data/reports: unexclude 20 reports (13)

  - data/reports/GO-2022-0231.yaml
  - data/reports/GO-2022-0249.yaml
  - data/reports/GO-2022-0250.yaml
  - data/reports/GO-2022-0260.yaml
  - data/reports/GO-2022-0261.yaml
  - data/reports/GO-2022-0270.yaml
  - data/reports/GO-2022-0278.yaml
  - data/reports/GO-2022-0281.yaml
  - data/reports/GO-2022-0291.yaml
  - data/reports/GO-2022-0295.yaml
  - data/reports/GO-2022-0298.yaml
  - data/reports/GO-2022-0302.yaml
  - data/reports/GO-2022-0303.yaml
  - data/reports/GO-2022-0304.yaml
  - data/reports/GO-2022-0305.yaml
  - data/reports/GO-2022-0306.yaml
  - data/reports/GO-2022-0307.yaml
  - data/reports/GO-2022-0308.yaml
  - data/reports/GO-2022-0309.yaml
  - data/reports/GO-2022-0310.yaml

Updates #231
Updates #249
Updates #250
Updates #260
Updates #261
Updates #270
Updates #278
Updates #281
Updates #291
Updates #295
Updates #298
Updates #302
Updates #303
Updates #304
Updates #305
Updates #306
Updates #307
Updates #308
Updates #309
Updates #310

Change-Id: Idffc4951124598d58d8ebf3b1c44fc141f192639
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/607215
Reviewed-by: Damien Neil <[email protected]>
Auto-Submit: Tatiana Bradley <[email protected]>
Commit-Queue: Tatiana Bradley <[email protected]>
LUCI-TryBot-Result: Go LUCI <[email protected]>

Author: tatianab

data/excluded/GO-2022-0231.yaml

@@ -0,0 +1,56 @@
+{
+  "schema_version": "1.3.1",
+  "id": "GO-2022-0231",
+  "modified": "0001-01-01T00:00:00Z",
+  "published": "0001-01-01T00:00:00Z",
+  "aliases": [
+    "CVE-2021-20848",
+    "GHSA-458f-26r3-x2c3"
+  ],
+  "summary": "Cross-site Scripting in github.com/schollz/rwtxt",
+  "details": "Cross-site Scripting in github.com/schollz/rwtxt",
+  "affected": [
+    {
+      "package": {
+        "name": "github.com/schollz/rwtxt",
+        "ecosystem": "Go"
+      },
+      "ranges": [
+        {
+          "type": "SEMVER",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "fixed": "1.8.6"
+            }
+          ]
+        }
+      ],
+      "ecosystem_specific": {}
+    }
+  ],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://github.com/advisories/GHSA-458f-26r3-x2c3"
+    },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20848"
+    },
+    {
+      "type": "FIX",
+      "url": "https://github.com/schollz/rwtxt/commit/c09fb17375c4c47b49524c688288af1fe20e730a"
+    },
+    {
+      "type": "WEB",
+      "url": "https://jvn.jp/en/jp/JVN22515597/index.html"
+    }
+  ],
+  "database_specific": {
+    "url": "https://pkg.go.dev/vuln/GO-2022-0231",
+    "review_status": "UNREVIEWED"
+  }
+}

data/excluded/GO-2022-0249.yaml

@@ -0,0 +1,56 @@
+{
+  "schema_version": "1.3.1",
+  "id": "GO-2022-0249",
+  "modified": "0001-01-01T00:00:00Z",
+  "published": "0001-01-01T00:00:00Z",
+  "aliases": [
+    "CVE-2021-3908",
+    "GHSA-g5gj-9ggf-9vmq"
+  ],
+  "summary": "Infinite certificate chain depth results in OctoRPKI running forever in github.com/cloudflare/cfrpki",
+  "details": "Infinite certificate chain depth results in OctoRPKI running forever in github.com/cloudflare/cfrpki",
+  "affected": [
+    {
+      "package": {
+        "name": "github.com/cloudflare/cfrpki",
+        "ecosystem": "Go"
+      },
+      "ranges": [
+        {
+          "type": "SEMVER",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "fixed": "1.4.0"
+            }
+          ]
+        }
+      ],
+      "ecosystem_specific": {}
+    }
+  ],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-g5gj-9ggf-9vmq"
+    },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3908"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/cloudflare/cfrpki/releases/tag/v1.4.0"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.debian.org/security/2022/dsa-5041"
+    }
+  ],
+  "database_specific": {
+    "url": "https://pkg.go.dev/vuln/GO-2022-0249",
+    "review_status": "UNREVIEWED"
+  }
+}

data/excluded/GO-2022-0250.yaml

@@ -0,0 +1,60 @@
+{
+  "schema_version": "1.3.1",
+  "id": "GO-2022-0250",
+  "modified": "0001-01-01T00:00:00Z",
+  "published": "0001-01-01T00:00:00Z",
+  "aliases": [
+    "CVE-2021-3909",
+    "GHSA-8cvr-4rrf-f244"
+  ],
+  "summary": "Infinite open connection causes OctoRPKI to hang forever in github.com/cloudflare/cfrpki",
+  "details": "Infinite open connection causes OctoRPKI to hang forever in github.com/cloudflare/cfrpki",
+  "affected": [
+    {
+      "package": {
+        "name": "github.com/cloudflare/cfrpki",
+        "ecosystem": "Go"
+      },
+      "ranges": [
+        {
+          "type": "SEMVER",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "fixed": "1.4.0"
+            }
+          ]
+        }
+      ],
+      "ecosystem_specific": {}
+    }
+  ],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://github.com/cloudflare/cfrpki/security/advisories/GHSA-8cvr-4rrf-f244"
+    },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-3909"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/cloudflare/cfrpki/releases/tag/v1.4.0"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.debian.org/security/2021/dsa-5033"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.debian.org/security/2022/dsa-5041"
+    }
+  ],
+  "database_specific": {
+    "url": "https://pkg.go.dev/vuln/GO-2022-0250",
+    "review_status": "UNREVIEWED"
+  }
+}