Skip to content

Commit a313b6d

Browse files
osv-robotosv-robot
authored
test: update apitester snapshots (#4800)
The snapshots have changed, probably due to OSV advisories being changed. Please review the differences to make sure that they're expected!
1 parent 23faed2 commit a313b6d

2 files changed

Lines changed: 100 additions & 126 deletions

File tree

tools/apitester/__snapshots__/cassette_batch_query.snap

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -8,6 +8,10 @@
88
"id": "CVE-2021-22569",
99
"modified": "<RFC3339 date with the year 2026>"
1010
},
11+
{
12+
"id": "CVE-2022-1941",
13+
"modified": "<RFC3339 date with the year 2026>"
14+
},
1115
{
1216
"id": "CVE-2022-3171",
1317
"modified": "<RFC3339 date with the year 2026>"

tools/apitester/__snapshots__/cassette_single_query.snap

Lines changed: 96 additions & 126 deletions
Original file line numberDiff line numberDiff line change
@@ -3,124 +3,54 @@
33
{
44
"vulns": [
55
{
6-
"id": "CVE-2016-5131",
7-
"details": "Use-after-free vulnerability in libxml2 through 2.9.4, as used in Google Chrome before 52.0.2743.82, allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to the XPointer range-to function.",
6+
"id": "CVE-2021-45931",
7+
"details": "HarfBuzz 2.9.0 has an out-of-bounds write in hb_bit_set_invertible_t::set (called from hb_sparseset_t\u003chb_bit_set_invertible_t\u003e::set and hb_set_copy).",
88
"modified": "<RFC3339 date with the year 2026>",
9-
"published": "2016-07-23T19:59:13.767Z",
10-
"related": [
11-
"MGASA-2018-0048",
12-
"SUSE-SU-2018:0395-1",
13-
"SUSE-SU-2018:0401-1",
14-
"openSUSE-SU-2016:1868-1",
15-
"openSUSE-SU-2016:1869-1",
16-
"openSUSE-SU-2024:10171-1",
17-
"openSUSE-SU-2024:11340-1",
18-
"openSUSE-SU-2024:11912-1",
19-
"openSUSE-SU-2024:12948-1",
20-
"openSUSE-SU-2024:13165-1",
21-
"openSUSE-SU-2024:14174-1",
22-
"openSUSE-SU-2025:14697-1"
23-
],
9+
"published": "2022-01-01T01:15:08.477Z",
2410
"references": [
2511
{
2612
"type": "WEB",
27-
"url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html"
28-
},
29-
{
30-
"type": "WEB",
31-
"url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00008.html"
32-
},
33-
{
34-
"type": "WEB",
35-
"url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00010.html"
36-
},
37-
{
38-
"type": "WEB",
39-
"url": "http://lists.apple.com/archives/security-announce/2016/Sep/msg00011.html"
40-
},
41-
{
42-
"type": "WEB",
43-
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00020.html"
44-
},
45-
{
46-
"type": "WEB",
47-
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00021.html"
48-
},
49-
{
50-
"type": "WEB",
51-
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00022.html"
52-
},
53-
{
54-
"type": "WEB",
55-
"url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00028.html"
56-
},
57-
{
58-
"type": "WEB",
59-
"url": "http://www.securityfocus.com/bid/92053"
60-
},
61-
{
62-
"type": "WEB",
63-
"url": "http://www.securitytracker.com/id/1036428"
64-
},
65-
{
66-
"type": "WEB",
67-
"url": "http://www.securitytracker.com/id/1038623"
68-
},
69-
{
70-
"type": "WEB",
71-
"url": "https://codereview.chromium.org/2127493002"
72-
},
73-
{
74-
"type": "WEB",
75-
"url": "https://crbug.com/623378"
76-
},
77-
{
78-
"type": "WEB",
79-
"url": "https://source.android.com/security/bulletin/2017-05-01"
80-
},
81-
{
82-
"type": "WEB",
83-
"url": "https://support.apple.com/HT207141"
13+
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4EAIZKL4O67FN2CWJYHYKZEMNYWNWO3D/"
8414
},
8515
{
8616
"type": "WEB",
87-
"url": "https://support.apple.com/HT207142"
17+
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5A7TCR2MY46YK3NHQZB3SLESUH354IEA/"
8818
},
8919
{
9020
"type": "WEB",
91-
"url": "https://support.apple.com/HT207143"
21+
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DI6247WOAKB46CZZ6SCDSJVWWCW3GMZH/"
9222
},
9323
{
94-
"type": "WEB",
95-
"url": "https://support.apple.com/HT207170"
24+
"type": "ADVISORY",
25+
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=37425"
9626
},
9727
{
9828
"type": "ADVISORY",
99-
"url": "http://rhn.redhat.com/errata/RHSA-2016-1485.html"
29+
"url": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/harfbuzz/OSV-2021-1159.yaml"
10030
},
10131
{
10232
"type": "ADVISORY",
103-
"url": "http://www.debian.org/security/2016/dsa-3637"
33+
"url": "https://github.com/harfbuzz/harfbuzz/commit/d3e09bf4654fe5478b6dbf2b26ebab6271317d81"
10434
},
10535
{
10636
"type": "ADVISORY",
107-
"url": "http://www.ubuntu.com/usn/USN-3041-1"
37+
"url": "https://security.gentoo.org/glsa/202209-11"
10838
},
10939
{
110-
"type": "ADVISORY",
111-
"url": "https://security.gentoo.org/glsa/201610-09"
40+
"type": "REPORT",
41+
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=37425"
11242
},
11343
{
114-
"type": "ADVISORY",
115-
"url": "https://security.gentoo.org/glsa/201701-37"
44+
"type": "FIX",
45+
"url": "https://github.com/harfbuzz/harfbuzz/commit/d3e09bf4654fe5478b6dbf2b26ebab6271317d81"
11646
},
11747
{
118-
"type": "REPORT",
119-
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1358641"
48+
"type": "EVIDENCE",
49+
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=37425"
12050
},
12151
{
122-
"type": "ARTICLE",
123-
"url": "http://googlechromereleases.blogspot.com/2016/07/stable-channel-update.html"
52+
"type": "EVIDENCE",
53+
"url": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/harfbuzz/OSV-2021-1159.yaml"
12454
}
12555
],
12656
"affected": [
@@ -132,78 +62,112 @@
13262
"events": [
13363
{
13464
"introduced": "0"
135-
},
65+
}
66+
]
67+
}
68+
],
69+
"database_specific": "<Any value>"
70+
},
71+
{
72+
"ranges": [
73+
{
74+
"type": "GIT",
75+
"repo": "https://github.com/harfbuzz/harfbuzz",
76+
"events": [
13677
{
137-
"fixed": "9c387e20d65a7a366ac270d789f6ad266014c9e0"
78+
"introduced": "0"
13879
},
13980
{
140-
"fixed": "d5261f7234ab072a2aa1758ccfe37372df9927a9"
81+
"fixed": "d3e09bf4654fe5478b6dbf2b26ebab6271317d81"
82+
}
83+
]
84+
}
85+
],
86+
"versions": 138,
87+
"database_specific": "<Any value>"
88+
},
89+
{
90+
"ranges": [
91+
{
92+
"type": "GIT",
93+
"repo": "https://gitlab.com/wireshark/wireshark",
94+
"events": [
95+
{
96+
"introduced": "0"
14197
}
14298
]
14399
}
144100
],
145-
"versions": 139,
146101
"database_specific": "<Any value>"
147102
}
148103
],
149104
"schema_version": "1.7.3",
150105
"severity": [
151106
{
152107
"type": "CVSS_V3",
153-
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
108+
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
154109
}
155110
]
156111
},
157112
{
158-
"id": "CVE-2021-45931",
159-
"details": "HarfBuzz 2.9.0 has an out-of-bounds write in hb_bit_set_invertible_t::set (called from hb_sparseset_t\u003chb_bit_set_invertible_t\u003e::set and hb_set_copy).",
160-
"modified": "<RFC3339 date with the year 2025>",
161-
"published": "2022-01-01T01:15:08.477Z",
113+
"id": "CVE-2022-33068",
114+
"details": "An integer overflow in the component hb-ot-shape-fallback.cc of Harfbuzz v4.3.0 allows attackers to cause a Denial of Service (DoS) via unspecified vectors.",
115+
"aliases": [
116+
"ROOT-OS-DEBIAN-11-CVE-2022-33068",
117+
"ROOT-OS-DEBIAN-bullseye-CVE-2022-33068"
118+
],
119+
"modified": "<RFC3339 date with the year 2026>",
120+
"published": "2022-06-23T17:15:14.350Z",
121+
"related": [
122+
"ALSA-2022:8384",
123+
"SUSE-SU-2022:2663-1",
124+
"SUSE-SU-2022:2664-1",
125+
"openSUSE-SU-2022:2663-1",
126+
"openSUSE-SU-2024:12168-1"
127+
],
162128
"references": [
163129
{
164130
"type": "WEB",
165-
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4EAIZKL4O67FN2CWJYHYKZEMNYWNWO3D/"
131+
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FQBJ24W6TXLSAQWCFW7IBGUMX4AJI3S4/"
166132
},
167133
{
168134
"type": "WEB",
169-
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5A7TCR2MY46YK3NHQZB3SLESUH354IEA/"
135+
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QQMEXOVDL3T2UXKBCON7JSOCE646G7HG/"
170136
},
171137
{
172138
"type": "WEB",
173-
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DI6247WOAKB46CZZ6SCDSJVWWCW3GMZH/"
139+
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W56WTC5IY4EIUHVUIHMCXA3BSBZLSZCI/"
174140
},
175141
{
176-
"type": "EVIDENCE",
177-
"url": "https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=37425"
142+
"type": "ADVISORY",
143+
"url": "https://github.com/harfbuzz/harfbuzz/commit/62e803b36173fd096d7ad460dd1d1db9be542593"
178144
},
179145
{
180-
"type": "EVIDENCE",
181-
"url": "https://github.com/google/oss-fuzz-vulns/blob/main/vulns/harfbuzz/OSV-2021-1159.yaml"
146+
"type": "ADVISORY",
147+
"url": "https://github.com/harfbuzz/harfbuzz/issues/3557"
148+
},
149+
{
150+
"type": "ADVISORY",
151+
"url": "https://security.gentoo.org/glsa/202209-11"
152+
},
153+
{
154+
"type": "REPORT",
155+
"url": "https://github.com/harfbuzz/harfbuzz/issues/3557"
182156
},
183157
{
184158
"type": "FIX",
185-
"url": "https://github.com/harfbuzz/harfbuzz/commit/d3e09bf4654fe5478b6dbf2b26ebab6271317d81"
159+
"url": "https://github.com/harfbuzz/harfbuzz/commit/62e803b36173fd096d7ad460dd1d1db9be542593"
186160
},
187161
{
188-
"type": "ADVISORY",
189-
"url": "https://security.gentoo.org/glsa/202209-11"
162+
"type": "FIX",
163+
"url": "https://github.com/harfbuzz/harfbuzz/issues/3557"
164+
},
165+
{
166+
"type": "EVIDENCE",
167+
"url": "https://github.com/harfbuzz/harfbuzz/issues/3557"
190168
}
191169
],
192170
"affected": [
193-
{
194-
"ranges": [
195-
{
196-
"type": "GIT",
197-
"repo": "https://github.com/behdad/harfbuzz",
198-
"events": [
199-
{
200-
"introduced": "0"
201-
}
202-
]
203-
}
204-
],
205-
"database_specific": "<Any value>"
206-
},
207171
{
208172
"ranges": [
209173
{
@@ -214,20 +178,20 @@
214178
"introduced": "0"
215179
},
216180
{
217-
"fixed": "d3e09bf4654fe5478b6dbf2b26ebab6271317d81"
181+
"fixed": "62e803b36173fd096d7ad460dd1d1db9be542593"
218182
}
219183
]
220184
}
221185
],
222-
"versions": 138,
186+
"versions": 154,
223187
"database_specific": "<Any value>"
224188
}
225189
],
226190
"schema_version": "1.7.3",
227191
"severity": [
228192
{
229193
"type": "CVSS_V3",
230-
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
194+
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"
231195
}
232196
]
233197
},
@@ -1983,11 +1947,17 @@
19831947
"type": "GIT",
19841948
"repo": "https://github.com/curl/curl",
19851949
"events": [
1950+
{
1951+
"introduced": "0"
1952+
},
1953+
{
1954+
"fixed": "27959ecce75cdb2809c0bdb3286e60e08fadb519"
1955+
},
19861956
{
19871957
"introduced": "70812c2f32fc5734bcbbe572b9f61c380433ad6a"
19881958
},
19891959
{
1990-
"fixed": "83bedbd730d62b83744cc26fa0433d3f6e2e4cd6"
1960+
"fixed": "27959ecce75cdb2809c0bdb3286e60e08fadb519"
19911961
}
19921962
]
19931963
}

0 commit comments

Comments
 (0)