[vulndb] data/excluded: batch add 21 excluded reports
2 views
Skip to first unread message
Damien Neil (Gerrit)
Jun 15, 2023, 2:16:00 PM6/15/23
to goph...@pubsubhelper.golang.org, Tatiana Bradley, Gopher Robot, golang-co...@googlegroups.com
Attention is currently required from: Tatiana Bradley.
To view, visit change 503837. To unsubscribe, or for help writing mail filters, visit settings.
Tatiana Bradley (Gerrit)
Jun 15, 2023, 2:16:46 PM6/15/23
to Damien Neil, goph...@pubsubhelper.golang.org, Gopher Robot, golang-co...@googlegroups.com
Attention is currently required from: Damien Neil.
Patch set 1:Code-Review +2
Damien Neil (Gerrit)
Jun 15, 2023, 4:49:04 PM6/15/23
to goph...@pubsubhelper.golang.org, golang-co...@googlegroups.com
Attention is currently required from: Damien Neil.
Damien Neil uploaded patch set #2 to this change.
The following approvals got outdated and were removed: Run-TryBot+1 by Damien Neil, TryBot-Result-1 by Gopher Robot
data/excluded: batch add 21 excluded reports
Adds excluded reports:
- data/excluded/GO-2023-1855.yaml
- data/excluded/GO-2023-1824.yaml
- data/excluded/GO-2023-1856.yaml
- data/excluded/GO-2023-1853.yaml
- data/excluded/GO-2023-1852.yaml
- data/excluded/GO-2023-1851.yaml
- data/excluded/GO-2023-1850.yaml
- data/excluded/GO-2023-1845.yaml
- data/excluded/GO-2023-1803.yaml
- data/excluded/GO-2023-1795.yaml
- data/excluded/GO-2023-1793.yaml
- data/excluded/GO-2023-1784.yaml
- data/excluded/GO-2023-1731.yaml
- data/excluded/GO-2023-1730.yaml
- data/excluded/GO-2023-1846.yaml
- data/excluded/GO-2023-1848.yaml
- data/excluded/GO-2023-1847.yaml
- data/excluded/GO-2023-1823.yaml
- data/excluded/GO-2023-1854.yaml
- data/excluded/GO-2023-1849.yaml
Fixes golang/vulndb#1855
Fixes golang/vulndb#1824
Fixes golang/vulndb#1856
Fixes golang/vulndb#1853
Fixes golang/vulndb#1852
Fixes golang/vulndb#1851
Fixes golang/vulndb#1850
Fixes golang/vulndb#1845
Fixes golang/vulndb#1803
Fixes golang/vulndb#1795
Fixes golang/vulndb#1793
Fixes golang/vulndb#1784
Fixes golang/vulndb#1731
Fixes golang/vulndb#1730
Fixes golang/vulndb#1846
Fixes golang/vulndb#1848
Fixes golang/vulndb#1847
Fixes golang/vulndb#1823
Fixes golang/vulndb#1854
Fixes golang/vulndb#1849
Change-Id: Id7b97791bb1e95466d497cb3158fc4bd990fcca3
---
A data/excluded/GO-2023-1730.yaml
A data/excluded/GO-2023-1731.yaml
A data/excluded/GO-2023-1784.yaml
A data/excluded/GO-2023-1793.yaml
A data/excluded/GO-2023-1795.yaml
A data/excluded/GO-2023-1803.yaml
A data/excluded/GO-2023-1823.yaml
A data/excluded/GO-2023-1824.yaml
M data/excluded/GO-2023-1843.yaml
A data/excluded/GO-2023-1845.yaml
A data/excluded/GO-2023-1846.yaml
A data/excluded/GO-2023-1847.yaml
A data/excluded/GO-2023-1848.yaml
A data/excluded/GO-2023-1849.yaml
A data/excluded/GO-2023-1850.yaml
A data/excluded/GO-2023-1851.yaml
A data/excluded/GO-2023-1852.yaml
A data/excluded/GO-2023-1853.yaml
A data/excluded/GO-2023-1854.yaml
A data/excluded/GO-2023-1855.yaml
A data/excluded/GO-2023-1856.yaml
21 files changed, 148 insertions(+), 2 deletions(-)
To view, visit change 503837. To unsubscribe, or for help writing mail filters, visit settings.
Damien Neil (Gerrit)
Jun 15, 2023, 4:52:44 PM6/15/23
to goph...@pubsubhelper.golang.org, golang-...@googlegroups.com, Gopher Robot, Tatiana Bradley, golang-co...@googlegroups.com
Damien Neil submitted this change.
1 is the latest approved patch-set.
The change was submitted with unreviewed changes in the following files:
```
The name of the file: data/excluded/GO-2023-1843.yaml
Insertions: 0, Deletions: 2.
@@ -2,7 +2,5 @@
excluded: EFFECTIVELY_PRIVATE
modules:
- module: github.com/grafana/grafana
-cves:
- - CVE-2023-2183
ghsas:
- GHSA-wm7r-3qxj-5xgq
```
```
The name of the file: data/excluded/GO-2023-1734.yaml
Insertions: 0, Deletions: 8.
@@ -1,8 +0,0 @@
-id: GO-2023-1734
-excluded: EFFECTIVELY_PRIVATE
-modules:
- - module: github.com/clusternet/clusternet
-cves:
- - CVE-2023-30622
-ghsas:
- - GHSA-833c-xh79-p429
```
Approvals:
Damien Neil: Run TryBots
Tatiana Bradley: Looks good to me, approved
Gopher Robot: TryBots succeeded
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/503837
Run-TryBot: Damien Neil <dn...@google.com>
Reviewed-by: Tatiana Bradley <tatiana...@google.com>
TryBot-Result: Gopher Robot <go...@golang.org>
---
A data/excluded/GO-2023-1730.yaml
A data/excluded/GO-2023-1731.yaml
A data/excluded/GO-2023-1784.yaml
A data/excluded/GO-2023-1793.yaml
A data/excluded/GO-2023-1795.yaml
A data/excluded/GO-2023-1803.yaml
A data/excluded/GO-2023-1823.yaml
A data/excluded/GO-2023-1824.yaml
M data/excluded/GO-2023-1843.yaml
A data/excluded/GO-2023-1845.yaml
A data/excluded/GO-2023-1846.yaml
A data/excluded/GO-2023-1847.yaml
A data/excluded/GO-2023-1848.yaml
A data/excluded/GO-2023-1849.yaml
A data/excluded/GO-2023-1850.yaml
A data/excluded/GO-2023-1851.yaml
A data/excluded/GO-2023-1852.yaml
A data/excluded/GO-2023-1853.yaml
A data/excluded/GO-2023-1854.yaml
A data/excluded/GO-2023-1855.yaml
A data/excluded/GO-2023-1856.yaml
21 files changed, 148 insertions(+), 2 deletions(-)
diff --git a/data/excluded/GO-2023-1730.yaml b/data/excluded/GO-2023-1730.yaml
new file mode 100644
index 0000000..234d63e
--- /dev/null
+++ b/data/excluded/GO-2023-1730.yaml
@@ -0,0 +1,8 @@
+id: GO-2023-1730
+excluded: EFFECTIVELY_PRIVATE
+modules:
+ - module: github.com/cilium/cilium
+cves:
+ - CVE-2023-29002
+ghsas:
+ - GHSA-pg5p-wwp8-97g8
diff --git a/data/excluded/GO-2023-1731.yaml b/data/excluded/GO-2023-1731.yaml
new file mode 100644
index 0000000..d7d17c8
--- /dev/null
+++ b/data/excluded/GO-2023-1731.yaml
@@ -0,0 +1,6 @@
+id: GO-2023-1731
+excluded: EFFECTIVELY_PRIVATE
+modules:
+ - module: github.com/Velocidex/velociraptor
+cves:
+ - CVE-2023-2226
diff --git a/data/excluded/GO-2023-1784.yaml b/data/excluded/GO-2023-1784.yaml
new file mode 100644
index 0000000..024bff4
--- /dev/null
+++ b/data/excluded/GO-2023-1784.yaml
@@ -0,0 +1,8 @@
+id: GO-2023-1784
+excluded: EFFECTIVELY_PRIVATE
+modules:
+ - module: github.com/ginuerzh/gost
+cves:
+ - CVE-2023-32691
+ghsas:
+ - GHSA-qjrq-hm79-49ww
diff --git a/data/excluded/GO-2023-1793.yaml b/data/excluded/GO-2023-1793.yaml
new file mode 100644
index 0000000..37a3546
--- /dev/null
+++ b/data/excluded/GO-2023-1793.yaml
@@ -0,0 +1,8 @@
+id: GO-2023-1793
+excluded: EFFECTIVELY_PRIVATE
+modules:
+ - module: sigs.k8s.io/secrets-store-csi-driver
+cves:
+ - CVE-2023-2878
+ghsas:
+ - GHSA-g82w-58jf-gcxx
diff --git a/data/excluded/GO-2023-1795.yaml b/data/excluded/GO-2023-1795.yaml
new file mode 100644
index 0000000..da59e7c
--- /dev/null
+++ b/data/excluded/GO-2023-1795.yaml
@@ -0,0 +1,8 @@
+id: GO-2023-1795
+excluded: EFFECTIVELY_PRIVATE
+modules:
+ - module: github.com/sigstore/rekor
+cves:
+ - CVE-2023-33199
+ghsas:
+ - GHSA-frqx-jfcm-6jjr
diff --git a/data/excluded/GO-2023-1803.yaml b/data/excluded/GO-2023-1803.yaml
new file mode 100644
index 0000000..dc05d02
--- /dev/null
+++ b/data/excluded/GO-2023-1803.yaml
@@ -0,0 +1,8 @@
+id: GO-2023-1803
+excluded: EFFECTIVELY_PRIVATE
+modules:
+ - module: github.com/lima-vm/lima
+cves:
+ - CVE-2023-32684
+ghsas:
+ - GHSA-f7qw-jj9c-rpq9
diff --git a/data/excluded/GO-2023-1823.yaml b/data/excluded/GO-2023-1823.yaml
new file mode 100644
index 0000000..ecff60d
--- /dev/null
+++ b/data/excluded/GO-2023-1823.yaml
@@ -0,0 +1,8 @@
+id: GO-2023-1823
+excluded: NOT_GO_CODE
+modules:
+ - module: github.com/gitpod-io/gitpod
+cves:
+ - CVE-2023-32766
+ghsas:
+ - GHSA-gqx9-h3w2-fprg
diff --git a/data/excluded/GO-2023-1824.yaml b/data/excluded/GO-2023-1824.yaml
new file mode 100644
index 0000000..3d8d3a1
--- /dev/null
+++ b/data/excluded/GO-2023-1824.yaml
@@ -0,0 +1,6 @@
+id: GO-2023-1824
+excluded: DEPENDENT_VULNERABILITY
+modules:
+ - module: github.com/cheqd/cheqd-node
+ghsas:
+ - GHSA-7c94-gvvj-r3mg
diff --git a/data/excluded/GO-2023-1843.yaml b/data/excluded/GO-2023-1843.yaml
index b37b58b..7832860 100644
--- a/data/excluded/GO-2023-1843.yaml
+++ b/data/excluded/GO-2023-1843.yaml
@@ -2,7 +2,5 @@
excluded: EFFECTIVELY_PRIVATE
modules:
- module: github.com/grafana/grafana
-cves:
- - CVE-2023-2183
ghsas:
- GHSA-wm7r-3qxj-5xgq
diff --git a/data/excluded/GO-2023-1845.yaml b/data/excluded/GO-2023-1845.yaml
new file mode 100644
index 0000000..8693ada
--- /dev/null
+++ b/data/excluded/GO-2023-1845.yaml
@@ -0,0 +1,8 @@
+id: GO-2023-1845
+excluded: EFFECTIVELY_PRIVATE
+modules:
+ - module: github.com/alist-org/alist/v3
+cves:
+ - CVE-2023-33498
+ghsas:
+ - GHSA-hh54-53m7-7ffj
diff --git a/data/excluded/GO-2023-1846.yaml b/data/excluded/GO-2023-1846.yaml
new file mode 100644
index 0000000..431697a
--- /dev/null
+++ b/data/excluded/GO-2023-1846.yaml
@@ -0,0 +1,8 @@
+id: GO-2023-1846
+excluded: NOT_A_VULNERABILITY
+modules:
+ - module: github.com/snowflakedb/gosnowflake
+cves:
+ - CVE-2023-34231
+ghsas:
+ - GHSA-fwv2-65wh-2w8c
diff --git a/data/excluded/GO-2023-1847.yaml b/data/excluded/GO-2023-1847.yaml
new file mode 100644
index 0000000..c4a98cd
--- /dev/null
+++ b/data/excluded/GO-2023-1847.yaml
@@ -0,0 +1,6 @@
+id: GO-2023-1847
+excluded: NOT_GO_CODE
+modules:
+ - module: github.com/grpc/grpc
+cves:
+ - CVE-2023-32731
diff --git a/data/excluded/GO-2023-1848.yaml b/data/excluded/GO-2023-1848.yaml
new file mode 100644
index 0000000..ab93dc2
--- /dev/null
+++ b/data/excluded/GO-2023-1848.yaml
@@ -0,0 +1,6 @@
+id: GO-2023-1848
+excluded: NOT_GO_CODE
+modules:
+ - module: github.com/grpc/grpc
+cves:
+ - CVE-2023-32732
diff --git a/data/excluded/GO-2023-1849.yaml b/data/excluded/GO-2023-1849.yaml
new file mode 100644
index 0000000..9526606
--- /dev/null
+++ b/data/excluded/GO-2023-1849.yaml
@@ -0,0 +1,8 @@
+id: GO-2023-1849
+excluded: NOT_IMPORTABLE
+modules:
+ - module: github.com/hashicorp/vault
+cves:
+ - CVE-2023-2121
+ghsas:
+ - GHSA-gq98-53rq-qr5h
diff --git a/data/excluded/GO-2023-1850.yaml b/data/excluded/GO-2023-1850.yaml
new file mode 100644
index 0000000..f030fd9
--- /dev/null
+++ b/data/excluded/GO-2023-1850.yaml
@@ -0,0 +1,8 @@
+id: GO-2023-1850
+excluded: EFFECTIVELY_PRIVATE
+modules:
+ - module: github.com/hashicorp/consul
+cves:
+ - CVE-2018-19653
+ghsas:
+ - GHSA-4qvx-qq5w-695p
diff --git a/data/excluded/GO-2023-1851.yaml b/data/excluded/GO-2023-1851.yaml
new file mode 100644
index 0000000..0b156b7
--- /dev/null
+++ b/data/excluded/GO-2023-1851.yaml
@@ -0,0 +1,8 @@
+id: GO-2023-1851
+excluded: EFFECTIVELY_PRIVATE
+modules:
+ - module: github.com/hashicorp/consul
+cves:
+ - CVE-2020-25864
+ghsas:
+ - GHSA-8xmx-h8rq-h94j
diff --git a/data/excluded/GO-2023-1852.yaml b/data/excluded/GO-2023-1852.yaml
new file mode 100644
index 0000000..29255fc
--- /dev/null
+++ b/data/excluded/GO-2023-1852.yaml
@@ -0,0 +1,8 @@
+id: GO-2023-1852
+excluded: EFFECTIVELY_PRIVATE
+modules:
+ - module: github.com/hashicorp/consul/acl
+cves:
+ - CVE-2019-12291
+ghsas:
+ - GHSA-h65h-v7fw-4p38
diff --git a/data/excluded/GO-2023-1853.yaml b/data/excluded/GO-2023-1853.yaml
new file mode 100644
index 0000000..0fe24bb
--- /dev/null
+++ b/data/excluded/GO-2023-1853.yaml
@@ -0,0 +1,8 @@
+id: GO-2023-1853
+excluded: EFFECTIVELY_PRIVATE
+modules:
+ - module: github.com/hashicorp/consul
+cves:
+ - CVE-2019-9764
+ghsas:
+ - GHSA-q7fx-wm2p-qfj8
diff --git a/data/excluded/GO-2023-1854.yaml b/data/excluded/GO-2023-1854.yaml
new file mode 100644
index 0000000..495b6f0
--- /dev/null
+++ b/data/excluded/GO-2023-1854.yaml
@@ -0,0 +1,6 @@
+id: GO-2023-1854
+excluded: NOT_IMPORTABLE
+modules:
+ - module: github.com/ossrs/srs
+cves:
+ - CVE-2023-34105
diff --git a/data/excluded/GO-2023-1855.yaml b/data/excluded/GO-2023-1855.yaml
new file mode 100644
index 0000000..3d721ad
--- /dev/null
+++ b/data/excluded/GO-2023-1855.yaml
@@ -0,0 +1,6 @@
+id: GO-2023-1855
+excluded: DEPENDENT_VULNERABILITY
+modules:
+ - module: github.com/cheqd/cheqd-node
+ghsas:
+ - GHSA-8qxh-2gh8-r923
diff --git a/data/excluded/GO-2023-1856.yaml b/data/excluded/GO-2023-1856.yaml
new file mode 100644
index 0000000..162ffd4
--- /dev/null
+++ b/data/excluded/GO-2023-1856.yaml
@@ -0,0 +1,8 @@
+id: GO-2023-1856
+excluded: EFFECTIVELY_PRIVATE
+modules:
+ - module: github.com/grafana/grafana
+cves:
+ - CVE-2023-2183
+ghsas:
+ - GHSA-cvm3-pp2j-chr3
To view, visit change 503837. To unsubscribe, or for help writing mail filters, visit settings.
Reply all
Reply to author
Forward
0 new messages