data/reports: unexclude 20 reports (26)

  - data/reports/GO-2022-0887.yaml
  - data/reports/GO-2022-0888.yaml
  - data/reports/GO-2022-0889.yaml
  - data/reports/GO-2022-0890.yaml
  - data/reports/GO-2022-0892.yaml
  - data/reports/GO-2022-0893.yaml
  - data/reports/GO-2022-0894.yaml
  - data/reports/GO-2022-0895.yaml
  - data/reports/GO-2022-0903.yaml
  - data/reports/GO-2022-0905.yaml
  - data/reports/GO-2022-0906.yaml
  - data/reports/GO-2022-0907.yaml
  - data/reports/GO-2022-0908.yaml
  - data/reports/GO-2022-0910.yaml
  - data/reports/GO-2022-0912.yaml
  - data/reports/GO-2022-0914.yaml
  - data/reports/GO-2022-0915.yaml
  - data/reports/GO-2022-0919.yaml
  - data/reports/GO-2022-0920.yaml
  - data/reports/GO-2022-0921.yaml

Updates #887
Updates #888
Updates #889
Updates #890
Updates #892
Updates #893
Updates #894
Updates #895
Updates #903
Updates #905
Updates #906
Updates #907
Updates #908
Updates #910
Updates #912
Updates #914
Updates #915
Updates #919
Updates #920
Updates #921

Change-Id: I6d9c7aaa7d687d3c0aaa5797012853825c9ab22f
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/607228
LUCI-TryBot-Result: Go LUCI <[email protected]>
Reviewed-by: Damien Neil <[email protected]>
Auto-Submit: Tatiana Bradley <[email protected]>

Author: tatianab

data/excluded/GO-2022-0887.yaml

@@ -0,0 +1,56 @@
+{
+  "schema_version": "1.3.1",
+  "id": "GO-2022-0887",
+  "modified": "0001-01-01T00:00:00Z",
+  "published": "0001-01-01T00:00:00Z",
+  "aliases": [
+    "CVE-2017-14623",
+    "GHSA-x27w-qxhg-343v"
+  ],
+  "summary": "Access Restriction Bypass in go-ldap in github.com/go-ldap/ldap",
+  "details": "Access Restriction Bypass in go-ldap in github.com/go-ldap/ldap",
+  "affected": [
+    {
+      "package": {
+        "name": "github.com/go-ldap/ldap",
+        "ecosystem": "Go"
+      },
+      "ranges": [
+        {
+          "type": "SEMVER",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "fixed": "2.5.0+incompatible"
+            }
+          ]
+        }
+      ],
+      "ecosystem_specific": {}
+    }
+  ],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://github.com/advisories/GHSA-x27w-qxhg-343v"
+    },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2017-14623"
+    },
+    {
+      "type": "FIX",
+      "url": "https://github.com/go-ldap/ldap/commit/95ede1266b237bf8e9aa5dce0b3250e51bfefe66"
+    },
+    {
+      "type": "FIX",
+      "url": "https://github.com/go-ldap/ldap/pull/126"
+    }
+  ],
+  "database_specific": {
+    "url": "https://pkg.go.dev/vuln/GO-2022-0887",
+    "review_status": "UNREVIEWED"
+  }
+}

data/excluded/GO-2022-0888.yaml

@@ -0,0 +1,60 @@
+{
+  "schema_version": "1.3.1",
+  "id": "GO-2022-0888",
+  "modified": "0001-01-01T00:00:00Z",
+  "published": "0001-01-01T00:00:00Z",
+  "aliases": [
+    "CVE-2021-21404",
+    "GHSA-x462-89pf-6r5h"
+  ],
+  "summary": "Crash due to malformed relay protocol message in github.com/syncthing/syncthing",
+  "details": "Crash due to malformed relay protocol message in github.com/syncthing/syncthing",
+  "affected": [
+    {
+      "package": {
+        "name": "github.com/syncthing/syncthing",
+        "ecosystem": "Go"
+      },
+      "ranges": [
+        {
+          "type": "SEMVER",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "fixed": "1.15.0"
+            }
+          ]
+        }
+      ],
+      "ecosystem_specific": {}
+    }
+  ],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://github.com/syncthing/syncthing/security/advisories/GHSA-x462-89pf-6r5h"
+    },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-21404"
+    },
+    {
+      "type": "FIX",
+      "url": "https://github.com/syncthing/syncthing/commit/fb4fdaf4c0a79c22cad000c42ac1394e3ccb6a97"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/syncthing/syncthing/releases/tag/v1.15.0"
+    },
+    {
+      "type": "WEB",
+      "url": "https://pkg.go.dev/github.com/syncthing/syncthing"
+    }
+  ],
+  "database_specific": {
+    "url": "https://pkg.go.dev/vuln/GO-2022-0888",
+    "review_status": "UNREVIEWED"
+  }
+}

data/excluded/GO-2022-0889.yaml

@@ -0,0 +1,60 @@
+{
+  "schema_version": "1.3.1",
+  "id": "GO-2022-0889",
+  "modified": "0001-01-01T00:00:00Z",
+  "published": "0001-01-01T00:00:00Z",
+  "aliases": [
+    "CVE-2021-25835",
+    "GHSA-x5f3-qmwj-4f84"
+  ],
+  "summary": "Authentication bypass by capture-replay in github.com/cosmos/ethermint",
+  "details": "Authentication bypass by capture-replay in github.com/cosmos/ethermint",
+  "affected": [
+    {
+      "package": {
+        "name": "github.com/cosmos/ethermint",
+        "ecosystem": "Go"
+      },
+      "ranges": [
+        {
+          "type": "SEMVER",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "fixed": "0.4.1"
+            }
+          ]
+        }
+      ],
+      "ecosystem_specific": {}
+    }
+  ],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://github.com/advisories/GHSA-x5f3-qmwj-4f84"
+    },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-25835"
+    },
+    {
+      "type": "FIX",
+      "url": "https://github.com/cosmos/ethermint/pull/692"
+    },
+    {
+      "type": "REPORT",
+      "url": "https://github.com/cosmos/ethermint/issues/687"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/cosmos/ethermint/releases/tag/v0.4.1"
+    }
+  ],
+  "database_specific": {
+    "url": "https://pkg.go.dev/vuln/GO-2022-0889",
+    "review_status": "UNREVIEWED"
+  }
+}