data/reports: update GO-2024-2997

tatianab · tatianab · commit 38348a735998 · 2024-09-06T19:49:38.000Z
Fix bad URI. - data/reports/GO-2024-2997.yaml Updates #2997 Fixes #3120 Change-Id: I08882a769b46b5f95f0a2182eed3ba924a78c11a Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/611375 LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com> Auto-Submit: Tatiana Bradley <tatianabradley@google.com> Reviewed-by: Zvonimir Pavlinovic <zpavlinovic@google.com>
diff --git a/data/osv/GO-2024-2997.json b/data/osv/GO-2024-2997.json
@@ -107,7 +107,7 @@
     },
     {
       "type": "WEB",
-      "url": "https://app.safebase.io/portal/71ccd717-aa2d-4a1e-942e-c768d37e9e0c/preview?product=[…]942e-c768d37e9e0c\u0026tcuUid=1d505bda-9a38-4ca5-8724-052e6337f34d"
+      "url": "https://app.safebase.io/portal/71ccd717-aa2d-4a1e-942e-c768d37e9e0c/preview?product=%5B%E2%80%A6%5D942e-c768d37e9e0c\u0026tcuUid=1d505bda-9a38-4ca5-8724-052e6337f34d"
     },
     {
       "type": "WEB",
diff --git a/data/reports/GO-2024-2997.yaml b/data/reports/GO-2024-2997.yaml
@@ -25,13 +25,15 @@ references:
     - advisory: https://nvd.nist.gov/vuln/detail/CVE-2024-21583
     - fix: https://github.com/gitpod-io/gitpod/commit/da1053e1013f27a56e6d3533aa251dbd241d0155
     - fix: https://github.com/gitpod-io/gitpod/pull/19973
-    - web: https://app.safebase.io/portal/71ccd717-aa2d-4a1e-942e-c768d37e9e0c/preview?product=[…]942e-c768d37e9e0c&tcuUid=1d505bda-9a38-4ca5-8724-052e6337f34d
+    - web: https://app.safebase.io/portal/71ccd717-aa2d-4a1e-942e-c768d37e9e0c/preview?product=%5B%E2%80%A6%5D942e-c768d37e9e0c&tcuUid=1d505bda-9a38-4ca5-8724-052e6337f34d
     - web: https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGITPODIOGITPODCOMPONENTSSERVERGOPKGLIB-7452074
     - web: https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGITPODIOGITPODCOMPONENTSWSPROXYPKGPROXY-7452075
     - web: https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGITPODIOGITPODINSTALLINSTALLERPKGCOMPONENTSAUTH-7452076
     - web: https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGITPODIOGITPODINSTALLINSTALLERPKGCOMPONENTSPUBLICAPISERVER-7452077
     - web: https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGITPODIOGITPODINSTALLINSTALLERPKGCOMPONENTSSERVER-7452078
     - web: https://security.snyk.io/vuln/SNYK-JS-GITPODGITPODPROTOCOL-7452079
+notes:
+    - manually fixed ref "app.safebase.io" which contained bad URI due to unescape/escape error in our tooling
 source:
     id: CVE-2024-21583
     created: 2024-08-16T16:57:56.243289-04:00

Original file line number	Diff line number	Diff line change
`@@ -107,7 +107,7 @@`
`107`	`107`	`},`
`108`	`108`	`{`
`109`	`109`	`"type": "WEB",`
`110`		`- "url": "https://app.safebase.io/portal/71ccd717-aa2d-4a1e-942e-c768d37e9e0c/preview?product=[…]942e-c768d37e9e0c\u0026tcuUid=1d505bda-9a38-4ca5-8724-052e6337f34d"`
	`110`	`+ "url": "https://app.safebase.io/portal/71ccd717-aa2d-4a1e-942e-c768d37e9e0c/preview?product=%5B%E2%80%A6%5D942e-c768d37e9e0c\u0026tcuUid=1d505bda-9a38-4ca5-8724-052e6337f34d"`
`111`	`111`	`},`
`112`	`112`	`{`
`113`	`113`	`"type": "WEB",`