data/reports: unexclude 20 reports (5)

  - data/reports/GO-2023-1700.yaml
  - data/reports/GO-2023-1701.yaml
  - data/reports/GO-2023-1707.yaml
  - data/reports/GO-2023-1708.yaml
  - data/reports/GO-2023-1716.yaml
  - data/reports/GO-2023-1718.yaml
  - data/reports/GO-2023-1719.yaml
  - data/reports/GO-2023-1721.yaml
  - data/reports/GO-2023-1723.yaml
  - data/reports/GO-2023-1730.yaml
  - data/reports/GO-2023-1735.yaml
  - data/reports/GO-2023-1738.yaml
  - data/reports/GO-2023-1747.yaml
  - data/reports/GO-2023-1754.yaml
  - data/reports/GO-2023-1758.yaml
  - data/reports/GO-2023-1761.yaml
  - data/reports/GO-2023-1763.yaml
  - data/reports/GO-2023-1764.yaml
  - data/reports/GO-2023-1768.yaml
  - data/reports/GO-2023-1774.yaml

Updates #1700
Updates #1701
Updates #1707
Updates #1708
Updates #1716
Updates #1718
Updates #1719
Updates #1721
Updates #1723
Updates #1730
Updates #1735
Updates #1738
Updates #1747
Updates #1754
Updates #1758
Updates #1761
Updates #1763
Updates #1764
Updates #1768
Updates #1774

Change-Id: I3fc567427d68e095cc62ea48dc9b284b2414a372
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/606785
Auto-Submit: Tatiana Bradley <tatianabradley@google.com>
Reviewed-by: Damien Neil <dneil@google.com>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>

Author: tatianab

data/excluded/GO-2023-1700.yaml

@@ -0,0 +1,82 @@
+{
+  "schema_version": "1.3.1",
+  "id": "GO-2023-1700",
+  "modified": "0001-01-01T00:00:00Z",
+  "published": "0001-01-01T00:00:00Z",
+  "aliases": [
+    "CVE-2023-28841",
+    "GHSA-33pg-m6jh-5237"
+  ],
+  "summary": "Docker Swarm encrypted overlay network traffic may be unencrypted in github.com/docker/docker",
+  "details": "Docker Swarm encrypted overlay network traffic may be unencrypted in github.com/docker/docker",
+  "affected": [
+    {
+      "package": {
+        "name": "github.com/docker/docker",
+        "ecosystem": "Go"
+      },
+      "ranges": [
+        {
+          "type": "SEMVER",
+          "events": [
+            {
+              "introduced": "1.12.0"
+            },
+            {
+              "fixed": "20.10.24+incompatible"
+            },
+            {
+              "introduced": "23.0.0+incompatible"
+            },
+            {
+              "fixed": "23.0.3+incompatible"
+            }
+          ]
+        }
+      ],
+      "ecosystem_specific": {}
+    }
+  ],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://github.com/moby/moby/security/advisories/GHSA-33pg-m6jh-5237"
+    },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28841"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/moby/libnetwork/blob/d9fae4c73daf76c3b0f77e14b45b8bf612ba764d/drivers/overlay/encryption.go#L205-L207"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/moby/libnetwork/security/advisories/GHSA-gvm4-2qqg-m333"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/moby/moby/issues/43382"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/moby/moby/pull/45118"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/moby/moby/security/advisories/GHSA-232p-vwff-86mp"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/moby/moby/security/advisories/GHSA-6wrf-mxfj-pf5p"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/moby/moby/security/advisories/GHSA-vwm3-crmr-xfxw"
+    }
+  ],
+  "database_specific": {
+    "url": "https://pkg.go.dev/vuln/GO-2023-1700",
+    "review_status": "UNREVIEWED"
+  }
+}

data/excluded/GO-2023-1701.yaml

@@ -0,0 +1,70 @@
+{
+  "schema_version": "1.3.1",
+  "id": "GO-2023-1701",
+  "modified": "0001-01-01T00:00:00Z",
+  "published": "0001-01-01T00:00:00Z",
+  "aliases": [
+    "CVE-2023-28842",
+    "GHSA-6wrf-mxfj-pf5p"
+  ],
+  "summary": "Docker Swarm encrypted overlay network with a single endpoint is unauthenticated in github.com/docker/docker",
+  "details": "Docker Swarm encrypted overlay network with a single endpoint is unauthenticated in github.com/docker/docker",
+  "affected": [
+    {
+      "package": {
+        "name": "github.com/docker/docker",
+        "ecosystem": "Go"
+      },
+      "ranges": [
+        {
+          "type": "SEMVER",
+          "events": [
+            {
+              "introduced": "1.12.0"
+            },
+            {
+              "fixed": "20.10.24+incompatible"
+            },
+            {
+              "introduced": "23.0.0+incompatible"
+            },
+            {
+              "fixed": "23.0.3+incompatible"
+            }
+          ]
+        }
+      ],
+      "ecosystem_specific": {}
+    }
+  ],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://github.com/moby/moby/security/advisories/GHSA-6wrf-mxfj-pf5p"
+    },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28842"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/moby/libnetwork/security/advisories/GHSA-gvm4-2qqg-m333"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/moby/moby/security/advisories/GHSA-232p-vwff-86mp"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/moby/moby/security/advisories/GHSA-33pg-m6jh-5237"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/moby/moby/security/advisories/GHSA-vwm3-crmr-xfxw"
+    }
+  ],
+  "database_specific": {
+    "url": "https://pkg.go.dev/vuln/GO-2023-1701",
+    "review_status": "UNREVIEWED"
+  }
+}

data/excluded/GO-2023-1707.yaml

@@ -0,0 +1,52 @@
+{
+  "schema_version": "1.3.1",
+  "id": "GO-2023-1707",
+  "modified": "0001-01-01T00:00:00Z",
+  "published": "0001-01-01T00:00:00Z",
+  "aliases": [
+    "CVE-2023-1782",
+    "GHSA-f8r8-h93m-mj77"
+  ],
+  "summary": "HashiCorp Nomad vulnerable to unauthenticated client agent HTTP request privilege escalation in github.com/hashicorp/nomad",
+  "details": "HashiCorp Nomad vulnerable to unauthenticated client agent HTTP request privilege escalation in github.com/hashicorp/nomad",
+  "affected": [
+    {
+      "package": {
+        "name": "github.com/hashicorp/nomad",
+        "ecosystem": "Go"
+      },
+      "ranges": [
+        {
+          "type": "SEMVER",
+          "events": [
+            {
+              "introduced": "1.5.0"
+            },
+            {
+              "fixed": "1.5.3"
+            }
+          ]
+        }
+      ],
+      "ecosystem_specific": {}
+    }
+  ],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://github.com/advisories/GHSA-f8r8-h93m-mj77"
+    },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1782"
+    },
+    {
+      "type": "WEB",
+      "url": "https://discuss.hashicorp.com/t/hcsec-2023-12-nomad-unauthenticated-client-agent-http-request-privilege-escalation/52375"
+    }
+  ],
+  "database_specific": {
+    "url": "https://pkg.go.dev/vuln/GO-2023-1707",
+    "review_status": "UNREVIEWED"
+  }
+}