data: preserve CVE references
Change-Id: I3b02b7489b7b291d4e2e3f1b96d138eaf0444cd0
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/576675
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Damien Neil <dneil@google.com>
diff --git a/data/cve/v5/GO-2023-2102.json b/data/cve/v5/GO-2023-2102.json
index 9f1a75f..1904b20 100644
--- a/data/cve/v5/GO-2023-2102.json
+++ b/data/cve/v5/GO-2023-2102.json
@@ -230,6 +230,18 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/"
+ },
+ {
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/"
+ },
+ {
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/"
+ },
+ {
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/"
+ },
+ {
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/"
}
]
}
diff --git a/data/cve/v5/GO-2024-2598.json b/data/cve/v5/GO-2024-2598.json
index dc41498..5a60453 100644
--- a/data/cve/v5/GO-2024-2598.json
+++ b/data/cve/v5/GO-2024-2598.json
@@ -69,6 +69,9 @@
},
{
"url": "https://pkg.go.dev/vuln/GO-2024-2598"
+ },
+ {
+ "url": "https://security.netapp.com/advisory/ntap-20240329-0005/"
}
],
"credits": [
diff --git a/data/cve/v5/GO-2024-2599.json b/data/cve/v5/GO-2024-2599.json
index a62f7e8..a106e51 100644
--- a/data/cve/v5/GO-2024-2599.json
+++ b/data/cve/v5/GO-2024-2599.json
@@ -93,6 +93,9 @@
},
{
"url": "https://pkg.go.dev/vuln/GO-2024-2599"
+ },
+ {
+ "url": "https://security.netapp.com/advisory/ntap-20240329-0004/"
}
],
"credits": [
diff --git a/data/cve/v5/GO-2024-2600.json b/data/cve/v5/GO-2024-2600.json
index f77c3e6..4f9a7dd 100644
--- a/data/cve/v5/GO-2024-2600.json
+++ b/data/cve/v5/GO-2024-2600.json
@@ -125,6 +125,9 @@
},
{
"url": "https://pkg.go.dev/vuln/GO-2024-2600"
+ },
+ {
+ "url": "https://security.netapp.com/advisory/ntap-20240329-0006/"
}
],
"credits": [
diff --git a/data/cve/v5/GO-2024-2609.json b/data/cve/v5/GO-2024-2609.json
index b00ae24..cbc2d6f 100644
--- a/data/cve/v5/GO-2024-2609.json
+++ b/data/cve/v5/GO-2024-2609.json
@@ -90,6 +90,9 @@
},
{
"url": "https://pkg.go.dev/vuln/GO-2024-2609"
+ },
+ {
+ "url": "https://security.netapp.com/advisory/ntap-20240329-0007/"
}
],
"credits": [
diff --git a/data/cve/v5/GO-2024-2610.json b/data/cve/v5/GO-2024-2610.json
index 6eeda00..3783eaf 100644
--- a/data/cve/v5/GO-2024-2610.json
+++ b/data/cve/v5/GO-2024-2610.json
@@ -75,6 +75,9 @@
},
{
"url": "https://pkg.go.dev/vuln/GO-2024-2610"
+ },
+ {
+ "url": "https://security.netapp.com/advisory/ntap-20240329-0008/"
}
],
"credits": [
diff --git a/data/cve/v5/GO-2024-2611.json b/data/cve/v5/GO-2024-2611.json
index 22bea25..6c31212 100644
--- a/data/cve/v5/GO-2024-2611.json
+++ b/data/cve/v5/GO-2024-2611.json
@@ -83,6 +83,9 @@
},
{
"url": "https://pkg.go.dev/vuln/GO-2024-2611"
+ },
+ {
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU/"
}
]
}
diff --git a/data/reports/GO-2023-2102.yaml b/data/reports/GO-2023-2102.yaml
index 4fde1f8..5a32c68 100644
--- a/data/reports/GO-2023-2102.yaml
+++ b/data/reports/GO-2023-2102.yaml
@@ -101,3 +101,7 @@
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5RSKA2II6QTD4YUKUNDVJQSRYSFC4VFR/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FTMJ3NJIDAZFWJQQSP3L22MUFJ3UP2PT/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPWCNYB5PQ5PCVZ4NJT6G56ZYFZ5QBU6/
+ - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W2LZSWTV4NV4SNQARNXG5T6LRHP26EW2/
+ - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/
+ - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/
+ - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/
diff --git a/data/reports/GO-2024-2598.yaml b/data/reports/GO-2024-2598.yaml
index 915b64e..4de30bf 100644
--- a/data/reports/GO-2024-2598.yaml
+++ b/data/reports/GO-2024-2598.yaml
@@ -31,3 +31,5 @@
cve_metadata:
id: CVE-2024-24783
cwe: 'CWE-476: NULL Pointer Dereference'
+ references:
+ - https://security.netapp.com/advisory/ntap-20240329-0005/
diff --git a/data/reports/GO-2024-2599.yaml b/data/reports/GO-2024-2599.yaml
index 727f93c..417e6b6 100644
--- a/data/reports/GO-2024-2599.yaml
+++ b/data/reports/GO-2024-2599.yaml
@@ -40,3 +40,5 @@
cve_metadata:
id: CVE-2023-45290
cwe: 'CWE-400: Uncontrolled Resource Consumption'
+ references:
+ - https://security.netapp.com/advisory/ntap-20240329-0004/
diff --git a/data/reports/GO-2024-2600.yaml b/data/reports/GO-2024-2600.yaml
index 2f3db7e..c2eaf8c 100644
--- a/data/reports/GO-2024-2600.yaml
+++ b/data/reports/GO-2024-2600.yaml
@@ -47,3 +47,5 @@
cve_metadata:
id: CVE-2023-45289
cwe: 'CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer'
+ references:
+ - https://security.netapp.com/advisory/ntap-20240329-0006/
diff --git a/data/reports/GO-2024-2609.yaml b/data/reports/GO-2024-2609.yaml
index 49b2dc0..226a689 100644
--- a/data/reports/GO-2024-2609.yaml
+++ b/data/reports/GO-2024-2609.yaml
@@ -35,3 +35,5 @@
cve_metadata:
id: CVE-2024-24784
cwe: 'CWE-150: Improper Neutralization of Escape, Meta, or Control Sequences'
+ references:
+ - https://security.netapp.com/advisory/ntap-20240329-0007/
diff --git a/data/reports/GO-2024-2610.yaml b/data/reports/GO-2024-2610.yaml
index c056f0e..feb3f05 100644
--- a/data/reports/GO-2024-2610.yaml
+++ b/data/reports/GO-2024-2610.yaml
@@ -31,3 +31,5 @@
cve_metadata:
id: CVE-2024-24785
cwe: 'CWE-150: Improper Neutralization of Escape, Meta, or Control Sequences'
+ references:
+ - https://security.netapp.com/advisory/ntap-20240329-0008/
diff --git a/data/reports/GO-2024-2611.yaml b/data/reports/GO-2024-2611.yaml
index 918609a..745f99b 100644
--- a/data/reports/GO-2024-2611.yaml
+++ b/data/reports/GO-2024-2611.yaml
@@ -27,3 +27,5 @@
cve_metadata:
id: CVE-2024-24786
cwe: 'CWE-1286: Improper Validation of Syntactic Correctness of Input'
+ references:
+ - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU/
