data/reports: add missing/related aliases for regular reports Quite a few missing aliases were found via the osv.dev API. In many cases, these are derived from GHSAs which have a "repo-level" advisory but not a "global-level" advisory, and are therefore not accessible via the Github GraphQL API. The osv.dev database in some cases considers two IDs to be aliases which we would consider only "related". A best-effort attempt was made to distinguish between false-positives (which were placed in the "related" section), and true positives. Change-Id: I6e0e3c790cf36ded6a0c84c2ded254f4b0f37e99 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/581716 LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Auto-Submit: Tatiana Bradley <tatianabradley@google.com> Reviewed-by: Damien Neil <dneil@google.com>
This repository contains the infrastructure and internal reports to create the Go Vulnerability Database.
Check out https://go.dev/security/vuln for more information about the Go vulnerability management system.
Click here to report a public vulnerability in the Go ecosystem, or give feedback about the project.
The privacy policy for govulncheck can be found at https://vuln.go.dev/privacy.
Unless otherwise noted, the Go source files are distributed under the BSD-style license found in the LICENSE file.
Database entries are distributed under the terms of the CC-BY-4.0 license. See go.dev/security/vuln/database for information on how to access these entries.