Closed
Description
Hi, thank you for the great database!
Looks like the current JSON API is missing module names. For example, the following YAML file includes the module name as well as the package name.
module: github.com/bytom/bytom
package: github.com/bytom/bytom/p2p/discover
vulndb/reports/GO-2021-0079.yaml
Line 1 in e0c00fa
On the other hand, the API doesn't include it.
$ curl https://storage.googleapis.com/go-vulndb/github.com/bytom/bytom/p2p/discover.json | jq .
[
{
"ID": "GO-2021-0079",
"Published": "2021-04-14T12:00:00Z",
"Modified": "2021-04-14T12:00:00Z",
"Withdrawn": null,
"Aliases": [
"CVE-2018-18206"
],
"Package": {
"Name": "github.com/bytom/bytom/p2p/discover",
"Ecosystem": "go"
},
"Details": "A malformed query can cause an out-of-bounds panic due to improper\nvalidation of arguments. If processing queries from untrusted\nparties, this may be used as a vector for denial of service\nattacks.\n",
"Affects": {
"Ranges": [
{
"Type": 2,
"Introduced": "",
"Fixed": "v1.0.4-0.20180831054840-1ac3c8ac4f2b"
}
]
},
"References": [
{
"Type": "code review",
"URL": "https://github.com/Bytom/bytom/pull/1307"
},
{
"Type": "fix",
"URL": "https://github.com/Bytom/bytom/commit/1ac3c8ac4f2b1e1df9675228290bda6b9586ba42"
}
],
"Extra": {
"Go": {
"Symbols": [
"Network.checkTopicRegister"
],
"URL": "https://go.googlesource.com/vulndb/+/refs/heads/main/reports/GO-2021-0079.toml"
}
}
}
]
Is it possible to include it?
Metadata
Metadata
Assignees
Labels
No labels