Skip to content

Import data from OSS-Fuzz#897

Merged
TG1999 merged 1 commit intoaboutcode-org:mainfrom
ziadhany:oss-fuzz
Nov 12, 2023
Merged

Import data from OSS-Fuzz#897
TG1999 merged 1 commit intoaboutcode-org:mainfrom
ziadhany:oss-fuzz

Conversation

@ziadhany
Copy link
Copy Markdown
Collaborator

@ziadhany ziadhany commented Sep 4, 2022

using osv format #780 but we need to add support for oss-fuzz version , version range in univers and edit get_fixed_version

@TG1999
Copy link
Copy Markdown
Contributor

TG1999 commented Nov 18, 2022

@ziadhany please rebase your branch and add tests for oss-fuzz

@ziadhany
Copy link
Copy Markdown
Collaborator Author

ziadhany commented Nov 20, 2022

@ziadhany please rebase your branch and add tests for oss-fuzz

I think we need to add Git Version/Version range aboutcode-org/univers#85 before merge this .

@TG1999
Copy link
Copy Markdown
Contributor

TG1999 commented Nov 21, 2022

@ziadhany does this importer only give Git Version/Version range ? In case it doesn't we can skip over the git version/ version range for now ( add a follow up issue for same in VCIO ) and ingest the rest of the data.

@ziadhany
Copy link
Copy Markdown
Collaborator Author

ziadhany commented Dec 4, 2022

@ziadhany does this importer only give Git Version/Version range ? In case it doesn't we can skip over the git version/ version range for now ( add a follow up issue for same in VCIO ) and ingest the rest of the data.

Most of the data uses the git version, and there are rare cases that use both versions like this :
https://github.com/google/oss-fuzz-vulns/blob/62c05499f6c77a6abf8ad1e84f252b0d1119f1d8/vulns/fluent-bit/OSV-2020-2017.yaml

https://github.com/google/oss-fuzz-vulns/search?p=1&q=fixed

@TG1999
Copy link
Copy Markdown
Contributor

TG1999 commented Dec 4, 2022

@ziadhany let's ingest the data where we can get versions that are parsable by univers for now and add a follow up issue to ingest git versions from OSS-Fuzz.

@ziadhany ziadhany mentioned this pull request Dec 6, 2022
Closed
@pombredanne pombredanne added this to the v32.0.0 milestone Dec 8, 2022
@TG1999
Copy link
Copy Markdown
Contributor

TG1999 commented Dec 14, 2022

@ziadhany please run the importer and improver on this and provide the logs for same.

@ziadhany
Copy link
Copy Markdown
Collaborator Author

ziadhany commented Dec 17, 2022

@ziadhany please run the importer and improver on this and provide the logs for same.

A lot of logs like this and the importer add just 2617 row in vulnerabilities_advisory table .
...

Unsupported fixed version type: '47e220942dfc68de777b91db1c2b3e81d0275e1b' for OSV id: 'OSV-2021-1724'
Unsupported package type: PackageURL(type='generic', namespace=None, name='ghostscript', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-80'
Invalid VersionRange  for affected_pkg: {'package': {'name': 'ghostscript', 'ecosystem': 'OSS-Fuzz'}, 'ranges': [{'type': 'GIT', 'repo': 'git://git.ghostscript.com/ghostpdl.git', 'events': [{'introduced': '75fbddf52051987287e62d13c659eb73ba16982f'}, {'fixed': '0c4e9f7312637d512fec2b806570bfbea9da1aff'}]}], 'versions': ['ghostpdl-9.56.0-test-base-2'], 'ecosystem_specific': {'severity': 'HIGH'}} for OSV id: 'OSV-2021-1694': error:KeyError('oss-fuzz')
Unsupported fixed version type: '0c4e9f7312637d512fec2b806570bfbea9da1aff' for OSV id: 'OSV-2021-1694'
Invalid VersionRange  for affected_pkg: {'package': {'name': 'ghostscript', 'ecosystem': 'OSS-Fuzz'}, 'ranges': [{'type': 'GIT', 'repo': 'git://git.ghostscript.com/ghostpdl.git', 'events': [{'introduced': '75fbddf52051987287e62d13c659eb73ba16982f'}, {'fixed': '20face1eeb418935307731d4e2e4bada028c7ba7'}]}], 'versions': ['ghostpdl-9.56.0-test-base-2', 'ghostpdl-9.56.0-test-base-3', 'ghostpdl-9.56.0-test-base-4'], 'ecosystem_specific': {'severity': 'MEDIUM'}} for OSV id: 'OSV-2021-1774': error:KeyError('oss-fuzz')
Unsupported fixed version type: '20face1eeb418935307731d4e2e4bada028c7ba7' for OSV id: 'OSV-2021-1774'
Unsupported package type: PackageURL(type='generic', namespace=None, name='ghostscript', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-102'
Unsupported package type: PackageURL(type='generic', namespace=None, name='ghostscript', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-1208'
Invalid VersionRange  for affected_pkg: {'package': {'name': 'ghostscript', 'ecosystem': 'OSS-Fuzz'}, 'ranges': [{'type': 'GIT', 'repo': 'git://git.ghostscript.com/ghostpdl.git', 'events': [{'introduced': '75fbddf52051987287e62d13c659eb73ba16982f'}, {'fixed': '632230836e6a5aa347c037a66f478d752b62242a'}]}], 'versions': ['ghostpdl-9.56.0-test-base-2'], 'ecosystem_specific': {'severity': 'MEDIUM'}} for OSV id: 'OSV-2021-1685': error:KeyError('oss-fuzz')
Unsupported fixed version type: '632230836e6a5aa347c037a66f478d752b62242a' for OSV id: 'OSV-2021-1685'
Unsupported package type: PackageURL(type='generic', namespace=None, name='ghostscript', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-1097'
Unsupported fixed version type: '4107288ebb23d418ff5c1a9d40c48a4f00950193' for OSV id: 'OSV-2021-1715'
Unsupported package type: PackageURL(type='generic', namespace=None, name='ghostscript', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-429'
Unsupported fixed version type: '0ae681ab1fd3475995418d00da1ccfe374f069cc' for OSV id: 'OSV-2020-1877'
Unsupported package type: PackageURL(type='generic', namespace=None, name='ghostscript', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-736'
Invalid VersionRange  for affected_pkg: {'package': {'name': 'ghostscript', 'ecosystem': 'OSS-Fuzz'}, 'ranges': [{'type': 'GIT', 'repo': 'git://git.ghostscript.com/ghostpdl.git', 'events': [{'introduced': '45e765e59a45b46dcb05e8c729689a7c0574a48c'}, {'fixed': '2a3129365d3bc0d4a41f107ef175920d1505d1f7'}]}], 'versions': ['ghostpdl-9.28rc1', 'ghostpdl-9.28rc2', 'ghostpdl-9.28rc3', 'ghostpdl-9.28rc4', 'ghostpdl-9.50', 'ghostpdl-9.51', 'ghostpdl-9.51rc1', 'ghostpdl-9.51rc2', 'ghostpdl-9.51rc2_test', 'ghostpdl-9.51rc2_test2', 'ghostpdl-9.51rc3', 'ghostpdl-9.52', 'ghostpdl-9.52-test-base-1', 'ghostpdl-9.52-test-base-2', 'ghostpdl-9.52-test-base-3', 'ghostpdl-9.52-test-base-4', 'ghostpdl-9.52-test-base-5', 'ghostpdl-9.52-test-base-6', 'ghostpdl-9.52.1', 'ghostpdl-9.53.0', 'ghostpdl-9.53.0-test-base-0', 'ghostpdl-9.53.0rc1', 'ghostpdl-9.53.0rc2', 'ghostpdl-9.53.1', 'ghostpdl-9.53.2', 'ghostpdl-9.53.3', 'ghostpdl-9.54.0', 'ghostpdl-9.54.0-test-base-0', 'ghostpdl-9.54.0rc1', 'ghostpdl-9.54.0rc1_test', 'ghostpdl-9.54.0rc1_test_002', 'ghostscript-9.50', 'ghostscript-9.51', 'ghostscript-9.52', 'gpdf_alpha1', 'gpdf_gs_text_filter_000', 'gpdf_gs_text_filter_001', 'gpdf_gs_text_filter_002', 'gpdf_gs_text_filter_003', 'gpdf_gs_text_filter_004', 'gpdf_gs_text_filter_005', 'gpdf_gs_text_filter_006', 'gpdf_gs_text_filter_007', 'gpdf_gs_text_filter_008', 'gpdf_gs_text_filter_009', 'gpdf_gs_text_filter_010', 'gpdf_gs_text_filter_011', 'gpdf_gs_text_filter_012', 'gpdf_gs_text_filter_013', 'gpdf_gs_text_filter_014', 'gpdf_gs_text_filter_015', 'gpdf_gs_text_filter_016', 'gpdf_gs_text_filter_017', 'gpdf_gs_text_filter_018', 'gpdf_gs_text_filter_019', 'gpdf_gs_text_filter_020', 'gpdf_gs_text_filter_021', 'gpdf_gs_text_filter_022', 'gpdf_gs_text_filter_023', 'gpdf_gs_text_filter_024', 'gpdf_gs_text_filter_025', 'gpdf_gs_text_filter_026', 'gpdf_gs_text_filter_027', 'gpdf_gs_text_filter_028', 'gpdf_gs_text_filter_029', 'gpdf_gs_text_filter_030', 'gs9.28-temp-for-testing-tag', 'rjj_9.53.2_test', 'robin_test_ref', 'robin_test_rev'], 'ecosystem_specific': {'introduced_range': 'f209fb3a0f50cd0a9974d8627a4ac7f358f60c8a:470897e484fb0bfaa8553e0ccd5b9db91eda008b', 'severity': 'HIGH'}} for OSV id: 'OSV-2021-803': error:KeyError('oss-fuzz')
Unsupported fixed version type: '2a3129365d3bc0d4a41f107ef175920d1505d1f7' for OSV id: 'OSV-2021-803'
Invalid VersionRange  for affected_pkg: {'package': {'name': 'ghostscript', 'ecosystem': 'OSS-Fuzz'}, 'ranges': [{'type': 'GIT', 'repo': 'git://git.ghostscript.com/ghostpdl.git', 'events': [{'introduced': '31e249d5cbd561d76dd2149ceee5fe3a2d84d658'}, {'fixed': '067d47b5efa3631ac58a62916136ad21cd9017df'}]}], 'versions': ['ghostpdl-9.56.0-test-base-3', 'ghostpdl-9.56.0-test-base-4'], 'ecosystem_specific': {'severity': 'null'}} for OSV id: 'OSV-2021-1788': error:KeyError('oss-fuzz')
Unsupported fixed version type: '067d47b5efa3631ac58a62916136ad21cd9017df' for OSV id: 'OSV-2021-1788'
Invalid VersionRange  for affected_pkg: {'package': {'name': 'ghostscript', 'ecosystem': 'OSS-Fuzz'}, 'ranges': [{'type': 'GIT', 'repo': 'git://git.ghostscript.com/ghostpdl.git', 'events': [{'introduced': '2be8b436910cfc8b013a13df000c3c854cf3c5c5'}, {'fixed': '067d47b5efa3631ac58a62916136ad21cd9017df'}]}], 'versions': ['ghostpdl-9.56.0-test-base-3', 'ghostpdl-9.56.0-test-base-4'], 'ecosystem_specific': {'severity': 'MEDIUM'}} for OSV id: 'OSV-2021-1752': error:KeyError('oss-fuzz')
Unsupported fixed version type: '067d47b5efa3631ac58a62916136ad21cd9017df' for OSV id: 'OSV-2021-1752'
Unsupported package type: PackageURL(type='generic', namespace=None, name='ghostscript', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-270'
Unsupported package type: PackageURL(type='generic', namespace=None, name='ghostscript', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-271'
Unsupported package type: PackageURL(type='generic', namespace=None, name='ghostscript', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-686'
Unsupported fixed version type: 'd12d2085b5bd08ca1e813d97f3f7f7e630e791a0' for OSV id: 'OSV-2020-1880'
Unsupported fixed version type: 'a464804e35809e6bacee025accc25eecd246f9a4' for OSV id: 'OSV-2020-1880'
Unsupported package type: PackageURL(type='generic', namespace=None, name='ghostscript', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-496'
Unsupported package type: PackageURL(type='generic', namespace=None, name='ghostscript', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-1021'
Unsupported fixed version type: '007b9aefb3f7d67001edf43976b0e58de215be0a' for OSV id: 'OSV-2021-1706'
Unsupported fixed version type: '20610dc28ee3cf7e64ad46f11e9b96fb3befba00' for OSV id: 'OSV-2021-668'
Invalid VersionRange  for affected_pkg: {'package': {'name': 'ghostscript', 'ecosystem': 'OSS-Fuzz'}, 'ranges': [{'type': 'GIT', 'repo': 'git://git.ghostscript.com/ghostpdl.git', 'events': [{'introduced': '866d8b4b104e2dcbd8352cf86edff28bbf9ad165'}, {'fixed': '07cfc24d532beadf23d50effa3b8a0bca45b849d'}]}], 'versions': ['ghostpdl-9.56.0-test-base-3'], 'ecosystem_specific': {'severity': 'HIGH'}} for OSV id: 'OSV-2021-1741': error:KeyError('oss-fuzz')
Unsupported fixed version type: '07cfc24d532beadf23d50effa3b8a0bca45b849d' for OSV id: 'OSV-2021-1741'
Invalid VersionRange  for affected_pkg: {'package': {'name': 'ghostscript', 'ecosystem': 'OSS-Fuzz'}, 'ranges': [{'type': 'GIT', 'repo': 'git://git.ghostscript.com/ghostpdl.git', 'events': [{'introduced': '75fbddf52051987287e62d13c659eb73ba16982f'}, {'fixed': 'b0e070917438341e342000928ff35aacba0d95fa'}]}], 'versions': ['ghostpdl-9.56.0-test-base-2', 'ghostpdl-9.56.0-test-base-3', 'ghostpdl-9.56.0-test-base-4'], 'ecosystem_specific': {'severity': 'MEDIUM'}} for OSV id: 'OSV-2021-1717': error:KeyError('oss-fuzz')
Unsupported fixed version type: 'b0e070917438341e342000928ff35aacba0d95fa' for OSV id: 'OSV-2021-1717'
Unsupported package type: PackageURL(type='generic', namespace=None, name='ghostscript', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-53'
Unsupported package type: PackageURL(type='generic', namespace=None, name='ghostscript', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-821'
Unsupported package type: PackageURL(type='generic', namespace=None, name='ghostscript', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-949'
Invalid VersionRange  for affected_pkg: {'package': {'name': 'ghostscript', 'ecosystem': 'OSS-Fuzz'}, 'ranges': [{'type': 'GIT', 'repo': 'git://git.ghostscript.com/ghostpdl.git', 'events': [{'introduced': '668917a10e7eada030f7d2dddec9f579fddeed3d'}, {'fixed': '889df15d7c69e1fc90c6491f574352cacf9bc065'}]}], 'versions': ['ghostpdl-9.52-test-base-3', 'ghostpdl-9.52-test-base-4', 'ghostpdl-9.52-test-base-5', 'ghostpdl-9.52-test-base-6'], 'ecosystem_specific': {'severity': 'MEDIUM', 'introduced_range': 'unknown:668917a10e7eada030f7d2dddec9f579fddeed3d'}} for OSV id: 'OSV-2020-1874': error:KeyError('oss-fuzz')
Unsupported fixed version type: '889df15d7c69e1fc90c6491f574352cacf9bc065' for OSV id: 'OSV-2020-1874'
Unsupported fixed version type: '3ce8214d8fc77be42eb6ad618c972113d4cb0d24' for OSV id: 'OSV-2021-1708'
Unsupported package type: PackageURL(type='generic', namespace=None, name='ghostscript', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-524'
Unsupported package type: PackageURL(type='generic', namespace=None, name='ghostscript', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-684'
Unsupported package type: PackageURL(type='generic', namespace=None, name='ghostscript', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-85'
Unsupported package type: PackageURL(type='generic', namespace=None, name='ghostscript', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-818'
Invalid VersionRange  for affected_pkg: {'package': {'name': 'ghostscript', 'ecosystem': 'OSS-Fuzz'}, 'ranges': [{'type': 'GIT', 'repo': 'git://git.ghostscript.com/ghostpdl.git', 'events': [{'introduced': '75fbddf52051987287e62d13c659eb73ba16982f'}, {'fixed': 'b0855fa22cd6ba447482ee2ae1c5e091428c4bc0'}]}], 'versions': ['ghostpdl-9.56.0-test-base-2', 'ghostpdl-9.56.0-test-base-3'], 'ecosystem_specific': {'severity': 'MEDIUM'}} for OSV id: 'OSV-2021-1781': error:KeyError('oss-fuzz')
Unsupported fixed version type: 'b0855fa22cd6ba447482ee2ae1c5e091428c4bc0' for OSV id: 'OSV-2021-1781'
Invalid VersionRange  for affected_pkg: {'package': {'name': 'ghostscript', 'ecosystem': 'OSS-Fuzz'}, 'ranges': [{'type': 'GIT', 'repo': 'git://git.ghostscript.com/ghostpdl.git', 'events': [{'introduced': '75fbddf52051987287e62d13c659eb73ba16982f'}, {'fixed': '0f8c0b5742577e31e419e84fbf0bcd42db0c5f41'}]}], 'versions': ['ghostpdl-9.56.0-test-base-2', 'ghostpdl-9.56.0-test-base-3', 'ghostpdl-9.56.0-test-base-4'], 'ecosystem_specific': {'severity': 'MEDIUM'}} for OSV id: 'OSV-2021-1731': error:KeyError('oss-fuzz')
Unsupported fixed version type: '0f8c0b5742577e31e419e84fbf0bcd42db0c5f41' for OSV id: 'OSV-2021-1731'
Unsupported fixed version type: 'b503c46c124cf5aaa82a71e28f624f2ef2b71e71' for OSV id: 'OSV-2020-1879'
Unsupported package type: PackageURL(type='generic', namespace=None, name='ghostscript', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-97'
Unsupported package type: PackageURL(type='generic', namespace=None, name='ghostscript', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-339'
Unsupported package type: PackageURL(type='generic', namespace=None, name='ghostscript', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-278'
Unsupported package type: PackageURL(type='generic', namespace=None, name='ghostscript', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-229'
Unsupported package type: PackageURL(type='generic', namespace=None, name='ghostscript', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-772'
Unsupported package type: PackageURL(type='generic', namespace=None, name='ghostscript', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-79'
Unsupported fixed version type: '87688cd48fb52c305e159b785bd184232426a766' for OSV id: 'OSV-2020-1869'
Unsupported package type: PackageURL(type='generic', namespace=None, name='ghostscript', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-456'
Unsupported package type: PackageURL(type='generic', namespace=None, name='ghostscript', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-803'
Invalid VersionRange  for affected_pkg: {'package': {'name': 'ghostscript', 'ecosystem': 'OSS-Fuzz'}, 'ranges': [{'type': 'GIT', 'repo': 'git://git.ghostscript.com/ghostpdl.git', 'events': [{'introduced': '75fbddf52051987287e62d13c659eb73ba16982f'}, {'fixed': '1ae55674f6d68eb6215d7d0f82610f636d81ad3d'}]}], 'versions': ['ghostpdl-9.56.0-test-base-2'], 'ecosystem_specific': {'severity': 'HIGH'}} for OSV id: 'OSV-2021-1682': error:KeyError('oss-fuzz')
Unsupported fixed version type: '1ae55674f6d68eb6215d7d0f82610f636d81ad3d' for OSV id: 'OSV-2021-1682'
Unsupported package type: PackageURL(type='generic', namespace=None, name='ghostscript', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-415'
Unsupported package type: PackageURL(type='generic', namespace=None, name='ghostscript', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-888'
Invalid VersionRange  for affected_pkg: {'package': {'name': 'ghostscript', 'ecosystem': 'OSS-Fuzz'}, 'ranges': [{'type': 'GIT', 'repo': 'git://git.ghostscript.com/ghostpdl.git', 'events': [{'introduced': '75fbddf52051987287e62d13c659eb73ba16982f'}, {'fixed': 'f76cc1beb49646169f33437c522df8a14f70633d'}]}], 'versions': ['ghostpdl-9.56.0-test-base-2', 'ghostpdl-9.56.0-test-base-3', 'ghostpdl-9.56.0-test-base-4'], 'ecosystem_specific': {'severity': 'MEDIUM'}} for OSV id: 'OSV-2022-18': error:KeyError('oss-fuzz')
Unsupported fixed version type: 'f76cc1beb49646169f33437c522df8a14f70633d' for OSV id: 'OSV-2022-18'
Unsupported fixed version type: '87688cd48fb52c305e159b785bd184232426a766' for OSV id: 'OSV-2020-1886'
Unsupported package type: PackageURL(type='generic', namespace=None, name='ghostscript', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-47'
Unsupported package type: PackageURL(type='generic', namespace=None, name='ghostscript', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-829'
Unsupported package type: PackageURL(type='generic', namespace=None, name='ghostscript', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-726'
Unsupported package type: PackageURL(type='generic', namespace=None, name='ghostscript', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-523'
Invalid VersionRange  for affected_pkg: {'package': {'name': 'ghostscript', 'ecosystem': 'OSS-Fuzz'}, 'ranges': [{'type': 'GIT', 'repo': 'git://git.ghostscript.com/ghostpdl.git', 'events': [{'introduced': '75fbddf52051987287e62d13c659eb73ba16982f'}, {'fixed': '1a3c64e7a65025ea024bd65cc726b6ec5dd0e172'}]}], 'versions': ['ghostpdl-9.56.0-test-base-2'], 'ecosystem_specific': {'severity': 'HIGH'}} for OSV id: 'OSV-2021-1711': error:KeyError('oss-fuzz')
Unsupported fixed version type: '1a3c64e7a65025ea024bd65cc726b6ec5dd0e172' for OSV id: 'OSV-2021-1711'
Unsupported package type: PackageURL(type='generic', namespace=None, name='ghostscript', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-1225'
Unsupported package type: PackageURL(type='generic', namespace=None, name='ghostscript', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-727'
Unsupported package type: PackageURL(type='generic', namespace=None, name='ghostscript', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-232'
Invalid VersionRange  for affected_pkg: {'package': {'name': 'ghostscript', 'ecosystem': 'OSS-Fuzz'}, 'ranges': [{'type': 'GIT', 'repo': 'git://git.ghostscript.com/ghostpdl.git', 'events': [{'introduced': '668917a10e7eada030f7d2dddec9f579fddeed3d'}, {'fixed': '0339cbecea80d8a835b316b56d1c75a6fb850e52'}]}], 'versions': ['ghostpdl-9.52-test-base-3', 'ghostpdl-9.52-test-base-4', 'ghostpdl-9.52-test-base-5', 'ghostpdl-9.52-test-base-6'], 'ecosystem_specific': {'introduced_range': 'unknown:668917a10e7eada030f7d2dddec9f579fddeed3d', 'severity': 'MEDIUM'}} for OSV id: 'OSV-2020-1873': error:KeyError('oss-fuzz')
Unsupported fixed version type: '0339cbecea80d8a835b316b56d1c75a6fb850e52' for OSV id: 'OSV-2020-1873'
Unsupported package type: PackageURL(type='generic', namespace=None, name='ghostscript', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2021-1806'
Unsupported package type: PackageURL(type='generic', namespace=None, name='ghostscript', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-218'
Invalid VersionRange  for affected_pkg: {'package': {'name': 'ghostscript', 'ecosystem': 'OSS-Fuzz'}, 'ranges': [{'type': 'GIT', 'repo': 'git://git.ghostscript.com/ghostpdl.git', 'events': [{'introduced': '75fbddf52051987287e62d13c659eb73ba16982f'}, {'fixed': '82b097fe8e76ea92f69ef483f45c0cf491a98d43'}]}], 'versions': ['ghostpdl-9.56.0-test-base-2'], 'ecosystem_specific': {'severity': 'null'}} for OSV id: 'OSV-2021-1690': error:KeyError('oss-fuzz')
Unsupported fixed version type: '82b097fe8e76ea92f69ef483f45c0cf491a98d43' for OSV id: 'OSV-2021-1690'
Unsupported package type: PackageURL(type='generic', namespace=None, name='ghostscript', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-1214'
Unsupported package type: PackageURL(type='generic', namespace=None, name='ghostscript', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-536'
Unsupported package type: PackageURL(type='generic', namespace=None, name='ghostscript', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-643'
Invalid VersionRange  for affected_pkg: {'package': {'name': 'ghostscript', 'ecosystem': 'OSS-Fuzz'}, 'ranges': [{'type': 'GIT', 'repo': 'git://git.ghostscript.com/ghostpdl.git', 'events': [{'introduced': 'e63504054baea4275af88e95418b5282c4394685'}, {'fixed': 'fe8965b8a179c083060b66a7db13cad171ff470b'}, {'introduced': 'bbdfaa56b00f2ba556476f0265e65e4ad370f641'}, {'fixed': 'ad4d12f6d848ebfde2485fd6c806901b7497a1c2'}]}], 'versions': ['ghostpdl-9.28rc2', 'ghostpdl-9.28rc3', 'ghostpdl-9.28rc4', 'ghostpdl-9.50', 'ghostpdl-9.51', 'ghostpdl-9.51rc1', 'ghostpdl-9.51rc2', 'ghostpdl-9.51rc2_test', 'ghostpdl-9.51rc2_test2', 'ghostpdl-9.51rc3', 'ghostpdl-9.52', 'ghostpdl-9.52-test-base-1', 'ghostpdl-9.52-test-base-3', 'ghostpdl-9.52-test-base-4', 'ghostpdl-9.52.1', 'ghostpdl-9.53.0', 'ghostpdl-9.53.0-test-base-0', 'ghostpdl-9.53.0rc1', 'ghostpdl-9.53.0rc2', 'ghostpdl-9.53.1', 'ghostpdl-9.53.2', 'ghostpdl-9.53.3', 'ghostpdl-9.54.0', 'ghostpdl-9.54.0-test-base-0', 'ghostpdl-9.54.0rc1_test', 'ghostscript-9.50', 'ghostscript-9.51', 'ghostscript-9.52', 'gpdf_alpha1', 'rjj_9.53.2_test'], 'ecosystem_specific': {'severity': 'HIGH'}, 'database_specific': {'fixed_range': '2aaa240515d77b486adfd9d217c32d3cad7683f5:ad4d12f6d848ebfde2485fd6c806901b7497a1c2'}} for OSV id: 'OSV-2021-717': error:KeyError('oss-fuzz')
Unsupported fixed version type: 'fe8965b8a179c083060b66a7db13cad171ff470b' for OSV id: 'OSV-2021-717'
Unsupported fixed version type: 'ad4d12f6d848ebfde2485fd6c806901b7497a1c2' for OSV id: 'OSV-2021-717'
Unsupported package type: PackageURL(type='generic', namespace=None, name='ghostscript', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-121'
Invalid VersionRange  for affected_pkg: {'package': {'name': 'ghostscript', 'ecosystem': 'OSS-Fuzz'}, 'ranges': [{'type': 'GIT', 'repo': 'git://git.ghostscript.com/ghostpdl.git', 'events': [{'introduced': '75fbddf52051987287e62d13c659eb73ba16982f'}, {'fixed': '321a00bd85a497c0b2424b906eb9e9d309e31321'}]}], 'versions': ['ghostpdl-9.56.0-test-base-2', 'ghostpdl-9.56.0-test-base-3'], 'ecosystem_specific': {'severity': 'HIGH'}} for OSV id: 'OSV-2021-1771': error:KeyError('oss-fuzz')
Unsupported fixed version type: '321a00bd85a497c0b2424b906eb9e9d309e31321' for OSV id: 'OSV-2021-1771'
Unsupported fixed version type: '9191f693bbfe5b70b91cb068d2fb38316aa0cc5e' for OSV id: 'OSV-2021-1709'
Invalid VersionRange  for affected_pkg: {'package': {'name': 'ghostscript', 'ecosystem': 'OSS-Fuzz'}, 'ranges': [{'type': 'GIT', 'repo': 'git://git.ghostscript.com/ghostpdl.git', 'events': [{'introduced': '75fbddf52051987287e62d13c659eb73ba16982f'}, {'fixed': '8bd3f7dba33341b622b60e13446a9cc101447e76'}]}], 'versions': ['ghostpdl-9.56.0-test-base-2', 'ghostpdl-9.56.0-test-base-3', 'ghostpdl-9.56.0-test-base-4'], 'ecosystem_specific': {'severity': 'MEDIUM'}} for OSV id: 'OSV-2022-3': error:KeyError('oss-fuzz')
Unsupported fixed version type: '8bd3f7dba33341b622b60e13446a9cc101447e76' for OSV id: 'OSV-2022-3'
Unsupported package type: PackageURL(type='generic', namespace=None, name='ghostscript', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-54'
Unsupported fixed version type: '141e5067e40d25ed3aa191589d4a325941efa57a' for OSV id: 'OSV-2021-312'
Invalid VersionRange  for affected_pkg: {'package': {'name': 'ghostscript', 'ecosystem': 'OSS-Fuzz'}, 'ranges': [{'type': 'GIT', 'repo': 'git://git.ghostscript.com/ghostpdl.git', 'events': [{'introduced': 'f35924926cb35f08be5a12ded4a00eb2f42aed3e'}, {'fixed': '5fc8e7c0b656d4e2be8f5e316121f06039c35273'}, {'fixed': 'bbecd13cc34f3dcdcedd726e7de12c988da9794a'}, {'fixed': 'f5b7acb59c4f2e88591aab9f355813e0b7b68db5'}]}], 'versions': ['ghostpdl-9.51rc1'], 'ecosystem_specific': {'severity': 'HIGH'}, 'database_specific': {'fixed_range': 'cd5f21df6c710664ff0ba3f100ca5283d9367ed8:f5b7acb59c4f2e88591aab9f355813e0b7b68db5'}} for OSV id: 'OSV-2020-1875': error:KeyError('oss-fuzz')
Unsupported fixed version type: '5fc8e7c0b656d4e2be8f5e316121f06039c35273' for OSV id: 'OSV-2020-1875'
Unsupported fixed version type: 'bbecd13cc34f3dcdcedd726e7de12c988da9794a' for OSV id: 'OSV-2020-1875'
Unsupported fixed version type: 'f5b7acb59c4f2e88591aab9f355813e0b7b68db5' for OSV id: 'OSV-2020-1875'
Invalid VersionRange  for affected_pkg: {'package': {'name': 'ghostscript', 'ecosystem': 'OSS-Fuzz'}, 'ranges': [{'type': 'GIT', 'repo': 'git://git.ghostscript.com/ghostpdl.git', 'events': [{'introduced': '75fbddf52051987287e62d13c659eb73ba16982f'}, {'fixed': 'd3cd74af319b7b9bc72b6328bdd79fb4ff8082c3'}]}], 'versions': ['ghostpdl-9.56.0-test-base-2'], 'ecosystem_specific': {'severity': 'null'}} for OSV id: 'OSV-2021-1689': error:KeyError('oss-fuzz')
Unsupported fixed version type: 'd3cd74af319b7b9bc72b6328bdd79fb4ff8082c3' for OSV id: 'OSV-2021-1689'
Unsupported package type: PackageURL(type='generic', namespace=None, name='ghostscript', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-1063'
Unsupported package type: PackageURL(type='generic', namespace=None, name='ghostscript', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-210'
Unsupported package type: PackageURL(type='generic', namespace=None, name='mapserver', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-1013'
Unsupported package type: PackageURL(type='generic', namespace=None, name='mapserver', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-1026'
Unsupported package type: PackageURL(type='generic', namespace=None, name='mapserver', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-1052'
Unsupported package type: PackageURL(type='generic', namespace=None, name='mapserver', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-1015'
Unsupported package type: PackageURL(type='generic', namespace=None, name='mapserver', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-1041'
Unsupported fixed version type: '277d30749f15d3fd99649c9347867ddc2fe4f32e' for OSV id: 'OSV-2021-900'
Unsupported fixed version type: '26f4aa01153d7bdf182630e5eb410ea5685d9cff' for OSV id: 'OSV-2021-1015'
Unsupported fixed version type: '6c9bb2e4d6d312553185feea2173acc7fe0dabdb' for OSV id: 'OSV-2021-950'
Unsupported fixed version type: '91f768c1cb3bf9105d5296366876b13ac4118516' for OSV id: 'OSV-2021-950'
Unsupported fixed version type: '6c9bb2e4d6d312553185feea2173acc7fe0dabdb' for OSV id: 'OSV-2021-947'
Unsupported fixed version type: '91f768c1cb3bf9105d5296366876b13ac4118516' for OSV id: 'OSV-2021-947'
Unsupported fixed version type: 'e52893244f40dab90888f2990356c40a0ca1cf5e' for OSV id: 'OSV-2021-947'
Invalid VersionRange  for affected_pkg: {'package': {'name': 'postgis', 'ecosystem': 'OSS-Fuzz'}, 'ranges': [{'type': 'GIT', 'repo': 'https://git.osgeo.org/gitea/postgis/postgis.git', 'events': [{'introduced': 'e0b9fcce14c44a6a3be8e79a4cb3a2d13e79fc7a'}, {'fixed': 'b1abe27db0869d345ac5c0240a21e322a725fff9'}]}], 'versions': ['3.0.0beta1', '3.0.0rc1'], 'ecosystem_specific': {'severity': 'MEDIUM'}} for OSV id: 'OSV-2020-540': error:KeyError('oss-fuzz')
Unsupported fixed version type: 'b1abe27db0869d345ac5c0240a21e322a725fff9' for OSV id: 'OSV-2020-540'
Invalid VersionRange  for affected_pkg: {'package': {'name': 'postgis', 'ecosystem': 'OSS-Fuzz'}, 'ranges': [{'type': 'GIT', 'repo': 'https://git.osgeo.org/gitea/postgis/postgis.git', 'events': [{'introduced': 'f9ed41356bf26b475ae9600eca47d25d240fcdb2'}, {'fixed': 'a1b82509e40fcb5c4065a8fe1bf8b078e8a8373f'}]}], 'versions': ['3.0.0beta1', '3.0.0rc1'], 'ecosystem_specific': {'severity': 'MEDIUM'}} for OSV id: 'OSV-2020-718': error:KeyError('oss-fuzz')
Unsupported fixed version type: 'a1b82509e40fcb5c4065a8fe1bf8b078e8a8373f' for OSV id: 'OSV-2020-718'
Unsupported fixed version type: '3753c84ea46eeb86a0daf8da8c088342515b10dd' for OSV id: 'OSV-2020-290'
Unsupported fixed version type: 'd4852ee6da667d164373600d1bc8d205e2cdef6c' for OSV id: 'OSV-2021-144'
Unsupported fixed version type: '0bcf3488a4989c2724f0c4383401b0d0dcfc3dcc' for OSV id: 'OSV-2018-175'
Unsupported fixed version type: '580add2219c696e425087bc61b952f4ccb295f09' for OSV id: 'OSV-2017-97'
Unsupported package type: PackageURL(type='generic', namespace=None, name='librawspeed', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-1128'
Invalid VersionRange  for affected_pkg: {'package': {'name': 'librawspeed', 'ecosystem': 'OSS-Fuzz'}, 'ranges': [{'type': 'GIT', 'repo': 'https://github.com/darktable-org/rawspeed.git', 'events': [{'introduced': 'a9685b2b81fce6cb3b344a9e2eec001ee23a749f'}, {'fixed': '98d3ec824f0b4e498b175fb937b4217319d01450'}]}], 'versions': ['v3.1'], 'ecosystem_specific': {'severity': 'MEDIUM', 'fixed_range': '688fa9d819177e917b0102e9ce4d5680952ebe55:98d3ec824f0b4e498b175fb937b4217319d01450', 'introduced_range': 'a4bee717f1ce54a16526454f92c22f2b79c7a04f:90dbb09c639869fbb65ad9d7f073b3c22c541732'}} for OSV id: 'OSV-2018-19': error:KeyError('oss-fuzz')
Unsupported fixed version type: '98d3ec824f0b4e498b175fb937b4217319d01450' for OSV id: 'OSV-2018-19'
Invalid VersionRange  for affected_pkg: {'package': {'name': 'librawspeed', 'ecosystem': 'OSS-Fuzz'}, 'ranges': [{'type': 'GIT', 'repo': 'https://github.com/darktable-org/rawspeed.git', 'events': [{'introduced': '23d5018f6b231d62daa6543094a85747beb9654a'}, {'fixed': 'dbe7591e54bad5e6430d38be6bed051582da76b9'}]}], 'versions': ['v3.1'], 'ecosystem_specific': {'fixed_range': '212b7a8ea10acaaf722509e291ed1f59df8010df:dbe7591e54bad5e6430d38be6bed051582da76b9', 'severity': 'HIGH', 'introduced_range': 'f0e9f60474d98883ab9343f584b73ca046263679:52da2b8fda29aa257088d91fb11877f909d578a2'}} for OSV id: 'OSV-2018-227': error:KeyError('oss-fuzz')
Unsupported fixed version type: 'dbe7591e54bad5e6430d38be6bed051582da76b9' for OSV id: 'OSV-2018-227'
Unsupported package type: PackageURL(type='generic', namespace=None, name='librawspeed', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-1199'
Unsupported fixed version type: '16b0853077eec08bccb74aec29bb395c6eb5e50c' for OSV id: 'OSV-2017-116'
Unsupported fixed version type: 'f1806ea3d0abd164e38da2fafe3d3479feb1d3e8' for OSV id: 'OSV-2017-73'
Unsupported fixed version type: 'e542162d9a96ad3bc7c05abace119cbbf2b184bc' for OSV id: 'OSV-2018-231'
Unsupported fixed version type: 'f8687facbba0b1cf6aa786c5cf7e7685e07bf624' for OSV id: 'OSV-2020-578'
Unsupported fixed version type: 'f15f940425eebf24ce66984db2445733cf500b7b' for OSV id: 'OSV-2020-2065'
Unsupported fixed version type: 'f1bb6d3acb057785b4d89e8228e23cc4fc9caa12' for OSV id: 'OSV-2020-2002'
Unsupported fixed version type: 'b52786888ddce9d6bc06b7825ba9bffc65924e0c' for OSV id: 'OSV-2020-2061'
Unsupported fixed version type: 'aef502aca2b912fe24764b02161a61eacdf249ba' for OSV id: 'OSV-2020-503'
Unsupported fixed version type: 'b52786888ddce9d6bc06b7825ba9bffc65924e0c' for OSV id: 'OSV-2020-2076'
Unsupported fixed version type: 'fc461cc6d2b4b99b03cfacea68d84be876f9dea2' for OSV id: 'OSV-2020-1220'
Unsupported fixed version type: 'f1bb6d3acb057785b4d89e8228e23cc4fc9caa12' for OSV id: 'OSV-2020-1899'
Unsupported fixed version type: '2c13955d0649b2afc575bc5416dcedeffc8c01ec' for OSV id: 'OSV-2020-502'
Unsupported fixed version type: 'e3b90efed243779b5c4961c2f9d6f1cedfeb1f46' for OSV id: 'OSV-2020-555'
Unsupported fixed version type: '7058df945d4756169b67a1052f25fdc7f0df92ab' for OSV id: 'OSV-2020-1042'
Unsupported fixed version type: '519b0ff554e9713198bc3b3185da809be42be20c' for OSV id: 'OSV-2020-1049'
Unsupported fixed version type: 'f1bb6d3acb057785b4d89e8228e23cc4fc9caa12' for OSV id: 'OSV-2020-1855'
Unsupported fixed version type: '992c1c147175126c3fe7ab78216aa0395f9e6c71' for OSV id: 'OSV-2020-2074'
Unsupported fixed version type: '3b13c4cd65a8b93f779ddece7deefac5102ece5e' for OSV id: 'OSV-2020-2074'
Unsupported fixed version type: 'f1bb6d3acb057785b4d89e8228e23cc4fc9caa12' for OSV id: 'OSV-2020-1853'
Unsupported fixed version type: 'b52786888ddce9d6bc06b7825ba9bffc65924e0c' for OSV id: 'OSV-2021-362'
Unsupported fixed version type: 'f1bb6d3acb057785b4d89e8228e23cc4fc9caa12' for OSV id: 'OSV-2020-2007'
Unsupported fixed version type: 'f1bb6d3acb057785b4d89e8228e23cc4fc9caa12' for OSV id: 'OSV-2020-2045'
Unsupported fixed version type: 'b52786888ddce9d6bc06b7825ba9bffc65924e0c' for OSV id: 'OSV-2021-245'
Unsupported fixed version type: 'f15f940425eebf24ce66984db2445733cf500b7b' for OSV id: 'OSV-2021-245'
Unsupported fixed version type: 'b52786888ddce9d6bc06b7825ba9bffc65924e0c' for OSV id: 'OSV-2020-2107'
Unsupported fixed version type: '0c970c91788d71c777b91f778f0fda4e58d91839' for OSV id: 'OSV-2020-1172'
Unsupported fixed version type: 'b52786888ddce9d6bc06b7825ba9bffc65924e0c' for OSV id: 'OSV-2020-2263'
Unsupported fixed version type: 'b52786888ddce9d6bc06b7825ba9bffc65924e0c' for OSV id: 'OSV-2020-2115'
Unsupported fixed version type: '8159a25f20df4baec6b420201da846a26f7e6bca' for OSV id: 'OSV-2020-1296'
Unsupported fixed version type: '8dca82ab0d4548ab4d064229e293f2edb8f257ba' for OSV id: 'OSV-2020-261'
Unsupported fixed version type: 'b52786888ddce9d6bc06b7825ba9bffc65924e0c' for OSV id: 'OSV-2021-204'
Unsupported fixed version type: '8159a25f20df4baec6b420201da846a26f7e6bca' for OSV id: 'OSV-2020-1115'
Unsupported fixed version type: 'aef502aca2b912fe24764b02161a61eacdf249ba' for OSV id: 'OSV-2020-692'
Unsupported fixed version type: 'b52786888ddce9d6bc06b7825ba9bffc65924e0c' for OSV id: 'OSV-2020-2068'
Unsupported fixed version type: 'b52786888ddce9d6bc06b7825ba9bffc65924e0c' for OSV id: 'OSV-2021-37'
Unsupported fixed version type: 'd8cb746954c9052a428ba30207e2f2d1a08c238d' for OSV id: 'OSV-2020-1186'
Unsupported fixed version type: 'f1bb6d3acb057785b4d89e8228e23cc4fc9caa12' for OSV id: 'OSV-2020-1847'
Unsupported fixed version type: '992c1c147175126c3fe7ab78216aa0395f9e6c71' for OSV id: 'OSV-2020-2084'
Unsupported fixed version type: '3b13c4cd65a8b93f779ddece7deefac5102ece5e' for OSV id: 'OSV-2020-2084'
Unsupported fixed version type: '3999b227fc2255371b786ccec62cba3f47af37f5' for OSV id: 'OSV-2020-414'
Invalid VersionRange  for affected_pkg: {'package': {'name': 'openh264', 'ecosystem': 'OSS-Fuzz'}, 'ranges': [{'type': 'GIT', 'repo': 'https://github.com/cisco/openh264.git', 'events': [{'introduced': '70eeb783515dbfee3e0c781d6667838caba5113b'}, {'fixed': '68b51e8aed5ea83bcbb9da90af03023ce54a5427'}, {'fixed': '989067645537fc54d547126adc5567b5fdc0fae2'}]}], 'versions': ['v2.0.0', 'v2.1.0', 'v2.1.1'], 'ecosystem_specific': {'introduced_range': 'unknown:70eeb783515dbfee3e0c781d6667838caba5113b', 'severity': 'HIGH'}} for OSV id: 'OSV-2020-1203': error:KeyError('oss-fuzz')
Unsupported fixed version type: '68b51e8aed5ea83bcbb9da90af03023ce54a5427' for OSV id: 'OSV-2020-1203'
Unsupported fixed version type: '989067645537fc54d547126adc5567b5fdc0fae2' for OSV id: 'OSV-2020-1203'
Unsupported fixed version type: '4c76c67e9b790fd40650c4e8a2a059603e8ce195' for OSV id: 'OSV-2020-1857'
Unsupported fixed version type: 'f1bb6d3acb057785b4d89e8228e23cc4fc9caa12' for OSV id: 'OSV-2020-1857'
Unsupported fixed version type: 'b52786888ddce9d6bc06b7825ba9bffc65924e0c' for OSV id: 'OSV-2020-2085'
Unsupported fixed version type: 'b52786888ddce9d6bc06b7825ba9bffc65924e0c' for OSV id: 'OSV-2020-2121'
Unsupported fixed version type: '1e2e87f07903b3dcf142b153bd92329eeb650984' for OSV id: 'OSV-2020-1127'
Unsupported fixed version type: 'b52786888ddce9d6bc06b7825ba9bffc65924e0c' for OSV id: 'OSV-2020-2141'
Unsupported fixed version type: 'b52786888ddce9d6bc06b7825ba9bffc65924e0c' for OSV id: 'OSV-2020-2063'
Unsupported fixed version type: 'b52786888ddce9d6bc06b7825ba9bffc65924e0c' for OSV id: 'OSV-2020-2297'
Unsupported fixed version type: 'f8687facbba0b1cf6aa786c5cf7e7685e07bf624' for OSV id: 'OSV-2020-1258'
Unsupported fixed version type: '519b0ff554e9713198bc3b3185da809be42be20c' for OSV id: 'OSV-2020-1098'
Unsupported fixed version type: 'be82ccf42fc044ae1ea0792837a9415eaf535002' for OSV id: 'OSV-2020-1041'
Unsupported fixed version type: '992c1c147175126c3fe7ab78216aa0395f9e6c71' for OSV id: 'OSV-2020-2274'
Unsupported fixed version type: 'f15f940425eebf24ce66984db2445733cf500b7b' for OSV id: 'OSV-2020-2274'
Unsupported fixed version type: 'be82ccf42fc044ae1ea0792837a9415eaf535002' for OSV id: 'OSV-2020-1312'
Unsupported fixed version type: 'b52786888ddce9d6bc06b7825ba9bffc65924e0c' for OSV id: 'OSV-2020-2062'
Unsupported fixed version type: 'f1bb6d3acb057785b4d89e8228e23cc4fc9caa12' for OSV id: 'OSV-2020-1898'
Unsupported fixed version type: 'b52786888ddce9d6bc06b7825ba9bffc65924e0c' for OSV id: 'OSV-2020-2067'
Unsupported fixed version type: 'b52786888ddce9d6bc06b7825ba9bffc65924e0c' for OSV id: 'OSV-2020-2097'
Unsupported fixed version type: 'aef502aca2b912fe24764b02161a61eacdf249ba' for OSV id: 'OSV-2020-681'
Unsupported fixed version type: 'b52786888ddce9d6bc06b7825ba9bffc65924e0c' for OSV id: 'OSV-2020-2093'
Unsupported fixed version type: 'b52786888ddce9d6bc06b7825ba9bffc65924e0c' for OSV id: 'OSV-2020-2078'
Unsupported fixed version type: 'f1bb6d3acb057785b4d89e8228e23cc4fc9caa12' for OSV id: 'OSV-2020-1852'
Unsupported fixed version type: '992c1c147175126c3fe7ab78216aa0395f9e6c71' for OSV id: 'OSV-2020-1852'
Unsupported fixed version type: 'e3b90efed243779b5c4961c2f9d6f1cedfeb1f46' for OSV id: 'OSV-2020-607'
Unsupported fixed version type: 'b52786888ddce9d6bc06b7825ba9bffc65924e0c' for OSV id: 'OSV-2020-2064'
Invalid VersionRange  for affected_pkg: {'package': {'name': 'openh264', 'ecosystem': 'OSS-Fuzz'}, 'ranges': [{'type': 'GIT', 'repo': 'https://github.com/cisco/openh264.git', 'events': [{'introduced': '519b0ff554e9713198bc3b3185da809be42be20c'}, {'fixed': 'b52786888ddce9d6bc06b7825ba9bffc65924e0c'}, {'fixed': 'f15f940425eebf24ce66984db2445733cf500b7b'}]}], 'versions': ['v2.0.0', 'v2.1.0', 'v2.1.1'], 'ecosystem_specific': {'severity': 'MEDIUM'}, 'database_specific': {'fixed_range': '992c1c147175126c3fe7ab78216aa0395f9e6c71:f15f940425eebf24ce66984db2445733cf500b7b'}} for OSV id: 'OSV-2020-2091': error:KeyError('oss-fuzz')
Unsupported fixed version type: 'b52786888ddce9d6bc06b7825ba9bffc65924e0c' for OSV id: 'OSV-2020-2091'
Unsupported fixed version type: 'f15f940425eebf24ce66984db2445733cf500b7b' for OSV id: 'OSV-2020-2091'
Unsupported fixed version type: '717fe1463d4f2025d8bbfd432a4cf9cdbfc9d35c' for OSV id: 'OSV-2020-1289'
Unsupported fixed version type: '717fe1463d4f2025d8bbfd432a4cf9cdbfc9d35c' for OSV id: 'OSV-2020-1250'
Unsupported fixed version type: 'f1bb6d3acb057785b4d89e8228e23cc4fc9caa12' for OSV id: 'OSV-2020-1854'
Unsupported fixed version type: '2c13955d0649b2afc575bc5416dcedeffc8c01ec' for OSV id: 'OSV-2020-671'
Invalid VersionRange  for affected_pkg: {'package': {'name': 'openh264', 'ecosystem': 'OSS-Fuzz'}, 'ranges': [{'type': 'GIT', 'repo': 'https://github.com/cisco/openh264.git', 'events': [{'introduced': '84b5847d016eb2f77318feef88d930f13b6fab61'}, {'fixed': '901b92c7f3a8295a7335f9be447e667a7eec8075'}]}], 'versions': ['v2.0.0'], 'ecosystem_specific': {'severity': 'HIGH'}} for OSV id: 'OSV-2020-736': error:KeyError('oss-fuzz')
Unsupported fixed version type: '901b92c7f3a8295a7335f9be447e667a7eec8075' for OSV id: 'OSV-2020-736'
Unsupported fixed version type: '206ed1cb2068e47df8b6e3ab03f062b339e0e5f3' for OSV id: 'OSV-2020-587'
Unsupported fixed version type: '3c6b51d4a1f5682f8144fef1553b0357d3d83aaf' for OSV id: 'OSV-2020-184'
Unsupported fixed version type: '55cb70a24a58fc73b7a2b9d1b2a49845668342cc' for OSV id: 'OSV-2017-52'
Unsupported fixed version type: '473e039b48fd72660dd00f4b52a2880cc0dd5632' for OSV id: 'OSV-2018-18'
Unsupported fixed version type: '46a8443f76cec4b41ec736eca396984c74664f84' for OSV id: 'OSV-2020-1280'
Invalid VersionRange  for affected_pkg: {'package': {'name': 'file', 'ecosystem': 'OSS-Fuzz'}, 'ranges': [{'type': 'GIT', 'repo': 'https://github.com/file/file.git', 'events': [{'introduced': '17ee4cf670c363de8d2ea4a4897d7a699837873f'}, {'fixed': '19ccebafb7663c422c714e0c67fa4775abf91c43'}]}], 'versions': ['FILE5_29', 'FILE5_30'], 'ecosystem_specific': {'severity': 'MEDIUM'}} for OSV id: 'OSV-2017-134': error:KeyError('oss-fuzz')
Unsupported fixed version type: '19ccebafb7663c422c714e0c67fa4775abf91c43' for OSV id: 'OSV-2017-134'
Unsupported fixed version type: 'a317154a5acbdcc82db79063742481ce83abafe7' for OSV id: 'OSV-2016-1'
Unsupported package type: PackageURL(type='generic', namespace=None, name='file', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-468'
Invalid VersionRange  for affected_pkg: {'package': {'name': 'file', 'ecosystem': 'OSS-Fuzz'}, 'ranges': [{'type': 'GIT', 'repo': 'https://github.com/file/file.git', 'events': [{'introduced': '1562e15149268477b395ec71309d13f8be99a83b'}, {'fixed': 'dcda2612a5f38a3d9e15c0ac9a7d156d74b3a395'}]}], 'versions': ['FILE5_32', 'FILE5_33', 'FILE5_34', 'FILE5_35', 'FILE5_36'], 'ecosystem_specific': {'severity': 'MEDIUM'}} for OSV id: 'OSV-2020-391': error:KeyError('oss-fuzz')
Unsupported fixed version type: 'dcda2612a5f38a3d9e15c0ac9a7d156d74b3a395' for OSV id: 'OSV-2020-391'
Invalid VersionRange  for affected_pkg: {'package': {'name': 'file', 'ecosystem': 'OSS-Fuzz'}, 'ranges': [{'type': 'GIT', 'repo': 'https://github.com/file/file.git', 'events': [{'introduced': 'a317154a5acbdcc82db79063742481ce83abafe7'}, {'fixed': '6fc66d12c0ca172f4681adb63c6f662ac33cbc7c'}]}], 'versions': ['FILE5_30', 'FILE5_31', 'FILE5_32', 'FILE5_33', 'FILE5_34', 'FILE5_35', 'FILE5_36', 'FILE5_37', 'FILE5_38', 'FILE5_39'], 'ecosystem_specific': {'severity': 'MEDIUM', 'fixed_range': '100ff6d0edb3441962e518690b327186dbc0e652:6fc66d12c0ca172f4681adb63c6f662ac33cbc7c'}} for OSV id: 'OSV-2017-140': error:KeyError('oss-fuzz')
Unsupported fixed version type: '6fc66d12c0ca172f4681adb63c6f662ac33cbc7c' for OSV id: 'OSV-2017-140'
Unsupported package type: PackageURL(type='generic', namespace=None, name='file', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-534'
Unsupported fixed version type: '87f27958cfbb05d262504976f66db70c24d5061f' for OSV id: 'OSV-2018-15'
Unsupported package type: PackageURL(type='generic', namespace=None, name='file', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-924'
Unsupported fixed version type: '46df39b68e51fd803d382348c0059fcb2e40b5ef' for OSV id: 'OSV-2021-1322'
Unsupported fixed version type: '393dafa41b26a7d8ed593912e0ec1f1e7bd4e406' for OSV id: 'OSV-2017-102'
Unsupported fixed version type: 'c8ef8f414952634d217b2b5e19d38b92d0341bc2' for OSV id: 'OSV-2016-3'
Invalid VersionRange  for affected_pkg: {'package': {'name': 'file', 'ecosystem': 'OSS-Fuzz'}, 'ranges': [{'type': 'GIT', 'repo': 'https://github.com/file/file.git', 'events': [{'introduced': '583b3c262f0797ab4e7062e029003dde162b82ab'}, {'fixed': '8f3da601845253629efdda72f9341ed9762b3f2d'}]}], 'versions': ['FILE5_29'], 'ecosystem_specific': {'severity': 'MEDIUM'}} for OSV id: 'OSV-2016-7': error:KeyError('oss-fuzz')
Unsupported fixed version type: '8f3da601845253629efdda72f9341ed9762b3f2d' for OSV id: 'OSV-2016-7'
Unsupported fixed version type: '29955546ee23b05359f2a4ed6986de590ed0b9f2' for OSV id: 'OSV-2020-75'
Unsupported fixed version type: 'a9c8d2a9493c4e0cd201db57801f3502e65c686c' for OSV id: 'OSV-2021-1238'
Unsupported fixed version type: '06de62c022138f63de9bcd04074491945eaa8662' for OSV id: 'OSV-2020-1193'
Invalid VersionRange  for affected_pkg: {'package': {'name': 'file', 'ecosystem': 'OSS-Fuzz'}, 'ranges': [{'type': 'GIT', 'repo': 'https://github.com/file/file.git', 'events': [{'introduced': 'f0a26da7b371127e4460cc6d2da1b410c3d85ad9'}, {'fixed': 'ecca6e54f49f251bb4c16fe145d04c2b45923dc3'}]}], 'versions': ['FILE5_36'], 'ecosystem_specific': {'severity': 'MEDIUM'}} for OSV id: 'OSV-2020-535': error:KeyError('oss-fuzz')
Unsupported fixed version type: 'ecca6e54f49f251bb4c16fe145d04c2b45923dc3' for OSV id: 'OSV-2020-535'
Unsupported fixed version type: '4f1887eb56f4abdf448274afc5abdc8f9d078929' for OSV id: 'OSV-2020-190'
Unsupported fixed version type: '8c16c9e3c9a82f859c3ed47c34c14eea6a3d7b18' for OSV id: 'OSV-2016-2'
Unsupported fixed version type: '8a667072e65294efa6a7b7d9a3bc417e145e0aea' for OSV id: 'OSV-2016-6'
Invalid VersionRange  for affected_pkg: {'package': {'name': 'file', 'ecosystem': 'OSS-Fuzz'}, 'ranges': [{'type': 'GIT', 'repo': 'https://github.com/file/file.git', 'events': [{'introduced': '17f892b32cc92f7505f02d198142c1a57204582f'}]}], 'versions': ['FILE5_30', 'FILE5_31', 'FILE5_32', 'FILE5_33', 'FILE5_34', 'FILE5_35', 'FILE5_36', 'FILE5_37', 'FILE5_38', 'FILE5_39', 'FILE5_40', 'FILE5_41', 'FILE5_42', 'FILE5_43'], 'ecosystem_specific': {'severity': 'MEDIUM'}} for OSV id: 'OSV-2017-16': error:KeyError('oss-fuzz')
Invalid VersionRange  for affected_pkg: {'package': {'name': 'file', 'ecosystem': 'OSS-Fuzz'}, 'ranges': [{'type': 'GIT', 'repo': 'https://github.com/file/file.git', 'events': [{'introduced': 'a317154a5acbdcc82db79063742481ce83abafe7'}, {'fixed': '6fc66d12c0ca172f4681adb63c6f662ac33cbc7c'}]}], 'versions': ['FILE5_30', 'FILE5_31', 'FILE5_32', 'FILE5_33', 'FILE5_34', 'FILE5_35', 'FILE5_36', 'FILE5_37', 'FILE5_38', 'FILE5_39'], 'ecosystem_specific': {'fixed_range': '100ff6d0edb3441962e518690b327186dbc0e652:6fc66d12c0ca172f4681adb63c6f662ac33cbc7c', 'severity': 'MEDIUM'}} for OSV id: 'OSV-2017-131': error:KeyError('oss-fuzz')
Unsupported fixed version type: '6fc66d12c0ca172f4681adb63c6f662ac33cbc7c' for OSV id: 'OSV-2017-131'
Unsupported package type: PackageURL(type='generic', namespace=None, name='file', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-952'
Unsupported package type: PackageURL(type='generic', namespace=None, name='file', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-923'
Unsupported fixed version type: '4f1887eb56f4abdf448274afc5abdc8f9d078929' for OSV id: 'OSV-2020-97'
Invalid VersionRange  for affected_pkg: {'package': {'name': 'miniz', 'ecosystem': 'OSS-Fuzz'}, 'ranges': [{'type': 'GIT', 'repo': 'https://github.com/richgel999/miniz.git', 'events': [{'introduced': '1e7621d96cb9d0821c61db6f4e3ef36ddc19b0cd'}, {'fixed': 'b43f8a0c22d6bae6b5416264232f57a2aca539fe'}]}], 'versions': ['2.2.0'], 'ecosystem_specific': {'severity': 'MEDIUM'}, 'database_specific': {'fixed_range': 'd6566206ce120069708e77eff79cf117957b419a:b43f8a0c22d6bae6b5416264232f57a2aca539fe'}} for OSV id: 'OSV-2020-2151': error:KeyError('oss-fuzz')
Unsupported fixed version type: 'b43f8a0c22d6bae6b5416264232f57a2aca539fe' for OSV id: 'OSV-2020-2151'
Unsupported fixed version type: '9457abb670a2c0a9f907d353bdf257593d0498a5' for OSV id: 'OSV-2020-2103'
Unsupported fixed version type: '488425c1b9fb8c8d0f1ef1ce7d665058880870e2' for OSV id: 'OSV-2021-882'
Unsupported package type: PackageURL(type='generic', namespace=None, name='cyclonedds', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-892'
Unsupported package type: PackageURL(type='generic', namespace=None, name='binutils', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-183'
Invalid VersionRange  for affected_pkg: {'package': {'name': 'unbound', 'ecosystem': 'OSS-Fuzz'}, 'ranges': [{'type': 'GIT', 'repo': 'https://github.com/NLnetLabs/unbound', 'events': [{'introduced': '9b3f3101e3d0b027ef7a7b4370587724a57abac2'}, {'fixed': 'f37242566b3187c1d715af6d0e4e0c5b75ccafeb'}]}], 'versions': ['release-1.10.0', 'release-1.10.0rc1', 'release-1.10.0rc2', 'release-1.10.1'], 'ecosystem_specific': {'fixed_range': '4ccac696caf8826995c9db78af6074a5a1381f00:f37242566b3187c1d715af6d0e4e0c5b75ccafeb', 'severity': 'MEDIUM', 'introduced_range': 'e149bc70460268f7f559ce10ab7e3678a5baac0f:1e0c957dcd7b0b1e03ff2d8bf58fdbb147ce4978'}} for OSV id: 'OSV-2020-225': error:KeyError('oss-fuzz')
Unsupported fixed version type: 'f37242566b3187c1d715af6d0e4e0c5b75ccafeb' for OSV id: 'OSV-2020-225'
Invalid VersionRange  for affected_pkg: {'package': {'name': 'unbound', 'ecosystem': 'OSS-Fuzz'}, 'ranges': [{'type': 'GIT', 'repo': 'https://github.com/NLnetLabs/unbound', 'events': [{'introduced': '9b3f3101e3d0b027ef7a7b4370587724a57abac2'}, {'fixed': 'f37242566b3187c1d715af6d0e4e0c5b75ccafeb'}]}], 'versions': ['release-1.10.0', 'release-1.10.0rc1', 'release-1.10.0rc2', 'release-1.10.1'], 'ecosystem_specific': {'severity': 'MEDIUM', 'introduced_range': 'e149bc70460268f7f559ce10ab7e3678a5baac0f:1e0c957dcd7b0b1e03ff2d8bf58fdbb147ce4978', 'fixed_range': '4ccac696caf8826995c9db78af6074a5a1381f00:f37242566b3187c1d715af6d0e4e0c5b75ccafeb'}} for OSV id: 'OSV-2020-255': error:KeyError('oss-fuzz')
Unsupported fixed version type: 'f37242566b3187c1d715af6d0e4e0c5b75ccafeb' for OSV id: 'OSV-2020-255'
Unsupported package type: PackageURL(type='generic', namespace=None, name='libdwarf', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-389'
Unsupported fixed version type: '11e404ca3c80893f59b1001f000c9390216c7e7a' for OSV id: 'OSV-2021-419'
Unsupported package type: PackageURL(type='generic', namespace=None, name='tmux', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-473'
Unsupported fixed version type: '5ba0baaa269b3fd681828e0e3b3ac0f1472eaf40' for OSV id: 'OSV-2020-1478'
Unsupported package type: PackageURL(type='generic', namespace=None, name='stb', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2021-1787'
Unsupported fixed version type: '9cd6cdc0e55ec3d4c002313fd5f0e6b255e8e06c' for OSV id: 'OSV-2020-1892'
Unsupported fixed version type: 'b42009b3b9d4ca35bc703f5310eedc74f584be58' for OSV id: 'OSV-2020-1892'
Unsupported fixed version type: '8c15cc9c79bf6f180d74808657046caf2ec0b445' for OSV id: 'OSV-2021-979'
Unsupported fixed version type: 'b42009b3b9d4ca35bc703f5310eedc74f584be58' for OSV id: 'OSV-2020-1521'
Unsupported fixed version type: 'b42009b3b9d4ca35bc703f5310eedc74f584be58' for OSV id: 'OSV-2020-1472'
Unsupported fixed version type: '9cd6cdc0e55ec3d4c002313fd5f0e6b255e8e06c' for OSV id: 'OSV-2020-1897'
Unsupported fixed version type: 'b42009b3b9d4ca35bc703f5310eedc74f584be58' for OSV id: 'OSV-2020-1897'
Unsupported fixed version type: 'b42009b3b9d4ca35bc703f5310eedc74f584be58' for OSV id: 'OSV-2020-1380'
Unsupported package type: PackageURL(type='generic', namespace=None, name='osquery', version=None, qualifiers={}, subpath=None) in OSV: 'OSV-2022-763'
Successfully imported data using vulnerabilities.importers.oss_fuzz.OSS_FuzzImporter

And the improve logs :

Improving data using vulnerabilities.improvers.default.DefaultImprover
Successfully improved data using vulnerabilities.improvers.default.DefaultImprover

@TG1999 TG1999 marked this pull request as ready for review January 3, 2023 16:59
@TG1999
Copy link
Copy Markdown
Contributor

TG1999 commented Jan 12, 2023

@ziadhany please add tests

@TG1999 TG1999 modified the milestones: v32.0.0, v33.0.0 Jan 13, 2023
@ziadhany ziadhany force-pushed the oss-fuzz branch 2 times, most recently from ce96986 to 1f75c02 Compare January 14, 2023 13:32
TG1999
TG1999 requested changes Aug 22, 2023
View reviewed changes
Copy link
Copy Markdown
Contributor

@TG1999 TG1999 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@ziadhany Thanks++, some review comments for your consideration.

Comment thread vulnerabilities/importers/oss_fuzz.py
@ziadhany
Copy link
Copy Markdown
Collaborator Author

ziadhany commented Aug 23, 2023

@TG1999
oss-fuzz logs : oss-fuzz-logs.zip

TG1999
TG1999 approved these changes Aug 31, 2023
View reviewed changes
Copy link
Copy Markdown
Contributor

@TG1999 TG1999 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM! Thanks ++

@TG1999 TG1999 requested a review from pombredanne September 5, 2023 17:34
pombredanne
pombredanne reviewed Sep 7, 2023
View reviewed changes
Comment thread vulnerabilities/tests/test_data/oss_fuzz/oss-fuzz-expected1.json
@@ -0,0 +1,20 @@
{
Copy link
Copy Markdown
Member

@pombredanne pombredanne Sep 7, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please rename these expected files to use the same base name as a the test data file with an -expected.json suffix. Here do not use oss-fuzz-expected1.json. Instead use oss-fuzz-data1.yaml-expected.json .... ths way the test data file and the expected results show up side by side.

Copy link
Copy Markdown
Collaborator Author

@ziadhany ziadhany Sep 7, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done!

pombredanne
pombredanne approved these changes Sep 7, 2023
View reviewed changes
Copy link
Copy Markdown
Member

@pombredanne pombredanne left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM with a tiny nit for the test results expected file names

@TG1999
Copy link
Copy Markdown
Contributor

TG1999 commented Nov 10, 2023

@ziadhany thanks++ this looks good and we can merge it, please just resolve the merge conflicts.

@ziadhany
Rename expected files
887d43e 
Add OSSFuzzImprover to IMPROVERS_REGISTRY
Fix oss-fuzz test ( add weakness in expected test file )
Add oss-fuzz tests
Import data from oss_fuzz using osv format

Resolve merge conflicts

Signed-off-by: ziadhany <ziadhany2016@gmail.com>
@ziadhany
Copy link
Copy Markdown
Collaborator Author

ziadhany commented Nov 11, 2023

@ziadhany thanks++ this looks good and we can merge it, please just resolve the merge conflicts.

Done

@TG1999 TG1999 merged commit 8f8190e into aboutcode-org:main Nov 12, 2023
@ziadhany ziadhany deleted the oss-fuzz branch November 13, 2023 10:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@pombredanne pombredanne pombredanne approved these changes

@TG1999 TG1999 TG1999 approved these changes

Assignees

No one assigned

Labels

Data collection Priority: high

Projects

None yet

Milestone

v33.0.0

Development

Successfully merging this pull request may close these issues.

3 participants

@ziadhany @TG1999 @pombredanne