data/reports: add vulnerable_at to GO-2021-0078.yaml

tatianab · Tatiana Bradley · commit 768c201e6d47 · 2023-01-19T16:25:42.000Z
Aliases: CVE-2018-17075 Updates #78 Change-Id: I9ebe78fc9cb8e9ab29251d6e915a9503e7d3cac2 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/462621 Auto-Submit: Tatiana Bradley <tatiana@golang.org> Run-TryBot: Tatiana Bradley <tatiana@golang.org> TryBot-Result: Gopher Robot <gobot@golang.org> Reviewed-by: Damien Neil <dneil@google.com> Reviewed-by: Tatiana Bradley <tatiana@golang.org>
diff --git a/data/osv/GO-2021-0078.json b/data/osv/GO-2021-0078.json
@@ -33,6 +33,8 @@
           {
             "path": "golang.org/x/net/html",
             "symbols": [
+              "Parse",
+              "ParseFragment",
               "inBodyIM",
               "inFramesetIM"
             ]
diff --git a/data/reports/GO-2021-0078.yaml b/data/reports/GO-2021-0078.yaml
@@ -2,11 +2,15 @@ modules:
   - module: golang.org/x/net
     versions:
       - fixed: 0.0.0-20180816102801-aaf60122140d
+    vulnerable_at: 0.0.0-20180811021610-c39426892332
     packages:
       - package: golang.org/x/net/html
         symbols:
           - inBodyIM
           - inFramesetIM
+        derived_symbols:
+          - Parse
+          - ParseFragment
 description: |
     The HTML parser does not properly handle "in frameset" insertion mode, and can be made
     to panic when operating on malformed HTML that contains <template> tags. If operating

Original file line number	Diff line number	Diff line change
`@@ -33,6 +33,8 @@`
`33`	`33`	`{`
`34`	`34`	`"path": "golang.org/x/net/html",`
`35`	`35`	`"symbols": [`
	`36`	`+ "Parse",`
	`37`	`+ "ParseFragment",`
`36`	`38`	`"inBodyIM",`
`37`	`39`	`"inFramesetIM"`
`38`	`40`	`]`