data: preserve cve references
Change-Id: I493b57c842e6b6ddadff2663dec8ba39f4078060
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/584216
Auto-Submit: Tatiana Bradley <tatianabradley@google.com>
Reviewed-by: Damien Neil <dneil@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
diff --git a/data/cve/v5/GO-2023-2102.json b/data/cve/v5/GO-2023-2102.json
index 1904b20..29e6293 100644
--- a/data/cve/v5/GO-2023-2102.json
+++ b/data/cve/v5/GO-2023-2102.json
@@ -242,6 +242,15 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/"
+ },
+ {
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/"
+ },
+ {
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/"
+ },
+ {
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/"
}
]
}
diff --git a/data/cve/v5/GO-2024-2598.json b/data/cve/v5/GO-2024-2598.json
index 5a60453..b3c6b0d 100644
--- a/data/cve/v5/GO-2024-2598.json
+++ b/data/cve/v5/GO-2024-2598.json
@@ -72,6 +72,9 @@
},
{
"url": "https://security.netapp.com/advisory/ntap-20240329-0005/"
+ },
+ {
+ "url": "http://www.openwall.com/lists/oss-security/2024/03/08/4"
}
],
"credits": [
diff --git a/data/cve/v5/GO-2024-2599.json b/data/cve/v5/GO-2024-2599.json
index a106e51..c056885 100644
--- a/data/cve/v5/GO-2024-2599.json
+++ b/data/cve/v5/GO-2024-2599.json
@@ -96,6 +96,9 @@
},
{
"url": "https://security.netapp.com/advisory/ntap-20240329-0004/"
+ },
+ {
+ "url": "http://www.openwall.com/lists/oss-security/2024/03/08/4"
}
],
"credits": [
diff --git a/data/cve/v5/GO-2024-2600.json b/data/cve/v5/GO-2024-2600.json
index 4f9a7dd..52d5a03 100644
--- a/data/cve/v5/GO-2024-2600.json
+++ b/data/cve/v5/GO-2024-2600.json
@@ -128,6 +128,9 @@
},
{
"url": "https://security.netapp.com/advisory/ntap-20240329-0006/"
+ },
+ {
+ "url": "http://www.openwall.com/lists/oss-security/2024/03/08/4"
}
],
"credits": [
diff --git a/data/cve/v5/GO-2024-2609.json b/data/cve/v5/GO-2024-2609.json
index cbc2d6f..5fcb705 100644
--- a/data/cve/v5/GO-2024-2609.json
+++ b/data/cve/v5/GO-2024-2609.json
@@ -93,6 +93,9 @@
},
{
"url": "https://security.netapp.com/advisory/ntap-20240329-0007/"
+ },
+ {
+ "url": "http://www.openwall.com/lists/oss-security/2024/03/08/4"
}
],
"credits": [
diff --git a/data/cve/v5/GO-2024-2610.json b/data/cve/v5/GO-2024-2610.json
index 3783eaf..63e2d0a 100644
--- a/data/cve/v5/GO-2024-2610.json
+++ b/data/cve/v5/GO-2024-2610.json
@@ -78,6 +78,9 @@
},
{
"url": "https://security.netapp.com/advisory/ntap-20240329-0008/"
+ },
+ {
+ "url": "http://www.openwall.com/lists/oss-security/2024/03/08/4"
}
],
"credits": [
diff --git a/data/cve/v5/GO-2024-2611.json b/data/cve/v5/GO-2024-2611.json
index 6c31212..57eeead 100644
--- a/data/cve/v5/GO-2024-2611.json
+++ b/data/cve/v5/GO-2024-2611.json
@@ -86,6 +86,9 @@
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU/"
+ },
+ {
+ "url": "http://www.openwall.com/lists/oss-security/2024/03/08/4"
}
]
}
diff --git a/data/cve/v5/GO-2024-2687.json b/data/cve/v5/GO-2024-2687.json
index e1082ac..79bb87d 100644
--- a/data/cve/v5/GO-2024-2687.json
+++ b/data/cve/v5/GO-2024-2687.json
@@ -866,6 +866,18 @@
},
{
"url": "https://pkg.go.dev/vuln/GO-2024-2687"
+ },
+ {
+ "url": "https://security.netapp.com/advisory/ntap-20240419-0009/"
+ },
+ {
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/"
+ },
+ {
+ "url": "http://www.openwall.com/lists/oss-security/2024/04/05/4"
+ },
+ {
+ "url": "http://www.openwall.com/lists/oss-security/2024/04/03/16"
}
],
"credits": [
diff --git a/data/reports/GO-2023-2102.yaml b/data/reports/GO-2023-2102.yaml
index 5a32c68..7ae7870 100644
--- a/data/reports/GO-2023-2102.yaml
+++ b/data/reports/GO-2023-2102.yaml
@@ -105,3 +105,6 @@
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PJCUNGIQDUMZ4Z6HWVYIMR66A35F5S74/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L5E5JSJBZLYXOTZWXHJKRVCIXIHVWKJ6/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YJWHBLVZDM5KQSDFRBFRKU5KSSOLIRQ4/
+ - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3WJ4QVX2AMUJ2F2S27POOAHRC4K3CHU4/
+ - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ODBY7RVMGZCBSTWF2OZGIZS57FNFUL67/
+ - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QXOU2JZUBEBP7GBKAYIJRPRBZSJCD7ST/
diff --git a/data/reports/GO-2024-2598.yaml b/data/reports/GO-2024-2598.yaml
index 4de30bf..05bad47 100644
--- a/data/reports/GO-2024-2598.yaml
+++ b/data/reports/GO-2024-2598.yaml
@@ -33,3 +33,4 @@
cwe: 'CWE-476: NULL Pointer Dereference'
references:
- https://security.netapp.com/advisory/ntap-20240329-0005/
+ - http://www.openwall.com/lists/oss-security/2024/03/08/4
diff --git a/data/reports/GO-2024-2599.yaml b/data/reports/GO-2024-2599.yaml
index 417e6b6..9ac8990 100644
--- a/data/reports/GO-2024-2599.yaml
+++ b/data/reports/GO-2024-2599.yaml
@@ -42,3 +42,4 @@
cwe: 'CWE-400: Uncontrolled Resource Consumption'
references:
- https://security.netapp.com/advisory/ntap-20240329-0004/
+ - http://www.openwall.com/lists/oss-security/2024/03/08/4
diff --git a/data/reports/GO-2024-2600.yaml b/data/reports/GO-2024-2600.yaml
index c2eaf8c..0dfe4b3 100644
--- a/data/reports/GO-2024-2600.yaml
+++ b/data/reports/GO-2024-2600.yaml
@@ -49,3 +49,4 @@
cwe: 'CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer'
references:
- https://security.netapp.com/advisory/ntap-20240329-0006/
+ - http://www.openwall.com/lists/oss-security/2024/03/08/4
diff --git a/data/reports/GO-2024-2609.yaml b/data/reports/GO-2024-2609.yaml
index 226a689..7accb65 100644
--- a/data/reports/GO-2024-2609.yaml
+++ b/data/reports/GO-2024-2609.yaml
@@ -37,3 +37,4 @@
cwe: 'CWE-150: Improper Neutralization of Escape, Meta, or Control Sequences'
references:
- https://security.netapp.com/advisory/ntap-20240329-0007/
+ - http://www.openwall.com/lists/oss-security/2024/03/08/4
diff --git a/data/reports/GO-2024-2610.yaml b/data/reports/GO-2024-2610.yaml
index feb3f05..d25fceb 100644
--- a/data/reports/GO-2024-2610.yaml
+++ b/data/reports/GO-2024-2610.yaml
@@ -33,3 +33,4 @@
cwe: 'CWE-150: Improper Neutralization of Escape, Meta, or Control Sequences'
references:
- https://security.netapp.com/advisory/ntap-20240329-0008/
+ - http://www.openwall.com/lists/oss-security/2024/03/08/4
diff --git a/data/reports/GO-2024-2611.yaml b/data/reports/GO-2024-2611.yaml
index 98ca60d..62a4f6f 100644
--- a/data/reports/GO-2024-2611.yaml
+++ b/data/reports/GO-2024-2611.yaml
@@ -31,3 +31,4 @@
cwe: 'CWE-1286: Improper Validation of Syntactic Correctness of Input'
references:
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/JDMBHAVSDU2FBDZ45U3A2VLSM35OJ2HU/
+ - http://www.openwall.com/lists/oss-security/2024/03/08/4
diff --git a/data/reports/GO-2024-2687.yaml b/data/reports/GO-2024-2687.yaml
index 003bfce..b7e4eb8 100644
--- a/data/reports/GO-2024-2687.yaml
+++ b/data/reports/GO-2024-2687.yaml
@@ -308,3 +308,8 @@
cve_metadata:
id: CVE-2023-45288
cwe: 'CWE-400: Uncontrolled Resource Consumption'
+ references:
+ - https://security.netapp.com/advisory/ntap-20240419-0009/
+ - https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QRYFHIQ6XRKRYBI2F5UESH67BJBQXUPT/
+ - http://www.openwall.com/lists/oss-security/2024/04/05/4
+ - http://www.openwall.com/lists/oss-security/2024/04/03/16
