data/reports: update GO-2023-1737.yaml

Add fixed version.

Updates #1737
Fixes #1810

Change-Id: I0e4f5224c2dfe2bac98a389c25ac526cfd06d36f
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/499895
Run-TryBot: Tatiana Bradley <[email protected]>
Reviewed-by: Zvonimir Pavlinovic <[email protected]>
TryBot-Result: Gopher Robot <[email protected]>

Author: tatianab

data/cve/v5/GO-2023-1737.json

@@ -24,7 +24,7 @@
           "versions": [
             {
               "version": "1.3.1-0.20190301021747-ccb9e902956d",
-              "lessThan": "",
+              "lessThan": "1.9.1",
               "status": "affected",
               "versionType": "semver"
             }
@@ -54,6 +54,9 @@
         {
           "url": "https://github.com/gin-gonic/gin/pull/3556"
         },
+        {
+          "url": "https://github.com/gin-gonic/gin/releases/tag/v1.9.1"
+        },
         {
           "url": "https://pkg.go.dev/vuln/GO-2023-1737"
         }

data/osv/GO-2023-1737.json

@@ -20,6 +20,9 @@
           "events": [
             {
               "introduced": "1.3.1-0.20190301021747-ccb9e902956d"
+            },
+            {
+              "fixed": "1.9.1"
             }
           ]
         }
@@ -44,6 +47,10 @@
     {
       "type": "FIX",
       "url": "https://github.com/gin-gonic/gin/pull/3556"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/gin-gonic/gin/releases/tag/v1.9.1"
     }
   ],
   "credits": [

data/reports/GO-2023-1737.yaml

@@ -1,13 +1,14 @@
 id: GO-2023-1737
 modules:
-  - module: github.com/gin-gonic/gin
-    versions:
-      - introduced: 1.3.1-0.20190301021747-ccb9e902956d
-    vulnerable_at: 1.9.0
-    packages:
-      - package: github.com/gin-gonic/gin
-        symbols:
-          - Context.FileAttachment
+    - module: github.com/gin-gonic/gin
+      versions:
+        - introduced: 1.3.1-0.20190301021747-ccb9e902956d
+          fixed: 1.9.1
+      vulnerable_at: 1.9.0
+      packages:
+        - package: github.com/gin-gonic/gin
+          symbols:
+            - Context.FileAttachment
 summary: Improper handling of file names in Content-Disposition HTTP header
 description: |
     The filename parameter of the Context.FileAttachment function is
@@ -22,12 +23,13 @@ description: |
     be served with a name different than provided. Maliciously crafted
     attachment file name can modify the Content-Disposition header.
 ghsas:
-  - GHSA-2c4m-59x9-fr2g
+    - GHSA-2c4m-59x9-fr2g
 credits:
-  - motoyasu-saburi
+    - motoyasu-saburi
 references:
-  - report: https://github.com/gin-gonic/gin/issues/3555
-  - fix: https://github.com/gin-gonic/gin/pull/3556
+    - report: https://github.com/gin-gonic/gin/issues/3555
+    - fix: https://github.com/gin-gonic/gin/pull/3556
+    - web: https://github.com/gin-gonic/gin/releases/tag/v1.9.1
 cve_metadata:
     id: CVE-2023-29401
     cwe: 'CWE 20: Improper Input Validation'