golang
diff --git a/‎data/osv/GO-2025-3459.json
+47 b/‎data/osv/GO-2025-3459.json
+47
diff --git a/‎data/osv/GO-2025-3460.json
+49 b/‎data/osv/GO-2025-3460.json
+49
diff --git a/‎data/osv/GO-2025-3461.json
+52 b/‎data/osv/GO-2025-3461.json
+52
diff --git a/‎data/osv/GO-2025-3465.json
+78 b/‎data/osv/GO-2025-3465.json
+78
diff --git a/‎data/osv/GO-2025-3466.json
+53 b/‎data/osv/GO-2025-3466.json
+53
diff --git a/‎data/osv/GO-2025-3467.json
+73 b/‎data/osv/GO-2025-3467.json
+73
@@ -0,0 +1,47 @@
+{
+  "schema_version": "1.3.1",
+  "id": "GO-2025-3459",
+  "modified": "0001-01-01T00:00:00Z",
+  "published": "0001-01-01T00:00:00Z",
+  "aliases": [
+    "CVE-2025-24016"
+  ],
+  "summary": "Remote code execution in Wazuh server in github.com/wazuh/wazuh",
+  "details": "Remote code execution in Wazuh server in github.com/wazuh/wazuh",
+  "affected": [
+    {
+      "package": {
+        "name": "github.com/wazuh/wazuh",
+        "ecosystem": "Go"
+      },
+      "ranges": [
+        {
+          "type": "SEMVER",
+          "events": [
+            {
+              "introduced": "4.4.0+incompatible"
+            },
+            {
+              "fixed": "4.9.1+incompatible"
+            }
+          ]
+        }
+      ],
+      "ecosystem_specific": {}
+    }
+  ],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24016"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/wazuh/wazuh/security/advisories/GHSA-hcrc-79hj-m3qh"
+    }
+  ],
+  "database_specific": {
+    "url": "https://pkg.go.dev/vuln/GO-2025-3459",
+    "review_status": "UNREVIEWED"
+  }
+}
@@ -0,0 +1,49 @@
+{
+  "schema_version": "1.3.1",
+  "id": "GO-2025-3460",
+  "modified": "0001-01-01T00:00:00Z",
+  "published": "0001-01-01T00:00:00Z",
+  "aliases": [
+    "CVE-2025-24976",
+    "GHSA-phw4-mc57-4hwc"
+  ],
+  "summary": "Distribution's token authentication allows attacker to inject an untrusted signing key in a JWT in github.com/distribution/distribution",
+  "details": "Distribution's token authentication allows attacker to inject an untrusted signing key in a JWT in github.com/distribution/distribution",
+  "affected": [
+    {
+      "package": {
+        "name": "github.com/distribution/distribution",
+        "ecosystem": "Go"
+      },
+      "ranges": [
+        {
+          "type": "SEMVER",
+          "events": [
+            {
+              "introduced": "0"
+            }
+          ]
+        }
+      ],
+      "ecosystem_specific": {}
+    }
+  ],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://github.com/distribution/distribution/security/advisories/GHSA-phw4-mc57-4hwc"
+    },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-24976"
+    },
+    {
+      "type": "FIX",
+      "url": "https://github.com/distribution/distribution/commit/5ea9aa028db65ca5665f6af2c20ecf9dc34e5fcd"
+    }
+  ],
+  "database_specific": {
+    "url": "https://pkg.go.dev/vuln/GO-2025-3460",
+    "review_status": "UNREVIEWED"
+  }
+}
@@ -0,0 +1,52 @@
+{
+  "schema_version": "1.3.1",
+  "id": "GO-2025-3461",
+  "modified": "0001-01-01T00:00:00Z",
+  "published": "0001-01-01T00:00:00Z",
+  "aliases": [
+    "CVE-2025-25199",
+    "GHSA-29c6-3hcj-89cf"
+  ],
+  "summary": "go-crypto-winnative BCryptGenerateSymmetricKey memory leak in github.com/microsoft/go-crypto-winnative",
+  "details": "go-crypto-winnative BCryptGenerateSymmetricKey memory leak in github.com/microsoft/go-crypto-winnative",
+  "affected": [
+    {
+      "package": {
+        "name": "github.com/microsoft/go-crypto-winnative",
+        "ecosystem": "Go"
+      },
+      "ranges": [
+        {
+          "type": "SEMVER",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "fixed": "0.0.0-20250211154640-f49c8e1379ea"
+            }
+          ]
+        }
+      ],
+      "ecosystem_specific": {}
+    }
+  ],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://github.com/microsoft/go-crypto-winnative/security/advisories/GHSA-29c6-3hcj-89cf"
+    },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-25199"
+    },
+    {
+      "type": "FIX",
+      "url": "https://github.com/microsoft/go-crypto-winnative/commit/f49c8e1379ea4b147d5bff1b3be5b0ff45792e41"
+    }
+  ],
+  "database_specific": {
+    "url": "https://pkg.go.dev/vuln/GO-2025-3461",
+    "review_status": "UNREVIEWED"
+  }
+}
@@ -0,0 +1,78 @@
+{
+  "schema_version": "1.3.1",
+  "id": "GO-2025-3465",
+  "modified": "0001-01-01T00:00:00Z",
+  "published": "0001-01-01T00:00:00Z",
+  "aliases": [
+    "CVE-2025-0426",
+    "GHSA-jgfp-53c3-624w"
+  ],
+  "summary": "Node Denial of Service via kubelet Checkpoint API in k8s.io/kubernetes",
+  "details": "Node Denial of Service via kubelet Checkpoint API in k8s.io/kubernetes",
+  "affected": [
+    {
+      "package": {
+        "name": "k8s.io/kubernetes",
+        "ecosystem": "Go"
+      },
+      "ranges": [
+        {
+          "type": "SEMVER",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "fixed": "1.29.14"
+            },
+            {
+              "introduced": "1.30.0"
+            },
+            {
+              "fixed": "1.30.10"
+            },
+            {
+              "introduced": "1.31.0"
+            },
+            {
+              "fixed": "1.31.6"
+            },
+            {
+              "introduced": "1.32.0"
+            },
+            {
+              "fixed": "1.32.2"
+            }
+          ]
+        }
+      ],
+      "ecosystem_specific": {}
+    }
+  ],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://github.com/advisories/GHSA-jgfp-53c3-624w"
+    },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0426"
+    },
+    {
+      "type": "WEB",
+      "url": "http://www.openwall.com/lists/oss-security/2025/02/13/1"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/kubernetes/kubernetes/issues/130016"
+    },
+    {
+      "type": "WEB",
+      "url": "https://groups.google.com/g/kubernetes-security-announce/c/KiODfu8i6w8"
+    }
+  ],
+  "database_specific": {
+    "url": "https://pkg.go.dev/vuln/GO-2025-3465",
+    "review_status": "UNREVIEWED"
+  }
+}
@@ -0,0 +1,53 @@
+{
+  "schema_version": "1.3.1",
+  "id": "GO-2025-3466",
+  "modified": "0001-01-01T00:00:00Z",
+  "published": "0001-01-01T00:00:00Z",
+  "aliases": [
+    "CVE-2024-57603",
+    "GHSA-772m-773g-qmhc"
+  ],
+  "summary": "Missing rate limit in MaysWind ezBookkeeping in github.com/mayswind/ezbookkeeping",
+  "details": "Missing rate limit in MaysWind ezBookkeeping in github.com/mayswind/ezbookkeeping",
+  "affected": [
+    {
+      "package": {
+        "name": "github.com/mayswind/ezbookkeeping",
+        "ecosystem": "Go"
+      },
+      "ranges": [
+        {
+          "type": "SEMVER",
+          "events": [
+            {
+              "introduced": "0"
+            }
+          ]
+        }
+      ],
+      "ecosystem_specific": {}
+    }
+  ],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://github.com/advisories/GHSA-772m-773g-qmhc"
+    },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-57603"
+    },
+    {
+      "type": "REPORT",
+      "url": "https://github.com/mayswind/ezbookkeeping/issues/33"
+    },
+    {
+      "type": "WEB",
+      "url": "https://hkohi.ca/vulnerability/1"
+    }
+  ],
+  "database_specific": {
+    "url": "https://pkg.go.dev/vuln/GO-2025-3466",
+    "review_status": "UNREVIEWED"
+  }
+}
@@ -0,0 +1,73 @@
+{
+  "schema_version": "1.3.1",
+  "id": "GO-2025-3467",
+  "modified": "0001-01-01T00:00:00Z",
+  "published": "0001-01-01T00:00:00Z",
+  "aliases": [
+    "CVE-2025-25204",
+    "GHSA-fgw4-v983-mgp8"
+  ],
+  "summary": "`gh attestation verify` returns incorrect exit code during verification if no attestations are present in github.com/cli/cli",
+  "details": "`gh attestation verify` returns incorrect exit code during verification if no attestations are present in github.com/cli/cli",
+  "affected": [
+    {
+      "package": {
+        "name": "github.com/cli/cli",
+        "ecosystem": "Go"
+      },
+      "ranges": [
+        {
+          "type": "SEMVER",
+          "events": [
+            {
+              "introduced": "0"
+            }
+          ]
+        }
+      ],
+      "ecosystem_specific": {}
+    },
+    {
+      "package": {
+        "name": "github.com/cli/cli/v2",
+        "ecosystem": "Go"
+      },
+      "ranges": [
+        {
+          "type": "SEMVER",
+          "events": [
+            {
+              "introduced": "2.49.0"
+            },
+            {
+              "fixed": "2.67.0"
+            }
+          ]
+        }
+      ],
+      "ecosystem_specific": {}
+    }
+  ],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://github.com/cli/cli/security/advisories/GHSA-fgw4-v983-mgp8"
+    },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-25204"
+    },
+    {
+      "type": "FIX",
+      "url": "https://github.com/cli/cli/pull/10421"
+    },
+    {
+      "type": "REPORT",
+      "url": "https://github.com/cli/cli/issues/10418"
+    }
+  ],
+  "database_specific": {
+    "url": "https://pkg.go.dev/vuln/GO-2025-3467",
+    "review_status": "UNREVIEWED"
+  }
+}