull/13094",
+ "http://packetstormsecurity.com/files/157111/Vesta-Control-Panel-Authenticated-Remote-Code-Execution.html",
+ "http://packetstormsecurity.com/files/157219/Vesta-Control-Panel-Authenticated-Remote-Code-Execution.html",
+ },
+ },
+ {
+ ID: "CVE-2020-18032",
+ Path: "2020/18xxx/CVE-2020-18032.json",
+ BlobHash: "dfa390b301a1064a8d54bbf703d5c4fc2333ac08",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://gitlab.com/graphviz/graphviz/-/issues/1700",
+ "https://lists.debian.org/debian-lts-announce/2021/05/msg00014.html",
+ "https://www.debian.org/security/2021/dsa-4914",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/D5PQPHJHPU46FK3R5XBP3XDT4X37HMPC/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QGY2IGARE6RZHTF2UEZEWLMQCDILFK6A/",
+ "https://security.gentoo.org/glsa/202107-04",
+ },
+ },
+ {
+ ID: "CVE-2020-19498",
+ Path: "2020/19xxx/CVE-2020-19498.json",
+ BlobHash: "86e6073863789e332b09d507a6a0b7e093ff5ba7",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/strukturag/libheif/issues/139",
+ "https://github.com/strukturag/libheif/commit/2710c930918609caaf0a664e9c7bc3dce05d5b58",
+ },
+ },
+ {
+ ID: "CVE-2020-19499",
+ Path: "2020/19xxx/CVE-2020-19499.json",
+ BlobHash: "61b2beb78d46027d5d8d0d1ecca33b3f47839e83",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/strukturag/libheif/issues/138",
+ "https://github.com/strukturag/libheif/commit/f7399b62d7fbc596f1b2871578c1d2053bedf1dd",
+ },
+ },
+ {
+ ID: "CVE-2020-23109",
+ Path: "2020/23xxx/CVE-2020-23109.json",
+ BlobHash: "16426b7912aff0b364acd86087ed330d21124483",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/strukturag/libheif/issues/207",
+ },
+ },
+ {
+ ID: "CVE-2020-27386",
+ Path: "2020/27xxx/CVE-2020-27386.json",
+ BlobHash: "715de3dfd05b255dd650df3bc91759ce4f7c2f39",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/MacdonaldRobinson/FlexDotnetCMS/releases/tag/v1.5.9",
+ "https://blog.vonahi.io/whats-in-a-re-name/",
+ "https://github.com/rapid7/metasploit-framework/pull/14339",
+ "http://packetstormsecurity.com/files/160411/FlexDotnetCMS-1.5.8-Arbitrary-ASP-File-Upload.html",
+ },
+ },
+ {
+ ID: "CVE-2020-27387",
+ Path: "2020/27xxx/CVE-2020-27387.json",
+ BlobHash: "0ede9f0de5e4debb19ecab0331853c154b4ad049",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/rapid7/metasploit-framework/pull/14340",
+ "https://github.com/ttimot24/HorizontCMS/commit/436b5ab679fd27afa3d99c023dbe103113da4fee",
+ "https://blog.vonahi.io/whats-in-a-re-name/",
+ "http://packetstormsecurity.com/files/160046/HorizontCMS-1.0.0-beta-Shell-Upload.html",
+ },
+ },
+ {
+ ID: "CVE-2020-28347",
+ Path: "2020/28xxx/CVE-2020-28347.json",
+ BlobHash: "7f354a67a4870f4d85a347abf84ab56da3fd58f0",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/pedrib/PoC/blob/master/advisories/Pwn2Own/Tokyo_2020/minesweeper.md",
+ "https://github.com/rdomanski/Exploits_and_Advisories/blob/master/advisories/Pwn2Own/Tokyo2020/minesweeper.md",
+ "https://github.com/pedrib/PoC/blob/master/advisories/Pwn2Own/Tokyo_2019/lao_bomb/lao_bomb.md",
+ "https://github.com/rdomanski/Exploits_and_Advisories/blob/master/advisories/Pwn2Own/Tokyo2019/lao_bomb.md",
+ "https://github.com/rapid7/metasploit-framework/pull/14365",
+ },
+ },
+ {
+ ID: "CVE-2020-36404",
+ Path: "2020/36xxx/CVE-2020-36404.json",
+ BlobHash: "f20fd0cf59912c175ecd89557c8c1a20c376a333",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22371",
+ "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/keystone/OSV-2020-1506.yaml",
+ "https://github.com/keystone-engine/keystone/releases",
+ },
+ },
+ {
+ ID: "CVE-2020-36405",
+ Path: "2020/36xxx/CVE-2020-36405.json",
+ BlobHash: "28b6333bb289776801f79406e4c5bd9433e880e0",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/keystone-engine/keystone/releases",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=22850",
+ "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/keystone/OSV-2020-789.yaml",
+ },
+ },
+ {
+ ID: "CVE-2020-7350",
+ Path: "2020/7xxx/CVE-2020-7350.json",
+ BlobHash: "072675947597475cae1d47440cc4ad3245282780",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/rapid7/metasploit-framework/issues/13026",
+ },
+ },
+ {
+ ID: "CVE-2020-7351",
+ Path: "2020/7xxx/CVE-2020-7351.json",
+ BlobHash: "8b20736854df0eac414d609e20a23f91bdae0e62",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/rapid7/metasploit-framework/pull/13353",
+ "http://packetstormsecurity.com/files/157565/TrixBox-CE-2.8.0.4-Command-Execution.html",
+ },
+ },
+ {
+ ID: "CVE-2020-7352",
+ Path: "2020/7xxx/CVE-2020-7352.json",
+ BlobHash: "e7019c4b50cc9a18967414c1695f0b37352b3bf2",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/rapid7/metasploit-framework/pull/13444",
+ "https://www.positronsecurity.com/blog/2020-04-28-gog-galaxy-client-local-privilege-escalation/",
+ },
+ },
+ {
+ ID: "CVE-2020-7356",
+ Path: "2020/7xxx/CVE-2020-7356.json",
+ BlobHash: "89e3ebe9096a8b3ac10e60ab873580fd1f659f41",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5571.php",
+ "https://github.com/rapid7/metasploit-framework/pull/13607",
+ },
+ },
+ {
+ ID: "CVE-2020-7357",
+ Path: "2020/7xxx/CVE-2020-7357.json",
+ BlobHash: "827862988ec5b4edb609c43508dcb99e60f440c7",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/rapid7/metasploit-framework/pull/13607",
+ "https://www.zeroscience.mk/en/vulnerabilities/ZSL-2020-5570.php",
+ "https://exchange.xforce.ibmcloud.com/vulnerabilities/182925",
+ },
+ },
+ {
+ ID: "CVE-2020-7361",
+ Path: "2020/7xxx/CVE-2020-7361.json",
+ BlobHash: "b553d9e6918e5e35ea7c2260bb8492cb7a5ee0d5",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/rapid7/metasploit-framework/pull/13828",
+ },
+ },
+ {
+ ID: "CVE-2020-7373",
+ Path: "2020/7xxx/CVE-2020-7373.json",
+ BlobHash: "9daec6d1ef7d7a68d907ad25009d745995d0fb8b",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://blog.exploitee.rs/2020/exploiting-vbulletin-a-tale-of-patch-fail/",
+ "https://forum.vbulletin.com/forum/vbulletin-announcements/vbulletin-announcements_aa/4445227-vbulletin-5-6-0-5-6-1-5-6-2-security-patch",
+ "https://seclists.org/fulldisclosure/2020/Aug/5",
+ "https://github.com/rapid7/metasploit-framework/pull/13970",
+ },
+ },
+ {
+ ID: "CVE-2020-7374",
+ Path: "2020/7xxx/CVE-2020-7374.json",
+ BlobHash: "50f8d93bd534eca7a19b71f5382b45bd9edf2184",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/rapid7/metasploit-framework/pull/13517",
+ },
+ },
+ {
+ ID: "CVE-2020-7376",
+ Path: "2020/7xxx/CVE-2020-7376.json",
+ BlobHash: "b02deb95087b967deecf7d38798c5911b83fac9b",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/rapid7/metasploit-framework/issues/14008",
+ },
+ },
+ {
+ ID: "CVE-2020-7377",
+ Path: "2020/7xxx/CVE-2020-7377.json",
+ BlobHash: "c0445d606b0d11cd189e76b89becf639d8759b33",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/rapid7/metasploit-framework/issues/14015",
+ },
+ },
+ {
+ ID: "CVE-2020-7384",
+ Path: "2020/7xxx/CVE-2020-7384.json",
+ BlobHash: "4298e0db8998a490bb824c59441bc7717a386d1d",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/rapid7/metasploit-framework/pull/14288",
+ "http://packetstormsecurity.com/files/160004/Rapid7-Metasploit-Framework-msfvenom-APK-Template-Command-Injection.html",
+ "http://packetstormsecurity.com/files/161200/Metasploit-Framework-6.0.11-Command-Injection.html",
+ },
+ },
+ {
+ ID: "CVE-2020-7385",
+ Path: "2020/7xxx/CVE-2020-7385.json",
+ BlobHash: "80d92ca5cd5254a78026a9a0d88cc472ce0c380a",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/rapid7/metasploit-framework/pull/14300",
+ "https://help.rapid7.com/metasploit/release-notes/archive/2020/10/",
+ "https://github.com/rapid7/metasploit-framework/pull/14335",
+ },
+ },
+ {
+ ID: "CVE-2021-20178",
+ Path: "2021/20xxx/CVE-2021-20178.json",
+ BlobHash: "50b35aeab3824833e3271f70c8065c7c7c68bc4a",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HIU7QZUV73U6ZQ65VJWSFBTCALVXLH55/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FUQ2QKAQA5OW2TY3ACZZMFIAJ2EQTG37/",
+ "https://bugzilla.redhat.com/show_bug.cgi?id=1914774",
+ "https://github.com/ansible-collections/community.general/pull/1635,",
+ "https://github.com/ansible/ansible/blob/v2.9.18/changelogs/CHANGELOG-v2.9.rst#security-fixes,",
+ },
+ },
+ {
+ ID: "CVE-2021-20228",
+ Path: "2021/20xxx/CVE-2021-20228.json",
+ BlobHash: "cd16c86e6dd40578a8eb273de4b4a2b752c446b6",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://bugzilla.redhat.com/show_bug.cgi?id=1925002",
+ "https://github.com/ansible/ansible/pull/73487",
+ "https://www.debian.org/security/2021/dsa-4950",
+ },
+ },
+ {
+ ID: "CVE-2021-20286",
+ Path: "2021/20xxx/CVE-2021-20286.json",
+ BlobHash: "f1c6ebcd7aeb537284708fed9791c0f7d20700d0",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://bugzilla.redhat.com/show_bug.cgi?id=1934727",
+ "https://gitlab.com/nbdkit/libnbd/-/commit/fb4440de9cc76e9c14bd3ddf3333e78621f40ad0",
+ },
+ },
+ {
+ ID: "CVE-2021-21414",
+ Path: "2021/21xxx/CVE-2021-21414.json",
+ BlobHash: "80520aea5534460effceda3272091a7a1ce37066",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/prisma/prisma/security/advisories/GHSA-pxcc-hj8w-fmm7",
+ "https://github.com/prisma/prisma/pull/6245",
+ "https://security.netapp.com/advisory/ntap-20210618-0003/",
+ },
+ },
+ {
+ ID: "CVE-2021-21428",
+ Path: "2021/21xxx/CVE-2021-21428.json",
+ BlobHash: "1fe1a051cdba682862d01218f90bd6ae83911fc4",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/OpenAPITools/openapi-generator/security/advisories/GHSA-23x4-m842-fmwf",
+ "https://github.com/OpenAPITools/openapi-generator/pull/8788",
+ },
+ },
+ {
+ ID: "CVE-2021-21429",
+ Path: "2021/21xxx/CVE-2021-21429.json",
+ BlobHash: "92e421921a0eee55d318ba39498d378b847b9380",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/OpenAPITools/openapi-generator/security/advisories/GHSA-867q-77cc-98mv",
+ "https://github.com/OpenAPITools/openapi-generator/pull/8795",
+ },
+ },
+ {
+ ID: "CVE-2021-21430",
+ Path: "2021/21xxx/CVE-2021-21430.json",
+ BlobHash: "3e236e275cd4665795513a982cd0e610a2ab9ba7",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/OpenAPITools/openapi-generator/security/advisories/GHSA-cqxr-xf2w-943w",
+ "https://github.com/OpenAPITools/openapi-generator/pull/8791",
+ "https://github.com/OpenAPITools/openapi-generator/pull/8787",
+ },
+ },
+ {
+ ID: "CVE-2021-24028",
+ Path: "2021/24xxx/CVE-2021-24028.json",
+ BlobHash: "f818ce5d6b9e8059a0e1e29f95a73d3181a3e9c7",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/facebook/fbthrift/commit/bfda1efa547dce11a38592820916db01b05b9339",
+ "https://www.facebook.com/security/advisories/cve-2021-24028",
+ },
+ },
+ {
+ ID: "CVE-2021-28682",
+ Path: "2021/28xxx/CVE-2021-28682.json",
+ BlobHash: "5da720ae6746d42843b2017842fc160a900ee904",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/envoyproxy/envoy/releases",
+ "https://blog.envoyproxy.io",
+ "https://github.com/envoyproxy/envoy/blob/15e3b9dbcc9aaa9d391fa8033904aad1ea1ae70d/api/envoy/api/v2/cluster.proto#L36",
+ },
+ },
+ {
+ ID: "CVE-2021-28683",
+ Path: "2021/28xxx/CVE-2021-28683.json",
+ BlobHash: "ad0312f4c9586388b57cf8913e479143479c4245",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/envoyproxy/envoy/releases",
+ "https://blog.envoyproxy.io",
+ "https://github.com/envoyproxy/envoy/security/advisories/GHSA-r22g-5f3x-xjgg",
+ },
+ },
+ {
+ ID: "CVE-2021-29133",
+ Path: "2021/29xxx/CVE-2021-29133.json",
+ BlobHash: "62bf66f86b66abb05496ed7c8b1aaf7790c86302",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/rapid7/metasploit-framework/pull/14833",
+ "https://gitlab.alpinelinux.org/alpine/aports/-/issues/12539",
+ "https://twitter.com/steaIth/status/1364940271054712842",
+ "https://github.com/rapid7/metasploit-framework/pull/14833/commits/5bf6b2d094deb22fa8183ce161b90cbe4fd40a70",
+ },
+ },
+ {
+ ID: "CVE-2021-29258",
+ Path: "2021/29xxx/CVE-2021-29258.json",
+ BlobHash: "8bcb6f82b7662b63fd0a7a483b3782a9ebede6ce",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://blog.envoyproxy.io",
+ "https://github.com/envoyproxy/envoy-setec/pull/230",
+ "https://github.com/envoyproxy/envoy/releases/tag/v1.14.0",
+ "https://github.com/envoyproxy/envoy/security/advisories/GHSA-xw4q-6pj2-5gfg",
+ },
+ },
+ {
+ ID: "CVE-2021-29492",
+ Path: "2021/29xxx/CVE-2021-29492.json",
+ BlobHash: "d79a2d53d94c9cafa72549ee521b32f8752aa38f",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/envoyproxy/envoy/security/advisories/GHSA-4987-27fx-x6cf",
+ },
+ },
+ {
+ ID: "CVE-2021-32777",
+ Path: "2021/32xxx/CVE-2021-32777.json",
+ BlobHash: "e4dfaf518c221d984e013e1b1d0ea947d3a8af5a",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/envoyproxy/envoy/security/advisories/GHSA-6g4j-5vrw-2m8h",
+ "https://www.envoyproxy.io/docs/envoy/v1.19.0/version_history/version_history",
+ },
+ },
+ {
+ ID: "CVE-2021-32778",
+ Path: "2021/32xxx/CVE-2021-32778.json",
+ BlobHash: "2c24f3a23493dd734db2db4404ef653bbe493e21",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://www.envoyproxy.io/docs/envoy/v1.19.0/version_history/version_history",
+ "https://github.com/envoyproxy/envoy/security/advisories/GHSA-3xh3-33v5-chcc",
+ },
+ },
+ {
+ ID: "CVE-2021-32779",
+ Path: "2021/32xxx/CVE-2021-32779.json",
+ BlobHash: "e485a50765f62cfec6883c9373b0d95fae72b6a5",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://www.envoyproxy.io/docs/envoy/v1.19.0/version_history/version_history",
+ "https://github.com/envoyproxy/envoy/security/advisories/GHSA-r222-74fw-jqr9",
+ },
+ },
+ {
+ ID: "CVE-2021-32780",
+ Path: "2021/32xxx/CVE-2021-32780.json",
+ BlobHash: "85bbb6610a44fe89836be60f9b870847bf6c5414",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://www.envoyproxy.io/docs/envoy/v1.19.0/version_history/version_history",
+ "https://github.com/envoyproxy/envoy/security/advisories/GHSA-j374-mjrw-vvp8",
+ },
+ },
+ {
+ ID: "CVE-2021-32781",
+ Path: "2021/32xxx/CVE-2021-32781.json",
+ BlobHash: "73d368a39f8ffb2ef9a9bd18b558a6b17a3836f3",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://www.envoyproxy.io/docs/envoy/v1.19.0/version_history/version_history",
+ "https://github.com/envoyproxy/envoy/security/advisories/GHSA-5vhv-gp9v-42qv",
+ },
+ },
+ {
+ ID: "CVE-2021-32810",
+ Path: "2021/32xxx/CVE-2021-32810.json",
+ BlobHash: "fa6df001b0ffc0ee223cff322ae170e7e4a83c85",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/crossbeam-rs/crossbeam/security/advisories/GHSA-pqqp-xmhj-wgcw",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EW5B2VTDVMJ6B3DA4VLMAMW2GGDCE2BK/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LCIBFGBSL3JSVJQTNEDEIMZGZF23N2KE/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VQZIEJQBV3S72BHD5GKJQF3NVYNRV5CF/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RRPKBRXCRNGNMVFQPFD4LM3QKPEMBQQR/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7EZILHZDRGDPOBQ4KTW3E5PPMKLHGH5N/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFBZWCLG7AGLJO4A7K5IMJVPLSWZ5TJP/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WGB2H35CTZDHOV3VLC5BM6VFGURLLVRP/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CY5T3FCE4MUYSPKEWICLVJBBODGJ6SZE/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AWHNNBJCU4EHA2X5ZAMJMGLDUYS5FEPP/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U3LSN3B43TJSFIOB3QLPBI3RCHRU5BLO/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZQDIBB7VR3ER52FMSMNJPAWNDO5SITCE/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OCLMH7B7B2MF55ET4NQNPH7JWISFX4RT/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AYBSLIYFANZLCYWOGTIYZUM26TJRH7WU/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TFUBWBYCPSSXTJGEAQ67CJUNQJBOCM26/",
+ },
+ },
+ {
+ ID: "CVE-2021-36753",
+ Path: "2021/36xxx/CVE-2021-36753.json",
+ BlobHash: "803ea8792bf35d2561f847100bc95e2a4b1a201f",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/sharkdp/bat/releases/tag/v0.18.2",
+ "https://github.com/sharkdp/bat/pull/1724",
+ "https://github.com/sharkdp/bat/commit/bf2b2df9c9e218e35e5a38ce3d03cffb7c363956",
+ "https://vuln.ryotak.me/advisories/53",
+ },
+ },
+ {
+ ID: "CVE-2021-36979",
+ Path: "2021/36xxx/CVE-2021-36979.json",
+ BlobHash: "0109f84612789077ebc45dadecb42733a511436a",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/unicorn/OSV-2020-2305.yaml",
+ "https://github.com/unicorn-engine/unicorn/commit/bf1713d9e011b55ca1f502a6779fc4722b4bb077",
+ "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=30391",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MZ6LOCJXHQVU6SCJLFDJINBOVJYYENLX/",
+ },
+ },
+ {
+ ID: "CVE-2021-39204",
+ Path: "2021/39xxx/CVE-2021-39204.json",
+ BlobHash: "c31bab15245849dd6d7a376d51ca2ae738088740",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://groups.google.com/g/envoy-announce/c/5xBpsEZZDfE/m/wD05NZBbAgAJ",
+ "https://github.com/envoyproxy/envoy/security/advisories/GHSA-3xh3-33v5-chcc",
+ "https://github.com/pomerium/pomerium/security/advisories/GHSA-5wjf-62hw-q78r",
+ },
+ },
+ {
+ ID: "CVE-2021-39206",
+ Path: "2021/39xxx/CVE-2021-39206.json",
+ BlobHash: "c24982e6d4d40e56c77c8ccba12ff2e8ff56a2e3",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/envoyproxy/envoy/security/advisories/GHSA-r222-74fw-jqr9",
+ "https://github.com/envoyproxy/envoy/security/advisories/GHSA-6g4j-5vrw-2m8h",
+ "https://groups.google.com/g/envoy-announce/c/5xBpsEZZDfE/m/wD05NZBbAgAJ",
+ "https://github.com/pomerium/pomerium/security/advisories/GHSA-cfc2-wjcm-c8fm",
+ },
+ },
+ {
+ ID: "CVE-2021-40330",
+ Path: "2021/40xxx/CVE-2021-40330.json",
+ BlobHash: "714eaaec31d0b5e6a49bb8eed8aeebdbc926411e",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/git/git/commit/a02ea577174ab8ed18f847cf1693f213e0b9c473",
+ "https://github.com/git/git/compare/v2.30.0...v2.30.1",
+ },
+ },
+ {
+ ID: "CVE-2021-42840",
+ Path: "2021/42xxx/CVE-2021-42840.json",
+ BlobHash: "3199db8c5c41f5f9cf7af06983c63480219de0ad",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://docs.suitecrm.com/admin/releases/7.11.x/#_7_11_19",
+ "https://github.com/rapid7/metasploit-framework/commits/master/modules/exploits/linux/http/suitecrm_log_file_rce.rb",
+ "https://suitecrm.com/time-to-upgrade-suitecrm-7-11-19-7-10-30-lts-released/",
+ "https://theyhack.me/SuiteCRM-RCE-2/",
+ },
+ },
+ {
+ ID: "CVE-2021-29923",
+ Path: "2021/29xxx/CVE-2021-29923.json",
+ BlobHash: "dab85989329b57c06e385579c44efb6cfc300e43",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://golang.org/pkg/net/#ParseCIDR",
+ "https://defcon.org/html/defcon-29/dc-29-speakers.html#kaoudis",
+ "https://github.com/golang/go/issues/43389",
+ "https://github.com/golang/go/issues/30999",
+ "https://go-review.googlesource.com/c/go/+/325829/",
+ "https://github.com/sickcodes/security/blob/master/advisories/SICK-2021-016.md",
+ },
+ },
+ {
+ ID: "CVE-2020-13310",
+ Path: "2020/13xxx/CVE-2020-13310.json",
+ BlobHash: "7cd357bf2c1460f3b80fe135424f6a8411ef2f13",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://gitlab.com/gitlab-org/gitlab-runner/-/issues/25857",
+ "https://gitlab.com/gitlab-org/gitlab-runner/-/issues/26819",
+ "https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13310.json",
+ },
+ },
+ {
+ ID: "CVE-2020-13327",
+ Path: "2020/13xxx/CVE-2020-13327.json",
+ BlobHash: "3fc59d299603ae42a7165cc5a3debc87b2b7002f",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://gitlab.com/gitlab-org/gitlab-runner/-/issues/26833",
+ "https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13327.json",
+ },
+ },
+ {
+ ID: "CVE-2020-13347",
+ Path: "2020/13xxx/CVE-2020-13347.json",
+ BlobHash: "2e453e6a559269ae47d324b14d9aaae11b3f351b",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://gitlab.com/gitlab-org/gitlab-runner/-/issues/26725",
+ "https://hackerone.com/reports/955016",
+ "https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13347.json",
+ },
+ },
+ {
+ ID: "CVE-2020-13353",
+ Path: "2020/13xxx/CVE-2020-13353.json",
+ BlobHash: "911fa5d5929386aee980fa3187448a9053a786df",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://gitlab.com/gitlab-org/gitaly/-/issues/2882",
+ "https://gitlab.com/gitlab-org/cves/-/blob/master/2020/CVE-2020-13353.json",
+ },
+ },
+ {
+ ID: "CVE-2020-13845",
+ Path: "2020/13xxx/CVE-2020-13845.json",
+ BlobHash: "313900e146d8d42def520ab271a1b3d78d62301c",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://medium.com/sylabs",
+ "https://github.com/hpcng/singularity/security/advisories/GHSA-pmfr-63c2-jr5c",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00046.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00059.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00053.html",
+ },
+ },
+ {
+ ID: "CVE-2020-13846",
+ Path: "2020/13xxx/CVE-2020-13846.json",
+ BlobHash: "9caeed25e378f0e8d425f90bb19fe518f3b3a899",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://medium.com/sylabs",
+ "https://github.com/hpcng/singularity/security/advisories/GHSA-6w7g-p4jh-rf92",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00046.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00059.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00053.html",
+ },
+ },
+ {
+ ID: "CVE-2020-13847",
+ Path: "2020/13xxx/CVE-2020-13847.json",
+ BlobHash: "82d6c63dc2d47ae8754b463988aa605284accd1c",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://medium.com/sylabs",
+ "https://github.com/hpcng/singularity/security/advisories/GHSA-m7j2-9565-4h9v",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00046.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00059.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00053.html",
+ },
+ },
+ {
+ ID: "CVE-2020-14160",
+ Path: "2020/14xxx/CVE-2020-14160.json",
+ BlobHash: "51eb7d117e7bd980078a7f2a088d95f9105964e7",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/thecodingmachine/gotenberg/releases",
+ "https://github.com/gotenberg/gotenberg/pull/319",
+ "https://github.com/gotenberg/gotenberg/issues/215",
+ },
+ },
+ {
+ ID: "CVE-2020-14161",
+ Path: "2020/14xxx/CVE-2020-14161.json",
+ BlobHash: "8f72b91defab16b58752054a16ae449ebc1e02a7",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/thecodingmachine/gotenberg/releases",
+ "https://github.com/gotenberg/gotenberg/pull/319",
+ "https://github.com/gotenberg/gotenberg/issues/215",
+ },
+ },
+ {
+ ID: "CVE-2020-15167",
+ Path: "2020/15xxx/CVE-2020-15167.json",
+ BlobHash: "159a98e2ec15033ac2dff0974f08c3c99e21cb60",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/johnkerl/miller/security/advisories/GHSA-mw2v-4q78-j2cw",
+ },
+ },
+ {
+ ID: "CVE-2020-15229",
+ Path: "2020/15xxx/CVE-2020-15229.json",
+ BlobHash: "e7356211754fca1064f13e28d59f1c001a02a81e",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/hpcng/singularity/security/advisories/GHSA-7gcp-w6ww-2xv9",
+ "https://github.com/hpcng/singularity/blob/v3.6.4/CHANGELOG.md#security-related-fixes",
+ "https://github.com/hpcng/singularity/pull/5611",
+ "https://github.com/hpcng/singularity/commit/eba3dea260b117198fdb6faf41f2482ab2f8d53e",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00071.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00070.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-11/msg00009.html",
+ },
+ },
+ {
+ ID: "CVE-2020-24130",
+ Path: "2020/24xxx/CVE-2020-24130.json",
+ BlobHash: "8f737e195225cf0bb2de6bf71dc3bf9feb11b760",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/ponzu-cms/ponzu/issues/352",
+ },
+ },
+ {
+ ID: "CVE-2020-25039",
+ Path: "2020/25xxx/CVE-2020-25039.json",
+ BlobHash: "e965e78bee0c636576ba83f71a25fcb3a0181d3b",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://medium.com/sylabs",
+ "https://github.com/hpcng/singularity/security/advisories/GHSA-w6v2-qchm-grj7",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00070.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00088.html",
+ },
+ },
+ {
+ ID: "CVE-2020-25040",
+ Path: "2020/25xxx/CVE-2020-25040.json",
+ BlobHash: "50f05f51bb6868732e263eff7b722f00da7bbd73",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://medium.com/sylabs",
+ "https://github.com/hpcng/singularity/security/advisories/GHSA-jv9c-w74q-6762",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00070.html",
+ "http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00088.html",
+ },
+ },
+ {
+ ID: "CVE-2020-26213",
+ Path: "2020/26xxx/CVE-2020-26213.json",
+ BlobHash: "20029afa2dd5b4fbf4c5490e84f286a2659db36a",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/kitabisa/teler/security/advisories/GHSA-jhj6-5mh6-4pvf",
+ "https://github.com/kitabisa/teler/commit/ec6082049dba9e44a21f35fb7b123d42ce1a1a7e",
+ },
+ },
+ {
+ ID: "CVE-2020-27519",
+ Path: "2020/27xxx/CVE-2020-27519.json",
+ BlobHash: "f0c95b5e1dd505ed2db06446781ed10393e20685",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/pritunl/pritunl-client-electron/commit/c0aeb159351e5e99d752c27b87133eca299bdfce",
+ "https://github.com/pritunl/pritunl-client-electron/commit/87ceeae9b8ee415541d7d71de10675e699a76e5e",
+ "https://github.com/pritunl/pritunl-client-electron/commit/87ceeae9b8ee415541d7d71de10675e699a76e5e#diff-5c6a264bee3576f2a147b8db70332e9a16dd43d073782cf6d32a372abb22b899",
+ },
+ },
+ {
+ ID: "CVE-2020-28366",
+ Path: "2020/28xxx/CVE-2020-28366.json",
+ BlobHash: "6991618a3e0e5c49ef2ef9f453da30bb0779e265",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://lists.apache.org/thread.html/rd02e75766cd333a0df417588460f5e4477060633000bfe94955851fd@%3Cissues.trafficcontrol.apache.org%3E",
+ "https://groups.google.com/g/golang-announce/c/NpBGTTmKzpM",
+ "https://github.com/golang/go/issues/42559",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F3ZSHGNTJWCWYAKY5OLZS2XQQYHSXSUO/",
+ "https://security.netapp.com/advisory/ntap-20201202-0004/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2W4COUPL3YVTZ6RTEIT6LPBDJUFF3VSP/",
+ },
+ },
+ {
+ ID: "CVE-2020-28367",
+ Path: "2020/28xxx/CVE-2020-28367.json",
+ BlobHash: "cd73325803765fa1c55de87365a65f199a74c866",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://lists.apache.org/thread.html/rd02e75766cd333a0df417588460f5e4477060633000bfe94955851fd@%3Cissues.trafficcontrol.apache.org%3E",
+ "https://groups.google.com/g/golang-announce/c/NpBGTTmKzpM",
+ "https://github.com/golang/go/issues/42556",
+ "https://lists.debian.org/debian-lts-announce/2020/11/msg00038.html",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F3ZSHGNTJWCWYAKY5OLZS2XQQYHSXSUO/",
+ "https://security.netapp.com/advisory/ntap-20201202-0004/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2W4COUPL3YVTZ6RTEIT6LPBDJUFF3VSP/",
+ },
+ },
+ {
+ ID: "CVE-2020-8561",
+ Path: "2020/8xxx/CVE-2020-8561.json",
+ BlobHash: "ca573e983eedfed22be7e1a98a59adf2cf9cd50c",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://groups.google.com/g/kubernetes-security-announce/c/RV2IhwcrQsY",
+ "https://github.com/kubernetes/kubernetes/issues/104720",
+ "https://security.netapp.com/advisory/ntap-20211014-0002/",
+ },
+ },
+ {
+ ID: "CVE-2021-21405",
+ Path: "2021/21xxx/CVE-2021-21405.json",
+ BlobHash: "e50c2ee4ba2140aa0bfaa9e546009e4ac8ff8de2",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/filecoin-project/lotus/security/advisories/GHSA-4g52-pqcj-phvh",
+ "https://github.com/filecoin-project/lotus/pull/5393",
+ "https://gist.github.com/wadeAlexC/2490d522e81a796af9efcad1686e6754",
+ },
+ },
+ {
+ ID: "CVE-2021-22171",
+ Path: "2021/22xxx/CVE-2021-22171.json",
+ BlobHash: "ee360b2a23c43ae3ebb32b598a41b50effec89c1",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://gitlab.com/gitlab-org/gitlab-pages/-/issues/262",
+ "https://hackerone.com/reports/718460",
+ "https://gitlab.com/gitlab-org/cves/-/blob/master/2021/CVE-2021-22171.json",
+ },
+ },
+ {
+ ID: "CVE-2021-23135",
+ Path: "2021/23xxx/CVE-2021-23135.json",
+ BlobHash: "cee4ec6914399f20ea06d886b121240ef93f8540",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/argoproj/argo-cd/security/advisories/GHSA-fp89-h8pj-8894",
+ },
+ },
+ {
+ ID: "CVE-2021-23365",
+ Path: "2021/23xxx/CVE-2021-23365.json",
+ BlobHash: "45c75417820cd9b136d5b6bf1edf878195f74e94",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMTYKTECHNOLOGIESTYKIDENTITYBROKER-1089720",
+ "https://github.com/TykTechnologies/tyk-identity-broker/releases/tag/v1.1.1",
+ "https://github.com/TykTechnologies/tyk-identity-broker/commit/243092965b0f93a95a14cb882b5b9a3df61dd5c0",
+ "https://github.com/TykTechnologies/tyk-identity-broker/commit/46f70420e0911e4e8b638575e29d394c227c75d0",
+ "https://github.com/TykTechnologies/tyk-identity-broker/pull/147",
+ },
+ },
+ {
+ ID: "CVE-2021-25735",
+ Path: "2021/25xxx/CVE-2021-25735.json",
+ BlobHash: "3f5c4b437b8a9310c213dffe734c9337ba9a7576",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://groups.google.com/g/kubernetes-security-announce/c/FKAGqT4jx9Y",
+ "https://github.com/kubernetes/kubernetes/issues/100096",
+ },
+ },
+ {
+ ID: "CVE-2021-25737",
+ Path: "2021/25xxx/CVE-2021-25737.json",
+ BlobHash: "a6b8bfd7fca6a044b0c10610f92893f8f69379c8",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://groups.google.com/g/kubernetes-security-announce/c/xAiN3924thY",
+ "https://github.com/kubernetes/kubernetes/issues/102106",
+ "https://security.netapp.com/advisory/ntap-20211004-0004/",
+ },
+ },
+ {
+ ID: "CVE-2021-25740",
+ Path: "2021/25xxx/CVE-2021-25740.json",
+ BlobHash: "e874709f3750d1c9268d336c394782938c48c4bf",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://groups.google.com/g/kubernetes-security-announce/c/WYE9ptrhSLE",
+ "https://github.com/kubernetes/kubernetes/issues/103675",
+ "https://security.netapp.com/advisory/ntap-20211014-0001/",
+ },
+ },
+ {
+ ID: "CVE-2021-25741",
+ Path: "2021/25xxx/CVE-2021-25741.json",
+ BlobHash: "cac9e5adfb3e98a5c5c54a252162bc8b3ada6766",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://groups.google.com/g/kubernetes-security-announce/c/nyfdhK24H7s",
+ "https://github.com/kubernetes/kubernetes/issues/104980",
+ "https://security.netapp.com/advisory/ntap-20211008-0006/",
+ },
+ },
+ {
+ ID: "CVE-2021-25742",
+ Path: "2021/25xxx/CVE-2021-25742.json",
+ BlobHash: "699711e000a62d13a49883b05ef2b44e28cc4f29",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://groups.google.com/g/kubernetes-security-announce/c/mT4JJxi9tQY",
+ "https://github.com/kubernetes/ingress-nginx/issues/7837",
+ },
+ },
+ {
+ ID: "CVE-2021-25938",
+ Path: "2021/25xxx/CVE-2021-25938.json",
+ BlobHash: "d5637fccdb0180cd9374f04cdbb946dd234cfa96",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25938",
+ "https://github.com/arangodb/arangodb/commit/3e486b9bc33cc97e92645dd279899000e57f61f4",
+ },
+ },
+ {
+ ID: "CVE-2021-28484",
+ Path: "2021/28xxx/CVE-2021-28484.json",
+ BlobHash: "8fcc74408f9fff2820874075922283099d7f4410",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/Yubico/yubihsm-connector/releases",
+ "https://www.yubico.com/support/security-advisories/ysa-2021-02/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B7Q2KGXSPQEEONAWMFZRVH2TXWX3QPCQ/",
+ },
+ },
+ {
+ ID: "CVE-2021-29453",
+ Path: "2021/29xxx/CVE-2021-29453.json",
+ BlobHash: "8044d8edbac082ac621b8508d44f6c7247b72832",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/turt2live/matrix-media-repo/security/advisories/GHSA-j889-h476-hh9h",
+ "https://hub.docker.com/r/turt2live/matrix-media-repo/tags?page=1&ordering=last_updated",
+ "https://github.com/turt2live/matrix-media-repo/releases/tag/v1.2.7",
+ },
+ },
+ {
+ ID: "CVE-2021-29456",
+ Path: "2021/29xxx/CVE-2021-29456.json",
+ BlobHash: "2485e06666aae92f966d08281365f8416a6c4246",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/authelia/authelia/security/advisories/GHSA-36f2-fcrx-fp4j",
+ },
+ },
+ {
+ ID: "CVE-2021-29499",
+ Path: "2021/29xxx/CVE-2021-29499.json",
+ BlobHash: "e683e6ade287e30bec69fe6c4573b4f84f310445",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/sylabs/sif/security/advisories/GHSA-4gh8-x3vv-phhg",
+ },
+ },
+ {
+ ID: "CVE-2021-29622",
+ Path: "2021/29xxx/CVE-2021-29622.json",
+ BlobHash: "22e401d7a48e58d80e5e93f518bdf3a302bd2260",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/prometheus/prometheus/security/advisories/GHSA-vx57-7f4q-fpc7",
+ "https://github.com/prometheus/prometheus/releases/tag/v2.26.1",
+ "https://github.com/prometheus/prometheus/releases/tag/v2.27.1",
+ },
+ },
+ {
+ ID: "CVE-2021-30465",
+ Path: "2021/30xxx/CVE-2021-30465.json",
+ BlobHash: "b2b45802777545ebcb2fef020e36c662610d597e",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/opencontainers/runc/releases",
+ "http://www.openwall.com/lists/oss-security/2021/05/19/2",
+ "http://www.openwall.com/lists/oss-security/2021/05/19/2",
+ "https://github.com/opencontainers/runc/security/advisories/GHSA-c3xm-pvg7-gh7r",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4HOARVIT47RULTTFWAU7XBG4WY6TDDHV/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/35ZW6NBZSBH5PWIT7JU4HXOXGFVDCOHH/",
+ "https://github.com/opencontainers/runc/commit/0ca91f44f1664da834bc61115a849b56d22f595f",
+ "https://bugzilla.opensuse.org/show_bug.cgi?id=1185405",
+ "https://security.netapp.com/advisory/ntap-20210708-0003/",
+ "https://security.gentoo.org/glsa/202107-26",
+ },
+ },
+ {
+ ID: "CVE-2021-30476",
+ Path: "2021/30xxx/CVE-2021-30476.json",
+ BlobHash: "63d79129b97316fe9215582418c27fa025dd8b85",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/hashicorp/terraform-provider-vault/issues/996",
+ "https://discuss.hashicorp.com/t/hcsec-2021-11-terraform-s-vault-provider-did-not-correctly-configure-bound-labels-for-gcp-auth/23464/2",
+ },
+ },
+ {
+ ID: "CVE-2021-31232",
+ Path: "2021/31xxx/CVE-2021-31232.json",
+ BlobHash: "0570a0ea0701c0633dda797b1621f39253bc8d9a",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://community.grafana.com/c/security-announcements",
+ "https://github.com/cortexproject/cortex",
+ "https://github.com/cortexproject/cortex/pull/4129/files",
+ "https://lists.cncf.io/g/cortex-users/message/50",
+ },
+ },
+ {
+ ID: "CVE-2021-31856",
+ Path: "2021/31xxx/CVE-2021-31856.json",
+ BlobHash: "5acbf03a44123d8658d593d0eeb77a2c55ffca66",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://meshery.io",
+ "https://github.com/layer5io/meshery/pull/2745",
+ },
+ },
+ {
+ ID: "CVE-2021-32574",
+ Path: "2021/32xxx/CVE-2021-32574.json",
+ BlobHash: "605868ceccc4470e014b25dbae4699e72a4d1981",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://www.hashicorp.com/blog/category/consul",
+ "https://github.com/hashicorp/consul/releases/tag/v1.10.1",
+ "https://discuss.hashicorp.com/t/hcsec-2021-17-consul-s-envoy-tls-configuration-did-not-validate-destination-service-subject-alternative-names/26856",
+ },
+ },
+ {
+ ID: "CVE-2021-32635",
+ Path: "2021/32xxx/CVE-2021-32635.json",
+ BlobHash: "56b7204981e734a6855cfbc04c297fbac7fe3044",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/sylabs/singularity/security/advisories/GHSA-5mv9-q7fq-9394",
+ "https://github.com/sylabs/singularity/releases/tag/v3.7.4",
+ "https://security.gentoo.org/glsa/202107-50",
+ },
+ },
+ {
+ ID: "CVE-2021-32637",
+ Path: "2021/32xxx/CVE-2021-32637.json",
+ BlobHash: "fe6638d9fa572c51137cd56d822d9ce0485d302b",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/authelia/authelia/security/advisories/GHSA-68wm-pfjf-wqp6",
+ "https://github.com/authelia/authelia/commit/c62dbd43d6e69ae81530e7c4f8763857f8ff1dda",
+ },
+ },
+ {
+ ID: "CVE-2021-32690",
+ Path: "2021/32xxx/CVE-2021-32690.json",
+ BlobHash: "883bf8bc3e58c594c5985f5ae4b3072ddcae73cc",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/helm/helm/security/advisories/GHSA-56hp-xqp3-w2jf",
+ "https://github.com/helm/helm/releases/tag/v3.6.1",
+ },
+ },
+ {
+ ID: "CVE-2021-32699",
+ Path: "2021/32xxx/CVE-2021-32699.json",
+ BlobHash: "944ca62f5ac741204313067ab60820f0d472fa6e",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/pterodactyl/wings/security/advisories/GHSA-jj6m-r8jc-2gp7",
+ "https://github.com/pterodactyl/wings/commit/e0078eee0a71d61573a94c75e6efcad069d78de3",
+ },
+ },
+ {
+ ID: "CVE-2021-32701",
+ Path: "2021/32xxx/CVE-2021-32701.json",
+ BlobHash: "15008d02418867070e9fc905f95ae1fb42cba49e",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/ory/oathkeeper/security/advisories/GHSA-qvp4-rpmr-xwrr",
+ "https://github.com/ory/oathkeeper/pull/424",
+ "https://github.com/ory/oathkeeper/commit/1f9f625c1a49e134ae2299ee95b8cf158feec932",
+ },
+ },
+ {
+ ID: "CVE-2021-32753",
+ Path: "2021/32xxx/CVE-2021-32753.json",
+ BlobHash: "7b93f19ea0987ced2c4b529037587002ccdb0343",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/edgexfoundry/edgex-go/security/advisories/GHSA-xph4-vmcc-52gh",
+ "https://docs.konghq.com/hub/kong-inc/oauth2/#create-a-consumer",
+ },
+ },
+ {
+ ID: "CVE-2021-32760",
+ Path: "2021/32xxx/CVE-2021-32760.json",
+ BlobHash: "279418d78ca95f250eeba875782939e42c7768e4",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/containerd/containerd/security/advisories/GHSA-c72p-9xmj-rx3w",
+ "https://github.com/containerd/containerd/releases/tag/v1.4.8",
+ "https://github.com/containerd/containerd/releases/tag/v1.5.4",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DDMNDPJJTP3J5GOEDB66F6MGXUTRG3Y3/",
+ },
+ },
+ {
+ ID: "CVE-2021-32783",
+ Path: "2021/32xxx/CVE-2021-32783.json",
+ BlobHash: "a553d154d3e283d95c36ba1b7f30ba81986f3e66",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/projectcontour/contour/security/advisories/GHSA-5ph6-qq5x-7jwc",
+ "https://github.com/projectcontour/contour/commit/b53a5c4fd927f4ea2c6cf02f1359d8e28bef852e",
+ "https://github.com/projectcontour/contour/releases/tag/v1.17.1",
+ },
+ },
+ {
+ ID: "CVE-2021-32787",
+ Path: "2021/32xxx/CVE-2021-32787.json",
+ BlobHash: "111c9aac564a691e9f0f3566014d9c42772bdfda",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/sourcegraph/sourcegraph/security/advisories/GHSA-mq5p-477h-xgwv",
+ "https://github.com/sourcegraph/sourcegraph/commit/6e51f4546368d959a1f9f173d16e5f20c55deb56",
+ },
+ },
+ {
+ ID: "CVE-2021-32813",
+ Path: "2021/32xxx/CVE-2021-32813.json",
+ BlobHash: "87595735b655c68d591273e6c074c1c9849f5c82",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/traefik/traefik/security/advisories/GHSA-m697-4v8f-55qg",
+ "https://github.com/traefik/traefik/pull/8319/commits/cbaf86a93014a969b8accf39301932c17d0d73f9",
+ "https://github.com/traefik/traefik/releases/tag/v2.4.13",
+ },
+ },
+ {
+ ID: "CVE-2021-32825",
+ Path: "2021/32xxx/CVE-2021-32825.json",
+ BlobHash: "10172d66709a990388265b554b15055cc5805c84",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://securitylab.github.com/advisories/GHSL-2020-258-zipslip-bblfshd/",
+ "https://github.com/bblfsh/bblfshd/pull/341",
+ "https://github.com/bblfsh/bblfshd/commit/4265465b9b6fb5663c30ee43806126012066aad4",
+ },
+ },
+ {
+ ID: "CVE-2021-33359",
+ Path: "2021/33xxx/CVE-2021-33359.json",
+ BlobHash: "cbaa0c546331dd81b5ad92df3916c4fba0196538",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://twitter.com/leonjza/status/1395283512433971202?s=19",
+ "https://github.com/sensepost/gowitness/releases/tag/2.3.6",
+ },
+ },
+ {
+ ID: "CVE-2021-33496",
+ Path: "2021/33xxx/CVE-2021-33496.json",
+ BlobHash: "55e30234009babb3188900f48b274637bc73f933",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/dutchcoders/transfer.sh/releases/tag/v1.2.4",
+ "https://github.com/dutchcoders/transfer.sh/commit/9df18fdc69de2e71f30d8c1e6bfab2fda2e52eb4",
+ "https://vuln.ryotak.me/advisories/43",
+ "https://github.com/dutchcoders/transfer.sh/pull/373",
+ "https://github.com/dutchcoders/transfer.sh/releases/tag/v1.2.4",
+ },
+ },
+ {
+ ID: "CVE-2021-33497",
+ Path: "2021/33xxx/CVE-2021-33497.json",
+ BlobHash: "3949236218b74996c901e31fe55ab91baf3630e1",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/dutchcoders/transfer.sh/releases/tag/v1.2.4",
+ "https://github.com/dutchcoders/transfer.sh/pull/373",
+ "https://github.com/dutchcoders/transfer.sh/releases/tag/v1.2.4",
+ "https://vuln.ryotak.me/advisories/44",
+ },
+ },
+ {
+ ID: "CVE-2021-33708",
+ Path: "2021/33xxx/CVE-2021-33708.json",
+ BlobHash: "57c373130cbb668146555d7756e86f8b076314b6",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/kyma-project/kyma/security/advisories/GHSA-f2jp-5gj4-q9c9",
+ },
+ },
+ {
+ ID: "CVE-2021-34824",
+ Path: "2021/34xxx/CVE-2021-34824.json",
+ BlobHash: "8f2ff5b0bd5379d457c80ccc26c7b808c27690f7",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/istio/istio/releases",
+ "https://istio.io/latest/news/security/istio-security-2021-007",
+ },
+ },
+ {
+ ID: "CVE-2021-35206",
+ Path: "2021/35xxx/CVE-2021-35206.json",
+ BlobHash: "7ef18a1f48caf3f6166b1695aa95c45d96952937",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/gitpod-io/gitpod/pull/2879",
+ "https://github.com/gitpod-io/gitpod/pull/2879#issuecomment-865662372",
+ "https://github.com/gitpod-io/gitpod/pull/4567",
+ "https://www.gitpod.io/changelog",
+ "https://github.com/gitpod-io/gitpod/blob/main/CHANGELOG.md",
+ "https://github.com/gitpod-io/gitpod/commit/8ca431f86ae3a6f9a17afcfed51cdd065fcff1a5",
+ "https://github.com/gitpod-io/gitpod/compare/0.6.0-beta5...0.6.0",
+ "https://github.com/gitpod-io/gitpod/pull/4567/commits/f78b7d18e509e28e71b65bbd4dfd52c16ca57c18",
+ },
+ },
+ {
+ ID: "CVE-2021-36156",
+ Path: "2021/36xxx/CVE-2021-36156.json",
+ BlobHash: "9d0d0ef84b543b266a69e02aa00ff7ba29809c7f",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/grafana/loki/pull/4020#issue-694377133",
+ "https://github.com/grafana/loki/releases/tag/v2.3.0",
+ },
+ },
+ {
+ ID: "CVE-2021-36157",
+ Path: "2021/36xxx/CVE-2021-36157.json",
+ BlobHash: "ec95fdaef628a0297c479358998c88ea12f2c603",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://grafana.com/docs/grafana/latest/release-notes/",
+ "https://github.com/cortexproject/cortex/pull/4375",
+ },
+ },
+ {
+ ID: "CVE-2021-3619",
+ Path: "2021/3xxx/CVE-2021-3619.json",
+ BlobHash: "c859a1ac13dbac52ee0092a7d5d64fae2395fe21",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/Velocidex/velociraptor/pull/1118",
+ "https://github.com/Velocidex/velociraptor/releases/tag/v0.6.0",
+ },
+ },
+ {
+ ID: "CVE-2021-36213",
+ Path: "2021/36xxx/CVE-2021-36213.json",
+ BlobHash: "18ed08f2a33af3a0f6b947e379938ddb12921a61",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://www.hashicorp.com/blog/category/consul",
+ "https://github.com/hashicorp/consul/releases/tag/v1.10.1",
+ "https://discuss.hashicorp.com/t/hcsec-2021-16-consul-s-application-aware-intentions-deny-action-fails-open-when-combined-with-default-deny-policy/26855",
+ },
+ },
+ {
+ ID: "CVE-2021-36371",
+ Path: "2021/36xxx/CVE-2021-36371.json",
+ BlobHash: "066ff55a14fccd1ecc0e8474d6af1f87d92a42e2",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/emissary-ingress/emissary/issues/3340",
+ "https://github.com/emissary-ingress/emissary/releases/tag/v2.0.0-ea",
+ },
+ },
+ {
+ ID: "CVE-2021-37794",
+ Path: "2021/37xxx/CVE-2021-37794.json",
+ BlobHash: "179935f10dc1958e8dd81d2e266e80ca0977bc5a",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/filebrowser/filebrowser",
+ "https://gist.github.com/omriinbar/1e28649f31d795b0e9b7698a9d255b5c",
+ "https://github.com/filebrowser/filebrowser/commit/201329abce4e92ae9071b9ded81e267aae159fbd",
+ },
+ },
+ {
+ ID: "CVE-2021-37914",
+ Path: "2021/37xxx/CVE-2021-37914.json",
+ BlobHash: "67d450b953010ee669b4fd40a861228bd139043e",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/argoproj/argo-workflows/issues/6441",
+ "https://github.com/argoproj/argo-workflows/pull/6442",
+ },
+ },
+ {
+ ID: "CVE-2021-38197",
+ Path: "2021/38xxx/CVE-2021-38197.json",
+ BlobHash: "2f4735c4baaa366f46e2b8c2779900aff4c8039e",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/gen2brain/go-unarr/issues/21",
+ },
+ },
+ {
+ ID: "CVE-2021-38599",
+ Path: "2021/38xxx/CVE-2021-38599.json",
+ BlobHash: "ea12d5bb450569cc84f0582b1199fa9c08ef2933",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/wal-g/wal-g/pull/1062",
+ "https://github.com/wal-g/wal-g/commit/cadf598e1c2a345915a21a44518c5a4d5401e2e3",
+ },
+ },
+ {
+ ID: "CVE-2021-39155",
+ Path: "2021/39xxx/CVE-2021-39155.json",
+ BlobHash: "778d2ac7f21017002c54664bf333cd33da164475",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/istio/istio/security/advisories/GHSA-7774-7vr3-cc8j",
+ "https://datatracker.ietf.org/doc/html/rfc4343",
+ },
+ },
+ {
+ ID: "CVE-2021-39156",
+ Path: "2021/39xxx/CVE-2021-39156.json",
+ BlobHash: "e310b27a1b9721d7b7fbe895a58dd5cf4a8b21be",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/istio/istio/security/advisories/GHSA-hqxw-mm44-gc4r",
+ "https://istio.io/latest/news/security/istio-security-2021-008",
+ },
+ },
+ {
+ ID: "CVE-2021-39162",
+ Path: "2021/39xxx/CVE-2021-39162.json",
+ BlobHash: "b9cdd71f685a644e41ea3daf957e183f291ec42b",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://groups.google.com/g/envoy-announce/c/5xBpsEZZDfE/m/wD05NZBbAgAJ",
+ "https://github.com/pomerium/pomerium/security/advisories/GHSA-gjcg-vrxg-xmgv",
+ "https://github.com/envoyproxy/envoy/security/advisories/GHSA-j374-mjrw-vvp8",
+ },
+ },
+ {
+ ID: "CVE-2021-39226",
+ Path: "2021/39xxx/CVE-2021-39226.json",
+ BlobHash: "fb2769bb898a587471b696a0834dd8804ca67ec8",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/grafana/grafana/security/advisories/GHSA-69j6-29vr-p3j9",
+ "https://github.com/grafana/grafana/commit/2d456a6375855364d098ede379438bf7f0667269",
+ "https://grafana.com/docs/grafana/latest/release-notes/release-notes-7-5-11/",
+ "https://grafana.com/docs/grafana/latest/release-notes/release-notes-8-1-6/",
+ "http://www.openwall.com/lists/oss-security/2021/10/05/4",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E6ANHRDBXQT6TURLP2THM26ZPDINFBEG/",
+ "https://security.netapp.com/advisory/ntap-20211029-0008/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DCKBFUSY6V4VU5AQUYWKISREZX5NLQJT/",
+ },
+ },
+ {
+ ID: "CVE-2021-39391",
+ Path: "2021/39xxx/CVE-2021-39391.json",
+ BlobHash: "8402a2f31728ba6755cceff3699544d9f08d01bf",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/beego/beego",
+ "https://github.com/beego/beego/issues/4727",
+ },
+ },
+ {
+ ID: "CVE-2021-41087",
+ Path: "2021/41xxx/CVE-2021-41087.json",
+ BlobHash: "8ab85481712fba4381a88a864b705486f0e7b914",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/in-toto/in-toto-golang/security/advisories/GHSA-vrxp-mg9f-hwf3",
+ "https://github.com/in-toto/in-toto-golang/commit/f2c57d1e0f15e3ffbeac531829c696b72ecc4290",
+ },
+ },
+ {
+ ID: "CVE-2021-41088",
+ Path: "2021/41xxx/CVE-2021-41088.json",
+ BlobHash: "6f2897cf788d501820cc75ce512ffa5ebd4c9400",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/elves/elvish/security/advisories/GHSA-fpv6-f8jw-rc3r",
+ "https://github.com/elves/elvish/commit/ccc2750037bbbfafe9c1b7a78eadd3bd16e81fe5",
+ },
+ },
+ {
+ ID: "CVE-2021-41089",
+ Path: "2021/41xxx/CVE-2021-41089.json",
+ BlobHash: "8e3dd2218832af1569b7578dc4e23e1fd56f1784",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/moby/moby/security/advisories/GHSA-v994-f8vw-g7j4",
+ "https://github.com/moby/moby/commit/bce32e5c93be4caf1a592582155b9cb837fc129a",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNFADTCHHYWVM6W4NJ6CB4FNFM2VMBIB/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B5Q6G6I4W5COQE25QMC7FJY3I3PAYFBB/",
+ },
+ },
+ {
+ ID: "CVE-2021-41091",
+ Path: "2021/41xxx/CVE-2021-41091.json",
+ BlobHash: "23cf8221c5b8adfa5057d8bcdd8cc757a907200a",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/moby/moby/security/advisories/GHSA-3fwx-pjgw-3558",
+ "https://github.com/moby/moby/commit/f0ab919f518c47240ea0e72d0999576bb8008e64",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNFADTCHHYWVM6W4NJ6CB4FNFM2VMBIB/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B5Q6G6I4W5COQE25QMC7FJY3I3PAYFBB/",
+ },
+ },
+ {
+ ID: "CVE-2021-41092",
+ Path: "2021/41xxx/CVE-2021-41092.json",
+ BlobHash: "3528357553b0533d45be6aa0c13fd83715e0bb15",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/docker/cli/security/advisories/GHSA-99pg-grm5-qq3v",
+ "https://github.com/docker/cli/commit/893e52cf4ba4b048d72e99748e0f86b2767c6c6b",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNFADTCHHYWVM6W4NJ6CB4FNFM2VMBIB/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B5Q6G6I4W5COQE25QMC7FJY3I3PAYFBB/",
+ },
+ },
+ {
+ ID: "CVE-2021-41103",
+ Path: "2021/41xxx/CVE-2021-41103.json",
+ BlobHash: "24f2712dc073ec3fee0753bc409cbaeea0fe2fa6",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/containerd/containerd/security/advisories/GHSA-c2h3-6mxw-7mvq",
+ "https://github.com/containerd/containerd/commit/5b46e404f6b9f661a205e28d59c982d3634148f8",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZNFADTCHHYWVM6W4NJ6CB4FNFM2VMBIB/",
+ "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/B5Q6G6I4W5COQE25QMC7FJY3I3PAYFBB/",
+ },
+ },
+ {
+ ID: "CVE-2021-41137",
+ Path: "2021/41xxx/CVE-2021-41137.json",
+ BlobHash: "1433feb43b40beaffc27093e708bcb272437ddbf",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/minio/minio/security/advisories/GHSA-v64v-g97p-577c",
+ "https://github.com/minio/minio/pull/13388",
+ "https://github.com/minio/minio/pull/13422",
+ "https://github.com/minio/minio/commit/415bbc74aacd53a120e54a663e941b1809982dbd",
+ },
+ },
+ {
+ ID: "CVE-2021-41174",
+ Path: "2021/41xxx/CVE-2021-41174.json",
+ BlobHash: "a84c9346b2b0e88a6f206b9fa612a7f506da8ea3",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/grafana/grafana/security/advisories/GHSA-3j9m-hcv9-rpj8",
+ "https://github.com/grafana/grafana/commit/31b78d51c693d828720a5b285107a50e6024c912",
+ "https://github.com/grafana/grafana/commit/3cb5214fa45eb5a571fd70d6c6edf0d729983f82",
+ "https://github.com/grafana/grafana/commit/fb85ed691290d211a5baa44d9a641ab137f0de88",
+ },
+ },
+ {
+ ID: "CVE-2021-41232",
+ Path: "2021/41xxx/CVE-2021-41232.json",
+ BlobHash: "03cbc34ec7c53dff3e4573006562c694508825de",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/StevenWeathers/thunderdome-planning-poker/security/advisories/GHSA-26cm-qrc6-mfgj",
+ "https://github.com/github/securitylab/issues/464#issuecomment-957094994",
+ "https://github.com/StevenWeathers/thunderdome-planning-poker/commit/f1524d01e8a0f2d6c3db5461c742456c692dd8c1",
+ },
+ },
+ {
+ ID: "CVE-2021-41323",
+ Path: "2021/41xxx/CVE-2021-41323.json",
+ BlobHash: "76168e1c24904e7374c083aa32f9e8c8a475e16b",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://pydio.com/fr/community/releases/pydio-cells/pydio-cells-enterprise-2212",
+ "https://github.com/pydio/cells/releases/tag/v2.2.12",
+ "https://charonv.net/Pydio-Broken-Access-Control/",
+ },
+ },
+ {
+ ID: "CVE-2021-41324",
+ Path: "2021/41xxx/CVE-2021-41324.json",
+ BlobHash: "b2ba9608b619b4ce47e5bf2239d1482a1b680265",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://pydio.com/fr/community/releases/pydio-cells/pydio-cells-enterprise-2212",
+ "https://github.com/pydio/cells/releases/tag/v2.2.12",
+ "https://charonv.net/Pydio-Broken-Access-Control/",
+ },
+ },
+ {
+ ID: "CVE-2021-41325",
+ Path: "2021/41xxx/CVE-2021-41325.json",
+ BlobHash: "c7c2ac019e227d233f5733f17e4f6abc99cc17ef",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://pydio.com/fr/community/releases/pydio-cells/pydio-cells-enterprise-2212",
+ "https://github.com/pydio/cells/releases/tag/v2.2.12",
+ "https://charonv.net/Pydio-Broken-Access-Control/",
+ },
+ },
+ {
+ ID: "CVE-2021-41393",
+ Path: "2021/41xxx/CVE-2021-41393.json",
+ BlobHash: "9865ab8e9aac1d03024f5a1305c9d80c79735543",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/gravitational/teleport/releases/tag/v4.4.11",
+ "https://github.com/gravitational/teleport/releases/tag/v5.2.4",
+ "https://github.com/gravitational/teleport/releases/tag/v6.2.12",
+ "https://github.com/gravitational/teleport/releases/tag/v7.1.1",
+ },
+ },
+ {
+ ID: "CVE-2021-41394",
+ Path: "2021/41xxx/CVE-2021-41394.json",
+ BlobHash: "5dc255b26a37d4389ea61aec66232093a9ea20a9",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/gravitational/teleport/releases/tag/v4.4.11",
+ "https://github.com/gravitational/teleport/releases/tag/v5.2.4",
+ "https://github.com/gravitational/teleport/releases/tag/v6.2.12",
+ "https://github.com/gravitational/teleport/releases/tag/v7.1.1",
+ },
+ },
+ {
+ ID: "CVE-2021-41395",
+ Path: "2021/41xxx/CVE-2021-41395.json",
+ BlobHash: "e58a6e110d9acd93706bab3e7a5e9fc665bd656c",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/gravitational/teleport/releases/tag/v6.2.12",
+ "https://github.com/gravitational/teleport/releases/tag/v7.1.1",
+ },
+ },
+ {
+ ID: "CVE-2021-41593",
+ Path: "2021/41xxx/CVE-2021-41593.json",
+ BlobHash: "0108f99fc4ed25f3acd954bf4830add92437717d",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://lists.linuxfoundation.org/pipermail/lightning-dev/2020-May/002714.html",
+ "https://bitcoinmagazine.com/technical/good-griefing-a-lingering-vulnerability-on-lightning-network-that-still-needs-fixing",
+ "https://lists.linuxfoundation.org/pipermail/lightning-dev/2021-October/003257.html",
+ "https://github.com/lightningnetwork/lnd/releases/tag/v0.13.3-beta",
+ "https://github.com/lightningnetwork/lnd/blob/master/docs/release-notes/release-notes-0.13.3.md",
+ "https://lists.linuxfoundation.org/pipermail/lightning-dev/2021-October/003264.html",
+ },
+ },
+ {
+ ID: "CVE-2021-42650",
+ Path: "2021/42xxx/CVE-2021-42650.json",
+ BlobHash: "de895b4af7f1f60675ebaff00f41d347ccd85dbf",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/portainer/portainer/pull/5766",
+ "https://github.com/purple-WL/Security-vulnerability/blob/main/Portainer%20Custom%20Templates%20xss",
+ },
+ },
+ {
+ ID: "CVE-2020-22741",
+ Path: "2020/22xxx/CVE-2020-22741.json",
+ BlobHash: "17a8a16d638c7fecf8cf2b1ae0f561c7dd582a8c",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/xuperchain/xuperchain/issues/782",
+ },
+ },
+ {
+ ID: "CVE-2020-26772",
+ Path: "2020/26xxx/CVE-2020-26772.json",
+ BlobHash: "e0f30b99bb5f1c8434c9d77e29de8a7af01d3a70",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://blog.csdn.net/qq_33020901/article/details/108938473",
+ "https://github.com/george518/PPGo_Job/issues/56",
+ },
+ },
+ {
+ ID: "CVE-2021-36605",
+ Path: "2021/36xxx/CVE-2021-36605.json",
+ BlobHash: "3a4475f7ccdeb8c589d017cf0af793f99242fb73",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/3xxx/engineercms/issues/52",
+ },
+ },
+ {
+ ID: "CVE-2021-29512",
+ Path: "2021/29xxx/CVE-2021-29512.json",
+ BlobHash: "d6e37e85c6fc99c4ca1b8783754af95861152e47",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4278-2v5v-65r4",
+ "https://github.com/tensorflow/tensorflow/commit/eebb96c2830d48597d055d247c0e9aebaea94cd5",
+ },
+ },
+ {
+ ID: "CVE-2021-29513",
+ Path: "2021/29xxx/CVE-2021-29513.json",
+ BlobHash: "b40c2f218ef427a889e4d69a4f5d31d4485f23ff",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-452g-f7fp-9jf7",
+ "https://github.com/tensorflow/tensorflow/commit/030af767d357d1b4088c4a25c72cb3906abac489",
+ },
+ },
+ {
+ ID: "CVE-2021-29514",
+ Path: "2021/29xxx/CVE-2021-29514.json",
+ BlobHash: "907b3b927cc76e65000fc552f45161519daba0e7",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/commit/eebb96c2830d48597d055d247c0e9aebaea94cd5",
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-8h46-5m9h-7553",
+ },
+ },
+ {
+ ID: "CVE-2021-29515",
+ Path: "2021/29xxx/CVE-2021-29515.json",
+ BlobHash: "feeffaad27b478e59e542d1c25929a8f7daabba0",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hc6c-75p4-hmq4",
+ "https://github.com/tensorflow/tensorflow/commit/a7116dd3913c4a4afd2a3a938573aa7c785fdfc6",
+ },
+ },
+ {
+ ID: "CVE-2021-29516",
+ Path: "2021/29xxx/CVE-2021-29516.json",
+ BlobHash: "c7a5d39f721434da563c41e71e82dd12a97d002d",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-84mw-34w6-2q43",
+ "https://github.com/tensorflow/tensorflow/commit/b055b9c474cd376259dde8779908f9eeaf097d93",
+ },
+ },
+ {
+ ID: "CVE-2021-29517",
+ Path: "2021/29xxx/CVE-2021-29517.json",
+ BlobHash: "9044b124a3c891b1c2727fa4c5ae64369b6641de",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-772p-x54p-hjrv",
+ "https://github.com/tensorflow/tensorflow/commit/799f835a3dfa00a4d852defa29b15841eea9d64f",
+ },
+ },
+ {
+ ID: "CVE-2021-29518",
+ Path: "2021/29xxx/CVE-2021-29518.json",
+ BlobHash: "edf330bec1460bd7b97a1448601ecc61e72ca3d5",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-62gx-355r-9fhg",
+ "https://github.com/tensorflow/tensorflow/commit/ff70c47a396ef1e3cb73c90513da4f5cb71bebba",
+ },
+ },
+ {
+ ID: "CVE-2021-29519",
+ Path: "2021/29xxx/CVE-2021-29519.json",
+ BlobHash: "d8ce4f463a1928d3856b5c21ac33f2967b931ccf",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-772j-h9xw-ffp5",
+ "https://github.com/tensorflow/tensorflow/commit/b1cc5e5a50e7cee09f2c6eb48eb40ee9c4125025",
+ },
+ },
+ {
+ ID: "CVE-2021-29520",
+ Path: "2021/29xxx/CVE-2021-29520.json",
+ BlobHash: "8e8eeeafa130eae4cc4fa854fe9869d9b330de51",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-wcv5-qrj6-9pfm",
+ "https://github.com/tensorflow/tensorflow/commit/8f37b52e1320d8d72a9529b2468277791a261197",
+ },
+ },
+ {
+ ID: "CVE-2021-29521",
+ Path: "2021/29xxx/CVE-2021-29521.json",
+ BlobHash: "b4d1224e91843e21cee7034ae037f6eb0ed89ae0",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hr84-fqvp-48mm",
+ "https://github.com/tensorflow/tensorflow/commit/c57c0b9f3a4f8684f3489dd9a9ec627ad8b599f5",
+ },
+ },
+ {
+ ID: "CVE-2021-29522",
+ Path: "2021/29xxx/CVE-2021-29522.json",
+ BlobHash: "613cf3544ea55dea68762ff606a0a0fe2be713d6",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-c968-pq7h-7fxv",
+ "https://github.com/tensorflow/tensorflow/commit/311403edbc9816df80274bd1ea8b3c0c0f22c3fa",
+ },
+ },
+ {
+ ID: "CVE-2021-29523",
+ Path: "2021/29xxx/CVE-2021-29523.json",
+ BlobHash: "0a9365651a2953dcb31e256e98421c46698da88c",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/commit/69c68ecbb24dff3fa0e46da0d16c821a2dd22d7c",
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-2cpx-427x-q2c6",
+ },
+ },
+ {
+ ID: "CVE-2021-29524",
+ Path: "2021/29xxx/CVE-2021-29524.json",
+ BlobHash: "09e4340b482cf99aa88475160f8808385e1f7b6e",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-r4pj-74mg-8868",
+ "https://github.com/tensorflow/tensorflow/commit/fca9874a9b42a2134f907d2fb46ab774a831404a",
+ },
+ },
+ {
+ ID: "CVE-2021-29525",
+ Path: "2021/29xxx/CVE-2021-29525.json",
+ BlobHash: "4c007083fd949bc16a7d956cd5b4ebd59805b0f8",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-xm2v-8rrw-w9pm",
+ "https://github.com/tensorflow/tensorflow/commit/2be2cdf3a123e231b16f766aa0e27d56b4606535",
+ },
+ },
+ {
+ ID: "CVE-2021-29526",
+ Path: "2021/29xxx/CVE-2021-29526.json",
+ BlobHash: "e4214aa6a6d3f55a6699455f2a793115ddda0252",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4vf2-4xcg-65cx",
+ "https://github.com/tensorflow/tensorflow/commit/b12aa1d44352de21d1a6faaf04172d8c2508b42b",
+ },
+ },
+ {
+ ID: "CVE-2021-29527",
+ Path: "2021/29xxx/CVE-2021-29527.json",
+ BlobHash: "d83ee6a1f382bf2d88f00f72adc569fc6519b47f",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-x4g7-fvjj-prg8",
+ "https://github.com/tensorflow/tensorflow/commit/cfa91be9863a91d5105a3b4941096044ab32036b",
+ },
+ },
+ {
+ ID: "CVE-2021-29528",
+ Path: "2021/29xxx/CVE-2021-29528.json",
+ BlobHash: "ebd673c1fdd2c123136a295e63837d19e7626787",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6f84-42vf-ppwp",
+ "https://github.com/tensorflow/tensorflow/commit/a1b11d2fdd1e51bfe18bb1ede804f60abfa92da6",
+ },
+ },
+ {
+ ID: "CVE-2021-29529",
+ Path: "2021/29xxx/CVE-2021-29529.json",
+ BlobHash: "8f8a8074e92fd2c1c388377f0591c9ddd9b28329",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-jfp7-4j67-8r3q",
+ "https://github.com/tensorflow/tensorflow/commit/f851613f8f0fb0c838d160ced13c134f778e3ce7",
+ },
+ },
+ {
+ ID: "CVE-2021-29530",
+ Path: "2021/29xxx/CVE-2021-29530.json",
+ BlobHash: "6a8b488f15bf381aa64cdf94466b11110772c938",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-xcwj-wfcm-m23c",
+ "https://github.com/tensorflow/tensorflow/commit/e6a7c7cc18c3aaad1ae0872cb0a959f5c923d2bd",
+ },
+ },
+ {
+ ID: "CVE-2021-29531",
+ Path: "2021/29xxx/CVE-2021-29531.json",
+ BlobHash: "bbec5ff60ac68f7b13039cba3d6d870f96b93576",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-3qxp-qjq7-w4hf",
+ "https://github.com/tensorflow/tensorflow/commit/26eb323554ffccd173e8a79a8c05c15b685ae4d1",
+ },
+ },
+ {
+ ID: "CVE-2021-29532",
+ Path: "2021/29xxx/CVE-2021-29532.json",
+ BlobHash: "6fcaa0ed779ac36651d046e32d29fee644d02496",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-j47f-4232-hvv8",
+ "https://github.com/tensorflow/tensorflow/commit/44b7f486c0143f68b56c34e2d01e146ee445134a",
+ },
+ },
+ {
+ ID: "CVE-2021-29533",
+ Path: "2021/29xxx/CVE-2021-29533.json",
+ BlobHash: "244c43c12320c7de97bfa4b4ed52ee2d5794e600",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-393f-2jr3-cp69",
+ "https://github.com/tensorflow/tensorflow/commit/b432a38fe0e1b4b904a6c222cbce794c39703e87",
+ },
+ },
+ {
+ ID: "CVE-2021-29534",
+ Path: "2021/29xxx/CVE-2021-29534.json",
+ BlobHash: "52fdf7f05575153c665f453423222806e3e7e970",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6j9c-grc6-5m6g",
+ "https://github.com/tensorflow/tensorflow/commit/69c68ecbb24dff3fa0e46da0d16c821a2dd22d7c",
+ },
+ },
+ {
+ ID: "CVE-2021-29535",
+ Path: "2021/29xxx/CVE-2021-29535.json",
+ BlobHash: "91d6fb959bd7a5c037c2b169ffcd1420eb20ea3a",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-m3f9-w3p3-p669",
+ "https://github.com/tensorflow/tensorflow/commit/efea03b38fb8d3b81762237dc85e579cc5fc6e87",
+ },
+ },
+ {
+ ID: "CVE-2021-29536",
+ Path: "2021/29xxx/CVE-2021-29536.json",
+ BlobHash: "430c9c3c5477fff74322d8e8c5a574f68652c540",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-2gfx-95x2-5v3x",
+ "https://github.com/tensorflow/tensorflow/commit/a324ac84e573fba362a5e53d4e74d5de6729933e",
+ },
+ },
+ {
+ ID: "CVE-2021-29537",
+ Path: "2021/29xxx/CVE-2021-29537.json",
+ BlobHash: "f754c501a6fcad326b673e5de9289bd7b654da60",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-8c89-2vwr-chcq",
+ "https://github.com/tensorflow/tensorflow/commit/f6c40f0c6cbf00d46c7717a26419f2062f2f8694",
+ },
+ },
+ {
+ ID: "CVE-2021-29538",
+ Path: "2021/29xxx/CVE-2021-29538.json",
+ BlobHash: "a848d84ad1d8c48ebdda72e0c811b8cdffddb641",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/commit/c570e2ecfc822941335ad48f6e10df4e21f11c96",
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-j8qc-5fqr-52fp",
+ },
+ },
+ {
+ ID: "CVE-2021-29539",
+ Path: "2021/29xxx/CVE-2021-29539.json",
+ BlobHash: "feaa24124f2a327837220f7b2ac4c98dd3f4fb7d",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-g4h2-gqm3-c9wq",
+ "https://github.com/tensorflow/tensorflow/commit/4f663d4b8f0bec1b48da6fa091a7d29609980fa4",
+ },
+ },
+ {
+ ID: "CVE-2021-29540",
+ Path: "2021/29xxx/CVE-2021-29540.json",
+ BlobHash: "9fe58121bca85e1dbbebc3e10919e4865b6909b8",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-xgc3-m89p-vr3x",
+ "https://github.com/tensorflow/tensorflow/commit/c570e2ecfc822941335ad48f6e10df4e21f11c96",
+ },
+ },
+ {
+ ID: "CVE-2021-29541",
+ Path: "2021/29xxx/CVE-2021-29541.json",
+ BlobHash: "83fbdac4e2e69ae2d67e2e937adc61321d91bb65",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/commit/ba424dd8f16f7110eea526a8086f1a155f14f22b",
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-xqfj-35wv-m3cr",
+ },
+ },
+ {
+ ID: "CVE-2021-29542",
+ Path: "2021/29xxx/CVE-2021-29542.json",
+ BlobHash: "54718986fb88454c9b59e6f9fa30dd951c5bff84",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4hrh-9vmp-2jgg",
+ "https://github.com/tensorflow/tensorflow/commit/ba424dd8f16f7110eea526a8086f1a155f14f22b",
+ },
+ },
+ {
+ ID: "CVE-2021-29543",
+ Path: "2021/29xxx/CVE-2021-29543.json",
+ BlobHash: "cc3d1929ae017ce0551d7f840d27d864b0f0dafe",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fphq-gw9m-ghrv",
+ "https://github.com/tensorflow/tensorflow/commit/ea3b43e98c32c97b35d52b4c66f9107452ca8fb2",
+ },
+ },
+ {
+ ID: "CVE-2021-29544",
+ Path: "2021/29xxx/CVE-2021-29544.json",
+ BlobHash: "ca70a941303006c4db20d3333c140bd3e11cfceb",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6g85-3hm8-83f9",
+ "https://github.com/tensorflow/tensorflow/commit/20431e9044cf2ad3c0323c34888b192f3289af6b",
+ },
+ },
+ {
+ ID: "CVE-2021-29545",
+ Path: "2021/29xxx/CVE-2021-29545.json",
+ BlobHash: "a558f828e7960dfd95b529fdbab51a30696cfbfe",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hmg3-c7xj-6qwm",
+ "https://github.com/tensorflow/tensorflow/commit/1e922ccdf6bf46a3a52641f99fd47d54c1decd13",
+ },
+ },
+ {
+ ID: "CVE-2021-29546",
+ Path: "2021/29xxx/CVE-2021-29546.json",
+ BlobHash: "812fe128e8c730dcea94bfc1fb8424ba1de13bf6",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-m34j-p8rj-wjxq",
+ "https://github.com/tensorflow/tensorflow/commit/67784700869470d65d5f2ef20aeb5e97c31673cb",
+ },
+ },
+ {
+ ID: "CVE-2021-29547",
+ Path: "2021/29xxx/CVE-2021-29547.json",
+ BlobHash: "cef8f6591c8c4767aa6869c9ea549d1df8a9f2da",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/commit/d6ed5bcfe1dcab9e85a4d39931bd18d99018e75b",
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4fg4-p75j-w5xj",
+ },
+ },
+ {
+ ID: "CVE-2021-29548",
+ Path: "2021/29xxx/CVE-2021-29548.json",
+ BlobHash: "e184a6051dd7981e993b9f78599dc7f4359fbb83",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-p45v-v4pw-77jr",
+ "https://github.com/tensorflow/tensorflow/commit/d6ed5bcfe1dcab9e85a4d39931bd18d99018e75b",
+ },
+ },
+ {
+ ID: "CVE-2021-29549",
+ Path: "2021/29xxx/CVE-2021-29549.json",
+ BlobHash: "61b2d062b7507d90fd96de42b405648f7853e5b2",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-x83m-p7pv-ch8v",
+ "https://github.com/tensorflow/tensorflow/commit/744009c9e5cc5d0447f0dc39d055f917e1fd9e16",
+ },
+ },
+ {
+ ID: "CVE-2021-29550",
+ Path: "2021/29xxx/CVE-2021-29550.json",
+ BlobHash: "8b975b4bbd8e96a0dab6939db81b4a7aacc50667",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-f78g-q7r4-9wcv",
+ "https://github.com/tensorflow/tensorflow/commit/548b5eaf23685d86f722233d8fbc21d0a4aecb96",
+ },
+ },
+ {
+ ID: "CVE-2021-29551",
+ Path: "2021/29xxx/CVE-2021-29551.json",
+ BlobHash: "d9fb2bab29f75dc872f0132190d91c048abf0c85",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-vqw6-72r7-fgw7",
+ "https://github.com/tensorflow/tensorflow/commit/480641e3599775a8895254ffbc0fc45621334f68",
+ },
+ },
+ {
+ ID: "CVE-2021-29552",
+ Path: "2021/29xxx/CVE-2021-29552.json",
+ BlobHash: "b07a085222a4ec2cd3852741690b45f422957f9f",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-jhq9-wm9m-cf89",
+ "https://github.com/tensorflow/tensorflow/commit/704866eabe03a9aeda044ec91a8d0c83fc1ebdbe",
+ },
+ },
+ {
+ ID: "CVE-2021-29553",
+ Path: "2021/29xxx/CVE-2021-29553.json",
+ BlobHash: "cc358ef3ab08e9c89277bf8aaf6c4bf9ff6a5dd1",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-h9px-9vqg-222h",
+ "https://github.com/tensorflow/tensorflow/commit/99085e8ff02c3763a0ec2263e44daec416f6a387",
+ },
+ },
+ {
+ ID: "CVE-2021-29554",
+ Path: "2021/29xxx/CVE-2021-29554.json",
+ BlobHash: "1bf60b933dc236f19a6f262c9008cdf35537b7ae",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qg48-85hg-mqc5",
+ "https://github.com/tensorflow/tensorflow/commit/da5ff2daf618591f64b2b62d9d9803951b945e9f",
+ },
+ },
+ {
+ ID: "CVE-2021-29555",
+ Path: "2021/29xxx/CVE-2021-29555.json",
+ BlobHash: "89e484b63783545640e868517a5d1ef0e34a581a",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-r35g-4525-29fq",
+ "https://github.com/tensorflow/tensorflow/commit/1a2a87229d1d61e23a39373777c056161eb4084d",
+ },
+ },
+ {
+ ID: "CVE-2021-29556",
+ Path: "2021/29xxx/CVE-2021-29556.json",
+ BlobHash: "db95a56db0e2845b31c922f8aa9b56e81803e469",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fxqh-cfjm-fp93",
+ "https://github.com/tensorflow/tensorflow/commit/4071d8e2f6c45c1955a811fee757ca2adbe462c1",
+ },
+ },
+ {
+ ID: "CVE-2021-29557",
+ Path: "2021/29xxx/CVE-2021-29557.json",
+ BlobHash: "00a26a931147ce6115a22bc9324f9124df72d3f2",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-xw93-v57j-fcgh",
+ "https://github.com/tensorflow/tensorflow/commit/7f283ff806b2031f407db64c4d3edcda8fb9f9f5",
+ },
+ },
+ {
+ ID: "CVE-2021-29558",
+ Path: "2021/29xxx/CVE-2021-29558.json",
+ BlobHash: "d7bed6991573c8f0227a4dd25761fee10dfce0f4",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-mqh2-9wrp-vx84",
+ "https://github.com/tensorflow/tensorflow/commit/8ba6fa29cd8bf9cef9b718dc31c78c73081f5b31",
+ },
+ },
+ {
+ ID: "CVE-2021-29559",
+ Path: "2021/29xxx/CVE-2021-29559.json",
+ BlobHash: "6bb39bbf2760f41364710d3d97d3f1828b2626c7",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-59q2-x2qc-4c97",
+ "https://github.com/tensorflow/tensorflow/commit/51300ba1cc2f487aefec6e6631fef03b0e08b298",
+ },
+ },
+ {
+ ID: "CVE-2021-29560",
+ Path: "2021/29xxx/CVE-2021-29560.json",
+ BlobHash: "ea466060122200e9cc43087a99a9ed55e6872c3f",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-8gv3-57p6-g35r",
+ "https://github.com/tensorflow/tensorflow/commit/a84358aa12f0b1518e606095ab9cfddbf597c121",
+ },
+ },
+ {
+ ID: "CVE-2021-29561",
+ Path: "2021/29xxx/CVE-2021-29561.json",
+ BlobHash: "bb649b997a0674820579f6682e2b3aa5905c2aaf",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gvm4-h8j3-rjrq",
+ "https://github.com/tensorflow/tensorflow/commit/77dd114513d7796e1e2b8aece214a380af26fbf4",
+ },
+ },
+ {
+ ID: "CVE-2021-29562",
+ Path: "2021/29xxx/CVE-2021-29562.json",
+ BlobHash: "c1b815a1debff0b736205f1f88b2e1049ec8bf3c",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-36vm-xw34-x4pj",
+ "https://github.com/tensorflow/tensorflow/commit/1c56f53be0b722ca657cbc7df461ed676c8642a2",
+ },
+ },
+ {
+ ID: "CVE-2021-29563",
+ Path: "2021/29xxx/CVE-2021-29563.json",
+ BlobHash: "daf9d9cbd19c00c23b40e472e8614e4c7f3b236f",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-ph87-fvjr-v33w",
+ "https://github.com/tensorflow/tensorflow/commit/31bd5026304677faa8a0b77602c6154171b9aec1",
+ },
+ },
+ {
+ ID: "CVE-2021-29564",
+ Path: "2021/29xxx/CVE-2021-29564.json",
+ BlobHash: "23b658554754ad3b117456656f07dde3e578c77b",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-75f6-78jr-4656",
+ "https://github.com/tensorflow/tensorflow/commit/f4c364a5d6880557f6f5b6eb5cee2c407f0186b3",
+ },
+ },
+ {
+ ID: "CVE-2021-29565",
+ Path: "2021/29xxx/CVE-2021-29565.json",
+ BlobHash: "605b7080ef5b3992d4045708aca4fc5198d2c2bc",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-r6pg-pjwc-j585",
+ "https://github.com/tensorflow/tensorflow/commit/faa76f39014ed3b5e2c158593b1335522e573c7f",
+ },
+ },
+ {
+ ID: "CVE-2021-29566",
+ Path: "2021/29xxx/CVE-2021-29566.json",
+ BlobHash: "018777dc337a63d7c07b36c6a535768fd141b6f0",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-pvrc-hg3f-58r6",
+ "https://github.com/tensorflow/tensorflow/commit/3f6fe4dfef6f57e768260b48166c27d148f3015f",
+ },
+ },
+ {
+ ID: "CVE-2021-29567",
+ Path: "2021/29xxx/CVE-2021-29567.json",
+ BlobHash: "20fc4b1dd8fd7adbe8710f1cb47ed32eebd7987a",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-wp3c-xw9g-gpcg",
+ "https://github.com/tensorflow/tensorflow/commit/7ae2af34087fb4b5c8915279efd03da3b81028bc",
+ },
+ },
+ {
+ ID: "CVE-2021-29568",
+ Path: "2021/29xxx/CVE-2021-29568.json",
+ BlobHash: "17e1e6fe5eb841b33b1278aae17befc915f7defb",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4p4p-www8-8fv9",
+ "https://github.com/tensorflow/tensorflow/commit/5e52ef5a461570cfb68f3bdbbebfe972cb4e0fd8",
+ },
+ },
+ {
+ ID: "CVE-2021-29569",
+ Path: "2021/29xxx/CVE-2021-29569.json",
+ BlobHash: "7d5078b73f60cef8d56ae260f352f6e9504cfb49",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-3h8m-483j-7xxm",
+ "https://github.com/tensorflow/tensorflow/commit/ef0c008ee84bad91ec6725ddc42091e19a30cf0e",
+ },
+ },
+ {
+ ID: "CVE-2021-29570",
+ Path: "2021/29xxx/CVE-2021-29570.json",
+ BlobHash: "6710b283c7706f3ab9f31db4a5d9b93deff374c7",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-545v-42p7-98fq",
+ "https://github.com/tensorflow/tensorflow/commit/dcd7867de0fea4b72a2b34bd41eb74548dc23886",
+ },
+ },
+ {
+ ID: "CVE-2021-29571",
+ Path: "2021/29xxx/CVE-2021-29571.json",
+ BlobHash: "8334da93ae1e275e2278aee6e4c936bec2058d83",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-whr9-vfh2-7hm6",
+ "https://github.com/tensorflow/tensorflow/commit/79865b542f9ffdc9caeb255631f7c56f1d4b6517",
+ },
+ },
+ {
+ ID: "CVE-2021-29572",
+ Path: "2021/29xxx/CVE-2021-29572.json",
+ BlobHash: "576c27d216f71b9fb9f5977519fad1e217d41c51",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-5gqf-456p-4836",
+ "https://github.com/tensorflow/tensorflow/commit/f7cc8755ac6683131fdfa7a8a121f9d7a9dec6fb",
+ },
+ },
+ {
+ ID: "CVE-2021-29573",
+ Path: "2021/29xxx/CVE-2021-29573.json",
+ BlobHash: "9ca2bbf85750438ed5af84390eb8e622cd3638ec",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9vpm-rcf4-9wqw",
+ "https://github.com/tensorflow/tensorflow/commit/376c352a37ce5a68b721406dc7e77ac4b6cf483d",
+ },
+ },
+ {
+ ID: "CVE-2021-29574",
+ Path: "2021/29xxx/CVE-2021-29574.json",
+ BlobHash: "676e075619c1d86bd2720c1cf6f5ae10f34b0af1",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-828x-qc2p-wprq",
+ "https://github.com/tensorflow/tensorflow/commit/a3d9f9be9ac2296615644061b40cefcee341dcc4",
+ },
+ },
+ {
+ ID: "CVE-2021-29575",
+ Path: "2021/29xxx/CVE-2021-29575.json",
+ BlobHash: "03929785f3eae3eba20c727b0ff37d1475ccb4b2",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6qgm-fv6v-rfpv",
+ "https://github.com/tensorflow/tensorflow/commit/ecf768cbe50cedc0a45ce1ee223146a3d3d26d23",
+ },
+ },
+ {
+ ID: "CVE-2021-29576",
+ Path: "2021/29xxx/CVE-2021-29576.json",
+ BlobHash: "e8501aad3d36177b585041115f20b7410dd827c2",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7cqx-92hp-x6wh",
+ "https://github.com/tensorflow/tensorflow/commit/63c6a29d0f2d692b247f7bf81f8732d6442fad09",
+ },
+ },
+ {
+ ID: "CVE-2021-29577",
+ Path: "2021/29xxx/CVE-2021-29577.json",
+ BlobHash: "790874e4d36ec5ebab8d2cbd7318001aa4ad2852",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-v6r6-84gr-92rm",
+ "https://github.com/tensorflow/tensorflow/commit/6fc9141f42f6a72180ecd24021c3e6b36165fe0d",
+ },
+ },
+ {
+ ID: "CVE-2021-29578",
+ Path: "2021/29xxx/CVE-2021-29578.json",
+ BlobHash: "07e565e419a645ac0bb8c972f3e04d30260827dc",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6f89-8j54-29xf",
+ "https://github.com/tensorflow/tensorflow/commit/12c727cee857fa19be717f336943d95fca4ffe4f",
+ },
+ },
+ {
+ ID: "CVE-2021-29579",
+ Path: "2021/29xxx/CVE-2021-29579.json",
+ BlobHash: "7da3aa035fb9463c2891c3fa4d588caef4e7dedf",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-79fv-9865-4qcv",
+ "https://github.com/tensorflow/tensorflow/commit/a74768f8e4efbda4def9f16ee7e13cf3922ac5f7",
+ },
+ },
+ {
+ ID: "CVE-2021-29580",
+ Path: "2021/29xxx/CVE-2021-29580.json",
+ BlobHash: "42174dc544c40ce3900880f92e4f22a002d5a93a",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-x8h6-xgqx-jqgp",
+ "https://github.com/tensorflow/tensorflow/commit/32fdcbff9d06d010d908fcc4bd4b36eb3ce15925",
+ },
+ },
+ {
+ ID: "CVE-2021-29581",
+ Path: "2021/29xxx/CVE-2021-29581.json",
+ BlobHash: "896bb2bbff62b72522073498333c51ce5b23217b",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-vq2r-5xvm-3hc3",
+ "https://github.com/tensorflow/tensorflow/commit/b1b323042264740c398140da32e93fb9c2c9f33e",
+ },
+ },
+ {
+ ID: "CVE-2021-29582",
+ Path: "2021/29xxx/CVE-2021-29582.json",
+ BlobHash: "30eb7f7d1b7ae8f7853c07894fb7d07161b77e63",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-c45w-2wxr-pp53",
+ "https://github.com/tensorflow/tensorflow/commit/5899741d0421391ca878da47907b1452f06aaf1b",
+ },
+ },
+ {
+ ID: "CVE-2021-29583",
+ Path: "2021/29xxx/CVE-2021-29583.json",
+ BlobHash: "cada79f1166ff259518f2ce0b0bd9d10f08a24d8",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9xh4-23q4-v6wr",
+ "https://github.com/tensorflow/tensorflow/commit/6972f9dfe325636b3db4e0bc517ee22a159365c0",
+ },
+ },
+ {
+ ID: "CVE-2021-29584",
+ Path: "2021/29xxx/CVE-2021-29584.json",
+ BlobHash: "411f168303620b72dc2e96c398c9c005c3e55e60",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-xvjm-fvxx-q3hv",
+ "https://github.com/tensorflow/tensorflow/commit/4c0ee937c0f61c4fc5f5d32d9bb4c67428012a60",
+ },
+ },
+ {
+ ID: "CVE-2021-29585",
+ Path: "2021/29xxx/CVE-2021-29585.json",
+ BlobHash: "092ad17aa4c388a0cf0ccfc42122c41f7e1037d1",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-mv78-g7wq-mhp4",
+ "https://github.com/tensorflow/tensorflow/commit/49847ae69a4e1a97ae7f2db5e217c77721e37948",
+ },
+ },
+ {
+ ID: "CVE-2021-29586",
+ Path: "2021/29xxx/CVE-2021-29586.json",
+ BlobHash: "86208a653e96c775fc4551103644b8322ce3c8b2",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-26j7-6w8w-7922",
+ "https://github.com/tensorflow/tensorflow/commit/5f7975d09eac0f10ed8a17dbb6f5964977725adc",
+ },
+ },
+ {
+ ID: "CVE-2021-29587",
+ Path: "2021/29xxx/CVE-2021-29587.json",
+ BlobHash: "32c075877856de15928be18c5f725d5e73b39aa0",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-j7rm-8ww4-xx2g",
+ "https://github.com/tensorflow/tensorflow/commit/0d45ea1ca641b21b73bcf9c00e0179cda284e7e7",
+ },
+ },
+ {
+ ID: "CVE-2021-29588",
+ Path: "2021/29xxx/CVE-2021-29588.json",
+ BlobHash: "73f9aab3668378186ad5a0a4c561f6e744d08408",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-vfr4-x8j2-3rf9",
+ "https://github.com/tensorflow/tensorflow/commit/801c1c6be5324219689c98e1bd3e0ca365ee834d",
+ },
+ },
+ {
+ ID: "CVE-2021-29589",
+ Path: "2021/29xxx/CVE-2021-29589.json",
+ BlobHash: "a409873b2509b56e14c76eb8b84d365fd097b8a3",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-3w67-q784-6w7c",
+ "https://github.com/tensorflow/tensorflow/commit/8e45822aa0b9f5df4b4c64f221e64dc930a70a9d",
+ },
+ },
+ {
+ ID: "CVE-2021-29590",
+ Path: "2021/29xxx/CVE-2021-29590.json",
+ BlobHash: "c9d29feab97ef2bcc5149244107e1868151bc8c9",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-24x6-8c7m-hv3f",
+ "https://github.com/tensorflow/tensorflow/commit/953f28dca13c92839ba389c055587cfe6c723578",
+ },
+ },
+ {
+ ID: "CVE-2021-29591",
+ Path: "2021/29xxx/CVE-2021-29591.json",
+ BlobHash: "ea918f39028b1559391fb481cc1b0a7ee8dbb68c",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cwv3-863g-39vx",
+ "https://github.com/tensorflow/tensorflow/commit/9c1dc920d8ffb4893d6c9d27d1f039607b326743",
+ "https://github.com/tensorflow/tensorflow/commit/c6173f5fe66cdbab74f4f869311fe6aae2ba35f4",
+ },
+ },
+ {
+ ID: "CVE-2021-29592",
+ Path: "2021/29xxx/CVE-2021-29592.json",
+ BlobHash: "9a9027d9d3296aa9e5876b72b6416e31ec03847b",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-jjr8-m8g8-p6wv",
+ "https://github.com/tensorflow/tensorflow/commit/f8378920345f4f4604202d4ab15ef64b2aceaa16",
+ },
+ },
+ {
+ ID: "CVE-2021-29593",
+ Path: "2021/29xxx/CVE-2021-29593.json",
+ BlobHash: "23d9dfd1e9a9a69465c09ad45346c3e851089159",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cfx7-2xpc-8w4h",
+ "https://github.com/tensorflow/tensorflow/commit/2c74674348a4708ced58ad6eb1b23354df8ee044",
+ },
+ },
+ {
+ ID: "CVE-2021-29594",
+ Path: "2021/29xxx/CVE-2021-29594.json",
+ BlobHash: "927ce5d1aa3354f1880a4bf85180a345ec412819",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-3qgw-p4fm-x7gf",
+ "https://github.com/tensorflow/tensorflow/commit/ff489d95a9006be080ad14feb378f2b4dac35552",
+ },
+ },
+ {
+ ID: "CVE-2021-29595",
+ Path: "2021/29xxx/CVE-2021-29595.json",
+ BlobHash: "8bc6dadc43651587cd2d848ebbede2d22042c716",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-vf94-36g5-69v8",
+ "https://github.com/tensorflow/tensorflow/commit/106d8f4fb89335a2c52d7c895b7a7485465ca8d9",
+ },
+ },
+ {
+ ID: "CVE-2021-29596",
+ Path: "2021/29xxx/CVE-2021-29596.json",
+ BlobHash: "252008bf8dfeca66e21912aeb30254a7630d6759",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4vrf-ff7v-hpgr",
+ "https://github.com/tensorflow/tensorflow/commit/f61c57bd425878be108ec787f4d96390579fb83e",
+ },
+ },
+ {
+ ID: "CVE-2021-29597",
+ Path: "2021/29xxx/CVE-2021-29597.json",
+ BlobHash: "044c8f8d3c64a0e16b27c433aa1560bde992c33f",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-v52p-hfjf-wg88",
+ "https://github.com/tensorflow/tensorflow/commit/6d36ba65577006affb272335b7c1abd829010708",
+ },
+ },
+ {
+ ID: "CVE-2021-29598",
+ Path: "2021/29xxx/CVE-2021-29598.json",
+ BlobHash: "8703f6776bf85dbcdf56dc10b3da4ac2803d9531",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-pmpr-55fj-r229",
+ "https://github.com/tensorflow/tensorflow/commit/6841e522a3e7d48706a02e8819836e809f738682",
+ },
+ },
+ {
+ ID: "CVE-2021-29599",
+ Path: "2021/29xxx/CVE-2021-29599.json",
+ BlobHash: "a7ce0f45810e5806239f2bb7357876df3b868d94",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-97wf-p777-86jq",
+ "https://github.com/tensorflow/tensorflow/commit/b22786e7e9b7bdb6a56936ff29cc7e9968d7bc1d",
+ },
+ },
+ {
+ ID: "CVE-2021-29600",
+ Path: "2021/29xxx/CVE-2021-29600.json",
+ BlobHash: "7a69da1d5f48547e46485d1d89f46039ac78b052",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-j8qh-3xrq-c825",
+ "https://github.com/tensorflow/tensorflow/commit/3ebedd7e345453d68e279cfc3e4072648e5e12e5",
+ },
+ },
+ {
+ ID: "CVE-2021-29601",
+ Path: "2021/29xxx/CVE-2021-29601.json",
+ BlobHash: "9955f1e6d5462d38683b3645c5bc26db02f1c81c",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9c84-4hx6-xmm4",
+ "https://github.com/tensorflow/tensorflow/commit/4253f96a58486ffe84b61c0415bb234a4632ee73",
+ },
+ },
+ {
+ ID: "CVE-2021-29602",
+ Path: "2021/29xxx/CVE-2021-29602.json",
+ BlobHash: "88714048b3c1aaf959706978c10b42c559d098b4",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rf3h-xgv5-2q39",
+ "https://github.com/tensorflow/tensorflow/commit/cbda3c6b2dbbd3fbdc482ff8c0170a78ec2e97d0",
+ },
+ },
+ {
+ ID: "CVE-2021-29603",
+ Path: "2021/29xxx/CVE-2021-29603.json",
+ BlobHash: "63a4c7de6a98c91263eec5f432bb0cc5bd908ca6",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-crch-j389-5f84",
+ "https://github.com/tensorflow/tensorflow/commit/c59c37e7b2d563967da813fa50fe20b21f4da683",
+ },
+ },
+ {
+ ID: "CVE-2021-29604",
+ Path: "2021/29xxx/CVE-2021-29604.json",
+ BlobHash: "656211ab32662fa19a060b02f7ac050dd0649428",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-8rm6-75mf-7r7r",
+ "https://github.com/tensorflow/tensorflow/commit/5117e0851348065ed59c991562c0ec80d9193db2",
+ },
+ },
+ {
+ ID: "CVE-2021-29605",
+ Path: "2021/29xxx/CVE-2021-29605.json",
+ BlobHash: "959de6436d664e7aff72d6a4e010fe81d1d2305b",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-jf7h-7m85-w2v2",
+ "https://github.com/tensorflow/tensorflow/commit/7c8cc4ec69cd348e44ad6a2699057ca88faad3e5",
+ },
+ },
+ {
+ ID: "CVE-2021-29606",
+ Path: "2021/29xxx/CVE-2021-29606.json",
+ BlobHash: "d8af5922c85bff86069b1454a1060edfb0fe63a9",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-h4pc-gx2w-f2xv",
+ "https://github.com/tensorflow/tensorflow/commit/ae2daeb45abfe2c6dda539cf8d0d6f653d3ef412",
+ },
+ },
+ {
+ ID: "CVE-2021-29607",
+ Path: "2021/29xxx/CVE-2021-29607.json",
+ BlobHash: "615e3e396f6d850a833a5e8e6e00b36a082a2e8c",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/commit/ba6822bd7b7324ba201a28b2f278c29a98edbef2",
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gv26-jpj9-c8gq",
+ "https://github.com/tensorflow/tensorflow/commit/f6fde895ef9c77d848061c0517f19d0ec2682f3a",
+ },
+ },
+ {
+ ID: "CVE-2021-29608",
+ Path: "2021/29xxx/CVE-2021-29608.json",
+ BlobHash: "997dd422884a2cbf7c1889388bc2766e2f9004a7",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rgvq-pcvf-hx75",
+ "https://github.com/tensorflow/tensorflow/commit/b761c9b652af2107cfbc33efd19be0ce41daa33e",
+ "https://github.com/tensorflow/tensorflow/commit/c4d7afb6a5986b04505aca4466ae1951686c80f6",
+ "https://github.com/tensorflow/tensorflow/commit/f94ef358bb3e91d517446454edff6535bcfe8e4a",
+ },
+ },
+ {
+ ID: "CVE-2021-29609",
+ Path: "2021/29xxx/CVE-2021-29609.json",
+ BlobHash: "70f717e91875c62d884503429208fb857ab8c30d",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cjc7-49v2-jp64",
+ "https://github.com/tensorflow/tensorflow/commit/41727ff06111117bdf86b37db198217fd7a143cc",
+ "https://github.com/tensorflow/tensorflow/commit/6fd02f44810754ae7481838b6a67c5df7f909ca3",
+ },
+ },
+ {
+ ID: "CVE-2021-29610",
+ Path: "2021/29xxx/CVE-2021-29610.json",
+ BlobHash: "ef31fbfaa08f1be4fb5100e6f73254a31beccae2",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-mq5c-prh3-3f3h",
+ "https://github.com/tensorflow/tensorflow/commit/c5b0d5f8ac19888e46ca14b0e27562e7fbbee9a9",
+ },
+ },
+ {
+ ID: "CVE-2021-29611",
+ Path: "2021/29xxx/CVE-2021-29611.json",
+ BlobHash: "29c72b3c6512b55a2650f36ee8addfc880cb1d40",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9rpc-5v9q-5r7f",
+ "https://github.com/tensorflow/tensorflow/commit/1d04d7d93f4ed3854abf75d6b712d72c3f70d6b6",
+ },
+ },
+ {
+ ID: "CVE-2021-29612",
+ Path: "2021/29xxx/CVE-2021-29612.json",
+ BlobHash: "520b9cdb93048d8d34a48eae19331546a7ce83a1",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-2xgj-xhgf-ggjv",
+ "https://github.com/tensorflow/tensorflow/commit/0ab290774f91a23bebe30a358fde4e53ab4876a0",
+ "https://github.com/tensorflow/tensorflow/commit/ba6822bd7b7324ba201a28b2f278c29a98edbef2",
+ },
+ },
+ {
+ ID: "CVE-2021-29613",
+ Path: "2021/29xxx/CVE-2021-29613.json",
+ BlobHash: "79023aac17a09c17f749296fc0687939d3d81e91",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-vvg4-vgrv-xfr7",
+ "https://github.com/tensorflow/tensorflow/commit/14607c0707040d775e06b6817325640cb4b5864c",
+ "https://github.com/tensorflow/tensorflow/commit/4504a081af71514bb1828048363e6540f797005b",
+ },
+ },
+ {
+ ID: "CVE-2021-29614",
+ Path: "2021/29xxx/CVE-2021-29614.json",
+ BlobHash: "df13f08859f7c29646973ad4ca747e4ab667f76b",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-8pmx-p244-g88h",
+ "https://github.com/tensorflow/tensorflow/commit/698e01511f62a3c185754db78ebce0eee1f0184d",
+ },
+ },
+ {
+ ID: "CVE-2021-29615",
+ Path: "2021/29xxx/CVE-2021-29615.json",
+ BlobHash: "0963835c888a38e7773d332457a7968962080c7b",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qw5h-7f53-xrp6",
+ "https://github.com/tensorflow/tensorflow/commit/e07e1c3d26492c06f078c7e5bf2d138043e199c1",
+ },
+ },
+ {
+ ID: "CVE-2021-29616",
+ Path: "2021/29xxx/CVE-2021-29616.json",
+ BlobHash: "97eeefaff3d7fee7feb382eb513ccd5c072bf955",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4hvv-7x94-7vq8",
+ "https://github.com/tensorflow/tensorflow/commit/e6340f0665d53716ef3197ada88936c2a5f7a2d3",
+ },
+ },
+ {
+ ID: "CVE-2021-29617",
+ Path: "2021/29xxx/CVE-2021-29617.json",
+ BlobHash: "cf369cb48b679bf74801bf95e2deecce20e9648b",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-mmq6-q8r3-48fm",
+ "https://github.com/tensorflow/tensorflow/commit/890f7164b70354c57d40eda52dcdd7658677c09f",
+ "https://github.com/tensorflow/issues/46900",
+ "https://github.com/tensorflow/issues/46974",
+ },
+ },
+ {
+ ID: "CVE-2021-29618",
+ Path: "2021/29xxx/CVE-2021-29618.json",
+ BlobHash: "f099ec467b6196f7301c8ccfff0a0c58ba891b98",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-xqfj-cr6q-pc8w",
+ "https://github.com/tensorflow/tensorflow/commit/1dc6a7ce6e0b3e27a7ae650bfc05b195ca793f88",
+ "https://github.com/tensorflow/issues/42105",
+ "https://github.com/tensorflow/issues/46973",
+ },
+ },
+ {
+ ID: "CVE-2021-29619",
+ Path: "2021/29xxx/CVE-2021-29619.json",
+ BlobHash: "8e4413cb2d59e0cf8deccdc6af62c5072f25614b",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-wvjw-p9f5-vq28",
+ "https://github.com/tensorflow/tensorflow/commit/82e6203221865de4008445b13c69b6826d2b28d9",
+ },
+ },
+ {
+ ID: "CVE-2021-35958",
+ Path: "2021/35xxx/CVE-2021-35958.json",
+ BlobHash: "781fe32b0a3bbe547577f053cc71f5e463b5a5df",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://vuln.ryotak.me/advisories/52",
+ "https://github.com/tensorflow/tensorflow/blob/b8cad4c631096a34461ff8a07840d5f4d123ce32/tensorflow/python/keras/utils/data_utils.py#L137",
+ "https://docs.python.org/3/library/tarfile.html#tarfile.TarFile.extractall",
+ "https://keras.io/api/",
+ "https://github.com/tensorflow/tensorflow/blob/b8cad4c631096a34461ff8a07840d5f4d123ce32/tensorflow/python/keras/README.md",
+ },
+ },
+ {
+ ID: "CVE-2021-37635",
+ Path: "2021/37xxx/CVE-2021-37635.json",
+ BlobHash: "642c89c869189f919f43c736f25e3f05959212d2",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cgfm-62j4-v4rf",
+ "https://github.com/tensorflow/tensorflow/commit/87158f43f05f2720a374f3e6d22a7aaa3a33f750",
+ },
+ },
+ {
+ ID: "CVE-2021-37636",
+ Path: "2021/37xxx/CVE-2021-37636.json",
+ BlobHash: "de0aa160d1b38af958f3c3bfd214a00d834a347d",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hp4c-x6r7-6555",
+ "https://github.com/tensorflow/tensorflow/commit/d9204be9f49520cdaaeb2541d1dc5187b23f31d9",
+ },
+ },
+ {
+ ID: "CVE-2021-37637",
+ Path: "2021/37xxx/CVE-2021-37637.json",
+ BlobHash: "bed8385118bd1bb0c50f85adf8f096ed4c1dc8da",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-c9qf-r67m-p7cg",
+ "https://github.com/tensorflow/tensorflow/commit/5dc7f6981fdaf74c8c5be41f393df705841fb7c5",
+ },
+ },
+ {
+ ID: "CVE-2021-37638",
+ Path: "2021/37xxx/CVE-2021-37638.json",
+ BlobHash: "9e0c47ded28ee3c2f274c439a6822e3eb455b394",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hwr7-8gxx-fj5p",
+ "https://github.com/tensorflow/tensorflow/commit/301ae88b331d37a2a16159b65b255f4f9eb39314",
+ },
+ },
+ {
+ ID: "CVE-2021-37639",
+ Path: "2021/37xxx/CVE-2021-37639.json",
+ BlobHash: "f959718f4e03dafefc0a7ab56dc20257f1528d6b",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gh6x-4whr-2qv4",
+ "https://github.com/tensorflow/tensorflow/commit/9e82dce6e6bd1f36a57e08fa85af213e2b2f2622",
+ },
+ },
+ {
+ ID: "CVE-2021-37640",
+ Path: "2021/37xxx/CVE-2021-37640.json",
+ BlobHash: "deeb75c61f29cac413427342d130b9e716eab9b8",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-95xm-g58g-3p88",
+ "https://github.com/tensorflow/tensorflow/commit/4923de56ec94fff7770df259ab7f2288a74feb41",
+ },
+ },
+ {
+ ID: "CVE-2021-37641",
+ Path: "2021/37xxx/CVE-2021-37641.json",
+ BlobHash: "da8307da4d5e92de3a30314680cda76894ea1dc8",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9c8h-vvrj-w2p8",
+ "https://github.com/tensorflow/tensorflow/commit/a2b743f6017d7b97af1fe49087ae15f0ac634373",
+ },
+ },
+ {
+ ID: "CVE-2021-37642",
+ Path: "2021/37xxx/CVE-2021-37642.json",
+ BlobHash: "1b47df79e705a83c8c8907285af89f96b1c92fc2",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-ch4f-829c-v5pw",
+ "https://github.com/tensorflow/tensorflow/commit/4aacb30888638da75023e6601149415b39763d76",
+ },
+ },
+ {
+ ID: "CVE-2021-37643",
+ Path: "2021/37xxx/CVE-2021-37643.json",
+ BlobHash: "349f28ad92eca81909c6e02dab860df6ee4f1a19",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fcwc-p4fc-c5cc",
+ "https://github.com/tensorflow/tensorflow/commit/482da92095c4d48f8784b1f00dda4f81c28d2988",
+ },
+ },
+ {
+ ID: "CVE-2021-37644",
+ Path: "2021/37xxx/CVE-2021-37644.json",
+ BlobHash: "a2a4d98164afe8b1713ad0962b34149ad5477aa3",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-27j5-4p9v-pp67",
+ "https://github.com/tensorflow/tensorflow/commit/8a6e874437670045e6c7dc6154c7412b4a2135e2",
+ },
+ },
+ {
+ ID: "CVE-2021-37645",
+ Path: "2021/37xxx/CVE-2021-37645.json",
+ BlobHash: "8b3ac954d72e386d875b471611072e0461a4a3e8",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9w2p-5mgw-p94c",
+ "https://github.com/tensorflow/tensorflow/commit/96f364a1ca3009f98980021c4b32be5fdcca33a1",
+ },
+ },
+ {
+ ID: "CVE-2021-37646",
+ Path: "2021/37xxx/CVE-2021-37646.json",
+ BlobHash: "4744e500007686a1653aec62c747f3fc6f91a02b",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-h6jh-7gv5-28vg",
+ "https://github.com/tensorflow/tensorflow/commit/c283e542a3f422420cfdb332414543b62fc4e4a5",
+ },
+ },
+ {
+ ID: "CVE-2021-37647",
+ Path: "2021/37xxx/CVE-2021-37647.json",
+ BlobHash: "4996c5c7827304203d7cd963bfa11c30db4b4286",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-c5x2-p679-95wc",
+ "https://github.com/tensorflow/tensorflow/commit/02cc160e29d20631de3859c6653184e3f876b9d7",
+ },
+ },
+ {
+ ID: "CVE-2021-37648",
+ Path: "2021/37xxx/CVE-2021-37648.json",
+ BlobHash: "2d9bf48b1f668d2a91c8ae1637772a231b6c3f61",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-wp77-4gmm-7cq8",
+ "https://github.com/tensorflow/tensorflow/commit/9728c60e136912a12d99ca56e106b7cce7af5986",
+ },
+ },
+ {
+ ID: "CVE-2021-37649",
+ Path: "2021/37xxx/CVE-2021-37649.json",
+ BlobHash: "6302db09d66e8e9f0eb8b8119f0e32e089170307",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6gv8-p3vj-pxvr",
+ "https://github.com/tensorflow/tensorflow/commit/7bdf50bb4f5c54a4997c379092888546c97c3ebd",
+ },
+ },
+ {
+ ID: "CVE-2021-37650",
+ Path: "2021/37xxx/CVE-2021-37650.json",
+ BlobHash: "a071c2a3edbf5e10d1379ce15fd666534d7ef9e3",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-f8h4-7rgh-q2gm",
+ "https://github.com/tensorflow/tensorflow/commit/e0b6e58c328059829c3eb968136f17aa72b6c876",
+ },
+ },
+ {
+ ID: "CVE-2021-37651",
+ Path: "2021/37xxx/CVE-2021-37651.json",
+ BlobHash: "24d164737bd72c4b4b23b36d0243d88d007068f7",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-hpv4-7p9c-mvfr",
+ "https://github.com/tensorflow/tensorflow/commit/0f931751fb20f565c4e94aa6df58d54a003cdb30",
+ },
+ },
+ {
+ ID: "CVE-2021-37652",
+ Path: "2021/37xxx/CVE-2021-37652.json",
+ BlobHash: "edd7e795fa78b7b4e87f25a90c499b785b855c88",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-m7fm-4jfh-jrg6",
+ "https://github.com/tensorflow/tensorflow/commit/5ecec9c6fbdbc6be03295685190a45e7eee726ab",
+ },
+ },
+ {
+ ID: "CVE-2021-37653",
+ Path: "2021/37xxx/CVE-2021-37653.json",
+ BlobHash: "45a0708102c02f0475e71e2d559877f439751bdb",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qjj8-32p7-h289",
+ "https://github.com/tensorflow/tensorflow/commit/ac117ee8a8ea57b73d34665cdf00ef3303bc0b11",
+ },
+ },
+ {
+ ID: "CVE-2021-37654",
+ Path: "2021/37xxx/CVE-2021-37654.json",
+ BlobHash: "be1c6edd99673cd4cb58d63e49e073b2a737d6f7",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-2r8p-fg3c-wcj4",
+ "https://github.com/tensorflow/tensorflow/commit/bc9c546ce7015c57c2f15c168b3d9201de679a1d",
+ },
+ },
+ {
+ ID: "CVE-2021-37655",
+ Path: "2021/37xxx/CVE-2021-37655.json",
+ BlobHash: "eb38f095e0bbc39e0de6919d9fbf78a9202b00d7",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7fvx-3jfc-2cpc",
+ "https://github.com/tensorflow/tensorflow/commit/01cff3f986259d661103412a20745928c727326f",
+ },
+ },
+ {
+ ID: "CVE-2021-37656",
+ Path: "2021/37xxx/CVE-2021-37656.json",
+ BlobHash: "4edd74f0dc0535de474e9e3a49da8513347cc9ef",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4xfp-4pfp-89wg",
+ "https://github.com/tensorflow/tensorflow/commit/1071f554dbd09f7e101324d366eec5f4fe5a3ece",
+ },
+ },
+ {
+ ID: "CVE-2021-37657",
+ Path: "2021/37xxx/CVE-2021-37657.json",
+ BlobHash: "c41a47d9966732c98e90a7cd187d8c1252ec7206",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-5xwc-mrhx-5g3m",
+ "https://github.com/tensorflow/tensorflow/commit/f2a673bd34f0d64b8e40a551ac78989d16daad09",
+ },
+ },
+ {
+ ID: "CVE-2021-37658",
+ Path: "2021/37xxx/CVE-2021-37658.json",
+ BlobHash: "a153ce709c052950f7fccbfb3c4fc134cb7b4933",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6p5r-g9mq-ggh2",
+ "https://github.com/tensorflow/tensorflow/commit/ff8894044dfae5568ecbf2ed514c1a37dc394f1b",
+ },
+ },
+ {
+ ID: "CVE-2021-37659",
+ Path: "2021/37xxx/CVE-2021-37659.json",
+ BlobHash: "c3dce61c71ea715d4d6352eaec5de9a093416553",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-q3g3-h9r4-prrc",
+ "https://github.com/tensorflow/tensorflow/commit/93f428fd1768df147171ed674fee1fc5ab8309ec",
+ },
+ },
+ {
+ ID: "CVE-2021-37660",
+ Path: "2021/37xxx/CVE-2021-37660.json",
+ BlobHash: "5cf3141539b063216ea99b91253e037f9136d6ae",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cm5x-837x-jf3c",
+ "https://github.com/tensorflow/tensorflow/commit/e86605c0a336c088b638da02135ea6f9f6753618",
+ },
+ },
+ {
+ ID: "CVE-2021-37661",
+ Path: "2021/37xxx/CVE-2021-37661.json",
+ BlobHash: "75bf5f046f02d9e67cabfa626e79be0f6a60cf3b",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gf88-j2mg-cc82",
+ "https://github.com/tensorflow/tensorflow/commit/8a84f7a2b5a2b27ecf88d25bad9ac777cd2f7992",
+ },
+ },
+ {
+ ID: "CVE-2021-37662",
+ Path: "2021/37xxx/CVE-2021-37662.json",
+ BlobHash: "c014bc54e2b0a3a67db648db2962b67b9becbcd4",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-f5cx-5wr3-5qrc",
+ "https://github.com/tensorflow/tensorflow/commit/429f009d2b2c09028647dd4bb7b3f6f414bbaad7",
+ "https://github.com/tensorflow/tensorflow/commit/9c87c32c710d0b5b53dc6fd3bfde4046e1f7a5ad",
+ },
+ },
+ {
+ ID: "CVE-2021-37663",
+ Path: "2021/37xxx/CVE-2021-37663.json",
+ BlobHash: "7b34ff40488cc06dd61a2e15f26b4665f8647124",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-g25h-jr74-qp5j",
+ "https://github.com/tensorflow/tensorflow/commit/6da6620efad397c85493b8f8667b821403516708",
+ },
+ },
+ {
+ ID: "CVE-2021-37664",
+ Path: "2021/37xxx/CVE-2021-37664.json",
+ BlobHash: "d90c85af0faa5884b8d548f366cd91a6c06d71a4",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-r4c4-5fpq-56wg",
+ "https://github.com/tensorflow/tensorflow/commit/e84c975313e8e8e38bb2ea118196369c45c51378",
+ },
+ },
+ {
+ ID: "CVE-2021-37665",
+ Path: "2021/37xxx/CVE-2021-37665.json",
+ BlobHash: "d00cde4daf50fb2a31058baf2759d7d3cefcd550",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-v82p-hv3v-p6qp",
+ "https://github.com/tensorflow/tensorflow/commit/203214568f5bc237603dbab6e1fd389f1572f5c9",
+ "https://github.com/tensorflow/tensorflow/commit/9e62869465573cb2d9b5053f1fa02a81fce21d69",
+ },
+ },
+ {
+ ID: "CVE-2021-37666",
+ Path: "2021/37xxx/CVE-2021-37666.json",
+ BlobHash: "0642a21b40f51d16ea8eb33fe24c7f9902f1719e",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-w4xf-2pqw-5mq7",
+ "https://github.com/tensorflow/tensorflow/commit/be7a4de6adfbd303ce08be4332554dff70362612",
+ },
+ },
+ {
+ ID: "CVE-2021-37667",
+ Path: "2021/37xxx/CVE-2021-37667.json",
+ BlobHash: "5befd6bfdae686bace9f983a82add5104c5959cc",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-w74j-v8xh-3w5h",
+ "https://github.com/tensorflow/tensorflow/commit/2e0ee46f1a47675152d3d865797a18358881d7a6",
+ },
+ },
+ {
+ ID: "CVE-2021-37668",
+ Path: "2021/37xxx/CVE-2021-37668.json",
+ BlobHash: "ad453d9228771dd404b0ed316cd6346961f69e8a",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-2wmv-37vq-52g5",
+ "https://github.com/tensorflow/tensorflow/commit/a776040a5e7ebf76eeb7eb923bf1ae417dd4d233",
+ },
+ },
+ {
+ ID: "CVE-2021-37669",
+ Path: "2021/37xxx/CVE-2021-37669.json",
+ BlobHash: "ced9b164192b78bfbd1e5ec3bbe23a12c2f46d23",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-vmjw-c2vp-p33c",
+ "https://github.com/tensorflow/tensorflow/commit/3a7362750d5c372420aa8f0caf7bf5b5c3d0f52d",
+ "https://github.com/tensorflow/tensorflow/commit/b5cdbf12ffcaaffecf98f22a6be5a64bb96e4f58",
+ },
+ },
+ {
+ ID: "CVE-2021-37670",
+ Path: "2021/37xxx/CVE-2021-37670.json",
+ BlobHash: "00f1a3bce81be2901c86359ae9d96f4fd43a89fd",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9697-98pf-4rw7",
+ "https://github.com/tensorflow/tensorflow/commit/42459e4273c2e47a3232cc16c4f4fff3b3a35c38",
+ },
+ },
+ {
+ ID: "CVE-2021-37671",
+ Path: "2021/37xxx/CVE-2021-37671.json",
+ BlobHash: "3dbe46f6de616076fe72b0e09207f20f8fa51625",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qr82-2c78-4m8h",
+ "https://github.com/tensorflow/tensorflow/commit/532f5c5a547126c634fefd43bbad1dc6417678ac",
+ },
+ },
+ {
+ ID: "CVE-2021-37672",
+ Path: "2021/37xxx/CVE-2021-37672.json",
+ BlobHash: "cf98b0683ecfbe85966628ed47dbdde7a82df1a9",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-5hj3-vjjf-f5m7",
+ "https://github.com/tensorflow/tensorflow/commit/a4e138660270e7599793fa438cd7b2fc2ce215a6",
+ },
+ },
+ {
+ ID: "CVE-2021-37673",
+ Path: "2021/37xxx/CVE-2021-37673.json",
+ BlobHash: "3f8c0d7bb418069e4c6cf4c602d4954d068ca49e",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-278g-rq84-9hmg",
+ "https://github.com/tensorflow/tensorflow/commit/d7de67733925de196ec8863a33445b73f9562d1d",
+ },
+ },
+ {
+ ID: "CVE-2021-37674",
+ Path: "2021/37xxx/CVE-2021-37674.json",
+ BlobHash: "18fd81f627c00355c8500acdca215038b15eeb0d",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7ghq-fvr3-pj2x",
+ "https://github.com/tensorflow/tensorflow/commit/136b51f10903e044308cf77117c0ed9871350475",
+ "https://github.com/tensorflow/tensorflow/blob/master/tensorflow/security/advisory/tfsa-2021-068.md",
+ },
+ },
+ {
+ ID: "CVE-2021-37675",
+ Path: "2021/37xxx/CVE-2021-37675.json",
+ BlobHash: "da173290531fd5520d10dcccdb97e64f96042cba",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9c8h-2mv3-49ww",
+ "https://github.com/tensorflow/tensorflow/commit/8a793b5d7f59e37ac7f3cd0954a750a2fe76bad4",
+ },
+ },
+ {
+ ID: "CVE-2021-37676",
+ Path: "2021/37xxx/CVE-2021-37676.json",
+ BlobHash: "77dff7969871db4fc359119e9c6c39edd52a6a18",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-v768-w7m9-2vmm",
+ "https://github.com/tensorflow/tensorflow/commit/578e634b4f1c1c684d4b4294f9e5281b2133b3ed",
+ },
+ },
+ {
+ ID: "CVE-2021-37677",
+ Path: "2021/37xxx/CVE-2021-37677.json",
+ BlobHash: "3dc38e667d94f0d9cc448fb89a7d279f36a2036e",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-qfpc-5pjr-mh26",
+ "https://github.com/tensorflow/tensorflow/commit/da857cfa0fde8f79ad0afdbc94e88b5d4bbec764",
+ },
+ },
+ {
+ ID: "CVE-2021-37678",
+ Path: "2021/37xxx/CVE-2021-37678.json",
+ BlobHash: "330dd1e8e59321e4f77199d35901951139850e4e",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-r6jx-9g48-2r5r",
+ "https://github.com/tensorflow/tensorflow/commit/23d6383eb6c14084a8fc3bdf164043b974818012",
+ },
+ },
+ {
+ ID: "CVE-2021-37679",
+ Path: "2021/37xxx/CVE-2021-37679.json",
+ BlobHash: "1e85bf10695dab7ea5a4278e2b32dfeebf353b0c",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-g8wg-cjwc-xhhp",
+ "https://github.com/tensorflow/tensorflow/commit/4e2565483d0ffcadc719bd44893fb7f609bb5f12",
+ },
+ },
+ {
+ ID: "CVE-2021-37680",
+ Path: "2021/37xxx/CVE-2021-37680.json",
+ BlobHash: "3fd7bbd6bf43ed7e17c92c767bb9c107b8d236aa",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cfpj-3q4c-jhvr",
+ "https://github.com/tensorflow/tensorflow/commit/718721986aa137691ee23f03638867151f74935f",
+ },
+ },
+ {
+ ID: "CVE-2021-37681",
+ Path: "2021/37xxx/CVE-2021-37681.json",
+ BlobHash: "9c0ddf576f9b3df3d43f2d61c5639c984a09ed06",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7xwj-5r4v-429p",
+ "https://github.com/tensorflow/tensorflow/commit/5b048e87e4e55990dae6b547add4dae59f4e1c76",
+ },
+ },
+ {
+ ID: "CVE-2021-37682",
+ Path: "2021/37xxx/CVE-2021-37682.json",
+ BlobHash: "109cde8be690d3c506d1f46ad023fe82284befed",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4c4g-crqm-xrxw",
+ "https://github.com/tensorflow/tensorflow/commit/4a91f2069f7145aab6ba2d8cfe41be8a110c18a5",
+ "https://github.com/tensorflow/tensorflow/commit/537bc7c723439b9194a358f64d871dd326c18887",
+ "https://github.com/tensorflow/tensorflow/commit/8933b8a21280696ab119b63263babdb54c298538",
+ },
+ },
+ {
+ ID: "CVE-2021-37683",
+ Path: "2021/37xxx/CVE-2021-37683.json",
+ BlobHash: "045db36608dd334a6c877390e2f5df022e534857",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rhrq-64mq-hf9h",
+ "https://github.com/tensorflow/tensorflow/commit/1e206baedf8bef0334cca3eb92bab134ef525a28",
+ },
+ },
+ {
+ ID: "CVE-2021-37684",
+ Path: "2021/37xxx/CVE-2021-37684.json",
+ BlobHash: "86cdcabb766cf7ea1ab0e0c0498c5e14778d7ccf",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-q7f7-544h-67h9",
+ },
+ },
+ {
+ ID: "CVE-2021-37685",
+ Path: "2021/37xxx/CVE-2021-37685.json",
+ BlobHash: "4a07f76988235fb0ada03ced9dc039efd3dfb12b",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-c545-c4f9-rf6v",
+ "https://github.com/tensorflow/tensorflow/commit/d94ffe08a65400f898241c0374e9edc6fa8ed257",
+ },
+ },
+ {
+ ID: "CVE-2021-37686",
+ Path: "2021/37xxx/CVE-2021-37686.json",
+ BlobHash: "0b6c6ab7b37e76b62a039fa4385c42136364d89c",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-mhhc-q96p-mfm9",
+ "https://github.com/tensorflow/tensorflow/commit/dfa22b348b70bb89d6d6ec0ff53973bacb4f4695",
+ },
+ },
+ {
+ ID: "CVE-2021-37687",
+ Path: "2021/37xxx/CVE-2021-37687.json",
+ BlobHash: "ebe88f94f13b110e4ab62bc121435bca02fe3236",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-jwf9-w5xm-f437",
+ "https://github.com/tensorflow/tensorflow/commit/bb6a0383ed553c286f87ca88c207f6774d5c4a8f",
+ "https://github.com/tensorflow/tensorflow/commit/eb921122119a6b6e470ee98b89e65d721663179d",
+ },
+ },
+ {
+ ID: "CVE-2021-37688",
+ Path: "2021/37xxx/CVE-2021-37688.json",
+ BlobHash: "04ceb89bdcca04ada2e1bd8e8610485b5914405c",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-vcjj-9vg7-vf68",
+ "https://github.com/tensorflow/tensorflow/commit/15691e456c7dc9bd6be203b09765b063bf4a380c",
+ },
+ },
+ {
+ ID: "CVE-2021-37689",
+ Path: "2021/37xxx/CVE-2021-37689.json",
+ BlobHash: "e6b5df4b16b1dd1379c4932526a7780daad60b2b",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-wf5p-c75w-w3wh",
+ "https://github.com/tensorflow/tensorflow/commit/d6b57f461b39fd1aa8c1b870f1b974aac3554955",
+ },
+ },
+ {
+ ID: "CVE-2021-37690",
+ Path: "2021/37xxx/CVE-2021-37690.json",
+ BlobHash: "c946682d7f40b599bfebf87b2f295fcd26626411",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-3hxh-8cp2-g4hg",
+ "https://github.com/tensorflow/tensorflow/commit/ee119d4a498979525046fba1c3dd3f13a039fbb1",
+ },
+ },
+ {
+ ID: "CVE-2021-37691",
+ Path: "2021/37xxx/CVE-2021-37691.json",
+ BlobHash: "8e78b8b987c6d1a20cde572e800e403d409addc1",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-27qf-jwm8-g7f3",
+ "https://github.com/tensorflow/tensorflow/commit/0575b640091680cfb70f4dd93e70658de43b94f9",
+ },
+ },
+ {
+ ID: "CVE-2021-37692",
+ Path: "2021/37xxx/CVE-2021-37692.json",
+ BlobHash: "08838dcccbbbfc26b59b2e3d28aa3c8cd5769903",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cmgw-8vpc-rc59",
+ "https://github.com/tensorflow/tensorflow/pull/50508",
+ "https://github.com/tensorflow/tensorflow/commit/8721ba96e5760c229217b594f6d2ba332beedf22",
+ },
+ },
+ {
+ ID: "CVE-2021-41195",
+ Path: "2021/41xxx/CVE-2021-41195.json",
+ BlobHash: "e92f78f1ee3c559fa82ee81b7d9acc207a0158d8",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cq76-mxrc-vchh",
+ "https://github.com/tensorflow/tensorflow/issues/46888",
+ "https://github.com/tensorflow/tensorflow/pull/51733",
+ "https://github.com/tensorflow/tensorflow/commit/e9c81c1e1a9cd8dd31f4e83676cab61b60658429",
+ },
+ },
+ {
+ ID: "CVE-2021-41196",
+ Path: "2021/41xxx/CVE-2021-41196.json",
+ BlobHash: "1a95356814aa34a21ce55b972e41ec956742478c",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-m539-j985-hcr8",
+ "https://github.com/tensorflow/tensorflow/issues/51936",
+ "https://github.com/tensorflow/tensorflow/commit/12b1ff82b3f26ff8de17e58703231d5a02ef1b8b",
+ },
+ },
+ {
+ ID: "CVE-2021-41197",
+ Path: "2021/41xxx/CVE-2021-41197.json",
+ BlobHash: "d7e5aa3ce04c6fe031e85a42fa0606938a97c8d6",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-prcg-wp5q-rv7p",
+ "https://github.com/tensorflow/tensorflow/issues/46890",
+ "https://github.com/tensorflow/tensorflow/issues/51908",
+ "https://github.com/tensorflow/tensorflow/commit/7c1692bd417eb4f9b33ead749a41166d6080af85",
+ "https://github.com/tensorflow/tensorflow/commit/a871989d7b6c18cdebf2fb4f0e5c5b62fbc19edf",
+ "https://github.com/tensorflow/tensorflow/commit/d81b1351da3e8c884ff836b64458d94e4a157c15",
+ },
+ },
+ {
+ ID: "CVE-2021-41198",
+ Path: "2021/41xxx/CVE-2021-41198.json",
+ BlobHash: "fa197f8d57cb70c762060020bcc0f74f7a66c24a",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-2p25-55c9-h58q",
+ "https://github.com/tensorflow/tensorflow/issues/46911",
+ "https://github.com/tensorflow/tensorflow/commit/9294094df6fea79271778eb7e7ae1bad8b5ef98f",
+ },
+ },
+ {
+ ID: "CVE-2021-41199",
+ Path: "2021/41xxx/CVE-2021-41199.json",
+ BlobHash: "e86f15f0f69b8ad5bc9646bbe0d5edf3a7ea6732",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-5hx2-qx8j-qjqm",
+ "https://github.com/tensorflow/tensorflow/issues/46914",
+ "https://github.com/tensorflow/tensorflow/commit/e5272d4204ff5b46136a1ef1204fc00597e21837",
+ },
+ },
+ {
+ ID: "CVE-2021-41200",
+ Path: "2021/41xxx/CVE-2021-41200.json",
+ BlobHash: "2b92f54aac84403691c7b68587e025b3e22a1ec4",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gh8h-7j2j-qv4f",
+ "https://github.com/tensorflow/tensorflow/issues/46909",
+ "https://github.com/tensorflow/tensorflow/commit/874bda09e6702cd50bac90b453b50bcc65b2769e",
+ },
+ },
+ {
+ ID: "CVE-2021-41201",
+ Path: "2021/41xxx/CVE-2021-41201.json",
+ BlobHash: "1303d512b7b88291b717cbba085d077ed9984dad",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-j86v-p27c-73fm",
+ "https://github.com/tensorflow/tensorflow/commit/f09caa532b6e1ac8d2aa61b7832c78c5b79300c6",
+ },
+ },
+ {
+ ID: "CVE-2021-41202",
+ Path: "2021/41xxx/CVE-2021-41202.json",
+ BlobHash: "67260d92c87a3ae53101a4d68e14ce109fbebb2d",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-xrqm-fpgr-6hhx",
+ "https://github.com/tensorflow/tensorflow/issues/46889",
+ "https://github.com/tensorflow/tensorflow/issues/46912",
+ "https://github.com/tensorflow/tensorflow/commit/1b0e0ec27e7895b9985076eab32445026ae5ca94",
+ "https://github.com/tensorflow/tensorflow/commit/6d94002a09711d297dbba90390d5482b76113899",
+ },
+ },
+ {
+ ID: "CVE-2021-41203",
+ Path: "2021/41xxx/CVE-2021-41203.json",
+ BlobHash: "102d48cc1ee147c3c3cf3d60d43f3a4983e6d0f7",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7pxj-m4jf-r6h2",
+ "https://github.com/tensorflow/tensorflow/commit/368af875869a204b4ac552b9ddda59f6a46a56ec",
+ "https://github.com/tensorflow/tensorflow/commit/abcced051cb1bd8fb05046ac3b6023a7ebcc4578",
+ "https://github.com/tensorflow/tensorflow/commit/b619c6f865715ca3b15ef1842b5b95edbaa710ad",
+ "https://github.com/tensorflow/tensorflow/commit/e8dc63704c88007ee4713076605c90188d66f3d2",
+ },
+ },
+ {
+ ID: "CVE-2021-41204",
+ Path: "2021/41xxx/CVE-2021-41204.json",
+ BlobHash: "571c0e1bc2d31dbbc05feeae0648b33d16d96054",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-786j-5qwq-r36x",
+ "https://github.com/tensorflow/tensorflow/commit/7731e8dfbe4a56773be5dc94d631611211156659",
+ },
+ },
+ {
+ ID: "CVE-2021-41205",
+ Path: "2021/41xxx/CVE-2021-41205.json",
+ BlobHash: "c0f10ab88eee56e0aea968f4e07fe450b48cf798",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-49rx-x2rw-pc6f",
+ "https://github.com/tensorflow/tensorflow/commit/7cf73a2274732c9d82af51c2bc2cf90d13cd7e6d",
+ },
+ },
+ {
+ ID: "CVE-2021-41206",
+ Path: "2021/41xxx/CVE-2021-41206.json",
+ BlobHash: "3d54d810d0e5b37210acd68aad4810d935f19107",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-pgcq-h79j-2f69",
+ "https://github.com/tensorflow/tensorflow/commit/4d74d8a00b07441cba090a02e0dd9ed385145bf4",
+ "https://github.com/tensorflow/tensorflow/commit/4dddb2fd0b01cdd196101afbba6518658a2c9e07",
+ "https://github.com/tensorflow/tensorflow/commit/579261dcd446385831fe4f7457d802a59685121d",
+ "https://github.com/tensorflow/tensorflow/commit/68422b215e618df5ad375bcdc6d2052e9fd3080a",
+ "https://github.com/tensorflow/tensorflow/commit/da4aad5946be30e5f049920fa076e1f7ef021261",
+ "https://github.com/tensorflow/tensorflow/commit/e7f497570abb6b4ae5af4970620cd880e4c0c904",
+ },
+ },
+ {
+ ID: "CVE-2021-41207",
+ Path: "2021/41xxx/CVE-2021-41207.json",
+ BlobHash: "fa1051c54a52ca44a08d33cd4d82f947aa09c925",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/commit/f2c3931113eaafe9ef558faaddd48e00a6606235",
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7v94-64hj-m82h",
+ },
+ },
+ {
+ ID: "CVE-2021-41208",
+ Path: "2021/41xxx/CVE-2021-41208.json",
+ BlobHash: "4f252abee49ce00acb427fb4e55c7b5a10e598e5",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-57wx-m983-2f88",
+ "https://github.com/tensorflow/tensorflow/commit/5c8c9a8bfe750f9743d0c859bae112060b216f5c",
+ },
+ },
+ {
+ ID: "CVE-2021-41209",
+ Path: "2021/41xxx/CVE-2021-41209.json",
+ BlobHash: "b43d692231c102fe2f05c2eb8079595464d4e7e1",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-6hpv-v2rx-c5g6",
+ "https://github.com/tensorflow/tensorflow/commit/f2c3931113eaafe9ef558faaddd48e00a6606235",
+ },
+ },
+ {
+ ID: "CVE-2021-41210",
+ Path: "2021/41xxx/CVE-2021-41210.json",
+ BlobHash: "c0298e2202c14bcead40ae8050af3249443c2e75",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-m342-ff57-4jcc",
+ "https://github.com/tensorflow/tensorflow/commit/701cfaca222a82afbeeb17496bd718baa65a67d2",
+ },
+ },
+ {
+ ID: "CVE-2021-41211",
+ Path: "2021/41xxx/CVE-2021-41211.json",
+ BlobHash: "3570ae9b84c641ee011c8d0427761a70b6a81df3",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cvgx-3v3q-m36c",
+ "https://github.com/tensorflow/tensorflow/commit/a0d64445116c43cf46a5666bd4eee28e7a82f244",
+ },
+ },
+ {
+ ID: "CVE-2021-41212",
+ Path: "2021/41xxx/CVE-2021-41212.json",
+ BlobHash: "860bf94c111913f6e7ff52bb1e804d1d39df1f77",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-fr77-rrx3-cp7g",
+ "https://github.com/tensorflow/tensorflow/commit/fa6b7782fbb14aa08d767bc799c531f5e1fb3bb8",
+ },
+ },
+ {
+ ID: "CVE-2021-41213",
+ Path: "2021/41xxx/CVE-2021-41213.json",
+ BlobHash: "f34bf7f8d4203c8d61f1a3dc20fad6be6de5d751",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-h67m-xg8f-fxcf",
+ "https://github.com/tensorflow/tensorflow/commit/afac8158d43691661ad083f6dd9e56f327c1dcb7",
+ },
+ },
+ {
+ ID: "CVE-2021-41214",
+ Path: "2021/41xxx/CVE-2021-41214.json",
+ BlobHash: "d1709a96071c4bce502bec2d04327829b215fa86",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/commit/fa6b7782fbb14aa08d767bc799c531f5e1fb3bb8",
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-vwhq-49r4-gj9v",
+ },
+ },
+ {
+ ID: "CVE-2021-41215",
+ Path: "2021/41xxx/CVE-2021-41215.json",
+ BlobHash: "0057873c0f537daa0f9c853ed4d11bf4ac8fe0d9",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-x3v8-c8qx-3j3r",
+ "https://github.com/tensorflow/tensorflow/commit/d3738dd70f1c9ceb547258cbb82d853da8771850",
+ },
+ },
+ {
+ ID: "CVE-2021-41216",
+ Path: "2021/41xxx/CVE-2021-41216.json",
+ BlobHash: "9371bcec59f2f4f8c1c361f3169b4508d417a6cb",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-3ff2-r28g-w7h9",
+ "https://github.com/tensorflow/tensorflow/commit/c79ba87153ee343401dbe9d1954d7f79e521eb14",
+ },
+ },
+ {
+ ID: "CVE-2021-41217",
+ Path: "2021/41xxx/CVE-2021-41217.json",
+ BlobHash: "56b688e85d30362d699d530309d4f5ddc0ab3179",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-5crj-c72x-m7gq",
+ "https://github.com/tensorflow/tensorflow/commit/05cbebd3c6bb8f517a158b0155debb8df79017ff",
+ },
+ },
+ {
+ ID: "CVE-2021-41218",
+ Path: "2021/41xxx/CVE-2021-41218.json",
+ BlobHash: "aa9d42c74cb8ceae6a2bfaa8be6f0338e14ce559",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-9crf-c6qr-r273",
+ "https://github.com/tensorflow/tensorflow/commit/a8ad3e5e79c75f36edb81e0ba3f3c0c5442aeddc",
+ },
+ },
+ {
+ ID: "CVE-2021-41219",
+ Path: "2021/41xxx/CVE-2021-41219.json",
+ BlobHash: "7d7729c55b029cc4d77ca0b5af7cc5c925ed53f2",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-4f99-p9c2-3j8x",
+ "https://github.com/tensorflow/tensorflow/commit/e6cf28c72ba2eb949ca950d834dd6d66bb01cfae",
+ },
+ },
+ {
+ ID: "CVE-2021-41220",
+ Path: "2021/41xxx/CVE-2021-41220.json",
+ BlobHash: "173b397e148ab86cbf839b7bff3a4b3c1b6edb11",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-gpfh-jvf9-7wg5",
+ "https://github.com/tensorflow/tensorflow/commit/ca38dab9d3ee66c5de06f11af9a4b1200da5ef75",
+ },
+ },
+ {
+ ID: "CVE-2021-41221",
+ Path: "2021/41xxx/CVE-2021-41221.json",
+ BlobHash: "f187e9cd068385fbdfe324f18d05064c3bf3cfa1",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cqv6-3phm-hcwx",
+ "https://github.com/tensorflow/tensorflow/commit/af5fcebb37c8b5d71c237f4e59c6477015c78ce6",
+ },
+ },
+ {
+ ID: "CVE-2021-41222",
+ Path: "2021/41xxx/CVE-2021-41222.json",
+ BlobHash: "e955ef931fe19e2615b821cf97becd8396918750",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-cpf4-wx82-gxp6",
+ "https://github.com/tensorflow/tensorflow/commit/25d622ffc432acc736b14ca3904177579e733cc6",
+ },
+ },
+ {
+ ID: "CVE-2021-41223",
+ Path: "2021/41xxx/CVE-2021-41223.json",
+ BlobHash: "5c5e6aaf5a8acbdddfec06ba9c7f4912e2b5951a",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-f54p-f6jp-4rhr",
+ "https://github.com/tensorflow/tensorflow/commit/aab9998916c2ffbd8f0592059fad352622f89cda",
+ },
+ },
+ {
+ ID: "CVE-2021-41224",
+ Path: "2021/41xxx/CVE-2021-41224.json",
+ BlobHash: "cae7338931654c4d45e62e8fed8a72a6f1655828",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-rg3m-hqc5-344v",
+ "https://github.com/tensorflow/tensorflow/commit/67bfd9feeecfb3c61d80f0e46d89c170fbee682b",
+ },
+ },
+ {
+ ID: "CVE-2021-41225",
+ Path: "2021/41xxx/CVE-2021-41225.json",
+ BlobHash: "0c755722793d71a42d45d70a8dcd12ae39fe06af",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-7r94-xv9v-63jw",
+ "https://github.com/tensorflow/tensorflow/commit/68867bf01239d9e1048f98cbad185bf4761bedd3",
+ },
+ },
+ {
+ ID: "CVE-2021-41226",
+ Path: "2021/41xxx/CVE-2021-41226.json",
+ BlobHash: "3a08efb5369f6eeb43b311bfa8cb7d8163c84b9e",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-374m-jm66-3vj8",
+ "https://github.com/tensorflow/tensorflow/commit/f410212e373eb2aec4c9e60bf3702eba99a38aba",
+ },
+ },
+ {
+ ID: "CVE-2021-41227",
+ Path: "2021/41xxx/CVE-2021-41227.json",
+ BlobHash: "3566a9b05b4cbaa8555d8e813deac09c6fae74d2",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-j8c8-67vp-6mx7",
+ "https://github.com/tensorflow/tensorflow/commit/1cb6bb6c2a6019417c9adaf9e6843ba75ee2580b",
+ "https://github.com/tensorflow/tensorflow/commit/3712a2d3455e6ccb924daa5724a3652a86f6b585",
+ },
+ },
+ {
+ ID: "CVE-2021-41228",
+ Path: "2021/41xxx/CVE-2021-41228.json",
+ BlobHash: "8a7dfd9a7d0c57f66ced89ffa083b4411129a933",
+ CommitHash: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ CVEState: "PUBLIC",
+ TriageState: "FalsePositive",
+ ReferenceURLs: []string{
+ "https://github.com/tensorflow/tensorflow/security/advisories/GHSA-3rcw-9p9x-582v",
+ "https://github.com/tensorflow/tensorflow/commit/8b202f08d52e8206af2bdb2112a62fafbc546ec7",
+ },
+ },
}
diff --git a/internal/worker/false_positives.go b/internal/worker/false_positives.go
index 8f4b07a..cffd1cf 100644
--- a/internal/worker/false_positives.go
+++ b/internal/worker/false_positives.go
@@ -11,11 +11,6 @@
"golang.org/x/vuln/internal/worker/store"
)
-// FalsePositiveCommitHash is the commit used to generate false positive records.
-// It is last commit to github.com/CVEProject/cvelist on April 12, 2021.
-// The triaged-cve-list file was last edited the next day.
-const FalsePositiveCommitHash = "17294f1a2af61a2a2df52ac89cbd7c516f0c4e6a"
-
func InsertFalsePositives(ctx context.Context, st store.Store) (err error) {
defer derrors.Wrap(&err, "InsertFalsePositives")
diff --git a/internal/worker/false_positives_test.go b/internal/worker/false_positives_test.go
index 8c3f2cc..a11b5eb 100644
--- a/internal/worker/false_positives_test.go
+++ b/internal/worker/false_positives_test.go
@@ -19,12 +19,13 @@
t.Fatal(err)
}
// Spot-check a couple of records.
+ const commitHash = "17294f1a2af61a2a2df52ac89cbd7c516f0c4e6a"
got := mstore.CVERecords()
for _, want := range []*store.CVERecord{
{
ID: "CVE-2016-0216",
Path: "2016/0xxx/CVE-2016-0216.json",
- CommitHash: FalsePositiveCommitHash,
+ CommitHash: commitHash,
BlobHash: "ac9f59c6700576b5936dc014ce265ee0c9a41097",
CVEState: cveschema.StatePublic,
TriageState: store.TriageStateFalsePositive,
@@ -36,7 +37,7 @@
{
ID: "CVE-2020-15112",
Path: "2020/15xxx/CVE-2020-15112.json",
- CommitHash: FalsePositiveCommitHash,
+ CommitHash: commitHash,
BlobHash: "3d87891317ff107037bc0145194ab72df1890411",
CVEState: cveschema.StatePublic,
TriageState: store.TriageStateHasVuln,
diff --git a/internal/worker/gen_false_positives.go b/internal/worker/gen_false_positives.go
index ae3469d..ebabdaa 100644
--- a/internal/worker/gen_false_positives.go
+++ b/internal/worker/gen_false_positives.go
@@ -6,6 +6,10 @@
// This requires a local copy of the cvelist repo:
// git clone https://github.com/CVEProject/cvelist
+//
+// You may also have to "go get github.com/jba/printsrc",
+// because go mod tidy removes it.
+//
// Then run this program with the path to the repo as argument.
//go:build ignore
@@ -31,550 +35,204 @@
"golang.org/x/vuln/internal/worker/store"
)
-// The CVEs marked "false-positive" in triaged-cve-list,
-// including both true false positives and CVEs that are
-// covered by a Go vulndb report.
-var falsePositiveIDs = []string{
- "CVE-2013-2124",
- "CVE-2013-2233",
- "CVE-2014-0177",
- "CVE-2014-3498",
- "CVE-2014-3971",
- "CVE-2014-4657",
- "CVE-2014-4658",
- "CVE-2014-4659",
- "CVE-2014-4660",
- "CVE-2014-4678",
- "CVE-2014-4966",
- "CVE-2014-4967",
- "CVE-2014-8178",
- "CVE-2014-8179",
- "CVE-2014-8682",
- "CVE-2014-9938",
- "CVE-2015-5237",
- "CVE-2015-5250",
- "CVE-2015-6240",
- "CVE-2015-7082",
- "CVE-2015-7528",
- "CVE-2015-7545",
- "CVE-2015-7561",
- "CVE-2015-8222",
- "CVE-2015-8945",
- "CVE-2015-9258",
- "CVE-2015-9259",
- "CVE-2015-9282",
- "CVE-2016-0216",
- "CVE-2016-1133",
- "CVE-2016-1544",
- "CVE-2016-1587",
- "CVE-2016-1905",
- "CVE-2016-1906",
- "CVE-2016-2160",
- "CVE-2016-2183",
- "CVE-2016-2315",
- "CVE-2016-2324",
- "CVE-2016-3096",
- "CVE-2016-3711",
- "CVE-2016-4817",
- "CVE-2016-4864",
- "CVE-2016-6349",
- "CVE-2016-6494",
- "CVE-2016-7063",
- "CVE-2016-7064",
- "CVE-2016-7075",
- "CVE-2016-7569",
- "CVE-2016-7835",
- "CVE-2016-8579",
- "CVE-2016-9274",
- "CVE-2016-9962",
- "CVE-2017-1000056",
- "CVE-2017-1000069",
- "CVE-2017-1000070",
- "CVE-2017-1000420",
- "CVE-2017-1000459",
- "CVE-2017-1000492",
- "CVE-2017-1002100",
- "CVE-2017-1002101",
- "CVE-2017-1002102",
- "CVE-2017-10868",
- "CVE-2017-10869",
- "CVE-2017-10872",
- "CVE-2017-10908",
- "CVE-2017-14178",
- "CVE-2017-14623",
- "CVE-2017-14992",
- "CVE-2017-15104",
- "CVE-2017-16539",
- "CVE-2017-17697",
- "CVE-2017-2428",
- "CVE-2017-7297",
- "CVE-2017-7481",
- "CVE-2017-7550",
- "CVE-2017-7860",
- "CVE-2017-7861",
- "CVE-2017-8359",
- "CVE-2017-9431",
- "CVE-2018-0608",
- "CVE-2018-1000400",
- "CVE-2018-1000538",
- "CVE-2018-1000803",
- "CVE-2018-1000816",
- "CVE-2018-1002100",
- "CVE-2018-1002101",
- "CVE-2018-1002102",
- "CVE-2018-1002103",
- "CVE-2018-1002104",
- "CVE-2018-1002105",
- "CVE-2018-1002207",
- "CVE-2018-10055",
- "CVE-2018-10856",
- "CVE-2018-10892",
- "CVE-2018-10937",
- "CVE-2018-1098",
- "CVE-2018-1099",
- "CVE-2018-12099",
- "CVE-2018-12608",
- "CVE-2018-12678",
- "CVE-2018-12976",
- "CVE-2018-14474",
- "CVE-2018-15178",
- "CVE-2018-15192",
- "CVE-2018-15193",
- "CVE-2018-15598",
- "CVE-2018-15664",
- "CVE-2018-15747",
- "CVE-2018-15869",
- "CVE-2018-16316",
- "CVE-2018-16359",
- "CVE-2018-16398",
- "CVE-2018-16409",
- "CVE-2018-16733",
- "CVE-2018-16859",
- "CVE-2018-16876",
- "CVE-2018-17031",
- "CVE-2018-17456",
- "CVE-2018-17572",
- "CVE-2018-18264",
- "CVE-2018-18553",
- "CVE-2018-18623",
- "CVE-2018-18624",
- "CVE-2018-18625",
- "CVE-2018-18925",
- "CVE-2018-18926",
- "CVE-2018-19114",
- "CVE-2018-19148",
- "CVE-2018-19184",
- "CVE-2018-19295",
- "CVE-2018-19333",
- "CVE-2018-19367",
- "CVE-2018-19466",
- "CVE-2018-19653",
- "CVE-2018-19786",
- "CVE-2018-19793",
- "CVE-2018-20303",
- "CVE-2018-20421",
- "CVE-2018-20699",
- "CVE-2018-20744",
- "CVE-2018-21034",
- "CVE-2018-21233",
- "CVE-2018-7575",
- "CVE-2018-7576",
- "CVE-2018-7577",
- "CVE-2018-8825",
- "CVE-2018-9057",
- "CVE-2019-1000002",
- "CVE-2019-1002100",
- "CVE-2019-1002101",
- "CVE-2019-1010003",
- "CVE-2019-1010261",
- "CVE-2019-1010275",
- "CVE-2019-1010314",
- "CVE-2019-10152",
- "CVE-2019-10156",
- "CVE-2019-10165",
- "CVE-2019-10200",
- "CVE-2019-1020009",
- "CVE-2019-1020014",
- "CVE-2019-1020015",
- "CVE-2019-10217",
- "CVE-2019-10223",
- "CVE-2019-10743",
- "CVE-2019-11043",
- "CVE-2019-11228",
- "CVE-2019-11229",
- "CVE-2019-11243",
- "CVE-2019-11244",
- "CVE-2019-11245",
- "CVE-2019-11246",
- "CVE-2019-11247",
- "CVE-2019-11248",
- "CVE-2019-11249",
- "CVE-2019-11251",
- "CVE-2019-11252",
- "CVE-2019-11255",
- "CVE-2019-11328",
- "CVE-2019-11405",
- "CVE-2019-11471",
- "CVE-2019-11502",
- "CVE-2019-11503",
- "CVE-2019-11576",
- "CVE-2019-11641",
- "CVE-2019-11881",
- "CVE-2019-11938",
- "CVE-2019-12291",
- "CVE-2019-12452",
- "CVE-2019-12494",
- "CVE-2019-12618",
- "CVE-2019-12995",
- "CVE-2019-12999",
- "CVE-2019-13068",
- "CVE-2019-13126",
- "CVE-2019-13139",
- "CVE-2019-13915",
- "CVE-2019-14243",
- "CVE-2019-14255",
- "CVE-2019-14271",
- "CVE-2019-14544",
- "CVE-2019-14846",
- "CVE-2019-14864",
- "CVE-2019-14904",
- "CVE-2019-14940",
- "CVE-2019-14993",
- "CVE-2019-15043",
- "CVE-2019-15119",
- "CVE-2019-15225",
- "CVE-2019-15226",
- "CVE-2019-15562",
- "CVE-2019-15716",
- "CVE-2019-16060",
- "CVE-2019-16097",
- "CVE-2019-16146",
- "CVE-2019-16214",
- "CVE-2019-16355",
- "CVE-2019-16778",
- "CVE-2019-16919",
- "CVE-2019-18466",
- "CVE-2019-18657",
- "CVE-2019-18801",
- "CVE-2019-18802",
- "CVE-2019-18817",
- "CVE-2019-18836",
- "CVE-2019-18838",
- "CVE-2019-18923",
- "CVE-2019-19023",
- "CVE-2019-19025",
- "CVE-2019-19026",
- "CVE-2019-19029",
- "CVE-2019-19316",
- "CVE-2019-19335",
- "CVE-2019-19349",
- "CVE-2019-19350",
- "CVE-2019-19724",
- "CVE-2019-19922",
- "CVE-2019-20329",
- "CVE-2019-20372",
- "CVE-2019-20377",
- "CVE-2019-20894",
- "CVE-2019-20933",
- "CVE-2019-25014",
- "CVE-2019-3552",
- "CVE-2019-3553",
- "CVE-2019-3558",
- "CVE-2019-3559",
- "CVE-2019-3565",
- "CVE-2019-3826",
- "CVE-2019-3828",
- "CVE-2019-3841",
- "CVE-2019-3990",
- "CVE-2019-5736",
- "CVE-2019-6035",
- "CVE-2019-8336",
- "CVE-2019-8400",
- "CVE-2019-9547",
- "CVE-2019-9635",
- "CVE-2019-9764",
- "CVE-2019-9900",
- "CVE-2019-9901",
- "CVE-2019-9946",
- "CVE-2020-10660",
- "CVE-2020-10661",
- "CVE-2020-10685",
- "CVE-2020-10691",
- "CVE-2020-10696",
- "CVE-2020-10706",
- "CVE-2020-10712",
- "CVE-2020-10715",
- "CVE-2020-10749",
- "CVE-2020-10750",
- "CVE-2020-10752",
- "CVE-2020-10763",
- "CVE-2020-10944",
- "CVE-2020-11008",
- "CVE-2020-11012",
- "CVE-2020-11013",
- "CVE-2020-11053",
- "CVE-2020-11080",
- "CVE-2020-11091",
- "CVE-2020-11110",
- "CVE-2020-11498",
- "CVE-2020-11576",
- "CVE-2020-11710",
- "CVE-2020-11767",
- "CVE-2020-12118",
- "CVE-2020-12245",
- "CVE-2020-12278",
- "CVE-2020-12279",
- "CVE-2020-12283",
- "CVE-2020-12458",
- "CVE-2020-12459",
- "CVE-2020-12603",
- "CVE-2020-12604",
- "CVE-2020-12605",
- "CVE-2020-12757",
- "CVE-2020-12758",
- "CVE-2020-12797",
- "CVE-2020-13170",
- "CVE-2020-13223",
- "CVE-2020-13246",
- "CVE-2020-13250",
- "CVE-2020-13401",
- "CVE-2020-13430",
- "CVE-2020-13449",
- "CVE-2020-13450",
- "CVE-2020-13451",
- "CVE-2020-13452",
- "CVE-2020-13597",
- "CVE-2020-13788",
- "CVE-2020-13794",
- "CVE-2020-14144",
- "CVE-2020-14306",
- "CVE-2020-14330",
- "CVE-2020-14332",
- "CVE-2020-14958",
- "CVE-2020-15104",
- "CVE-2020-15112",
- "CVE-2020-15113",
- "CVE-2020-15114",
- "CVE-2020-15115",
- "CVE-2020-15127",
- "CVE-2020-15129",
- "CVE-2020-15136",
- "CVE-2020-15157",
- "CVE-2020-15184",
- "CVE-2020-15185",
- "CVE-2020-15186",
- "CVE-2020-15187",
- "CVE-2020-15190",
- "CVE-2020-15191",
- "CVE-2020-15192",
- "CVE-2020-15193",
- "CVE-2020-15194",
- "CVE-2020-15195",
- "CVE-2020-15196",
- "CVE-2020-15197",
- "CVE-2020-15198",
- "CVE-2020-15199",
- "CVE-2020-15200",
- "CVE-2020-15201",
- "CVE-2020-15202",
- "CVE-2020-15203",
- "CVE-2020-15204",
- "CVE-2020-15205",
- "CVE-2020-15206",
- "CVE-2020-15207",
- "CVE-2020-15208",
- "CVE-2020-15209",
- "CVE-2020-15210",
- "CVE-2020-15211",
- "CVE-2020-15212",
- "CVE-2020-15213",
- "CVE-2020-15214",
- "CVE-2020-15223",
- "CVE-2020-15233",
- "CVE-2020-15234",
- "CVE-2020-15254",
- "CVE-2020-15257",
- "CVE-2020-15265",
- "CVE-2020-15266",
- "CVE-2020-15391",
- "CVE-2020-16248",
- "CVE-2020-16250",
- "CVE-2020-16251",
- "CVE-2020-16844",
- "CVE-2020-1733",
- "CVE-2020-1734",
- "CVE-2020-1735",
- "CVE-2020-1736",
- "CVE-2020-1737",
- "CVE-2020-1738",
- "CVE-2020-1739",
- "CVE-2020-1740",
- "CVE-2020-1746",
- "CVE-2020-2023",
- "CVE-2020-2024",
- "CVE-2020-2025",
- "CVE-2020-2026",
- "CVE-2020-24263",
- "CVE-2020-24264",
- "CVE-2020-24303",
- "CVE-2020-24356",
- "CVE-2020-24359",
- "CVE-2020-24707",
- "CVE-2020-24708",
- "CVE-2020-24710",
- "CVE-2020-24711",
- "CVE-2020-24712",
- "CVE-2020-25017",
- "CVE-2020-25018",
- "CVE-2020-25201",
- "CVE-2020-25816",
- "CVE-2020-25989",
- "CVE-2020-26222",
- "CVE-2020-26240",
- "CVE-2020-26241",
- "CVE-2020-26242",
- "CVE-2020-26265",
- "CVE-2020-26266",
- "CVE-2020-26267",
- "CVE-2020-26268",
- "CVE-2020-26269",
- "CVE-2020-26270",
- "CVE-2020-26271",
- "CVE-2020-26276",
- "CVE-2020-26277",
- "CVE-2020-26278",
- "CVE-2020-26279",
- "CVE-2020-26283",
- "CVE-2020-26284",
- "CVE-2020-26290",
- "CVE-2020-26294",
- "CVE-2020-26521",
- "CVE-2020-26892",
- "CVE-2020-27151",
- "CVE-2020-27195",
- "CVE-2020-27534",
- "CVE-2020-27955",
- "CVE-2020-28053",
- "CVE-2020-28348",
- "CVE-2020-28349",
- "CVE-2020-28466",
- "CVE-2020-28914",
- "CVE-2020-28924",
- "CVE-2020-28991",
- "CVE-2020-29243",
- "CVE-2020-29244",
- "CVE-2020-29245",
- "CVE-2020-29510",
- "CVE-2020-29511",
- "CVE-2020-29662",
- "CVE-2020-35137",
- "CVE-2020-35138",
- "CVE-2020-35177",
- "CVE-2020-35453",
- "CVE-2020-35470",
- "CVE-2020-35471",
- "CVE-2020-36066",
- "CVE-2020-3996",
- "CVE-2020-4037",
- "CVE-2020-4053",
- "CVE-2020-5215",
- "CVE-2020-5233",
- "CVE-2020-5260",
- "CVE-2020-5300",
- "CVE-2020-5303",
- "CVE-2020-5415",
- "CVE-2020-6016",
- "CVE-2020-6017",
- "CVE-2020-6018",
- "CVE-2020-6019",
- "CVE-2020-7218",
- "CVE-2020-7219",
- "CVE-2020-7220",
- "CVE-2020-7665",
- "CVE-2020-7666",
- "CVE-2020-7669",
- "CVE-2020-7955",
- "CVE-2020-7956",
- "CVE-2020-8551",
- "CVE-2020-8552",
- "CVE-2020-8553",
- "CVE-2020-8554",
- "CVE-2020-8555",
- "CVE-2020-8557",
- "CVE-2020-8558",
- "CVE-2020-8559",
- "CVE-2020-8563",
- "CVE-2020-8566",
- "CVE-2020-8569",
- "CVE-2020-8595",
- "CVE-2020-8659",
- "CVE-2020-8660",
- "CVE-2020-8661",
- "CVE-2020-8663",
- "CVE-2020-8664",
- "CVE-2020-8826",
- "CVE-2020-8827",
- "CVE-2020-8828",
- "CVE-2020-8843",
- "CVE-2020-8927",
- "CVE-2020-8929",
- "CVE-2020-9321",
- "CVE-2020-9329",
- "CVE-2021-20198",
- "CVE-2021-20199",
- "CVE-2021-20218",
- "CVE-2021-20291",
- "CVE-2021-21271",
- "CVE-2021-21284",
- "CVE-2021-21285",
- "CVE-2021-21287",
- "CVE-2021-21291",
- "CVE-2021-21296",
- "CVE-2021-21300",
- "CVE-2021-21303",
- "CVE-2021-21334",
- "CVE-2021-21362",
- "CVE-2021-21363",
- "CVE-2021-21364",
- "CVE-2021-21378",
- "CVE-2021-21390",
- "CVE-2021-21404",
- "CVE-2021-21411",
- "CVE-2021-21432",
- "CVE-2021-22538",
- "CVE-2021-23345",
- "CVE-2021-23347",
- "CVE-2021-23351",
- "CVE-2021-23357",
- "CVE-2021-23827",
- "CVE-2021-25313",
- "CVE-2021-25834",
- "CVE-2021-25835",
- "CVE-2021-25836",
- "CVE-2021-25837",
- "CVE-2021-26921",
- "CVE-2021-26923",
- "CVE-2021-26924",
- "CVE-2021-27098",
- "CVE-2021-27099",
- "CVE-2021-27358",
- "CVE-2021-27375",
- "CVE-2021-27935",
- "CVE-2021-27940",
- "CVE-2021-28361",
- "CVE-2021-28378",
- "CVE-2021-28681",
- "CVE-2021-28954",
- "CVE-2021-28955",
- "CVE-2021-29136",
- "CVE-2021-29271",
- "CVE-2021-29272",
- "CVE-2021-29417",
- "CVE-2021-29651",
- "CVE-2021-29652",
- "CVE-2021-3344",
- "CVE-2021-3382",
- "CVE-2021-3391",
+// The CVEs marked "false-positive" in triaged-cve-list and elswhere, including
+// both true false positives and CVEs that are covered by a Go vulndb report.
+var falsePositiveIDs = []struct {
+ source string
+ commit string
+ ids []string
+}{
+ {
+ source: "triaged-cve-list file in this repo",
+ // Last commit to github.com/CVEProject/cvelist on April 12, 2021.
+ // The triaged-cve-list file was last edited the next day.
+ commit: "17294f1a2af61a2a2df52ac89cbd7c516f0c4e6a",
+ ids: []string{
+ "CVE-2013-2124", "CVE-2013-2233", "CVE-2014-0177", "CVE-2014-3498", "CVE-2014-3971",
+ "CVE-2014-4657", "CVE-2014-4658", "CVE-2014-4659", "CVE-2014-4660", "CVE-2014-4678",
+ "CVE-2014-4966", "CVE-2014-4967", "CVE-2014-8178", "CVE-2014-8179", "CVE-2014-8682",
+ "CVE-2014-9938", "CVE-2015-5237", "CVE-2015-5250", "CVE-2015-6240", "CVE-2015-7082",
+ "CVE-2015-7528", "CVE-2015-7545", "CVE-2015-7561", "CVE-2015-8222", "CVE-2015-8945",
+ "CVE-2015-9258", "CVE-2015-9259", "CVE-2015-9282", "CVE-2016-0216", "CVE-2016-1133",
+ "CVE-2016-1544", "CVE-2016-1587", "CVE-2016-1905", "CVE-2016-1906", "CVE-2016-2160",
+ "CVE-2016-2183", "CVE-2016-2315", "CVE-2016-2324", "CVE-2016-3096", "CVE-2016-3711",
+ "CVE-2016-4817", "CVE-2016-4864", "CVE-2016-6349", "CVE-2016-6494", "CVE-2016-7063",
+ "CVE-2016-7064", "CVE-2016-7075", "CVE-2016-7569", "CVE-2016-7835", "CVE-2016-8579",
+ "CVE-2016-9274", "CVE-2016-9962", "CVE-2017-1000056", "CVE-2017-1000069", "CVE-2017-1000070",
+ "CVE-2017-1000420", "CVE-2017-1000459", "CVE-2017-1000492", "CVE-2017-1002100", "CVE-2017-1002101",
+ "CVE-2017-1002102", "CVE-2017-10868", "CVE-2017-10869", "CVE-2017-10872", "CVE-2017-10908",
+ "CVE-2017-14178", "CVE-2017-14623", "CVE-2017-14992", "CVE-2017-15104", "CVE-2017-16539",
+ "CVE-2017-17697", "CVE-2017-2428", "CVE-2017-7297", "CVE-2017-7481", "CVE-2017-7550",
+ "CVE-2017-7860", "CVE-2017-7861", "CVE-2017-8359", "CVE-2017-9431", "CVE-2018-0608",
+ "CVE-2018-1000400", "CVE-2018-1000538", "CVE-2018-1000803", "CVE-2018-1000816", "CVE-2018-1002100",
+ "CVE-2018-1002101", "CVE-2018-1002102", "CVE-2018-1002103", "CVE-2018-1002104", "CVE-2018-1002105",
+ "CVE-2018-1002207", "CVE-2018-10055", "CVE-2018-10856", "CVE-2018-10892", "CVE-2018-10937",
+ "CVE-2018-1098", "CVE-2018-1099", "CVE-2018-12099", "CVE-2018-12608", "CVE-2018-12678",
+ "CVE-2018-12976", "CVE-2018-14474", "CVE-2018-15178", "CVE-2018-15192", "CVE-2018-15193",
+ "CVE-2018-15598", "CVE-2018-15664", "CVE-2018-15747", "CVE-2018-15869", "CVE-2018-16316",
+ "CVE-2018-16359", "CVE-2018-16398", "CVE-2018-16409", "CVE-2018-16733", "CVE-2018-16859",
+ "CVE-2018-16876", "CVE-2018-17031", "CVE-2018-17456", "CVE-2018-17572", "CVE-2018-18264",
+ "CVE-2018-18553", "CVE-2018-18623", "CVE-2018-18624", "CVE-2018-18625", "CVE-2018-18925",
+ "CVE-2018-18926", "CVE-2018-19114", "CVE-2018-19148", "CVE-2018-19184", "CVE-2018-19295",
+ "CVE-2018-19333", "CVE-2018-19367", "CVE-2018-19466", "CVE-2018-19653", "CVE-2018-19786",
+ "CVE-2018-19793", "CVE-2018-20303", "CVE-2018-20421", "CVE-2018-20699", "CVE-2018-20744",
+ "CVE-2018-21034", "CVE-2018-21233", "CVE-2018-7575", "CVE-2018-7576", "CVE-2018-7577",
+ "CVE-2018-8825", "CVE-2018-9057", "CVE-2019-1000002", "CVE-2019-1002100", "CVE-2019-1002101",
+ "CVE-2019-1010003", "CVE-2019-1010261", "CVE-2019-1010275", "CVE-2019-1010314", "CVE-2019-10152",
+ "CVE-2019-10156", "CVE-2019-10165", "CVE-2019-10200", "CVE-2019-1020009", "CVE-2019-1020014",
+ "CVE-2019-1020015", "CVE-2019-10217", "CVE-2019-10223", "CVE-2019-10743", "CVE-2019-11043",
+ "CVE-2019-11228", "CVE-2019-11229", "CVE-2019-11243", "CVE-2019-11244", "CVE-2019-11245",
+ "CVE-2019-11246", "CVE-2019-11247", "CVE-2019-11248", "CVE-2019-11249", "CVE-2019-11251",
+ "CVE-2019-11252", "CVE-2019-11255", "CVE-2019-11328", "CVE-2019-11405", "CVE-2019-11471",
+ "CVE-2019-11502", "CVE-2019-11503", "CVE-2019-11576", "CVE-2019-11641", "CVE-2019-11881",
+ "CVE-2019-11938", "CVE-2019-12291", "CVE-2019-12452", "CVE-2019-12494", "CVE-2019-12618",
+ "CVE-2019-12995", "CVE-2019-12999", "CVE-2019-13068", "CVE-2019-13126", "CVE-2019-13139",
+ "CVE-2019-13915", "CVE-2019-14243", "CVE-2019-14255", "CVE-2019-14271", "CVE-2019-14544",
+ "CVE-2019-14846", "CVE-2019-14864", "CVE-2019-14904", "CVE-2019-14940", "CVE-2019-14993",
+ "CVE-2019-15043", "CVE-2019-15119", "CVE-2019-15225", "CVE-2019-15226", "CVE-2019-15562",
+ "CVE-2019-15716", "CVE-2019-16060", "CVE-2019-16097", "CVE-2019-16146", "CVE-2019-16214",
+ "CVE-2019-16355", "CVE-2019-16778", "CVE-2019-16919", "CVE-2019-18466", "CVE-2019-18657",
+ "CVE-2019-18801", "CVE-2019-18802", "CVE-2019-18817", "CVE-2019-18836", "CVE-2019-18838",
+ "CVE-2019-18923", "CVE-2019-19023", "CVE-2019-19025", "CVE-2019-19026", "CVE-2019-19029",
+ "CVE-2019-19316", "CVE-2019-19335", "CVE-2019-19349", "CVE-2019-19350", "CVE-2019-19724",
+ "CVE-2019-19922", "CVE-2019-20329", "CVE-2019-20372", "CVE-2019-20377", "CVE-2019-20894",
+ "CVE-2019-20933", "CVE-2019-25014", "CVE-2019-3552", "CVE-2019-3553", "CVE-2019-3558",
+ "CVE-2019-3559", "CVE-2019-3565", "CVE-2019-3826", "CVE-2019-3828", "CVE-2019-3841",
+ "CVE-2019-3990", "CVE-2019-5736", "CVE-2019-6035", "CVE-2019-8336", "CVE-2019-8400",
+ "CVE-2019-9547", "CVE-2019-9635", "CVE-2019-9764", "CVE-2019-9900", "CVE-2019-9901",
+ "CVE-2019-9946", "CVE-2020-10660", "CVE-2020-10661", "CVE-2020-10685", "CVE-2020-10691",
+ "CVE-2020-10696", "CVE-2020-10706", "CVE-2020-10712", "CVE-2020-10715", "CVE-2020-10749",
+ "CVE-2020-10750", "CVE-2020-10752", "CVE-2020-10763", "CVE-2020-10944", "CVE-2020-11008",
+ "CVE-2020-11012", "CVE-2020-11013", "CVE-2020-11053", "CVE-2020-11080", "CVE-2020-11091",
+ "CVE-2020-11110", "CVE-2020-11498", "CVE-2020-11576", "CVE-2020-11710", "CVE-2020-11767",
+ "CVE-2020-12118", "CVE-2020-12245", "CVE-2020-12278", "CVE-2020-12279", "CVE-2020-12283",
+ "CVE-2020-12458", "CVE-2020-12459", "CVE-2020-12603", "CVE-2020-12604", "CVE-2020-12605",
+ "CVE-2020-12757", "CVE-2020-12758", "CVE-2020-12797", "CVE-2020-13170", "CVE-2020-13223",
+ "CVE-2020-13246", "CVE-2020-13250", "CVE-2020-13401", "CVE-2020-13430", "CVE-2020-13449",
+ "CVE-2020-13450", "CVE-2020-13451", "CVE-2020-13452", "CVE-2020-13597", "CVE-2020-13788",
+ "CVE-2020-13794", "CVE-2020-14144", "CVE-2020-14306", "CVE-2020-14330", "CVE-2020-14332",
+ "CVE-2020-14958", "CVE-2020-15104", "CVE-2020-15112", "CVE-2020-15113", "CVE-2020-15114",
+ "CVE-2020-15115", "CVE-2020-15127", "CVE-2020-15129", "CVE-2020-15136", "CVE-2020-15157",
+ "CVE-2020-15184", "CVE-2020-15185", "CVE-2020-15186", "CVE-2020-15187", "CVE-2020-15190",
+ "CVE-2020-15191", "CVE-2020-15192", "CVE-2020-15193", "CVE-2020-15194", "CVE-2020-15195",
+ "CVE-2020-15196", "CVE-2020-15197", "CVE-2020-15198", "CVE-2020-15199", "CVE-2020-15200",
+ "CVE-2020-15201", "CVE-2020-15202", "CVE-2020-15203", "CVE-2020-15204", "CVE-2020-15205",
+ "CVE-2020-15206", "CVE-2020-15207", "CVE-2020-15208", "CVE-2020-15209", "CVE-2020-15210",
+ "CVE-2020-15211", "CVE-2020-15212", "CVE-2020-15213", "CVE-2020-15214", "CVE-2020-15223",
+ "CVE-2020-15233", "CVE-2020-15234", "CVE-2020-15254", "CVE-2020-15257", "CVE-2020-15265",
+ "CVE-2020-15266", "CVE-2020-15391", "CVE-2020-16248", "CVE-2020-16250", "CVE-2020-16251",
+ "CVE-2020-16844", "CVE-2020-1733", "CVE-2020-1734", "CVE-2020-1735", "CVE-2020-1736",
+ "CVE-2020-1737", "CVE-2020-1738", "CVE-2020-1739", "CVE-2020-1740", "CVE-2020-1746",
+ "CVE-2020-2023", "CVE-2020-2024", "CVE-2020-2025", "CVE-2020-2026", "CVE-2020-24263",
+ "CVE-2020-24264", "CVE-2020-24303", "CVE-2020-24356", "CVE-2020-24359", "CVE-2020-24707",
+ "CVE-2020-24708", "CVE-2020-24710", "CVE-2020-24711", "CVE-2020-24712", "CVE-2020-25017",
+ "CVE-2020-25018", "CVE-2020-25201", "CVE-2020-25816", "CVE-2020-25989", "CVE-2020-26222",
+ "CVE-2020-26240", "CVE-2020-26241", "CVE-2020-26242", "CVE-2020-26265", "CVE-2020-26266",
+ "CVE-2020-26267", "CVE-2020-26268", "CVE-2020-26269", "CVE-2020-26270", "CVE-2020-26271",
+ "CVE-2020-26276", "CVE-2020-26277", "CVE-2020-26278", "CVE-2020-26279", "CVE-2020-26283",
+ "CVE-2020-26284", "CVE-2020-26290", "CVE-2020-26294", "CVE-2020-26521", "CVE-2020-26892",
+ "CVE-2020-27151", "CVE-2020-27195", "CVE-2020-27534", "CVE-2020-27955", "CVE-2020-28053",
+ "CVE-2020-28348", "CVE-2020-28349", "CVE-2020-28466", "CVE-2020-28914", "CVE-2020-28924",
+ "CVE-2020-28991", "CVE-2020-29243", "CVE-2020-29244", "CVE-2020-29245", "CVE-2020-29510",
+ "CVE-2020-29511", "CVE-2020-29662", "CVE-2020-35137", "CVE-2020-35138", "CVE-2020-35177",
+ "CVE-2020-35453", "CVE-2020-35470", "CVE-2020-35471", "CVE-2020-36066", "CVE-2020-3996",
+ "CVE-2020-4037", "CVE-2020-4053", "CVE-2020-5215", "CVE-2020-5233", "CVE-2020-5260",
+ "CVE-2020-5300", "CVE-2020-5303", "CVE-2020-5415", "CVE-2020-6016", "CVE-2020-6017",
+ "CVE-2020-6018", "CVE-2020-6019", "CVE-2020-7218", "CVE-2020-7219", "CVE-2020-7220",
+ "CVE-2020-7665", "CVE-2020-7666", "CVE-2020-7669", "CVE-2020-7955", "CVE-2020-7956",
+ "CVE-2020-8551", "CVE-2020-8552", "CVE-2020-8553", "CVE-2020-8554", "CVE-2020-8555",
+ "CVE-2020-8557", "CVE-2020-8558", "CVE-2020-8559", "CVE-2020-8563", "CVE-2020-8566",
+ "CVE-2020-8569", "CVE-2020-8595", "CVE-2020-8659", "CVE-2020-8660", "CVE-2020-8661",
+ "CVE-2020-8663", "CVE-2020-8664", "CVE-2020-8826", "CVE-2020-8827", "CVE-2020-8828",
+ "CVE-2020-8843", "CVE-2020-8927", "CVE-2020-8929", "CVE-2020-9321", "CVE-2020-9329",
+ "CVE-2021-20198", "CVE-2021-20199", "CVE-2021-20218", "CVE-2021-20291", "CVE-2021-21271",
+ "CVE-2021-21284", "CVE-2021-21285", "CVE-2021-21287", "CVE-2021-21291", "CVE-2021-21296",
+ "CVE-2021-21300", "CVE-2021-21303", "CVE-2021-21334", "CVE-2021-21362", "CVE-2021-21363",
+ "CVE-2021-21364", "CVE-2021-21378", "CVE-2021-21390", "CVE-2021-21404", "CVE-2021-21411",
+ "CVE-2021-21432", "CVE-2021-22538", "CVE-2021-23345", "CVE-2021-23347", "CVE-2021-23351",
+ "CVE-2021-23357", "CVE-2021-23827", "CVE-2021-25313", "CVE-2021-25834", "CVE-2021-25835",
+ "CVE-2021-25836", "CVE-2021-25837", "CVE-2021-26921", "CVE-2021-26923", "CVE-2021-26924",
+ "CVE-2021-27098", "CVE-2021-27099", "CVE-2021-27358", "CVE-2021-27375", "CVE-2021-27935",
+ "CVE-2021-27940", "CVE-2021-28361", "CVE-2021-28378", "CVE-2021-28681", "CVE-2021-28954",
+ "CVE-2021-28955", "CVE-2021-29136", "CVE-2021-29271", "CVE-2021-29272", "CVE-2021-29417",
+ "CVE-2021-29651", "CVE-2021-29652", "CVE-2021-3344", "CVE-2021-3382", "CVE-2021-3391",
+ },
+ },
+ {
+ source: "internal doc of Nov 7, 2021",
+ commit: "f2e420732374f84baa2c4a5b7a84be9ff7e46f88",
+ ids: []string{
+ "CVE-2020-27847", "CVE-2020-7731", "CVE-2020-28851", "CVE-2020-28852", "CVE-2020-10729",
+ "CVE-2020-10808", "CVE-2020-18032", "CVE-2020-19498", "CVE-2020-19499", "CVE-2020-23109",
+ "CVE-2020-27386", "CVE-2020-27387", "CVE-2020-28347", "CVE-2020-36404", "CVE-2020-36405",
+ "CVE-2020-7350", "CVE-2020-7351", "CVE-2020-7352", "CVE-2020-7356", "CVE-2020-7357",
+ "CVE-2020-7361", "CVE-2020-7373", "CVE-2020-7374", "CVE-2020-7376", "CVE-2020-7377",
+ "CVE-2020-7384", "CVE-2020-7385", "CVE-2021-20178", "CVE-2021-20228", "CVE-2021-20286",
+ "CVE-2021-21414", "CVE-2021-21428", "CVE-2021-21429", "CVE-2021-21430", "CVE-2021-24028",
+ "CVE-2021-28682", "CVE-2021-28683", "CVE-2021-29133", "CVE-2021-29258", "CVE-2021-29492",
+ "CVE-2021-32777", "CVE-2021-32778", "CVE-2021-32779", "CVE-2021-32780", "CVE-2021-32781",
+ "CVE-2021-32810", "CVE-2021-36753", "CVE-2021-36979", "CVE-2021-39204", "CVE-2021-39206",
+ "CVE-2021-40330", "CVE-2021-42840", "CVE-2021-29923", "CVE-2020-13310", "CVE-2020-13327",
+ "CVE-2020-13347", "CVE-2020-13353", "CVE-2020-13845", "CVE-2020-13846", "CVE-2020-13847",
+ "CVE-2020-14160", "CVE-2020-14161", "CVE-2020-15167", "CVE-2020-15229", "CVE-2020-24130",
+ "CVE-2020-25039", "CVE-2020-25040", "CVE-2020-26213", "CVE-2020-27519", "CVE-2020-28366",
+ "CVE-2020-28367", "CVE-2020-8561", "CVE-2021-21405", "CVE-2021-22171", "CVE-2021-23135",
+ "CVE-2021-23365", "CVE-2021-25735", "CVE-2021-25737", "CVE-2021-25740", "CVE-2021-25741",
+ "CVE-2021-25742", "CVE-2021-25938", "CVE-2021-28484", "CVE-2021-29453", "CVE-2021-29456",
+ "CVE-2021-29499", "CVE-2021-29622", "CVE-2021-30465", "CVE-2021-30476", "CVE-2021-31232",
+ "CVE-2021-31856", "CVE-2021-32574", "CVE-2021-32635", "CVE-2021-32637", "CVE-2021-32690",
+ "CVE-2021-32699", "CVE-2021-32701", "CVE-2021-32753", "CVE-2021-32760", "CVE-2021-32783",
+ "CVE-2021-32787", "CVE-2021-32813", "CVE-2021-32825", "CVE-2021-33359", "CVE-2021-33496",
+ "CVE-2021-33497", "CVE-2021-33708", "CVE-2021-34824", "CVE-2021-35206", "CVE-2021-36156",
+ "CVE-2021-36157", "CVE-2021-3619", "CVE-2021-36213", "CVE-2021-36371", "CVE-2021-37794",
+ "CVE-2021-37914", "CVE-2021-38197", "CVE-2021-38599", "CVE-2021-39155", "CVE-2021-39156",
+ "CVE-2021-39162", "CVE-2021-39226", "CVE-2021-39391", "CVE-2021-41087", "CVE-2021-41088",
+ "CVE-2021-41089", "CVE-2021-41091", "CVE-2021-41092", "CVE-2021-41103", "CVE-2021-41137",
+ "CVE-2021-41174", "CVE-2021-41232", "CVE-2021-41323", "CVE-2021-41324", "CVE-2021-41325",
+ "CVE-2021-41393", "CVE-2021-41394", "CVE-2021-41395", "CVE-2021-41593", "CVE-2021-42650",
+ "CVE-2020-22741", "CVE-2020-26772", "CVE-2021-36605", "CVE-2021-29512", "CVE-2021-29513",
+ "CVE-2021-29514", "CVE-2021-29515", "CVE-2021-29516", "CVE-2021-29517", "CVE-2021-29518",
+ "CVE-2021-29519", "CVE-2021-29520", "CVE-2021-29521", "CVE-2021-29522", "CVE-2021-29523",
+ "CVE-2021-29524", "CVE-2021-29525", "CVE-2021-29526", "CVE-2021-29527", "CVE-2021-29528",
+ "CVE-2021-29529", "CVE-2021-29530", "CVE-2021-29531", "CVE-2021-29532", "CVE-2021-29533",
+ "CVE-2021-29534", "CVE-2021-29535", "CVE-2021-29536", "CVE-2021-29537", "CVE-2021-29538",
+ "CVE-2021-29539", "CVE-2021-29540", "CVE-2021-29541", "CVE-2021-29542", "CVE-2021-29543",
+ "CVE-2021-29544", "CVE-2021-29545", "CVE-2021-29546", "CVE-2021-29547", "CVE-2021-29548",
+ "CVE-2021-29549", "CVE-2021-29550", "CVE-2021-29551", "CVE-2021-29552", "CVE-2021-29553",
+ "CVE-2021-29554", "CVE-2021-29555", "CVE-2021-29556", "CVE-2021-29557", "CVE-2021-29558",
+ "CVE-2021-29559", "CVE-2021-29560", "CVE-2021-29561", "CVE-2021-29562", "CVE-2021-29563",
+ "CVE-2021-29564", "CVE-2021-29565", "CVE-2021-29566", "CVE-2021-29567", "CVE-2021-29568",
+ "CVE-2021-29569", "CVE-2021-29570", "CVE-2021-29571", "CVE-2021-29572", "CVE-2021-29573",
+ "CVE-2021-29574", "CVE-2021-29575", "CVE-2021-29576", "CVE-2021-29577", "CVE-2021-29578",
+ "CVE-2021-29579", "CVE-2021-29580", "CVE-2021-29581", "CVE-2021-29582", "CVE-2021-29583",
+ "CVE-2021-29584", "CVE-2021-29585", "CVE-2021-29586", "CVE-2021-29587", "CVE-2021-29588",
+ "CVE-2021-29589", "CVE-2021-29590", "CVE-2021-29591", "CVE-2021-29592", "CVE-2021-29593",
+ "CVE-2021-29594", "CVE-2021-29595", "CVE-2021-29596", "CVE-2021-29597", "CVE-2021-29598",
+ "CVE-2021-29599", "CVE-2021-29600", "CVE-2021-29601", "CVE-2021-29602", "CVE-2021-29603",
+ "CVE-2021-29604", "CVE-2021-29605", "CVE-2021-29606", "CVE-2021-29607", "CVE-2021-29608",
+ "CVE-2021-29609", "CVE-2021-29610", "CVE-2021-29611", "CVE-2021-29612", "CVE-2021-29613",
+ "CVE-2021-29614", "CVE-2021-29615", "CVE-2021-29616", "CVE-2021-29617", "CVE-2021-29618",
+ "CVE-2021-29619", "CVE-2021-35958", "CVE-2021-37635", "CVE-2021-37636", "CVE-2021-37637",
+ "CVE-2021-37638", "CVE-2021-37639", "CVE-2021-37640", "CVE-2021-37641", "CVE-2021-37642",
+ "CVE-2021-37643", "CVE-2021-37644", "CVE-2021-37645", "CVE-2021-37646", "CVE-2021-37647",
+ "CVE-2021-37648", "CVE-2021-37649", "CVE-2021-37650", "CVE-2021-37651", "CVE-2021-37652",
+ "CVE-2021-37653", "CVE-2021-37654", "CVE-2021-37655", "CVE-2021-37656", "CVE-2021-37657",
+ "CVE-2021-37658", "CVE-2021-37659", "CVE-2021-37660", "CVE-2021-37661", "CVE-2021-37662",
+ "CVE-2021-37663", "CVE-2021-37664", "CVE-2021-37665", "CVE-2021-37666", "CVE-2021-37667",
+ "CVE-2021-37668", "CVE-2021-37669", "CVE-2021-37670", "CVE-2021-37671", "CVE-2021-37672",
+ "CVE-2021-37673", "CVE-2021-37674", "CVE-2021-37675", "CVE-2021-37676", "CVE-2021-37677",
+ "CVE-2021-37678", "CVE-2021-37679", "CVE-2021-37680", "CVE-2021-37681", "CVE-2021-37682",
+ "CVE-2021-37683", "CVE-2021-37684", "CVE-2021-37685", "CVE-2021-37686", "CVE-2021-37687",
+ "CVE-2021-37688", "CVE-2021-37689", "CVE-2021-37690", "CVE-2021-37691", "CVE-2021-37692",
+ "CVE-2021-41195", "CVE-2021-41196", "CVE-2021-41197", "CVE-2021-41198", "CVE-2021-41199",
+ "CVE-2021-41200", "CVE-2021-41201", "CVE-2021-41202", "CVE-2021-41203", "CVE-2021-41204",
+ "CVE-2021-41205", "CVE-2021-41206", "CVE-2021-41207", "CVE-2021-41208", "CVE-2021-41209",
+ "CVE-2021-41210", "CVE-2021-41211", "CVE-2021-41212", "CVE-2021-41213", "CVE-2021-41214",
+ "CVE-2021-41215", "CVE-2021-41216", "CVE-2021-41217", "CVE-2021-41218", "CVE-2021-41219",
+ "CVE-2021-41220", "CVE-2021-41221", "CVE-2021-41222", "CVE-2021-41223", "CVE-2021-41224",
+ "CVE-2021-41225", "CVE-2021-41226", "CVE-2021-41227", "CVE-2021-41228",
+ },
+ },
}
// IDs that are covered by a Go vuln report, and the report ID.
@@ -622,34 +280,36 @@
}
func buildCVERecords(repo *git.Repository) ([]*store.CVERecord, error) {
- commit, err := repo.CommitObject(plumbing.NewHash(worker.FalsePositiveCommitHash))
- if err != nil {
- return nil, err
- }
var crs []*store.CVERecord
- for _, id := range falsePositiveIDs {
- path := idToPath(id)
- cve, blobHash, err := worker.ReadCVEAtPath(commit, path)
+ for _, spec := range falsePositiveIDs {
+ commit, err := repo.CommitObject(plumbing.NewHash(spec.commit))
if err != nil {
return nil, err
}
- if cve.ID != id {
- return nil, fmt.Errorf("ID at path %s is %s", path, cve.ID)
- }
- cr := store.NewCVERecord(cve, path, blobHash)
- cr.CommitHash = worker.FalsePositiveCommitHash
- if reportID := coveredIDs[id]; reportID != "" {
- cr.TriageState = store.TriageStateHasVuln
- cr.TriageStateReason = reportID
- } else {
- cr.TriageState = store.TriageStateFalsePositive
- for _, r := range cve.References.Data {
- if r.URL != "" {
- cr.ReferenceURLs = append(cr.ReferenceURLs, r.URL)
+ for _, id := range spec.ids {
+ path := idToPath(id)
+ cve, blobHash, err := worker.ReadCVEAtPath(commit, path)
+ if err != nil {
+ return nil, err
+ }
+ if cve.ID != id {
+ return nil, fmt.Errorf("ID at path %s is %s", path, cve.ID)
+ }
+ cr := store.NewCVERecord(cve, path, blobHash)
+ cr.CommitHash = spec.commit
+ if reportID := coveredIDs[id]; reportID != "" {
+ cr.TriageState = store.TriageStateHasVuln
+ cr.TriageStateReason = reportID
+ } else {
+ cr.TriageState = store.TriageStateFalsePositive
+ for _, r := range cve.References.Data {
+ if r.URL != "" {
+ cr.ReferenceURLs = append(cr.ReferenceURLs, r.URL)
+ }
}
}
+ crs = append(crs, cr)
}
- crs = append(crs, cr)
}
return crs, nil
}
