data/reports: regenerate 50 reports

- data/reports/GO-2024-2642.yaml
  - data/reports/GO-2024-2644.yaml
  - data/reports/GO-2024-2645.yaml
  - data/reports/GO-2024-2664.yaml
  - data/reports/GO-2024-2665.yaml
  - data/reports/GO-2024-2675.yaml
  - data/reports/GO-2024-2684.yaml
  - data/reports/GO-2024-2690.yaml
  - data/reports/GO-2024-2697.yaml
  - data/reports/GO-2024-2704.yaml
  - data/reports/GO-2024-2707.yaml
  - data/reports/GO-2024-2718.yaml
  - data/reports/GO-2024-2719.yaml
  - data/reports/GO-2024-2728.yaml
  - data/reports/GO-2024-2741.yaml
  - data/reports/GO-2024-2752.yaml
  - data/reports/GO-2024-2757.yaml
  - data/reports/GO-2024-2769.yaml
  - data/reports/GO-2024-2792.yaml
  - data/reports/GO-2024-2801.yaml
  - data/reports/GO-2024-2815.yaml
  - data/reports/GO-2024-2843.yaml
  - data/reports/GO-2024-2844.yaml
  - data/reports/GO-2024-2847.yaml
  - data/reports/GO-2024-2848.yaml
  - data/reports/GO-2024-2851.yaml
  - data/reports/GO-2024-2852.yaml
  - data/reports/GO-2024-2854.yaml
  - data/reports/GO-2024-2855.yaml
  - data/reports/GO-2024-2856.yaml
  - data/reports/GO-2024-2857.yaml
  - data/reports/GO-2024-2858.yaml
  - data/reports/GO-2024-2866.yaml
  - data/reports/GO-2024-2867.yaml
  - data/reports/GO-2024-2877.yaml
  - data/reports/GO-2024-2886.yaml
  - data/reports/GO-2024-2891.yaml
  - data/reports/GO-2024-2898.yaml
  - data/reports/GO-2024-2901.yaml
  - data/reports/GO-2024-2902.yaml
  - data/reports/GO-2024-2905.yaml
  - data/reports/GO-2024-2911.yaml
  - data/reports/GO-2024-2917.yaml
  - data/reports/GO-2024-2919.yaml
  - data/reports/GO-2024-2922.yaml
  - data/reports/GO-2024-2939.yaml
  - data/reports/GO-2024-2941.yaml
  - data/reports/GO-2024-2972.yaml
  - data/reports/GO-2024-2981.yaml
  - data/reports/GO-2024-2987.yaml

Updates golang/vulndb#2642
Updates golang/vulndb#2644
Updates golang/vulndb#2645
Updates golang/vulndb#2664
Updates golang/vulndb#2665
Updates golang/vulndb#2675
Updates golang/vulndb#2684
Updates golang/vulndb#2690
Updates golang/vulndb#2697
Updates golang/vulndb#2704
Updates golang/vulndb#2707
Updates golang/vulndb#2718
Updates golang/vulndb#2719
Updates golang/vulndb#2728
Updates golang/vulndb#2741
Updates golang/vulndb#2752
Updates golang/vulndb#2757
Updates golang/vulndb#2769
Updates golang/vulndb#2792
Updates golang/vulndb#2801
Updates golang/vulndb#2815
Updates golang/vulndb#2843
Updates golang/vulndb#2844
Updates golang/vulndb#2847
Updates golang/vulndb#2848
Updates golang/vulndb#2851
Updates golang/vulndb#2852
Updates golang/vulndb#2854
Updates golang/vulndb#2855
Updates golang/vulndb#2856
Updates golang/vulndb#2857
Updates golang/vulndb#2858
Updates golang/vulndb#2866
Updates golang/vulndb#2867
Updates golang/vulndb#2877
Updates golang/vulndb#2886
Updates golang/vulndb#2891
Updates golang/vulndb#2898
Updates golang/vulndb#2901
Updates golang/vulndb#2902
Updates golang/vulndb#2905
Updates golang/vulndb#2911
Updates golang/vulndb#2917
Updates golang/vulndb#2919
Updates golang/vulndb#2922
Updates golang/vulndb#2939
Updates golang/vulndb#2941
Updates golang/vulndb#2972
Updates golang/vulndb#2981
Updates golang/vulndb#2987

Change-Id: I2dff127628eabc7c25afa4020c15a4d35a46a2c4
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/606359
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Tatiana Bradley <tatianabradley@google.com>
Reviewed-by: Damien Neil <dneil@google.com>

data/osv/GO-2024-2741.json

@@ -4,10 +4,11 @@
   "modified": "0001-01-01T00:00:00Z",
   "published": "0001-01-01T00:00:00Z",
   "aliases": [
-    "CVE-2024-31450"
+    "CVE-2024-31450",
+    "GHSA-9355-27m8-h74v"
   ],
-  "summary": "Owncast vulnerable to arbitrary file deletion in emoji.go (GHSL-2023-277) in github.com/owncast/owncast",
-  "details": "Owncast vulnerable to arbitrary file deletion in emoji.go (GHSL-2023-277) in github.com/owncast/owncast",
+  "summary": "Owncast Path Traversal vulnerability in github.com/owncast/owncast",
+  "details": "Owncast Path Traversal vulnerability in github.com/owncast/owncast",
   "affected": [
     {
       "package": {
@@ -31,10 +32,18 @@
     }
   ],
   "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://github.com/advisories/GHSA-9355-27m8-h74v"
+    },
     {
       "type": "ADVISORY",
       "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-31450"
     },
+    {
+      "type": "ADVISORY",
+      "url": "https://securitylab.github.com/advisories/GHSL-2023-277_Owncast"
+    },
     {
       "type": "FIX",
       "url": "https://github.com/owncast/owncast/commit/1b14800c7d7f54be14ed4d130bfe7f480645076e"
@@ -46,10 +55,6 @@
     {
       "type": "WEB",
       "url": "https://github.com/owncast/owncast/releases/tag/v0.1.3"
-    },
-    {
-      "type": "WEB",
-      "url": "https://securitylab.github.com/advisories/GHSL-2023-277_Owncast/"
     }
   ],
   "database_specific": {

data/osv/GO-2024-2769.json

@@ -51,6 +51,10 @@
     {
       "type": "WEB",
       "url": "https://github.com/go-gitea/gitea/pull/20196"
+    },
+    {
+      "type": "WEB",
+      "url": "https://herolab.usd.de/security-advisories/usd-2022-0015"
     }
   ],
   "database_specific": {

data/osv/GO-2024-2801.json

@@ -8,7 +8,7 @@
     "GHSA-6362-gv4m-53ww"
   ],
   "summary": "Calico privilege escalation vulnerability in github.com/projectcalico/calico",
-  "details": "Calico privilege escalation vulnerability in github.com/projectcalico/calico.\n\nNOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions.\n\n(If this is causing false-positive reports from vulnerability scanners, please suggest an edit to the report.)\n\nThe additional affected modules and versions are: github.com/projectcalico/calico before v3.26.5, from v3.27.0 before v3.27.3.",
+  "details": "Calico privilege escalation vulnerability in github.com/projectcalico/calico.\n\nNOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions.\n\n(If this is causing false-positive reports from vulnerability scanners, please suggest an edit to the report.)\n\nThe additional affected modules and versions are: github.com/projectcalico/calico/v3 before v3.26.5, from v3.27.0 before v3.27.3.",
   "affected": [
     {
       "package": {
@@ -25,6 +25,23 @@
           ]
         }
       ],
+      "ecosystem_specific": {}
+    },
+    {
+      "package": {
+        "name": "github.com/projectcalico/calico/v3",
+        "ecosystem": "Go"
+      },
+      "ranges": [
+        {
+          "type": "SEMVER",
+          "events": [
+            {
+              "introduced": "0"
+            }
+          ]
+        }
+      ],
       "ecosystem_specific": {
         "custom_ranges": [
           {

data/osv/GO-2024-2815.json

@@ -7,9 +7,6 @@
     "CVE-2024-34068",
     "GHSA-qq22-jj8x-4wwv"
   ],
-  "related": [
-    "GHSA-6rg3-8h8x-5xfv"
-  ],
   "summary": "Pterodactyl Wings vulnerable to Server-Side Request Forgery during remote file pull in github.com/pterodactyl/wings",
   "details": "Pterodactyl Wings vulnerable to Server-Side Request Forgery during remote file pull in github.com/pterodactyl/wings",
   "affected": [

data/osv/GO-2024-2866.json

@@ -55,6 +55,10 @@
       "type": "REPORT",
       "url": "https://github.com/submariner-io/submariner-operator/issues/3041"
     },
+    {
+      "type": "WEB",
+      "url": "https://access.redhat.com/errata/RHSA-2024:4591"
+    },
     {
       "type": "WEB",
       "url": "https://access.redhat.com/security/cve/CVE-2024-5042"

data/osv/GO-2024-2891.json

@@ -7,10 +7,6 @@
     "CVE-2024-32873",
     "GHSA-pxv8-qhrh-jc7v"
   ],
-  "related": [
-    "CVE-2024-37158",
-    "CVE-2024-37159"
-  ],
   "summary": "evmos allows transferring unvested tokens after delegations in github.com/evmos/evmos",
   "details": "evmos allows transferring unvested tokens after delegations in github.com/evmos/evmos",
   "affected": [
@@ -336,6 +332,14 @@
     {
       "type": "FIX",
       "url": "https://github.com/evmos/evmos/commit/b2a09ca66613d8b04decd3f2dcba8e1e77709dcb"
+    },
+    {
+      "type": "WEB",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-37158"
+    },
+    {
+      "type": "WEB",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-37159"
     }
   ],
   "database_specific": {

data/osv/GO-2024-2901.json

@@ -55,6 +55,10 @@
     {
       "type": "WEB",
       "url": "https://github.com/ollama/ollama/compare/v0.1.33...v0.1.34"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.vicarius.io/vsociety/posts/probllama-in-ollama-a-tale-of-a-yet-another-rce-vulnerability-cve-2024-37032"
     }
   ],
   "database_specific": {

data/osv/GO-2024-2905.json

@@ -28,6 +28,22 @@
     }
   ],
   "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://access.redhat.com/errata/RHSA-2024:4151"
+    },
+    {
+      "type": "ADVISORY",
+      "url": "https://access.redhat.com/errata/RHSA-2024:4156"
+    },
+    {
+      "type": "ADVISORY",
+      "url": "https://access.redhat.com/errata/RHSA-2024:4329"
+    },
+    {
+      "type": "ADVISORY",
+      "url": "https://access.redhat.com/errata/RHSA-2024:4484"
+    },
     {
       "type": "ADVISORY",
       "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-5037"

data/osv/GO-2024-2919.json

@@ -60,6 +60,14 @@
       "type": "WEB",
       "url": "https://access.redhat.com/errata/RHSA-2024:3700"
     },
+    {
+      "type": "WEB",
+      "url": "https://access.redhat.com/errata/RHSA-2024:4008"
+    },
+    {
+      "type": "WEB",
+      "url": "https://access.redhat.com/errata/RHSA-2024:4486"
+    },
     {
       "type": "WEB",
       "url": "https://access.redhat.com/security/cve/CVE-2024-5154"

data/osv/GO-2024-2972.json

@@ -37,6 +37,10 @@
       "type": "ADVISORY",
       "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39933"
     },
+    {
+      "type": "WEB",
+      "url": "https://github.com/gogs/gogs/releases"
+    },
     {
       "type": "WEB",
       "url": "https://www.sonarsource.com/blog/securing-developer-tools-unpatched-code-vulnerabilities-in-gogs-1"

data/osv/GO-2024-2981.json

@@ -34,7 +34,7 @@
   "references": [
     {
       "type": "ADVISORY",
-      "url": "https://github.com/openclarity/kubeclarity/security/advisories/GHSA-5248-h45p-9pgw"
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-39909"
     },
     {
       "type": "WEB",

data/osv/GO-2024-2987.json

@@ -44,6 +44,14 @@
       "type": "FIX",
       "url": "https://github.com/skupperproject/skupper/commit/d2cb3782e807853694ee66b6e3d4a1917485eb71"
     },
+    {
+      "type": "WEB",
+      "url": "https://access.redhat.com/errata/RHSA-2024:4865"
+    },
+    {
+      "type": "WEB",
+      "url": "https://access.redhat.com/errata/RHSA-2024:4871"
+    },
     {
       "type": "WEB",
       "url": "https://access.redhat.com/security/cve/CVE-2024-6535"

data/reports/GO-2024-2642.yaml

@@ -15,5 +15,5 @@ references:
     - fix: https://github.com/pterodactyl/wings/commit/d1c0ca526007113a0f74f56eba99511b4e989287
 source:
     id: GHSA-494h-9924-xww9
-    created: 2024-05-17T16:14:39.536444-04:00
+    created: 2024-08-16T16:20:15.207291-04:00
 review_status: UNREVIEWED

data/reports/GO-2024-2644.yaml

@@ -16,5 +16,5 @@ references:
     - fix: https://github.com/fluid-cloudnative/fluid/commit/e0184cff8790ad000c3e8943392c7f544fad7d66
 source:
     id: GHSA-wx8q-4gm9-rj2g
-    created: 2024-05-17T16:14:37.080903-04:00
+    created: 2024-08-16T16:20:19.628-04:00
 review_status: UNREVIEWED

data/reports/GO-2024-2645.yaml

@@ -24,5 +24,5 @@ references:
     - web: https://docs.projectdiscovery.io/templates/workflows/overview
 source:
     id: GHSA-w5wx-6g2r-r78q
-    created: 2024-06-26T13:58:33.793233-04:00
+    created: 2024-08-16T16:20:23.793947-04:00
 review_status: UNREVIEWED

data/reports/GO-2024-2664.yaml

@@ -33,5 +33,5 @@ references:
     - web: https://github.com/zitadel/zitadel/releases/tag/v2.48.3
 source:
     id: GHSA-gp8g-f42f-95q2
-    created: 2024-06-04T15:37:24.2634-04:00
+    created: 2024-08-16T16:20:28.404882-04:00
 review_status: UNREVIEWED

data/reports/GO-2024-2665.yaml

@@ -35,5 +35,5 @@ references:
     - web: https://github.com/zitadel/zitadel/releases/tag/v2.48.3
 source:
     id: GHSA-hr5w-cwwq-2v4m
-    created: 2024-06-04T15:37:16.762486-04:00
+    created: 2024-08-16T16:20:34.214998-04:00
 review_status: UNREVIEWED

data/reports/GO-2024-2675.yaml

@@ -17,5 +17,5 @@ references:
     - web: https://github.com/temporalio/ui-server/releases/tag/v2.25.0
 source:
     id: GHSA-8f25-w7qj-r7hc
-    created: 2024-06-26T13:58:51.59593-04:00
+    created: 2024-08-16T16:20:38.737583-04:00
 review_status: UNREVIEWED

data/reports/GO-2024-2684.yaml

@@ -16,5 +16,5 @@ references:
     - web: https://github.com/CA17/TeamsACS/issues/26
 source:
     id: GHSA-hwvw-gh23-qpvq
-    created: 2024-06-06T16:16:42.764735-04:00
+    created: 2024-08-16T16:20:42.760133-04:00
 review_status: UNREVIEWED

data/reports/GO-2024-2690.yaml

@@ -9,8 +9,6 @@ cves:
     - CVE-2024-2660
 ghsas:
     - GHSA-j2rp-gmqv-frhv
-unknown_aliases:
-    - BIT-vault-2024-2660
 references:
     - advisory: https://github.com/advisories/GHSA-j2rp-gmqv-frhv
     - advisory: https://nvd.nist.gov/vuln/detail/CVE-2024-2660
@@ -18,5 +16,5 @@ references:
     - web: https://security.netapp.com/advisory/ntap-20240524-0007
 source:
     id: GHSA-j2rp-gmqv-frhv
-    created: 2024-06-26T13:59:09.265191-04:00
+    created: 2024-08-16T16:20:57.01244-04:00
 review_status: UNREVIEWED

data/reports/GO-2024-2697.yaml

@@ -18,13 +18,11 @@ cves:
     - CVE-2024-1313
 ghsas:
     - GHSA-67rv-qpw2-6qrr
-unknown_aliases:
-    - BIT-grafana-2024-1313
 references:
     - advisory: https://github.com/grafana/bugbounty/security/advisories/GHSA-67rv-qpw2-6qrr
     - advisory: https://nvd.nist.gov/vuln/detail/CVE-2024-1313
     - web: https://grafana.com/security/security-advisories/cve-2024-1313
 source:
     id: GHSA-67rv-qpw2-6qrr
-    created: 2024-06-04T15:31:16.41185-04:00
+    created: 2024-08-16T16:21:17.82198-04:00
 review_status: UNREVIEWED

data/reports/GO-2024-2704.yaml

@@ -12,13 +12,11 @@ cves:
     - CVE-2023-3518
 ghsas:
     - GHSA-9rhf-q362-77mx
-unknown_aliases:
-    - BIT-consul-2023-3518
 references:
     - advisory: https://github.com/advisories/GHSA-9rhf-q362-77mx
     - advisory: https://nvd.nist.gov/vuln/detail/CVE-2023-3518
     - web: https://discuss.hashicorp.com/t/hcsec-2023-25-consul-jwt-auth-in-l7-intentions-allow-for-mismatched-service-identity-and-jwt-providers/57004
 source:
     id: GHSA-9rhf-q362-77mx
-    created: 2024-05-17T16:13:44.520242-04:00
+    created: 2024-08-16T16:26:30.299935-04:00
 review_status: UNREVIEWED

data/reports/GO-2024-2707.yaml

@@ -1,7 +1,7 @@
 id: GO-2024-2707
 modules:
     - module: github.com/mattermost/mattermost-server
-      vulnerable_at: 9.9.0+incompatible
+      vulnerable_at: 9.11.0+incompatible
     - module: github.com/mattermost/mattermost-server/v5
       vulnerable_at: 5.39.3
     - module: github.com/mattermost/mattermost-server/v6
@@ -9,19 +9,17 @@ modules:
     - module: github.com/mattermost/mattermost/server/v8
       non_go_versions:
         - fixed: 8.1.11
-      vulnerable_at: 8.0.0-20240626145722-59998b0b8473
+      vulnerable_at: 8.0.0-20240816093336-e666f7ccfc35
 summary: Mattermost Server Improper Access Control in github.com/mattermost/mattermost-server
 cves:
     - CVE-2024-21848
 ghsas:
     - GHSA-xp9j-8p68-9q93
-unknown_aliases:
-    - CGA-w76m-mrwf-j7rf
 references:
     - advisory: https://github.com/advisories/GHSA-xp9j-8p68-9q93
     - advisory: https://nvd.nist.gov/vuln/detail/CVE-2024-21848
     - web: https://mattermost.com/security-updates
 source:
     id: GHSA-xp9j-8p68-9q93
-    created: 2024-06-26T14:00:29.455068-04:00
+    created: 2024-08-16T16:26:45.868718-04:00
 review_status: UNREVIEWED

data/reports/GO-2024-2718.yaml

@@ -13,8 +13,6 @@ cves:
     - CVE-2024-29902
 ghsas:
     - GHSA-88jx-383q-w4qc
-unknown_aliases:
-    - BIT-cosign-2024-29902
 references:
     - advisory: https://github.com/sigstore/cosign/security/advisories/GHSA-88jx-383q-w4qc
     - advisory: https://nvd.nist.gov/vuln/detail/CVE-2024-29902
@@ -24,5 +22,5 @@ references:
     - web: https://github.com/sigstore/cosign/releases/tag/v2.2.4
 source:
     id: GHSA-88jx-383q-w4qc
-    created: 2024-06-26T14:00:44.029803-04:00
+    created: 2024-08-16T16:27:02.130598-04:00
 review_status: UNREVIEWED

data/reports/GO-2024-2719.yaml

@@ -13,8 +13,6 @@ cves:
     - CVE-2024-29903
 ghsas:
     - GHSA-95pr-fxf5-86gv
-unknown_aliases:
-    - BIT-cosign-2024-29903
 references:
     - advisory: https://github.com/sigstore/cosign/security/advisories/GHSA-95pr-fxf5-86gv
     - advisory: https://nvd.nist.gov/vuln/detail/CVE-2024-29903
@@ -24,5 +22,5 @@ references:
     - web: https://github.com/sigstore/cosign/releases/tag/v2.2.4
 source:
     id: GHSA-95pr-fxf5-86gv
-    created: 2024-06-26T14:00:49.329229-04:00
+    created: 2024-08-16T16:27:07.148334-04:00
 review_status: UNREVIEWED

data/reports/GO-2024-2728.yaml

@@ -16,8 +16,6 @@ cves:
     - CVE-2024-31990
 ghsas:
     - GHSA-2gvw-w6fj-7m3c
-unknown_aliases:
-    - BIT-argo-cd-2024-31990
 references:
     - advisory: https://github.com/argoproj/argo-cd/security/advisories/GHSA-2gvw-w6fj-7m3c
     - advisory: https://nvd.nist.gov/vuln/detail/CVE-2024-31990
@@ -26,5 +24,5 @@ references:
     - fix: https://github.com/argoproj/argo-cd/commit/e0ff56d89fbd7d066e9c862b30337f6520f13f17
 source:
     id: GHSA-2gvw-w6fj-7m3c
-    created: 2024-06-26T14:01:04.285149-04:00
+    created: 2024-08-16T16:27:22.05692-04:00
 review_status: UNREVIEWED

data/reports/GO-2024-2741.yaml

@@ -4,16 +4,19 @@ modules:
       versions:
         - fixed: 0.1.3
       vulnerable_at: 0.1.2
-summary: Owncast vulnerable to arbitrary file deletion in emoji.go (GHSL-2023-277) in github.com/owncast/owncast
+summary: Owncast Path Traversal vulnerability in github.com/owncast/owncast
 cves:
     - CVE-2024-31450
+ghsas:
+    - GHSA-9355-27m8-h74v
 references:
+    - advisory: https://github.com/advisories/GHSA-9355-27m8-h74v
     - advisory: https://nvd.nist.gov/vuln/detail/CVE-2024-31450
+    - advisory: https://securitylab.github.com/advisories/GHSL-2023-277_Owncast
     - fix: https://github.com/owncast/owncast/commit/1b14800c7d7f54be14ed4d130bfe7f480645076e
     - web: https://github.com/owncast/owncast/blob/v0.1.2/controllers/admin/emoji.go#L63
     - web: https://github.com/owncast/owncast/releases/tag/v0.1.3
-    - web: https://securitylab.github.com/advisories/GHSL-2023-277_Owncast/
 source:
-    id: CVE-2024-31450
-    created: 2024-05-17T16:12:46.896265-04:00
+    id: GHSA-9355-27m8-h74v
+    created: 2024-08-16T16:27:58.20186-04:00
 review_status: UNREVIEWED

data/reports/GO-2024-2752.yaml

@@ -9,8 +9,6 @@ cves:
     - CVE-2022-1058
 ghsas:
     - GHSA-4rqq-rxvc-v2rc
-unknown_aliases:
-    - BIT-gitea-2022-1058
 references:
     - advisory: https://github.com/advisories/GHSA-4rqq-rxvc-v2rc
     - advisory: https://nvd.nist.gov/vuln/detail/CVE-2022-1058
@@ -20,5 +18,5 @@ references:
     - web: https://huntr.dev/bounties/4fb42144-ac70-4f76-a5e1-ef6b5e55dc0d
 source:
     id: GHSA-4rqq-rxvc-v2rc
-    created: 2024-05-17T16:12:33.556783-04:00
+    created: 2024-08-16T16:28:28.841226-04:00
 review_status: UNREVIEWED

data/reports/GO-2024-2757.yaml

@@ -10,13 +10,11 @@ cves:
     - CVE-2021-3382
 ghsas:
     - GHSA-9f8c-pfvv-p4gm
-unknown_aliases:
-    - BIT-gitea-2021-3382
 references:
     - advisory: https://github.com/advisories/GHSA-9f8c-pfvv-p4gm
     - advisory: https://nvd.nist.gov/vuln/detail/CVE-2021-3382
     - web: https://github.com/go-gitea/gitea/pull/14390
 source:
     id: GHSA-9f8c-pfvv-p4gm
-    created: 2024-05-17T16:12:14.05802-04:00
+    created: 2024-08-16T16:29:22.692442-04:00
 review_status: UNREVIEWED

data/reports/GO-2024-2769.yaml

@@ -9,15 +9,14 @@ cves:
     - CVE-2022-38183
 ghsas:
     - GHSA-fhv8-m4j4-cww2
-unknown_aliases:
-    - BIT-gitea-2022-38183
 references:
     - advisory: https://github.com/advisories/GHSA-fhv8-m4j4-cww2
     - advisory: https://nvd.nist.gov/vuln/detail/CVE-2022-38183
     - web: https://blog.gitea.io/2022/07/gitea-1.16.9-is-released
     - web: https://github.com/go-gitea/gitea/pull/20133
     - web: https://github.com/go-gitea/gitea/pull/20196
+    - web: https://herolab.usd.de/security-advisories/usd-2022-0015
 source:
     id: GHSA-fhv8-m4j4-cww2
-    created: 2024-06-06T16:18:38.02836-04:00
+    created: 2024-08-16T16:30:11.166354-04:00
 review_status: UNREVIEWED

data/reports/GO-2024-2792.yaml

@@ -17,8 +17,6 @@ cves:
     - CVE-2024-32476
 ghsas:
     - GHSA-9m6p-x4h2-6frq
-unknown_aliases:
-    - BIT-argo-cd-2024-32476
 references:
     - advisory: https://github.com/argoproj/argo-cd/security/advisories/GHSA-9m6p-x4h2-6frq
     - advisory: https://nvd.nist.gov/vuln/detail/CVE-2024-32476
@@ -27,5 +25,5 @@ references:
     - fix: https://github.com/argoproj/argo-cd/commit/e2df7315fb7d96652186bf7435773a27be330cac
 source:
     id: GHSA-9m6p-x4h2-6frq
-    created: 2024-06-26T14:04:57.097041-04:00
+    created: 2024-08-16T16:31:53.010462-04:00
 review_status: UNREVIEWED

data/reports/GO-2024-2801.yaml

@@ -1,19 +1,17 @@
 id: GO-2024-2801
 modules:
     - module: github.com/projectcalico/calico
+      vulnerable_at: 2.6.12+incompatible
+    - module: github.com/projectcalico/calico/v3
       non_go_versions:
         - fixed: 3.26.5
         - introduced: 3.27.0
         - fixed: 3.27.3
-      vulnerable_at: 2.6.12+incompatible
 summary: Calico privilege escalation vulnerability in github.com/projectcalico/calico
 cves:
     - CVE-2024-33522
 ghsas:
     - GHSA-6362-gv4m-53ww
-unknown_aliases:
-    - CGA-c9f6-83fw-wmpv
-    - CGA-vw5m-65r5-hgf5
 references:
     - advisory: https://github.com/advisories/GHSA-6362-gv4m-53ww
     - advisory: https://nvd.nist.gov/vuln/detail/CVE-2024-33522
@@ -21,7 +19,9 @@ references:
     - fix: https://github.com/projectcalico/calico/pull/8517
     - report: https://github.com/projectcalico/calico/issues/7981
     - web: https://www.tigera.io/security-bulletins-tta-2024-001
+notes:
+    - fix: 'github.com/projectcalico/calico/v3: could not add vulnerable_at: no fix, but could not find latest version from proxy: HTTP GET /github.com/projectcalico/calico/v3/@latest returned status 404 Not Found'
 source:
     id: GHSA-6362-gv4m-53ww
-    created: 2024-06-26T14:05:52.596558-04:00
+    created: 2024-08-16T16:48:33.062406-04:00
 review_status: UNREVIEWED

data/reports/GO-2024-2815.yaml

@@ -11,16 +11,12 @@ cves:
     - CVE-2024-34068
 ghsas:
     - GHSA-qq22-jj8x-4wwv
-related:
-    - GHSA-6rg3-8h8x-5xfv
 references:
     - advisory: https://github.com/pterodactyl/wings/security/advisories/GHSA-qq22-jj8x-4wwv
     - advisory: https://nvd.nist.gov/vuln/detail/CVE-2024-34068
     - fix: https://github.com/pterodactyl/wings/commit/c152e36101aba45d8868a9a0eeb890995e8934b8
     - web: https://github.com/pterodactyl/wings/security/advisories/GHSA-6rg3-8h8x-5xfv
-notes:
-    - manually moved GHSA-6rg3-8h8x-5xfv to related section and re-classified advisory to web
 source:
     id: GHSA-qq22-jj8x-4wwv
-    created: 2024-06-26T14:06:28.726486-04:00
+    created: 2024-08-16T16:49:18.710927-04:00
 review_status: UNREVIEWED

data/reports/GO-2024-2843.yaml

@@ -12,13 +12,11 @@ cves:
     - CVE-2022-39306
 ghsas:
     - GHSA-2x6g-h2hg-rq84
-unknown_aliases:
-    - BIT-grafana-2022-39306
 references:
     - advisory: https://github.com/grafana/grafana/security/advisories/GHSA-2x6g-h2hg-rq84
     - advisory: https://nvd.nist.gov/vuln/detail/CVE-2022-39306
     - web: https://security.netapp.com/advisory/ntap-20221215-0004
 source:
     id: GHSA-2x6g-h2hg-rq84
-    created: 2024-06-04T14:27:39.956482-04:00
+    created: 2024-08-16T16:49:29.165378-04:00
 review_status: UNREVIEWED

data/reports/GO-2024-2844.yaml

@@ -11,13 +11,11 @@ cves:
     - CVE-2022-39307
 ghsas:
     - GHSA-3p62-42x7-gxg5
-unknown_aliases:
-    - BIT-grafana-2022-39307
 references:
     - advisory: https://github.com/grafana/grafana/security/advisories/GHSA-3p62-42x7-gxg5
     - advisory: https://nvd.nist.gov/vuln/detail/CVE-2022-39307
     - web: https://security.netapp.com/advisory/ntap-20221215-0004
 source:
     id: GHSA-3p62-42x7-gxg5
-    created: 2024-06-04T14:27:37.274881-04:00
+    created: 2024-08-16T16:49:31.886099-04:00
 review_status: UNREVIEWED

data/reports/GO-2024-2847.yaml

@@ -13,8 +13,6 @@ cves:
     - CVE-2022-35957
 ghsas:
     - GHSA-ff5c-938w-8c9q
-unknown_aliases:
-    - BIT-grafana-2022-35957
 references:
     - advisory: https://github.com/grafana/grafana/security/advisories/GHSA-ff5c-938w-8c9q
     - advisory: https://nvd.nist.gov/vuln/detail/CVE-2022-35957
@@ -22,5 +20,5 @@ references:
     - web: https://security.netapp.com/advisory/ntap-20221215-0001
 source:
     id: GHSA-ff5c-938w-8c9q
-    created: 2024-06-04T14:27:32.534925-04:00
+    created: 2024-08-16T16:49:34.485969-04:00
 review_status: UNREVIEWED

data/reports/GO-2024-2848.yaml

@@ -11,8 +11,6 @@ cves:
     - CVE-2022-39229
 ghsas:
     - GHSA-gj7m-853r-289r
-unknown_aliases:
-    - BIT-grafana-2022-39229
 references:
     - advisory: https://github.com/grafana/grafana/security/advisories/GHSA-gj7m-853r-289r
     - advisory: https://nvd.nist.gov/vuln/detail/CVE-2022-39229
@@ -20,5 +18,5 @@ references:
     - web: https://github.com/grafana/grafana/releases/tag/v9.1.8
 source:
     id: GHSA-gj7m-853r-289r
-    created: 2024-06-04T14:27:27.572132-04:00
+    created: 2024-08-16T16:49:37.624728-04:00
 review_status: UNREVIEWED

data/reports/GO-2024-2851.yaml

@@ -14,8 +14,6 @@ cves:
     - CVE-2022-31130
 ghsas:
     - GHSA-jv32-5578-pxjc
-unknown_aliases:
-    - BIT-grafana-2022-31130
 references:
     - advisory: https://github.com/grafana/grafana/security/advisories/GHSA-jv32-5578-pxjc
     - advisory: https://nvd.nist.gov/vuln/detail/CVE-2022-31130
@@ -24,5 +22,5 @@ references:
     - web: https://github.com/grafana/grafana/releases/tag/v9.1.8
 source:
     id: GHSA-jv32-5578-pxjc
-    created: 2024-06-04T14:27:17.106354-04:00
+    created: 2024-08-16T16:49:46.665407-04:00
 review_status: UNREVIEWED

data/reports/GO-2024-2852.yaml

@@ -16,8 +16,6 @@ cves:
     - CVE-2022-31107
 ghsas:
     - GHSA-mx47-6497-3fv2
-unknown_aliases:
-    - BIT-grafana-2022-31107
 references:
     - advisory: https://github.com/grafana/grafana/security/advisories/GHSA-mx47-6497-3fv2
     - advisory: https://nvd.nist.gov/vuln/detail/CVE-2022-31107
@@ -27,5 +25,5 @@ references:
     - web: https://security.netapp.com/advisory/ntap-20220901-0010
 source:
     id: GHSA-mx47-6497-3fv2
-    created: 2024-06-26T14:07:05.767763-04:00
+    created: 2024-08-16T16:49:49.982077-04:00
 review_status: UNREVIEWED

data/reports/GO-2024-2854.yaml

@@ -14,13 +14,11 @@ cves:
     - CVE-2022-36062
 ghsas:
     - GHSA-p978-56hq-r492
-unknown_aliases:
-    - BIT-grafana-2022-36062
 references:
     - advisory: https://github.com/grafana/grafana/security/advisories/GHSA-p978-56hq-r492
     - advisory: https://nvd.nist.gov/vuln/detail/CVE-2022-36062
     - web: https://security.netapp.com/advisory/ntap-20221215-0001
 source:
     id: GHSA-p978-56hq-r492
-    created: 2024-06-04T14:27:09.594073-04:00
+    created: 2024-08-16T16:49:56.105635-04:00
 review_status: UNREVIEWED

data/reports/GO-2024-2855.yaml

@@ -12,8 +12,6 @@ cves:
     - CVE-2022-31123
 ghsas:
     - GHSA-rhxj-gh46-jvw8
-unknown_aliases:
-    - BIT-grafana-2022-31123
 references:
     - advisory: https://github.com/grafana/grafana/security/advisories/GHSA-rhxj-gh46-jvw8
     - advisory: https://nvd.nist.gov/vuln/detail/CVE-2022-31123
@@ -21,5 +19,5 @@ references:
     - web: https://security.netapp.com/advisory/ntap-20221124-0002
 source:
     id: GHSA-rhxj-gh46-jvw8
-    created: 2024-06-04T14:27:06.393242-04:00
+    created: 2024-08-16T16:49:59.349105-04:00
 review_status: UNREVIEWED

data/reports/GO-2024-2856.yaml

@@ -10,13 +10,11 @@ cves:
     - CVE-2022-39328
 ghsas:
     - GHSA-vqc4-mpj8-jxch
-unknown_aliases:
-    - BIT-grafana-2022-39328
 references:
     - advisory: https://github.com/grafana/grafana/security/advisories/GHSA-vqc4-mpj8-jxch
     - advisory: https://nvd.nist.gov/vuln/detail/CVE-2022-39328
     - web: https://security.netapp.com/advisory/ntap-20221215-0003
 source:
     id: GHSA-vqc4-mpj8-jxch
-    created: 2024-06-04T14:27:03.429541-04:00
+    created: 2024-08-16T16:50:13.406561-04:00
 review_status: UNREVIEWED

data/reports/GO-2024-2857.yaml

@@ -16,8 +16,6 @@ cves:
     - CVE-2022-31097
 ghsas:
     - GHSA-vw7q-p2qg-4m5f
-unknown_aliases:
-    - BIT-grafana-2022-31097
 references:
     - advisory: https://github.com/grafana/grafana/security/advisories/GHSA-vw7q-p2qg-4m5f
     - advisory: https://nvd.nist.gov/vuln/detail/CVE-2022-31097
@@ -27,5 +25,5 @@ references:
     - web: https://security.netapp.com/advisory/ntap-20220901-0010
 source:
     id: GHSA-vw7q-p2qg-4m5f
-    created: 2024-06-04T14:26:57.952392-04:00
+    created: 2024-08-16T16:50:15.791667-04:00
 review_status: UNREVIEWED

data/reports/GO-2024-2858.yaml

@@ -15,8 +15,6 @@ cves:
     - CVE-2022-39201
 ghsas:
     - GHSA-x744-mm8v-vpgr
-unknown_aliases:
-    - BIT-grafana-2022-39201
 references:
     - advisory: https://github.com/grafana/grafana/security/advisories/GHSA-x744-mm8v-vpgr
     - advisory: https://nvd.nist.gov/vuln/detail/CVE-2022-39201
@@ -25,5 +23,5 @@ references:
     - web: https://github.com/grafana/grafana/releases/tag/v9.1.8
 source:
     id: GHSA-x744-mm8v-vpgr
-    created: 2024-06-26T14:07:24.577803-04:00
+    created: 2024-08-16T16:50:18.634732-04:00
 review_status: UNREVIEWED

data/reports/GO-2024-2866.yaml

@@ -6,7 +6,7 @@ modules:
         - introduced: 0.17.0
       unsupported_versions:
         - last_affected: 0.18.0-m3
-      vulnerable_at: 0.17.1
+      vulnerable_at: 0.18.0
 summary: Submariner Operator sets unnecessary RBAC permissions in helm charts in github.com/submariner-io/submariner-operator
 cves:
     - CVE-2024-5042
@@ -18,9 +18,10 @@ references:
     - fix: https://github.com/submariner-io/submariner-operator/commit/b27a04c4270e53cbff6ff8ac6245db10c204bcab
     - fix: https://github.com/submariner-io/submariner-operator/pull/3040
     - report: https://github.com/submariner-io/submariner-operator/issues/3041
+    - web: https://access.redhat.com/errata/RHSA-2024:4591
     - web: https://access.redhat.com/security/cve/CVE-2024-5042
     - web: https://bugzilla.redhat.com/show_bug.cgi?id=2280921
 source:
     id: GHSA-2rhx-qhxp-5jpw
-    created: 2024-06-04T14:26:43.671356-04:00
+    created: 2024-08-16T16:50:42.773929-04:00
 review_status: UNREVIEWED

data/reports/GO-2024-2867.yaml

@@ -11,8 +11,6 @@ cves:
     - CVE-2022-39324
 ghsas:
     - GHSA-4724-7jwc-3fpw
-unknown_aliases:
-    - BIT-grafana-2022-39324
 references:
     - advisory: https://github.com/grafana/grafana/security/advisories/GHSA-4724-7jwc-3fpw
     - advisory: https://nvd.nist.gov/vuln/detail/CVE-2022-39324
@@ -22,5 +20,5 @@ references:
     - fix: https://github.com/grafana/grafana/pull/60256
 source:
     id: GHSA-4724-7jwc-3fpw
-    created: 2024-06-04T14:26:30.813921-04:00
+    created: 2024-08-16T16:50:48.74177-04:00
 review_status: UNREVIEWED

data/reports/GO-2024-2877.yaml

@@ -21,8 +21,6 @@ cves:
     - CVE-2024-31989
 ghsas:
     - GHSA-9766-5277-j5hr
-unknown_aliases:
-    - BIT-argo-cd-2024-31989
 references:
     - advisory: https://github.com/argoproj/argo-cd/security/advisories/GHSA-9766-5277-j5hr
     - advisory: https://nvd.nist.gov/vuln/detail/CVE-2024-31989
@@ -36,5 +34,5 @@ references:
     - fix: https://github.com/argoproj/argo-cd/commit/f1a449e83ee73f8f14d441563b6a31b504f8d8b0
 source:
     id: GHSA-9766-5277-j5hr
-    created: 2024-06-04T14:25:44.461912-04:00
+    created: 2024-08-16T16:51:07.063735-04:00
 review_status: UNREVIEWED

data/reports/GO-2024-2886.yaml

@@ -8,9 +8,6 @@ cves:
     - CVE-2024-36107
 ghsas:
     - GHSA-95fr-cm4m-q5p9
-unknown_aliases:
-    - BIT-minio-2024-36107
-    - CGA-rq5h-44g8-8973
 references:
     - advisory: https://github.com/minio/minio/security/advisories/GHSA-95fr-cm4m-q5p9
     - advisory: https://nvd.nist.gov/vuln/detail/CVE-2024-36107
@@ -22,5 +19,5 @@ notes:
     - fix: 'github.com/minio/minio: could not add vulnerable_at: cannot auto-guess when fixed version is 0.0.0 pseudo-version'
 source:
     id: GHSA-95fr-cm4m-q5p9
-    created: 2024-06-26T14:08:29.094106-04:00
+    created: 2024-08-16T16:51:25.553034-04:00
 review_status: UNREVIEWED

data/reports/GO-2024-2891.yaml

@@ -42,17 +42,15 @@ cves:
     - CVE-2024-32873
 ghsas:
     - GHSA-pxv8-qhrh-jc7v
-related:
-    - CVE-2024-37158
-    - CVE-2024-37159
 references:
     - advisory: https://github.com/evmos/evmos/security/advisories/GHSA-pxv8-qhrh-jc7v
     - advisory: https://nvd.nist.gov/vuln/detail/CVE-2024-32873
     - fix: https://github.com/evmos/evmos/commit/b2a09ca66613d8b04decd3f2dcba8e1e77709dcb
+    - web: https://nvd.nist.gov/vuln/detail/CVE-2024-37158
+    - web: https://nvd.nist.gov/vuln/detail/CVE-2024-37159
 notes:
     - fix: 'github.com/evmos/evmos/v18: could not add vulnerable_at: could not find tagged version between introduced and fixed'
-    - manually moved CVE-2024-37158 and CVE-2024-37159 to related section
 source:
     id: GHSA-pxv8-qhrh-jc7v
-    created: 2024-06-26T14:08:33.882317-04:00
+    created: 2024-08-16T16:51:29.609441-04:00
 review_status: UNREVIEWED

data/reports/GO-2024-2898.yaml

@@ -17,13 +17,11 @@ cves:
     - CVE-2024-36106
 ghsas:
     - GHSA-3cqf-953p-h5cp
-unknown_aliases:
-    - BIT-argo-cd-2024-36106
 references:
     - advisory: https://github.com/argoproj/argo-cd/security/advisories/GHSA-3cqf-953p-h5cp
     - advisory: https://nvd.nist.gov/vuln/detail/CVE-2024-36106
     - fix: https://github.com/argoproj/argo-cd/commit/c2647055c261a550e5da075793260f6524e65ad9
 source:
     id: GHSA-3cqf-953p-h5cp
-    created: 2024-06-27T15:55:03.407268-04:00
+    created: 2024-08-16T16:51:32.808465-04:00
 review_status: UNREVIEWED

data/reports/GO-2024-2901.yaml

@@ -9,8 +9,6 @@ cves:
     - CVE-2024-37032
 ghsas:
     - GHSA-8hqg-whrw-pv92
-unknown_aliases:
-    - CGA-hv8x-jmgj-fp3m
 references:
     - advisory: https://github.com/advisories/GHSA-8hqg-whrw-pv92
     - advisory: https://nvd.nist.gov/vuln/detail/CVE-2024-37032
@@ -18,7 +16,8 @@ references:
     - fix: https://github.com/ollama/ollama/pull/4175
     - web: https://github.com/ollama/ollama/blob/adeb40eaf29039b8964425f69a9315f9f1694ba8/server/modelpath_test.go#L41-L58
     - web: https://github.com/ollama/ollama/compare/v0.1.33...v0.1.34
+    - web: https://www.vicarius.io/vsociety/posts/probllama-in-ollama-a-tale-of-a-yet-another-rce-vulnerability-cve-2024-37032
 source:
     id: GHSA-8hqg-whrw-pv92
-    created: 2024-06-26T14:08:48.678944-04:00
+    created: 2024-08-16T16:51:37.817763-04:00
 review_status: UNREVIEWED

data/reports/GO-2024-2902.yaml

@@ -16,13 +16,11 @@ cves:
     - CVE-2024-37152
 ghsas:
     - GHSA-87p9-x75h-p4j2
-unknown_aliases:
-    - BIT-argo-cd-2024-37152
 references:
     - advisory: https://github.com/argoproj/argo-cd/security/advisories/GHSA-87p9-x75h-p4j2
     - advisory: https://nvd.nist.gov/vuln/detail/CVE-2024-37152
     - fix: https://github.com/argoproj/argo-cd/commit/256d90178b11b04bc8174d08d7b663a2a7b1771b
 source:
     id: GHSA-87p9-x75h-p4j2
-    created: 2024-06-26T14:08:53.979347-04:00
+    created: 2024-08-16T16:51:42.36074-04:00
 review_status: UNREVIEWED

data/reports/GO-2024-2905.yaml

@@ -1,11 +1,20 @@
 id: GO-2024-2905
 modules:
     - module: github.com/openshift/telemeter
+      unsupported_versions:
+        - cve_version_range: 'unaffected from v4.13.0-202407081338.p0.g0634a6d.assembly.stream.el8 before * (default: affected)'
+        - cve_version_range: 'unaffected from v4.14.0-202407021509.p0.g1f72681.assembly.stream.el8 before * (default: affected)'
+        - cve_version_range: 'unaffected from v4.15.0-202406200537.p0.g14489f7.assembly.stream.el9 before * (default: affected)'
+        - cve_version_range: 'unaffected from v4.16.0-202406200537.p0.gc1ecd10.assembly.stream.el9 before * (default: affected)'
       vulnerable_at: 3.11.0+incompatible
 summary: 'Openshift/telemeter: iss check during jwt authentication can be bypassed in github.com/openshift/telemeter'
 cves:
     - CVE-2024-5037
 references:
+    - advisory: https://access.redhat.com/errata/RHSA-2024:4151
+    - advisory: https://access.redhat.com/errata/RHSA-2024:4156
+    - advisory: https://access.redhat.com/errata/RHSA-2024:4329
+    - advisory: https://access.redhat.com/errata/RHSA-2024:4484
     - advisory: https://nvd.nist.gov/vuln/detail/CVE-2024-5037
     - fix: https://github.com/kubernetes/kubernetes/pull/123540
     - report: https://bugzilla.redhat.com/show_bug.cgi?id=2272339
@@ -13,5 +22,5 @@ references:
     - web: https://github.com/openshift/telemeter/blob/a9417a6062c3a31ed78c06ea3a0613a52f2029b2/pkg/authorize/jwt/client_authorizer.go#L78
 source:
     id: CVE-2024-5037
-    created: 2024-06-27T15:54:56.792975-04:00
+    created: 2024-08-16T16:51:51.162764-04:00
 review_status: UNREVIEWED

data/reports/GO-2024-2911.yaml

@@ -8,19 +8,10 @@ modules:
 summary: go-grpc-compression has a zstd decompression bombing vulnerability in github.com/mostynb/go-grpc-compression
 ghsas:
     - GHSA-87m9-rv8p-rgmg
-unknown_aliases:
-    - CGA-55fv-r57p-8jr6
-    - CGA-5mr6-pxmv-g3rf
-    - CGA-9h9r-pfxh-82vp
-    - CGA-9p94-3p48-x4p9
-    - CGA-f77f-95vc-hx27
-    - CGA-fpq9-2vcx-mr9m
-    - CGA-jj45-rqfh-mhq4
-    - CGA-vxwm-jjvq-32cx
 references:
     - advisory: https://github.com/mostynb/go-grpc-compression/security/advisories/GHSA-87m9-rv8p-rgmg
     - fix: https://github.com/mostynb/go-grpc-compression/commit/629c44d3acb9624993cc7de629f47d72109e2ce5
 source:
     id: GHSA-87m9-rv8p-rgmg
-    created: 2024-06-26T14:09:10.765895-04:00
+    created: 2024-08-16T16:52:01.15802-04:00
 review_status: UNREVIEWED

data/reports/GO-2024-2917.yaml

@@ -14,9 +14,6 @@ modules:
 summary: Traefik has unexpected behavior with IPv4-mapped IPv6 addresses in github.com/traefik/traefik
 ghsas:
     - GHSA-7jmw-8259-q9jx
-unknown_aliases:
-    - CGA-7f28-xcwf-h2wm
-    - CGA-8pcv-r7p9-7rjm
 references:
     - advisory: https://github.com/traefik/traefik/security/advisories/GHSA-7jmw-8259-q9jx
     - web: https://github.com/traefik/traefik/releases/tag/v2.11.4
@@ -24,5 +21,5 @@ references:
     - web: https://www.cve.org/CVERecord?id=CVE-2024-24790
 source:
     id: GHSA-7jmw-8259-q9jx
-    created: 2024-06-26T14:09:27.817173-04:00
+    created: 2024-08-16T16:52:14.807167-04:00
 review_status: UNREVIEWED

data/reports/GO-2024-2919.yaml

@@ -19,9 +19,11 @@ references:
     - advisory: https://nvd.nist.gov/vuln/detail/CVE-2024-5154
     - web: https://access.redhat.com/errata/RHSA-2024:3676
     - web: https://access.redhat.com/errata/RHSA-2024:3700
+    - web: https://access.redhat.com/errata/RHSA-2024:4008
+    - web: https://access.redhat.com/errata/RHSA-2024:4486
     - web: https://access.redhat.com/security/cve/CVE-2024-5154
     - web: https://bugzilla.redhat.com/show_bug.cgi?id=2280190
 source:
     id: GHSA-j9hf-98c3-wrm8
-    created: 2024-06-26T14:09:29.772592-04:00
+    created: 2024-08-16T16:52:16.811502-04:00
 review_status: UNREVIEWED

data/reports/GO-2024-2922.yaml

@@ -14,15 +14,6 @@ cves:
     - CVE-2024-37307
 ghsas:
     - GHSA-wh78-7948-358j
-unknown_aliases:
-    - BIT-cilium-2024-37307
-    - BIT-cilium-operator-2024-37307
-    - BIT-hubble-2024-37307
-    - CGA-8w6w-3p6g-f399
-    - CGA-p2fw-jcxq-g6wg
-    - CGA-p8cv-xfxg-fg8f
-    - CGA-pqp4-rcvv-jvgj
-    - CGA-qm9x-3p47-5whw
 references:
     - advisory: https://github.com/cilium/cilium/security/advisories/GHSA-wh78-7948-358j
     - advisory: https://nvd.nist.gov/vuln/detail/CVE-2024-37307
@@ -34,5 +25,5 @@ references:
     - fix: https://github.com/cilium/cilium/commit/bf9a1ae1b2d2b2c9cca329d7aa96aa4858032a61
 source:
     id: GHSA-wh78-7948-358j
-    created: 2024-06-26T14:09:36.703033-04:00
+    created: 2024-08-16T16:52:27.559295-04:00
 review_status: UNREVIEWED

data/reports/GO-2024-2939.yaml

@@ -9,13 +9,11 @@ cves:
     - CVE-2024-38361
 ghsas:
     - GHSA-grjv-gjgr-66g2
-unknown_aliases:
-    - CGA-pfrr-qxjv-xmf4
 references:
     - advisory: https://github.com/authzed/spicedb/security/advisories/GHSA-grjv-gjgr-66g2
     - advisory: https://nvd.nist.gov/vuln/detail/CVE-2024-38361
     - fix: https://github.com/authzed/spicedb/commit/ecef31d2b266fde17eb2c3415e2ec4ceff96fbeb
 source:
     id: GHSA-grjv-gjgr-66g2
-    created: 2024-06-27T15:53:47.71938-04:00
+    created: 2024-08-16T16:54:38.621859-04:00
 review_status: UNREVIEWED

data/reports/GO-2024-2941.yaml

@@ -13,9 +13,6 @@ modules:
 summary: 'ACME DNS: Azure Identity Libraries Elevation of Privilege Vulnerability in github.com/traefik/traefik'
 ghsas:
     - GHSA-rvj4-q8q5-8grf
-unknown_aliases:
-    - CGA-p2qq-w8qw-6vjp
-    - CGA-r7v2-xp2f-mjxf
 references:
     - advisory: https://github.com/traefik/traefik/security/advisories/GHSA-rvj4-q8q5-8grf
     - web: https://github.com/traefik/traefik/releases/tag/v2.11.5
@@ -23,5 +20,5 @@ references:
     - web: https://nvd.nist.gov/vuln/detail/CVE-2024-35255
 source:
     id: GHSA-rvj4-q8q5-8grf
-    created: 2024-06-27T15:53:39.605336-04:00
+    created: 2024-08-16T16:54:44.853096-04:00
 review_status: UNREVIEWED

data/reports/GO-2024-2972.yaml

@@ -12,8 +12,9 @@ ghsas:
 references:
     - advisory: https://github.com/advisories/GHSA-8mm6-wmpp-mmm3
     - advisory: https://nvd.nist.gov/vuln/detail/CVE-2024-39933
+    - web: https://github.com/gogs/gogs/releases
     - web: https://www.sonarsource.com/blog/securing-developer-tools-unpatched-code-vulnerabilities-in-gogs-1
 source:
     id: GHSA-8mm6-wmpp-mmm3
-    created: 2024-07-08T13:24:01.718651-04:00
+    created: 2024-08-16T16:55:05.50907-04:00
 review_status: UNREVIEWED

data/reports/GO-2024-2981.yaml

@@ -9,12 +9,12 @@ cves:
 ghsas:
     - GHSA-5248-h45p-9pgw
 references:
-    - advisory: https://github.com/openclarity/kubeclarity/security/advisories/GHSA-5248-h45p-9pgw
+    - advisory: https://nvd.nist.gov/vuln/detail/CVE-2024-39909
     - web: https://github.com/openclarity/kubeclarity/blob/main/backend/pkg/database/id_view.go#L79
     - web: https://github.com/openclarity/kubeclarity/commit/1d1178840703a72d9082b7fc4aea0a3326c5d294
 notes:
     - fix: 'github.com/openclarity/kubeclarity/backend: could not add vulnerable_at: cannot auto-guess when fixed version is 0.0.0 pseudo-version'
 source:
     id: GHSA-5248-h45p-9pgw
-    created: 2024-07-12T16:33:34.102123356Z
+    created: 2024-08-16T16:55:23.63598-04:00
 review_status: UNREVIEWED

data/reports/GO-2024-2987.yaml

@@ -12,11 +12,13 @@ references:
     - advisory: https://github.com/advisories/GHSA-w799-v85j-88pg
     - advisory: https://nvd.nist.gov/vuln/detail/CVE-2024-6535
     - fix: https://github.com/skupperproject/skupper/commit/d2cb3782e807853694ee66b6e3d4a1917485eb71
+    - web: https://access.redhat.com/errata/RHSA-2024:4865
+    - web: https://access.redhat.com/errata/RHSA-2024:4871
     - web: https://access.redhat.com/security/cve/CVE-2024-6535
     - web: https://bugzilla.redhat.com/show_bug.cgi?id=2296024
 notes:
     - fix: 'github.com/skupperproject/skupper: could not add vulnerable_at: cannot auto-guess when fixed version is 0.0.0 pseudo-version'
 source:
     id: GHSA-w799-v85j-88pg
-    created: 2024-07-18T16:18:19.770441-04:00
+    created: 2024-08-16T16:55:30.189411-04:00
 review_status: UNREVIEWED