diff --git a/.gitignore b/.gitignore index 75503a5f7..a32752152 100644 --- a/.gitignore +++ b/.gitignore @@ -62,6 +62,8 @@ prospector/test_report.json prospector/.idea/* prospector/*.html prospector/*.json -prospector/evaluation +prospector/evaluation/data/input/* +prospector/evaluation/data/reports/* +prospector/evaluation/config.yaml .DS_Store prospector/pipeline/reports/* diff --git a/prospector/datamodel/advisory.py b/prospector/datamodel/advisory.py index b66874c82..7c0f7fc9b 100644 --- a/prospector/datamodel/advisory.py +++ b/prospector/datamodel/advisory.py @@ -108,7 +108,7 @@ def analyze(self): # for k, v in self.references.items(): # print(k, v) - logger.debug("References: " + str(self.references)) + # logger.debug("References: " + str(self.references)) # TODO: I should extract interesting stuff from the references immediately ad maintain them just for a fast lookup logger.debug(f"Relevant references: {len(self.references)}") @@ -210,6 +210,7 @@ def get_commits_in_advisory_references(self) -> List[str]: } limit += 1 + # Filter out references that are not commit hashes, eg. commit::master return [ ref.split("::")[1] for ref in self.references diff --git a/prospector/datamodel/nlp.py b/prospector/datamodel/nlp.py index 573165494..b50b87c31 100644 --- a/prospector/datamodel/nlp.py +++ b/prospector/datamodel/nlp.py @@ -50,10 +50,14 @@ def extract_words_from_text(text: str) -> List[str]: ] -def find_similar_words(adv_words: Set[str], commit_msg: str, exclude: str) -> Set[str]: +def find_similar_words( + adv_words: Set[str], commit_msg: str, exclude: str +) -> Set[str]: """Extract nouns from commit message that appears in the advisory text""" commit_words = { - word for word in extract_words_from_text(commit_msg) if word not in exclude + word + for word in extract_words_from_text(commit_msg) + if word not in exclude } return commit_words.intersection(adv_words) # return [word for word in extract_words_from_text(commit_msg) if word in adv_words] @@ -63,7 +67,9 @@ def extract_versions(text: str) -> List[str]: """ Extract all versions mentioned in the text """ - return list(set(re.findall(r"(\d+(?:\.\d+)+)", text))) # Should be more accurate + return list( + set(re.findall(r"(\d+(?:\.\d+)+)", text)) + ) # Should be more accurate # return re.findall(r"[0-9]+\.[0-9]+[0-9a-z.]*", text) @@ -134,7 +140,8 @@ def extract_filename(text: str, relevant_extensions: List[str]) -> List[str]: # This regex covers cases with various camelcase filenames and underscore, dash names if bool( re.search( - r"(?:[a-z]|[A-Z])[a-zA-Z]+[A-Z]\w*|(?:[a-zA-Z]{2,}[_-])+[a-zA-Z]{2,}", text + r"(?:[a-z]|[A-Z])[a-zA-Z]+[A-Z]\w*|(?:[a-zA-Z]{2,}[_-])+[a-zA-Z]{2,}", + text, ) ): return [text], None @@ -195,7 +202,12 @@ def extract_cve_references(text: str) -> List[str]: Extract CVE identifiers """ return list( - set([result.group(0) for result in re.finditer(r"CVE-\d{4}-\d{4,8}", text)]) + set( + [ + result.group(0) + for result in re.finditer(r"CVE-\d{4}-\d{4,8}", text) + ] + ) ) diff --git a/prospector/docker-compose.yml b/prospector/docker-compose.yml index f1c6171e1..211bcd58b 100644 --- a/prospector/docker-compose.yml +++ b/prospector/docker-compose.yml @@ -16,12 +16,6 @@ services: GIT_CACHE: /tmp/gitcache CVE_DATA_PATH: /app/cve_data REDIS_URL: redis://redis:6379/0 - #POSTGRES_HOST: db - #POSTGRES_PORT: 5432 - #POSTGRES_USER: postgres - #POSTGRES_PASSWORD: example - #POSTGRES_DBNAME: postgres - #NVD_API_KEY: ${NVD_API_KEY} worker: build: @@ -29,7 +23,9 @@ services: dockerfile: docker/worker/Dockerfile volumes: - ./:/app - # - ./pipeline/reports:/app/pipeline/reports + - ./data_sources/reports:/app/data_sources/reports + - ./evaluation/data/reports/:/app/evaluation/data/reports + - ./../../../data/gitcache:/tmp/gitcache depends_on: - redis environment: diff --git a/prospector/docker/Dockerfile b/prospector/docker/Dockerfile index 05f47adda..38d8a1b3b 100644 --- a/prospector/docker/Dockerfile +++ b/prospector/docker/Dockerfile @@ -1,7 +1,15 @@ FROM python:3.10-slim -COPY . /app +RUN mkdir -p /app +COPY ./requirements.txt /app/ WORKDIR /app +# Create log files with permissions for host user +RUN touch evaluation.log +RUN touch prospector.log +RUN chown ${UID}:${GID} evaluation.log +RUN chown ${UID}:${GID} prospector.log + +# Install dependencies with pip RUN pip install --upgrade pip RUN apt update && apt install -y --no-install-recommends gcc g++ libffi-dev python3-dev libpq-dev git curl RUN pip install --no-cache-dir -r requirements.txt diff --git a/prospector/docker/worker/etc_supervisor_confd_rqworker.conf.j2 b/prospector/docker/worker/etc_supervisor_confd_rqworker.conf.j2 index 64e60b2ea..2bb199209 100644 --- a/prospector/docker/worker/etc_supervisor_confd_rqworker.conf.j2 +++ b/prospector/docker/worker/etc_supervisor_confd_rqworker.conf.j2 @@ -8,7 +8,7 @@ command=/usr/local/bin/python3 /usr/local/bin/rq worker {{env['RQ_QUEUE']}} -u r process_name=%(program_name)s%(process_num)01d ; If you want to run more than one worker instance, increase this -numprocs=2 +numprocs=10 redirect_stderr=true ; This is the directory from which RQ is ran. Be sure to point this to the diff --git a/prospector/evaluation/README.md b/prospector/evaluation/README.md new file mode 100644 index 000000000..5eb7bc7af --- /dev/null +++ b/prospector/evaluation/README.md @@ -0,0 +1,60 @@ +# Evaluate Prospector + +This folder contains the scripts used for evaluating Prospector's reports and data needed for it (created and used in Summer 2024). The folder is structured as follows: + +1. **Data** folder: contains input data, Prospector reports and results of the analysis of the Prospector reports. +2. **Scripts**: The scripts used for running Prospector on a batch of CVEs, and for analysing the created reports. + +Prospector is run in the following way in this evaluation: + +First, the five docker containers must be started with `make docker-setup` or manually with `docker` commands. Once they are running, `docker ps` should show the following: + +```bash +CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES +c73aed108475 prospector_backend "python ./service/ma…" 47 minutes ago Up 47 minutes 0.0.0.0:8000->8000/tcp, :::8000->8000/tcp prospector_backend_1 +2e9da86b09a8 prospector_worker "/usr/local/bin/star…" 47 minutes ago Up 47 minutes prospector_worker_1 +b219fd6219ed adminer "entrypoint.sh php -…" 47 minutes ago Up 47 minutes 0.0.0.0:8080->8080/tcp, :::8080->8080/tcp prospector_adminer_1 +9aacdc04f7c5 postgres "docker-entrypoint.s…" 47 minutes ago Up 47 minutes 0.0.0.0:5432->5432/tcp, :::5432->5432/tcp db +7c540450ab76 redis:alpine "docker-entrypoint.s…" 47 minutes ago Up 47 minutes 0.0.0.0:6379->6379/tcp, :::6379->6379/tcp prospector_redis_1 +``` + +[`dispatch_jobs.py`](#running-prospector-on-multiple-cves-dispatch_jobspy) creates jobs with the `prospector()` function in them and enqueues +them in a Redis Queue, from which the `prospector_worker` container fetches jobs and executes them. To visualise what is going on, run +`docker attach prospector_worker_1` to see the usual console output. In order to change something inside the container, run `docker exec -it prospector_worker_1 bash` to open an interactive bash shell. + +You can set the number of workers in `docker/worker/etc_supervisor_confd_rqworker.conf.j2`. + +## Configuration File + +The configuration file has two parts to it: a main part and a Prospector settings part, which is a copy of a part of the original Prospector `config.yaml` file. + +The main part at the top allows you to set the path to where the input data can be found, where Prospector reports should be saved to and where analysis results should be saved to. + +The Prospector part allows you to set the settings for Prospector (independent from the Prospector settings used when running Prospector with `./run_prospector`). **Watch out**: Since the `prospector_worker` container is created in the beginning with the current state of the `config.yaml`, simply saving any changes in `config.yaml` and dispatching new jobs will still run them with the old configuration. For new configuration parameters to take effect, either destroy the containers with `make docker-clean` and rebuild them with `make docker-setup` or open an interactive shell to the container and make your changes to the code in there. + +## Script Files explained + +### Running Prospector on multiple CVEs (`dispatch_jobs.py`) + +The code for running Prospector is in `dispatch_jobs.py`. It exctracts CVE IDs from the data given in the path constructed as: `input_data_path` + the `-i` CL parameter. It then dispatches a job for each CVE ID to the queue, from where these jobs get executed. The path to the input file is split into two components (`input_data_path` in `config.yaml` and the `-i` parameter) because you might have one folder in which you have several different input data files of the same format. This keeps you from typing the full path, but still allows you to switch between the files between different runs. + +The reports are generated in the worker container, and saved to `prospector_reports_path_container`. This folder is mounted into the container, so you can see any newly generated reports in the same folder on the host. + +Do not confuse this paramter with `prospector_reports_path_host`, which sets the path to a batch of reports on the host (used for analysis). Your workflow should be as follows: + +1. Dispatch reports +2. When the report generation has finished, move the reports to any other folder (preferably outside of the `prospector/` folder to keep the build context for the container from getting too big). +3. Analyse the reports by setting the `prospector_reports_path_host` to the folder where you moved the reports to. + +### Analysing the generated reports (`analyse.py`) + +Start an analysis with + +```bash +python3 evaluation/main.py -i -a +``` + +This will start the `analyse_prospector_reports()` function in `analyse.py`, which re-creates the summary execution table from [AssureMOSS D6.3](https://assuremoss.eu/en/resources/Deliverables/D6.3): +![D6.3 Summary Execution Table](images/summary_execution_table.png) + +It also creates a detailed JSON file (listing CVEs in each category) in `data/results/summary_execution/` to inspect which CVEs are in which category. \ No newline at end of file diff --git a/prospector/evaluation/__init__.py b/prospector/evaluation/__init__.py new file mode 100644 index 000000000..e69de29bb diff --git a/prospector/evaluation/analyse.py b/prospector/evaluation/analyse.py new file mode 100644 index 000000000..4104be1a1 --- /dev/null +++ b/prospector/evaluation/analyse.py @@ -0,0 +1,791 @@ +from collections import defaultdict +from datetime import datetime +import json +import os +from typing import List +import plotly.graph_objects as go +from plotly.io import write_image + +from tqdm import tqdm + +from evaluation.utils import ( + COMPARISON_DIRECTORY, + load_dataset, + load_json_file, + save_dict_to_json, + update_summary_execution_table, + logger, + INPUT_DATA_PATH, + PROSPECTOR_REPORTS_PATH_HOST, + ANALYSIS_RESULTS_PATH, + BATCH, +) + +# The number of top commits to consider for 'high confidence' classification +NUM_TOP_COMMITS = 5 +# NUM_TOP_COMMITS = 10 + +if BATCH in ["regular", "old_code"]: + STRONG_RULES = [ + "COMMIT_IN_REFERENCE", + "VULN_ID_IN_MESSAGE", + "XREF_BUG", + "XREF_GH", + "VULN_ID_IN_LINKED_ISSUE", + "COMMIT_IS_SECURITY_RELEVANT", + ] +else: + STRONG_RULES = [ + "COMMIT_IN_REFERENCE", + "CVE_ID_IN_MESSAGE", + "CROSS_REFERENCED_JIRA_LINK", + "CROSS_REFERENCED_GH_LINK", + "CVE_ID_IN_LINKED_ISSUE", + "COMMIT_IS_SECURITY_RELEVANT", + ] + +WEAK_RULES = [ + "CHANGES_RELEVANT_FILES", + "CHANGES_RELEVANT_CODE", + "RELEVANT_WORDS_IN_MESSAGE", + "ADV_KEYWORDS_IN_FILES", + "ADV_KEYWORDS_IN_MSG", + "SEC_KEYWORDS_IN_MESSAGE", + "SEC_KEYWORDS_IN_LINKED_GH", + "SEC_KEYWORDS_IN_LINKED_BUG", + "GITHUB_ISSUE_IN_MESSAGE", + "BUG_IN_MESSAGE", + "COMMIT_HAS_TWINS", +] + + +def analyse_prospector_reports(filename: str, selected_cves: str): + """Analyses Prospector reports and categorises them into high, medium, + low ... categories given a ground truth. + + Creates the summary_execution_[mvi|nvi]_table.tex table. + Creates a JSON file with a list of CVE IDs for each category of the table. These files are used for the flow analysis (`analyse_category_flows()`). + + """ + file = INPUT_DATA_PATH + filename + ".csv" + dataset = load_dataset(file) + + if selected_cves != "all" and len(selected_cves) != 0: + dataset = [c for c in dataset if c[0] in selected_cves] + + # Keep track of how many reports were attempted to be analysed + attempted_count = 0 + # Keep track of how many reports were actually analysed + analysed_reports_count = 0 + # Keep track of the CVEs where there is no report file + reports_not_found = [] + + # Data to insert into table + if BATCH in ["regular", "old_code"]: + results = { + "high": [], + "COMMIT_IN_REFERENCE": [], + "VULN_ID_IN_MESSAGE": [], + "VULN_ID_IN_LINKED_ISSUE": [], + "XREF_BUG": [], + "XREF_GH": [], + "COMMIT_IS_SECURITY_RELEVANT": [], + "medium": [], + "low": [], + "not_found": [], + "not_reported": [], + "false_positive": [], + "aborted": [], + } + else: + results = { + "high": [], + "COMMIT_IN_REFERENCE": [], + "CVE_ID_IN_MESSAGE": [], + "CVE_ID_IN_LINKED_ISSUE": [], + "CROSS_REFERENCED_JIRA_LINK": [], + "CROSS_REFERENCED_GH_LINK": [], + "COMMIT_IS_SECURITY_RELEVANT": [], + "medium": [], + "low": [], + "not_found": [], + "not_reported": [], + "false_positive": [], + "aborted": [], + } + + print(f"Analysing reports in {PROSPECTOR_REPORTS_PATH_HOST}") + logger.info(f"Attempting to analyse {len(dataset)} CVEs.") + + for record in tqdm(dataset, total=len(dataset), desc="Analysing Records"): + # ID;URL;VERSIONS;FLAG;COMMITS;COMMENTS + cve_id = record[0] + true_fixing_commits = record[4].split(",") + + attempted_count += 1 + + try: + with open(f"{PROSPECTOR_REPORTS_PATH_HOST}/{cve_id}.json") as file: + # Get all commit IDs present in the report + report_data = json.load(file) + + _analyse_report( + results=results, + cve_id=cve_id, + report_data=report_data, + true_fixing_commits=true_fixing_commits, + ) + + analysed_reports_count += 1 + + except FileNotFoundError: + reports_not_found.append(cve_id) + logger.debug(f"Couldn't find report for {cve_id}") + continue + + except Exception as e: + logger.info(f"Error occured for {cve_id}: {e}") + continue + # Append aborted reports to results object + results["aborted"] = reports_not_found + + if BATCH == "regular": + update_summary_execution_table( + results=results, + total=analysed_reports_count, + ) + + logger.info(f"Ran analysis on {PROSPECTOR_REPORTS_PATH_HOST}.") + logger.info( + f"Analysed {analysed_reports_count}, couldn't find reports for {len(reports_not_found)} out of {attempted_count} analysis attempts." + ) + + # Save detailed results in a json file (instead of cluttering logs) + path = _save_summary_execution_details(results, reports_not_found) + logger.info( + f"Saved summary execution details (lists of CVEs for each category) to {path}." + ) + + +def _analyse_report( + results: dict, cve_id: str, report_data, true_fixing_commits: list +): + """Analyzes a single Prospector report for a given CVE and updates the + results dictionary. + + Params: + results (dict): The current results dictionary to be updated. + cve_id (str): The CVE identifier for the current report. + report_data (dict): The data from the current Prospector report. + true_fixing_commits (list): A list of known true fixing commit hashes + + Returns: + dict: The updated results dictionary. + """ + true_fixing_commits_in_report = _get_true_fixing_commits_in_report( + report_data=report_data, + fixing_commits=true_fixing_commits, + ) + + if len(true_fixing_commits_in_report) == 0: + # If there are no candidates at all -> not reported + existing_candidates = report_data["commits"] + if existing_candidates: + # check if it's a false positive (it matched a strong rule) + strong_matched_rules = [ + rule["id"] + for rule in report_data["commits"][0]["matched_rules"] + if rule["id"] in STRONG_RULES + ] + if strong_matched_rules: + results["false_positive"].append(cve_id) + return + # otherwise, there are no candidates or it's not a false positive + results["not_reported"].append(cve_id) + return + + # Fixing commit is among the candidates of the report + if len(true_fixing_commits_in_report) >= 0: + for i, commit in enumerate(report_data["commits"]): + # Get candidates and twins that are fixing commits + candidate_and_twins = _get_candidate_and_twins_ids(commit) + candidates_in_fixing_commits = _list_intersection( + candidate_and_twins, true_fixing_commits + ) + + # First candidate is one of the fixing commits + if i <= NUM_TOP_COMMITS and candidates_in_fixing_commits: + matched_rules = [rule["id"] for rule in commit["matched_rules"]] + strong_matched_rules = list( + set(STRONG_RULES).intersection(set(matched_rules)) + ) + # increase count at high, but only count once here + if len(strong_matched_rules) > 0: + results["high"].append(cve_id) + + for strong_matched_rule in strong_matched_rules: + results[strong_matched_rule].append(cve_id) + return + + if i <= NUM_TOP_COMMITS and candidates_in_fixing_commits: + # if i <= 0 and candidates_in_fixing_commits: + # check for weak rules + weak_matched_rules = set(matched_rules).intersection(WEAK_RULES) + if weak_matched_rules: + results["medium"].append(cve_id) + return + + # Fixing commit among the first 10 (low confidence) + if i > 0 and i < 10 and candidates_in_fixing_commits: + results["low"].append(cve_id) + return + + # Commit not among the first 10 (not found) + if i >= 10: + results["not_found"].append(cve_id) + return + + logger.info(f"This shouldn't happen {cve_id}") + + +def _get_true_fixing_commits_in_report( + report_data, + fixing_commits: List[str], +): + """Return the list of true fixing commits mentioned in the Prospector + report. Also takes twins into consideration. + """ + ranked_candidates = [] + for commit in report_data["commits"]: + ranked_candidates.append(commit["commit_id"]) + if "twins" in commit: + ranked_candidates.extend([twin[1] for twin in commit["twins"]]) + + true_fixing_commits_in_report = [ + commit for commit in ranked_candidates if commit in fixing_commits + ] + + return true_fixing_commits_in_report + + +def _get_candidate_and_twins_ids(commit): + """Combines the candidate's and its twins (if present) IDs into one list + and returns it.""" + ids = [commit["commit_id"]] + if "twins" in commit: + ids.extend([twin[1] for twin in commit["twins"]]) + + return ids + + +def _list_intersection(list1, list2): + """Returns the common elements of two lists.""" + return list(set(list1) & set(list2)) + + +def _save_summary_execution_details( + results: dict, reports_not_found: list +) -> str: + """Saves the detailed content (including the list of CVEs for each category + of the summary execution table to a JSON file. + + Returns: + The filepath where the details were saved to. + """ + batch_name = os.path.basename( + os.path.normpath(PROSPECTOR_REPORTS_PATH_HOST) + ) + detailed_results_output_path = ( + f"{ANALYSIS_RESULTS_PATH}summary_execution_{batch_name}.json" + ) + printout = { + "timestamp": datetime.now().strftime("%d-%m-%Y, %H:%M"), + "results": results, + # "missing": reports_not_found, + } + printout["results"]["missing"] = reports_not_found + try: + with open(detailed_results_output_path, "r") as f: + existing_data = json.load(f) + except (FileNotFoundError, json.JSONDecodeError): + existing_data = {"summary_execution_details": []} + + existing_data["summary_execution_details"].append(printout) + + save_dict_to_json(existing_data, detailed_results_output_path) + return detailed_results_output_path + + +def count_existing_reports(data_filepath): + """Prints which CVEs reports are missing for given the ground truth dataset + to the console.""" + file = INPUT_DATA_PATH + data_filepath + ".csv" + dataset = load_dataset(file) + + missing_reports = [] + generated_reports = [] + + print(f"Counting reports in {PROSPECTOR_REPORTS_PATH_HOST}") + + for record in dataset: + cve_id = record[0] + + if os.path.isfile(f"{PROSPECTOR_REPORTS_PATH_HOST}/{cve_id}.json"): + generated_reports.append(cve_id) + else: + missing_reports.append(cve_id) + + print( + f"There are {len(dataset) - len(missing_reports)} reports. Reports are missing for {len(missing_reports)} CVEs: {missing_reports}" + ) + + # print(*generated_reports, sep=",") + + +def analyse_category_flows(): + """Analyse which CVEs changed category in different executions given two + JSON files with the detailed summary execution results. + + The detailed summary execution results are created when executing + `analyse_prospector_reports`. Uses the last entry in these files. + + Saves the output to `summary_execution/flow-analysis.json`. + """ + summary_execution_file = ( + ANALYSIS_RESULTS_PATH + + "summary_execution_" + + PROSPECTOR_REPORTS_PATH_HOST.split("/")[-2] + + ".json" + ) + summary_execution_comparison_file = ( + ANALYSIS_RESULTS_PATH + + "summary_execution_" + + COMPARISON_DIRECTORY.split("/")[-2] + + ".json" + ) + + data1 = load_json_file(summary_execution_file) + data2 = load_json_file(summary_execution_comparison_file) + print( + f"Comparing {PROSPECTOR_REPORTS_PATH_HOST} with {COMPARISON_DIRECTORY}" + ) + + # Get the results from both files + results1 = data1["summary_execution_details"][0]["results"] + results2 = data2["summary_execution_details"][0]["results"] + + transitions, adjustments = _process_cve_transitions(results1, results2) + + # Create the final output structure + output_data = { + "transitions": [{k: v} for k, v in transitions.items()], + "category_adjustments": {k: v for k, v in adjustments.items()}, + } + + save_dict_to_json( + output_data, + f"{ANALYSIS_RESULTS_PATH}summary_execution_flow-analysis.json", + ) + + +def _process_cve_transitions(results1, results2): + transitions = defaultdict(list) + adjustments = defaultdict(int) + categories = [ + "high", + "medium", + "low", + "not_found", + "not_reported", + "false_positive", + # "missing", + ] + + for cat1 in categories: + for cat2 in categories: + if cat1 == cat2: + continue + + cves_moving = set(results1[cat1]) & set(results2[cat2]) + for cve in cves_moving: + if cat1 != "missing" and cat2 != "missing": + report1 = load_json_file( + f"{PROSPECTOR_REPORTS_PATH_HOST}/{cve}.json" + ) + report2 = load_json_file( + f"{COMPARISON_DIRECTORY}/{cve}.json" + ) + # is the first commit different? + if ( + len(report1["commits"]) > 0 + and len(report2["commits"]) > 0 + ): + first_commit_same = ( + report1["commits"][0]["commit_id"] + == report2["commits"][0]["commit_id"] + ) + cve_info = { + "different first commit": not first_commit_same + } + else: + cve_info = {"different first commit": False} + + different_refs = _compare_references( + report1["advisory_record"]["references"], + report2["advisory_record"]["references"], + ) + + # cve_info = {"different references": different_refs} + cve_info["different references"] = different_refs + + # If references are the same, check commits + if not different_refs: + different_keywords = _compare_keywords( + report1["advisory_record"]["keywords"], + report2["advisory_record"]["keywords"], + ) + + cve_info["different keywords"] = different_keywords + + if not different_keywords: + commits1 = [ + commit["commit_id"] + for commit in report1["commits"] + ] + commits2 = [ + commit["commit_id"] + for commit in report2["commits"] + ] + same_commits_diff_order = _compare_commits( + commits1, commits2 + ) + cve_info["same commits, ordered differently"] = ( + same_commits_diff_order + ) + + if not same_commits_diff_order: + relevance_sum1 = _sum_relevance( + report1["commits"] + ) + relevance_sum2 = _sum_relevance( + report2["commits"] + ) + cve_info["same relevance sum"] = ( + relevance_sum1 == relevance_sum2 + ) + + transitions[f"{cat1} to {cat2}"].append({cve: cve_info}) + adjustments[cat1] -= 1 + adjustments[cat2] += 1 + + return transitions, adjustments + + +def _sum_relevance(commits): + # Calculate the sum of relevance for rules in the first 10 commits + relevance_sum = 0 + for commit in commits[:10]: + relevance_sum += sum( + rule["relevance"] for rule in commit["matched_rules"] + ) + return relevance_sum + + +def _compare_references(refs1, refs2): + return refs1 != refs2 + + +def _compare_keywords(keyws1, keyws2): + return set(keyws1) != set(keyws2) + + +def _compare_commits(commits1, commits2): + # Check if the two lists of commits contain the same elements, but possibly in different order + return sorted(commits1) == sorted(commits2) and commits1 != commits2 + + +def generate_checkmarks_table(input_dataset: str, selected_cves): + """ + Generates a table containing matched rules for each fixing commit in the generated reports. The table also contains the total overall execution time and the total LLM execution time. + + Args: + json_folder (str): The path to the folder containing the JSON reports. + output_file (str): The path to the output LaTeX file. + + Returns: + None + """ + # Define the list of all rules + all_rules = [ + "VULN_ID_IN_MESSAGE", + "XREF_BUG", + "XREF_GH", + "COMMIT_IN_REFERENCE", + "COMMIT_IS_SECURITY_RELEVANT", + "VULN_ID_IN_LINKED_ISSUE", + "CHANGES_RELEVANT_FILES", + "CHANGES_RELEVANT_CODE", + "RELEVANT_WORDS_IN_MESSAGE", + "ADV_KEYWORDS_IN_FILES", + "ADV_KEYWORDS_IN_MSG", + "SEC_KEYWORDS_IN_MESSAGE", + "SEC_KEYWORDS_IN_LINKED_GH", + "SEC_KEYWORDS_IN_LINKED_BUG", + "GITHUB_ISSUE_IN_MESSAGE", + "BUG_IN_MESSAGE", + "COMMIT_HAS_TWINS", + ] + + # Start the LaTeX table + latex_column_titles = [rule.replace("_", "\\_") for rule in all_rules] + latex_content = ( + """\\begin{longtabu} to \\textwidth { c | """ + + " | ".join(["c" for _ in all_rules]) + + """ | c | c } +\\caption{Matched rules for each fixing commit}\\\\ + \\toprule + & """ + + " & ".join([f"\\rot{{{rule}}}" for rule in latex_column_titles]) + + """ & \\rot{Total Execution Time} & \\rot{LLM Execution Time} \\\\ \\midrule + """ + ) + + # Go through every CVE-ID + fixing commit pair in the input dataset: + file = INPUT_DATA_PATH + input_dataset + ".csv" + dataset = load_dataset(file) + + if selected_cves != "all" and len(selected_cves) != 0: + dataset = [c for c in dataset if c[0] in selected_cves] + + for record in tqdm(dataset, total=len(dataset), desc="Analysing Records"): + cve_id = record[0] + fixing_commits = record[4].split(",") + + # Open the report file, and get + # - the fixing candidate's matched rules + # - the overall execution time + # - the sum of the LLM execution times + try: + with open(f"{PROSPECTOR_REPORTS_PATH_HOST}/{cve_id}.json") as file: + report = json.load(file) + + except FileNotFoundError: + logger.debug(f"Couldn't find report for {cve_id}") + continue + + except Exception as e: + logger.info(f"Error occured for {cve_id}: {e}") + continue + + matched_rules = [] + # filter commits and calculate their total relevance + relevant_commits = [ + { + "commit_id": commit["commit_id"], + "total_relevance": _calculate_total_relevance(commit), + "matched_rules": commit["matched_rules"], + } + for commit in report["commits"] + if commit["commit_id"] in fixing_commits + ] + + if relevant_commits: + fixing_candidate = max( + relevant_commits, key=lambda x: x["total_relevance"] + ) + + matched_rules = [ + rule["id"] for rule in fixing_candidate.get("matched_rules") + ] + + else: + # Don't save? + print(f"Did not add {cve_id}.json to the table.") + continue + + overall_exectime = round( + report["processing_statistics"]["core"]["execution time"][0], 2 + ) + llm_exectime = round( + sum( + report["processing_statistics"]["LLM"]["commit_classification"][ + "execution time" + ] + ), + 2, + ) + + # Initialise a row with the CVE ID + row = [cve_id] + + rule_checks = {rule: "" for rule in all_rules} + for r in matched_rules: + rule_checks[r] = "\checkmark" # noqa: W605 + + row.extend([rule_checks[r] for r in all_rules]) + row.extend([str(overall_exectime), str(llm_exectime)]) + + # Add the row to the latex content + latex_content += " & ".join(row) + "\\\\ \\midrule \n" + + # End latex table + latex_content += "\\bottomrule\n\\end{longtabu}" + + # Write the content to the output file + with open( + ANALYSIS_RESULTS_PATH + "summary_execution_checkmarks_table.tex", "w" + ) as file: + file.writelines(latex_content) + + +def _calculate_total_relevance(commit): + return sum(rule["relevance"] for rule in commit["matched_rules"]) + + +def generate_sankey_diagram(file1: str, file2: str, file3: str): + # Load JSON data + summary_execution_file_1 = ( + ANALYSIS_RESULTS_PATH + "summary_execution_" + file1 + ".json" + ) + summary_execution_file_2 = ( + ANALYSIS_RESULTS_PATH + "summary_execution_" + file2 + ".json" + ) + summary_execution_file_3 = ( + ANALYSIS_RESULTS_PATH + "summary_execution_" + file3 + ".json" + ) + + summary1 = load_json_file(summary_execution_file_1) + summary2 = load_json_file(summary_execution_file_2) + summary3 = load_json_file(summary_execution_file_3) + + print( + f"Comparing {summary_execution_file_1}, {summary_execution_file_2}, and {summary_execution_file_3}" + ) + + # Ignore sub categories of "high" + categories_to_include = [ + "high", + "medium", + "low", + "not_found", + "not_reported", + "false_positive", + "aborted", + "missing", + ] + # Extract results from both files + results1 = summary1["summary_execution_details"][-1]["results"] + results2 = summary2["summary_execution_details"][-1]["results"] + results3 = summary3["summary_execution_details"][-1]["results"] + + # Filter results to include only specified categories + results1 = {k: v for k, v in results1.items() if k in categories_to_include} + results2 = {k: v for k, v in results2.items() if k in categories_to_include} + results3 = {k: v for k, v in results3.items() if k in categories_to_include} + + # Create a mapping of CVEs to their categories for both files + cve_categories1 = { + cve: category for category, cves in results1.items() for cve in cves + } + cve_categories2 = { + cve: category for category, cves in results2.items() for cve in cves + } + cve_categories3 = { + cve: category for category, cves in results3.items() for cve in cves + } + + # Get all unique CVEs and categories + all_cves = set(cve_categories1.keys()) + + # Create node labels + node_labels = categories_to_include * 3 + + # Create source, target, and value lists for Sankey diagram + source = [] + target = [] + value = [] + link_colours = [] + + # Count movements between categories + movements12 = defaultdict(int) + movements23 = defaultdict(int) + for cve in all_cves: + cat1 = cve_categories1.get(cve, None) + cat2 = cve_categories2.get(cve, None) + cat3 = cve_categories3.get(cve, None) + if not cat1 or not cat2 or not cat3: + print(f"No category for {cve}") + continue + movements12[(cat1, cat2)] += 1 + movements23[(cat2, cat3)] += 1 + + # Assign colors to categories + category_colors = { + "high": "steelblue", + "medium": "dodgerblue", + "low": "cornflowerblue", + "not_found": "teal", + "not_reported": "cadetblue", + "false_positive": "lightgreen", + "aborted": "palegreen", + "missing": "gray", + } + + # Create node colors + node_colors = [category_colors[cat] for cat in categories_to_include] * 3 + + # Convert movements to source, target, and value lists + category_to_index = {cat: i for i, cat in enumerate(categories_to_include)} + + # First half, movements from file1 to file2 + for (cat1, cat2), count in movements12.items(): + source.append(category_to_index[cat1]) + target.append(category_to_index[cat2] + len(categories_to_include)) + value.append(count) + if cat1 == cat2: + link_colours.append("lightgray") + else: + link_colours.append(category_colors[cat1]) + + # Second half: Movements from file2 to file3 + for (cat2, cat3), count in movements23.items(): + source.append(category_to_index[cat2] + len(categories_to_include)) + target.append(category_to_index[cat3] + 2 * len(categories_to_include)) + value.append(count) + if cat2 == cat3: + link_colours.append("lightgray") + else: + link_colours.append(category_colors[cat2]) + + # Create the Sankey diagram + fig = go.Figure( + data=[ + go.Sankey( + node=dict( + pad=15, + thickness=20, + line=dict(color="black", width=0.5), + label=node_labels, + color=node_colors, + ), + link=dict( + source=source, + target=target, + value=value, + color=link_colours, + ), + ) + ] + ) + + fig.update_layout( + title_text=f"CVE Category Changes between {file1}, {file2}, and {file3}", + font_size=14, + width=1200, + height=800, + ) + + output_file = ANALYSIS_RESULTS_PATH + f"sankey-{file1}-{file2}-{file3}.png" + # Save as PNG + write_image(fig, output_file) + print(f"Sankey diagram saved to {output_file}") diff --git a/prospector/evaluation/analyse_statistics.py b/prospector/evaluation/analyse_statistics.py new file mode 100644 index 000000000..edfc566cd --- /dev/null +++ b/prospector/evaluation/analyse_statistics.py @@ -0,0 +1,366 @@ +from datetime import datetime +import json +import pandas as pd +import matplotlib.pyplot as plt +import seaborn as sns +from typing import Tuple +from evaluation.utils import ( + ANALYSIS_RESULTS_PATH, + INPUT_DATA_PATH, + PROSPECTOR_REPORTS_PATH_HOST, + load_dataset, + load_json_file, +) + + +def analyse_statistics(filename: str): # noqa: C901 + """Analyses the Statistics field in each Prospector report of the CVEs contained in `filename`. + + Args: + filename (str): The input CSV file containing CVE information with the following columns: + # ID;URL;VERSIONS;FLAG;COMMITS;COMMENTS + This file must be present in the INPUT_DATA_PATH folder. + + Prints: + The average time taken for getting the repository URL, for applying the commit classification + one single time and for applying the commit classification for all X commits. + """ + file = INPUT_DATA_PATH + filename + ".csv" + dataset = load_dataset(file) + + missing, files_with_no_commits = [], [] + skipped = 0 + + repo_times, cc_times, total_cc_times = [], [], [] + + # For each CSV in the input dataset, check its report + for itm in dataset: + # Each itm has ID;URL;VERSIONS;FLAG;COMMITS;COMMENTS + filepath = PROSPECTOR_REPORTS_PATH_HOST + f"{itm[0]}.json" + try: + repo_time, avg_cc_time, total_cc_time = _process_llm_statistics( + filepath + ) + + repo_times.append(repo_time) + cc_times.append(avg_cc_time) + total_cc_times.append(total_cc_time) + + except FileNotFoundError: + # print(f"Skipped {itm[0]}.json because file could not be found.") # Sanity Check + missing.append(itm[0]) + skipped += 1 + + except ValueError: + print(f"Skipped {itm[0]}.json.") + files_with_no_commits.append(itm[0]) + skipped += 1 + + finally: + continue + + avg_repo_time = sum(repo_times) / len(repo_times) + avg_cc_time = sum(cc_times) / len(cc_times) + avg_total_cc_time = sum(total_cc_times) / len(total_cc_times) + + execution_data = { + "timestamp": datetime.now().strftime("%H:%M:%S"), + "total_files_found": len(repo_times), + "missing_reports": len(missing), + "skipped_reports": skipped, + "timings": { + "avg_time_repo_url": avg_repo_time, + "avg_time_commit_classification_single": avg_cc_time, + "avg_time_commit_classification_all": avg_total_cc_time, + }, + } + + # Load existing data or create new structure + try: + with open(ANALYSIS_RESULTS_PATH + "llm_stats.json", "r") as f: + data = json.load(f) + except FileNotFoundError: + data = {"executions": []} + + # Add the new execution data + data["executions"].append(execution_data) + + # Save the updated data + with open(ANALYSIS_RESULTS_PATH + "llm_stats.json", "w") as f: + json.dump(data, f, indent=2) + + +def _process_llm_statistics(filepath: str) -> Tuple[float, float, float]: + """Extracts the LLM statistics saved in Prospector's JSON report. + + Params: + filepath (str): The filepath to the Prospector report in JSON format. + + Returns: + Tuple[float, float, float]: (time for getting repository URL, avg. + time for one commit classification, sum of all commit classification times) + """ + with open(filepath, "r") as file: + data = json.load(file) + + try: + llm_stats = data["processing_statistics"]["LLM"] + + total_cc_time = sum( + llm_stats["commit_classification"]["execution time"] + ) + + avg_cc_time = total_cc_time / len( + llm_stats["commit_classification"]["execution time"] + ) + + # time_for_repo_url = llm_stats["repository_url"]["execution time"][0] + + return ( + # llm_stats["repository_url"]["execution time"][0], + 0, + avg_cc_time, + total_cc_time, + ) + + except Exception as e: + print(f"Did not have expected JSON fields: {filepath}: {e}") + raise ValueError + + +def _get_cc_num_commits(filepath): + """Returns how many commits the commit classification rule was applied to.""" + with open(filepath, "r") as file: + data = json.load(file) + + num = len( + data["processing_statistics"]["LLM"]["commit_classification"][ + "execution time" + ] + ) + + return num + + +def overall_execution_time(input_file: str): + """Create a violin plot with separate box plots to compare the overall execution time across three + categories of reports.""" + data = [] + file = f"{INPUT_DATA_PATH}{input_file}.csv" + dataset = load_dataset(file) + dataset = dataset[:100] # Consider using the full dataset if possible + directories = { + "No Database": "../../../data/no_db_prospector_reports/mvi_with_llm", + "New Database": "../../../data/new_db_prospector_reports/mvi_with_llm", + "Prepared Database": "../../../data/prospector_reports/mvi_with_llm", + } + for batch, path in directories.items(): + for record in dataset: + try: + with open(f"{path}/{record[0]}.json", "r") as file: + report = json.load(file) + core_execution_time = report["processing_statistics"][ + "core" + ]["execution time"][0] + data.append( + { + "set": batch, + "core_execution_time": core_execution_time, + } + ) + except FileNotFoundError: + continue + + df = pd.DataFrame(data) + + # Create a figure with two subplots + fig, (ax1, ax2, ax3) = plt.subplots( + 3, 1, figsize=(12, 15), height_ratios=[2, 1, 1] + ) + fig.suptitle("Overall Execution Time Comparison", fontsize=16) + + # Violin plot with swarm plot + sns.violinplot( + x="set", + y="core_execution_time", + data=df, + ax=ax1, + cut=0, + scale="width", + width=0.8, + ) + sns.swarmplot( + x="set", y="core_execution_time", data=df, color=".25", size=3, ax=ax1 + ) + ax1.set_yscale("log") + ax1.set_ylabel("Execution Time (s) - Log Scale") + + # Box plot + sns.boxplot(x="set", y="core_execution_time", data=df, ax=ax2, width=0.6) + ax2.set_yscale("log") + ax2.set_ylabel("Execution Time (s) - Log Scale") + + # Plot focusing on lower range (up to 95th percentile) + percentile_95 = df["core_execution_time"].quantile(0.95) + df_lower = df[df["core_execution_time"] <= percentile_95] + sns.boxplot( + x="set", y="core_execution_time", data=df_lower, ax=ax3, width=0.6 + ) + ax3.set_ylabel("Execution Time (s) - 95th Percentile") + + for ax in [ax1, ax2, ax3]: + ax.set_xlabel("Report Set") + + plt.tight_layout() + plt.savefig(f"{ANALYSIS_RESULTS_PATH}plots/execution_time_analysis.png") + plt.close() + + # Print summary statistics + print(df.groupby("set")["core_execution_time"].describe()) + + # Additional analysis: print median and interquartile range + for batch in df["set"].unique(): + batch_data = df[df["set"] == batch]["core_execution_time"] + median = batch_data.median() + q1, q3 = batch_data.quantile([0.25, 0.75]) + iqr = q3 - q1 + print(f"\n{batch}:") + print(f"Median: {median:.2f}") + print(f"Interquartile Range: {iqr:.2f}") + + +def commit_classification_time(input_file: str): + """Create a boxplot to compare the time used for commit classification + across both categories of reports with LLM usage.""" + data = [] + + file = f"{INPUT_DATA_PATH}{input_file}.csv" + dataset = load_dataset(file) + dataset = dataset[:100] + + directories = { + "NVI": "evaluation/data/reports_with_llm", + "MVI": "evaluation/data/reports_with_llm_mvi", + } + + for batch, path in directories.items(): + for record in dataset: + try: + report = load_json_file(f"{path}/{record[0]}.json") + if ( + "commit_classification" + not in report["processing_statistics"]["LLM"] + ): + print(f"No cc stats for {path}/{record[0]}.json") + continue + cc_times = report["processing_statistics"]["LLM"][ + "commit_classification" + ]["execution time"] + data.append( + { + "set": batch, + "core_execution_time": sum(cc_times), + } + ) + except FileNotFoundError: + continue + + df = pd.DataFrame(data) + + # Create the plot + plt.figure(figsize=(10, 6)) + + # Create boxplot with logarithmic scale + sns.boxplot(x="set", y="core_execution_time", data=df, showfliers=False) + + # Add individual points + sns.stripplot( + x="set", + y="core_execution_time", + data=df, + color=".3", + size=4, + jitter=True, + alpha=0.5, + ) + + # Set logarithmic scale for y-axis + plt.yscale("log") + + # Customize the plot + plt.title("Commit Classification Time Comparison") + plt.xlabel("Report Set") + plt.ylabel("Execution Time (s)") + + # Add grid for better readability + plt.grid(True, which="both", ls="-", alpha=0.2) + + # Tight layout to prevent cutting off labels + plt.tight_layout() + + # Save the figure + plt.savefig( + f"{ANALYSIS_RESULTS_PATH}plots/commit-classification-time.png", dpi=300 + ) + plt.close() + + +def candidates_execution_time(input_file: str): + """Creates a plot to see the relationship between number of candidates and + time needed for the execution.""" + data = { + "cve_id": [], + "execution_times": [], + "num_candidates": [], + } + + file = f"{INPUT_DATA_PATH}{input_file}.csv" + dataset = load_dataset(file) + # dataset = dataset[:100] + + directories = { + # "NVI": "evaluation/data/reports_without_llm_mvi", + "MVI": "../../../data/new_db_prospector_reports/mvi_with_llm_reports", + } + + for batch, path in directories.items(): + for record in dataset: + try: + if record[0] == "CVE-2020-8134": + continue + report = load_json_file(f"{path}/{record[0]}.json") + exec_time = report["processing_statistics"]["core"][ + "execution time" + ][0] + cands = report["processing_statistics"]["core"]["candidates"] + + except Exception as e: + print(f"Did not process {record[0]} because of {e}") + continue + + data["cve_id"].append(record[0]) + data["execution_times"].append(exec_time) + data["num_candidates"].append(cands) + + # Create the plot + plt.figure(figsize=(10, 6)) + + df = pd.DataFrame.from_dict(data) + print(df) + sns.jointplot(x="execution_times", y="num_candidates", data=df, kind="reg") + + # Save the figure + plt.savefig( + f"{ANALYSIS_RESULTS_PATH}plots/correlation-time-num-candidates.png", + dpi=300, + ) + plt.close() + + # Histogram for the number of candidates + plt.figure(figsize=(10, 6)) + plt.hist(df["num_candidates"], bins=30, edgecolor="black") + plt.title("Distribution of Number of Candidates") + plt.xlabel("Number of Candidates") + plt.ylabel("Frequency") + plt.savefig(f"{ANALYSIS_RESULTS_PATH}plots/candidates-distribution.png") + plt.close() diff --git a/prospector/evaluation/config-sample.yaml b/prospector/evaluation/config-sample.yaml new file mode 100644 index 000000000..471dea745 --- /dev/null +++ b/prospector/evaluation/config-sample.yaml @@ -0,0 +1,72 @@ +# Debug Level +debug_level: INFO + +# Input Data +input_data_path: evaluation/data/input/ # datasets to run prospector on (CSV: ID;URL;VERSIONS;FLAG;COMMITS;COMMENTS) + +# directory to where the batches of reports are to be found +reports_directory: ../../../data/prospector_reports/ +# filename of the ground truth dataset file +input: tracer + +# Prospector Batch Selection +version_interval: true +llm_support: true +batch: regular # regular, old_code, old_reports +cves: all # optionally select a subset of CVEs, eg. CVE-2020-1925 to only execute on this CVE + +# compare reports selected above to +compare_directory: ../../../data/prospector_reports/nvi_with_llm/ + +# Prospector settings (from the Prospector config.yaml) +prospector_settings: + # Maximum number of commits to process + max_candidates: 2000 + + # Whether to use a backend or not: "always", "never", "optional" + use_backend: never + + # backend: http://backend:8000 + backend: http://localhost:8000 + + database: + user: postgres + password: example + host: db # Database address; when in containerised version, use 'db', otherwise 'localhost' + port: 5432 + dbname: postgres + + redis_url: redis://localhost:6379/0 + + # LLM Usage (check README for help) + llm_service: + type: sap # sap or third_party + model_name: gpt-4 # gpt-4 or mistral-large-latest + temperature: 0.0 # optional, default is 0.0 + ai_core_sk: sk.json + + # LLM support options (check README for help) + use_llm_repository_url: True # True in order to instantiate the Singleton, but the URL will be passed in the evaluation + + enabled_rules: + # Phase 1 Rules + - VULN_ID_IN_MESSAGE + - XREF_BUG + - XREF_GH + - COMMIT_IN_REFERENCE + - VULN_ID_IN_LINKED_ISSUE + - CHANGES_RELEVANT_FILES + - CHANGES_RELEVANT_CODE + - RELEVANT_WORDS_IN_MESSAGE + - ADV_KEYWORDS_IN_FILES + - ADV_KEYWORDS_IN_MSG + - SEC_KEYWORDS_IN_MESSAGE + - SEC_KEYWORDS_IN_LINKED_GH + - SEC_KEYWORDS_IN_LINKED_BUG + - GITHUB_ISSUE_IN_MESSAGE + - BUG_IN_MESSAGE + - COMMIT_HAS_TWINS + # Phase 2 Rules (llm_service required!): + - COMMIT_IS_SECURITY_RELEVANT + + git_cache: /tmp/gitcache # When running Prospector containerised \ No newline at end of file diff --git a/prospector/evaluation/data/results/summary_execution_checkmarks_table.tex b/prospector/evaluation/data/results/summary_execution_checkmarks_table.tex new file mode 100644 index 000000000..e6c87ad4e --- /dev/null +++ b/prospector/evaluation/data/results/summary_execution_checkmarks_table.tex @@ -0,0 +1,568 @@ +\begin{longtabu} to \textwidth { c | c | c | c | c | c | c | c | c | c | c | c | c | c | c | c | c | c | c | c } +\caption{Matched rules for each fixing commit}\\ + \toprule + & \rot{VULN\_ID\_IN\_MESSAGE} & \rot{XREF\_BUG} & \rot{XREF\_GH} & \rot{COMMIT\_IN\_REFERENCE} & \rot{COMMIT\_IS\_SECURITY\_RELEVANT} & \rot{VULN\_ID\_IN\_LINKED\_ISSUE} & \rot{CHANGES\_RELEVANT\_FILES} & \rot{CHANGES\_RELEVANT\_CODE} & \rot{RELEVANT\_WORDS\_IN\_MESSAGE} & \rot{ADV\_KEYWORDS\_IN\_FILES} & \rot{ADV\_KEYWORDS\_IN\_MSG} & \rot{SEC\_KEYWORDS\_IN\_MESSAGE} & \rot{SEC\_KEYWORDS\_IN\_LINKED\_GH} & \rot{SEC\_KEYWORDS\_IN\_LINKED\_BUG} & \rot{GITHUB\_ISSUE\_IN\_MESSAGE} & \rot{BUG\_IN\_MESSAGE} & \rot{COMMIT\_HAS\_TWINS} & \rot{Total Execution Time} & \rot{LLM Execution Time} \\ \midrule + CVE-2010-5312 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & \checkmark & & & 7.71 & 0.15\\ \midrule +CVE-2011-1950 & & & & & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & \checkmark & & & 24.3 & 21.09\\ \midrule +CVE-2011-2765 & & & & \checkmark & \checkmark & & & & & \checkmark & \checkmark & \checkmark & & & \checkmark & & & 3.9 & 0.12\\ \midrule +CVE-2011-3186 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & & 7.05 & 0.16\\ \midrule +CVE-2011-3923 & & & & & \checkmark & & & & & & \checkmark & \checkmark & & & & & & 26.98 & 23.07\\ \midrule +CVE-2011-4030 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & & 3.92 & 0.13\\ \midrule +CVE-2011-4461 & & & & \checkmark & \checkmark & & & & & & \checkmark & \checkmark & & & & & & 4.05 & 0.17\\ \midrule +CVE-2012-1109 & & & & \checkmark & & & & & & & \checkmark & & & & \checkmark & & & 2.05 & 0.13\\ \midrule +CVE-2012-1176 & & & \checkmark & \checkmark & \checkmark & & & \checkmark & \checkmark & & \checkmark & & & & \checkmark & & & 15.12 & 0.08\\ \midrule +CVE-2012-2417 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & \checkmark & & & 9.48 & 0.58\\ \midrule +CVE-2012-3366 & & & & \checkmark & \checkmark & & & & & \checkmark & \checkmark & \checkmark & & & & & & 4.92 & 0.49\\ \midrule +CVE-2012-3408 & & & & \checkmark & \checkmark & & \checkmark & & & \checkmark & & & & & & & & 2.82 & 0.16\\ \midrule +CVE-2012-3458 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & & & & & & 3.45 & 0.17\\ \midrule +CVE-2012-3536 & & & & & \checkmark & & & & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & 20.36 & 17.69\\ \midrule +CVE-2012-5812 & & & & & \checkmark & & & \checkmark & \checkmark & & \checkmark & & & & & & & 1.76 & 0.17\\ \midrule +CVE-2012-6550 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & 2.19 & 0.18\\ \midrule +CVE-2013-0256 & \checkmark & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & 4.2 & 0.3\\ \midrule +CVE-2013-0294 & & & & \checkmark & \checkmark & & \checkmark & & & & & & & & & & & 8.21 & 0.02\\ \midrule +CVE-2013-1607 & & & & & \checkmark & & & & & & & & & & & & & 2.29 & 0.16\\ \midrule +CVE-2013-1800 & & & & \checkmark & \checkmark & & & \checkmark & & & \checkmark & & & & & & & 3.73 & 0.05\\ \midrule +CVE-2013-1801 & & & & \checkmark & \checkmark & & & \checkmark & & & \checkmark & \checkmark & & & & & & 2.42 & 0.17\\ \midrule +CVE-2013-1879 & & \checkmark & & & \checkmark & & \checkmark & & & \checkmark & \checkmark & \checkmark & & \checkmark & & \checkmark & & 7.22 & 4.67\\ \midrule +CVE-2013-1880 & & \checkmark & & & \checkmark & & \checkmark & & & \checkmark & \checkmark & \checkmark & & \checkmark & & \checkmark & & 24.23 & 20.83\\ \midrule +CVE-2013-2013 & & & & \checkmark & \checkmark & & & & & & \checkmark & \checkmark & & & \checkmark & & & 4.07 & 0.16\\ \midrule +CVE-2013-2035 & & & & \checkmark & & & \checkmark & \checkmark & & \checkmark & & & & & & & & 3.21 & 0.08\\ \midrule +CVE-2013-2191 & \checkmark & & & \checkmark & \checkmark & & & & \checkmark & & \checkmark & & & & & & & 4.48 & 0.17\\ \midrule +CVE-2013-3300 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & \checkmark & 1.74 & 0.16\\ \midrule +CVE-2013-3567 & & & & & & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & \checkmark & & \checkmark & 29.82 & 14.57\\ \midrule +CVE-2013-4111 & & & & & \checkmark & & & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & & 17.94 & 5.04\\ \midrule +CVE-2013-4116 & & & \checkmark & \checkmark & \checkmark & & & & & & \checkmark & & \checkmark & & \checkmark & & & 13.95 & 0.16\\ \midrule +CVE-2013-4316 & & & & & \checkmark & & & & & \checkmark & & & & & & & & 21.61 & 18.05\\ \midrule +CVE-2013-4413 & & & & \checkmark & \checkmark & & \checkmark & & & \checkmark & \checkmark & \checkmark & & & \checkmark & & & 1.6 & 0.15\\ \midrule +CVE-2013-4562 & & & & \checkmark & \checkmark & & & & \checkmark & & \checkmark & & & & & & & 1.7 & 0.15\\ \midrule +CVE-2013-4701 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & & 3.71 & 0.05\\ \midrule +CVE-2013-6465 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & \checkmark & 2.67 & 0.17\\ \midrule +CVE-2013-7378 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & & \checkmark & & & & & & & 1.62 & 0.16\\ \midrule +CVE-2013-7459 & & & & \checkmark & \checkmark & & & \checkmark & & & \checkmark & & & & & & & 8.92 & 0.15\\ \midrule +CVE-2014-0072 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & & \checkmark & & & & & & & 2.48 & 0.23\\ \midrule +CVE-2014-0073 & & & & \checkmark & \checkmark & & \checkmark & & & \checkmark & \checkmark & & & & & & & 2.1 & 0.24\\ \midrule +CVE-2014-0120 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & & 2.14 & 0.18\\ \midrule +CVE-2014-0121 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & & & & & & 2.34 & 0.18\\ \midrule +CVE-2014-0160 & \checkmark & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & 57.04 & 25.44\\ \midrule +CVE-2014-0177 & \checkmark & & & \checkmark & \checkmark & & \checkmark & & & & \checkmark & & & & & & & 1.58 & 0.16\\ \midrule +CVE-2014-1202 & & & & \checkmark & & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & & 2.69 & 0.16\\ \midrule +CVE-2014-1403 & \checkmark & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & & & & & & & & 1.86 & 0.05\\ \midrule +CVE-2014-1604 & & & & \checkmark & \checkmark & & \checkmark & & & \checkmark & \checkmark & & & & & & & 4.37 & 0.21\\ \midrule +CVE-2014-1904 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & & 2.6 & 0.16\\ \midrule +CVE-2014-2525 & & & & & \checkmark & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & 9.24 & 4.45\\ \midrule +CVE-2014-3250 & & & & & \checkmark & & & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & & 18.81 & 16.43\\ \midrule +CVE-2014-3488 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & & 17.29 & 0.31\\ \midrule +CVE-2014-3576 & & & & & \checkmark & & \checkmark & \checkmark & & \checkmark & & & & & & & & 17.11 & 0.34\\ \midrule +CVE-2014-3579 & & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & & & \checkmark & \checkmark & & & & & \checkmark & & 2.4 & 0.03\\ \midrule +CVE-2014-3599 & & & & \checkmark & & & & & & & \checkmark & & & & \checkmark & & & 4.52 & 0.18\\ \midrule +CVE-2014-3612 & & & & & \checkmark & \checkmark & \checkmark & \checkmark & & \checkmark & & & & & & \checkmark & \checkmark & 27.11 & 24.09\\ \midrule +CVE-2014-3741 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & \checkmark & \checkmark & & & & & & 1.41 & 0.03\\ \midrule +CVE-2014-3995 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & \checkmark & 2.23 & 0.17\\ \midrule +CVE-2014-4657 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & & & & & & & & \checkmark & 12.29 & 10.18\\ \midrule +CVE-2014-5277 & & & & & & & & & & \checkmark & & & & & & & & 21.94 & 18.45\\ \midrule +CVE-2014-6394 & & & \checkmark & \checkmark & \checkmark & & & & & & \checkmark & & & & \checkmark & & & 25.46 & 14.68\\ \midrule +CVE-2014-7143 & & & & & & & & \checkmark & & \checkmark & & & & & & & & 24.52 & 21.97\\ \midrule +CVE-2014-7189 & & & & & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & 24.35 & 20.83\\ \midrule +CVE-2014-7192 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & \checkmark & \checkmark & & & & & & 1.44 & 0.08\\ \midrule +CVE-2014-7193 & & & & \checkmark & \checkmark & & & & & & \checkmark & \checkmark & & & \checkmark & & & 1.66 & 0.18\\ \midrule +CVE-2014-7809 & & & & & \checkmark & & & & & & & & & & & & & 2.85 & 0.11\\ \midrule +CVE-2014-8115 & & & & \checkmark & & & & \checkmark & & & \checkmark & \checkmark & & & & & & 3.38 & 0.18\\ \midrule +CVE-2014-8152 & \checkmark & & & & \checkmark & & & \checkmark & & & \checkmark & & & & & & & 9.24 & 6.5\\ \midrule +CVE-2014-8681 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & & & & & & & & 1.77 & 0.16\\ \midrule +CVE-2014-8682 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & & & 1.72 & 0.17\\ \midrule +CVE-2014-9130 & & & & \checkmark & \checkmark & & \checkmark & & \checkmark & & \checkmark & & & & & & & 2.52 & 0.05\\ \midrule +CVE-2014-9489 & & & & \checkmark & \checkmark & & & \checkmark & & & & \checkmark & & & & & & 2.67 & 0.09\\ \midrule +CVE-2014-9682 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & & & & & 2.41 & 0.02\\ \midrule +CVE-2014-9721 & & & \checkmark & \checkmark & \checkmark & & & & & & \checkmark & \checkmark & & & \checkmark & & & 7.68 & 0.03\\ \midrule +CVE-2014-9970 & & & & & \checkmark & & & & & & \checkmark & & & & & & & 31.47 & 26.7\\ \midrule +CVE-2015-0250 & & & & & & & & \checkmark & & & & & & & & & & 24.93 & 18.37\\ \midrule +CVE-2015-0276 & \checkmark & & & & \checkmark & & & \checkmark & \checkmark & & \checkmark & & & & & & & 28.58 & 26.71\\ \midrule +CVE-2015-0838 & \checkmark & & & & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & & & & & & 2.98 & 0.02\\ \midrule +CVE-2015-0846 & & & & \checkmark & \checkmark & & & \checkmark & & & \checkmark & & & & & & & 1.99 & 0.17\\ \midrule +CVE-2015-1326 & \checkmark & & & \checkmark & \checkmark & & & \checkmark & & & \checkmark & \checkmark & & & \checkmark & & & 2.57 & 0.17\\ \midrule +CVE-2015-1772 & & & & & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & \checkmark & & \checkmark & & 23.19 & 17.26\\ \midrule +CVE-2015-1782 & \checkmark & & & & \checkmark & & & \checkmark & & & \checkmark & & & & & & & 18.35 & 12.59\\ \midrule +CVE-2015-1838 & & & & \checkmark & & & \checkmark & & \checkmark & \checkmark & & & & & & & \checkmark & 12.22 & 0.17\\ \midrule +CVE-2015-3206 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & & & & & & & & & 14.52 & 0.07\\ \midrule +CVE-2015-3220 & & & & \checkmark & \checkmark & & & & & & & & & & & & & 12.76 & 0.16\\ \midrule +CVE-2015-3627 & & & & & & & & & & & \checkmark & & & & & & & 2.87 & 0.17\\ \midrule +CVE-2015-4082 & & & \checkmark & \checkmark & \checkmark & & & & & & \checkmark & & & & \checkmark & & & 2.17 & 0.13\\ \midrule +CVE-2015-4410 & & & & \checkmark & & & & \checkmark & & & & & & & & & & 12.23 & 9.38\\ \midrule +CVE-2015-4412 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & & & & & 15.03 & 12.49\\ \midrule +CVE-2015-4619 & & & & \checkmark & \checkmark & & & & & \checkmark & \checkmark & & & & & & & 17.49 & 16.07\\ \midrule +CVE-2015-5081 & & & & \checkmark & \checkmark & & & & & & \checkmark & & & & \checkmark & & & 3.2 & 0.17\\ \midrule +CVE-2015-5147 & & & & \checkmark & & & & & & & & & & & & & & 14.0 & 11.59\\ \midrule +CVE-2015-6524 & & & & & \checkmark & & \checkmark & \checkmark & & \checkmark & & & & & & \checkmark & \checkmark & 7.44 & 2.58\\ \midrule +CVE-2015-6584 & & & & \checkmark & \checkmark & & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & 1.84 & 0.15\\ \midrule +CVE-2015-7294 & & & \checkmark & \checkmark & \checkmark & & \checkmark & & \checkmark & & & \checkmark & & & \checkmark & & & 2.7 & 0.03\\ \midrule +CVE-2015-7337 & & & & \checkmark & & & & & & & \checkmark & & & & & & & 3.09 & 0.17\\ \midrule +CVE-2015-7541 & \checkmark & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & & 1.48 & 0.05\\ \midrule +CVE-2015-7809 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & & & & & & 3.37 & 0.16\\ \midrule +CVE-2015-8309 & \checkmark & & & \checkmark & \checkmark & & & & & & \checkmark & \checkmark & & & & & & 2.68 & 0.2\\ \midrule +CVE-2015-8310 & & & & \checkmark & \checkmark & & & & & \checkmark & \checkmark & \checkmark & & & & & & 2.26 & 0.27\\ \midrule +CVE-2015-8747 & & & & \checkmark & \checkmark & & & & & \checkmark & \checkmark & & & & & & & 5.4 & 0.16\\ \midrule +CVE-2015-8814 & & & & \checkmark & \checkmark & & & \checkmark & & \checkmark & \checkmark & & & & & & & 41.76 & 0.17\\ \midrule +CVE-2015-8854 & & & \checkmark & & \checkmark & & & & & & \checkmark & & \checkmark & & \checkmark & & & 23.38 & 17.27\\ \midrule +CVE-2015-8862 & & & & & \checkmark & & & & & & \checkmark & \checkmark & & & & & & 26.24 & 24.36\\ \midrule +CVE-2015-9235 & & & & \checkmark & \checkmark & & & & & & \checkmark & \checkmark & & & & & & 2.81 & 0.17\\ \midrule +CVE-2015-9241 & & & & \checkmark & & & & & & & \checkmark & & & & \checkmark & & & 2.19 & 0.17\\ \midrule +CVE-2016-0750 & & & & \checkmark & & & & & & \checkmark & \checkmark & & & & & & & 6.34 & 0.16\\ \midrule +CVE-2016-1505 & & & & \checkmark & \checkmark & & & & & \checkmark & \checkmark & & & & & & & 2.96 & 0.16\\ \midrule +CVE-2016-2166 & & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & & \checkmark & & & \checkmark & & \checkmark & & 5.46 & 0.22\\ \midrule +CVE-2016-2537 & & & & \checkmark & \checkmark & & & \checkmark & & & \checkmark & \checkmark & & & & & & 17.85 & 0.03\\ \midrule +CVE-2016-3114 & \checkmark & & & & \checkmark & & & & & \checkmark & \checkmark & \checkmark & & & & & & 11.42 & 4.52\\ \midrule +CVE-2016-3693 & & & & \checkmark & \checkmark & & & & & & \checkmark & & & & & & & 5.37 & 0.03\\ \midrule +CVE-2016-3720 & & & \checkmark & \checkmark & \checkmark & & & \checkmark & & & & & \checkmark & & \checkmark & & & 4.29 & 0.19\\ \midrule +CVE-2016-4000 & & & & & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & \checkmark & & & 36.15 & 29.29\\ \midrule +CVE-2016-4442 & & & & \checkmark & & & & & & & \checkmark & \checkmark & & & & & & 1.82 & 0.04\\ \midrule +CVE-2016-4562 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & & 2.18 & 0.19\\ \midrule +CVE-2016-4563 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & & 2.81 & 0.53\\ \midrule +CVE-2016-4564 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & & 2.48 & 0.18\\ \midrule +CVE-2016-4974 & \checkmark & & & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & \checkmark & & 3.94 & 0.17\\ \midrule +CVE-2016-4977 & & & & & \checkmark & & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & 32.16 & 27.23\\ \midrule +CVE-2016-5007 & & & \checkmark & & & & & \checkmark & & \checkmark & \checkmark & & & & \checkmark & & & 4.8 & 0.17\\ \midrule +CVE-2016-5104 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & & 3.91 & 0.04\\ \midrule +CVE-2016-5180 & \checkmark & & & & \checkmark & & \checkmark & \checkmark & & & \checkmark & & & & & & & 26.76 & 24.35\\ \midrule +CVE-2016-5431 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & \checkmark & & & & & & 1.55 & 0.15\\ \midrule +CVE-2016-5697 & & & & \checkmark & \checkmark & & & \checkmark & & & \checkmark & \checkmark & & & & & & 1.6 & 0.03\\ \midrule +CVE-2016-5841 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & & 3.07 & 0.17\\ \midrule +CVE-2016-5842 & & & & \checkmark & \checkmark & & \checkmark & & & \checkmark & & & & & & & & 2.83 & 0.17\\ \midrule +CVE-2016-5851 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & 7.13 & 0.12\\ \midrule +CVE-2016-6298 & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & \checkmark & & \checkmark & 3.53 & 0.18\\ \midrule +CVE-2016-7528 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & \checkmark & 2.99 & 0.19\\ \midrule +CVE-2016-8738 & & & & & \checkmark & & \checkmark & \checkmark & & \checkmark & & & & & & & & 24.34 & 21.03\\ \midrule +CVE-2016-9298 & & & & \checkmark & & & & \checkmark & & \checkmark & \checkmark & & & & & & \checkmark & 3.66 & 0.16\\ \midrule +CVE-2016-9909 & & & \checkmark & \checkmark & \checkmark & & & & \checkmark & \checkmark & \checkmark & \checkmark & & & \checkmark & & & 4.12 & 0.23\\ \midrule +CVE-2016-9910 & & & \checkmark & \checkmark & \checkmark & & & & \checkmark & \checkmark & \checkmark & \checkmark & & & \checkmark & & & 2.7 & 0.18\\ \midrule +CVE-2016-9962 & & & & & & & & & & \checkmark & \checkmark & & & & & & & 11.3 & 0.17\\ \midrule +CVE-2016-10100 & & & & & & & & & & \checkmark & \checkmark & & & & & & & 23.68 & 20.86\\ \midrule +CVE-2016-10149 & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & & & \checkmark & \checkmark & & \checkmark & & & 3.85 & 0.14\\ \midrule +CVE-2016-10173 & \checkmark & & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & & \checkmark & & & 3.03 & 0.17\\ \midrule +CVE-2016-10345 & & & & \checkmark & \checkmark & & \checkmark & & \checkmark & \checkmark & \checkmark & & & & & & & 3.36 & 0.16\\ \midrule +CVE-2016-10522 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & & 4.81 & 2.4\\ \midrule +CVE-2016-10524 & & & & \checkmark & \checkmark & & & & & & \checkmark & & & & & & & 1.66 & 0.06\\ \midrule +CVE-2016-10528 & & & & & \checkmark & & & & & & \checkmark & & & & & & & 8.81 & 7.1\\ \midrule +CVE-2016-10529 & & & & & \checkmark & & & & & & \checkmark & \checkmark & & & & & & 13.92 & 12.33\\ \midrule +CVE-2016-10531 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & 3.64 & 0.17\\ \midrule +CVE-2016-10536 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & \checkmark & & & & & & & 1.53 & 0.02\\ \midrule +CVE-2016-10540 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & & 1.64 & 0.03\\ \midrule +CVE-2016-10543 & & & & & & & & & & & & & & & & & & 13.57 & 11.58\\ \midrule +CVE-2016-10544 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & & 16.43 & 14.95\\ \midrule +CVE-2016-10554 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & 1.93 & 0.31\\ \midrule +CVE-2016-10556 & & & & \checkmark & \checkmark & & & \checkmark & & \checkmark & \checkmark & & & & & & & 2.78 & 0.17\\ \midrule +CVE-2016-10558 & & & & & \checkmark & & & & & & \checkmark & \checkmark & & & \checkmark & & & 24.55 & 23.07\\ \midrule +CVE-2016-10559 & & & & & \checkmark & & & & & \checkmark & & & & & & & & 10.29 & 8.81\\ \midrule +CVE-2016-10560 & & & & & \checkmark & & & & & & & & & & \checkmark & & & 25.3 & 23.8\\ \midrule +CVE-2016-10564 & & & & & & & & & & & & & & & & & & 10.45 & 9.01\\ \midrule +CVE-2016-10569 & & & & & & & & & & & & & & & & & & 15.46 & 14.07\\ \midrule +CVE-2016-10574 & & & & & & & & \checkmark & & & & & & & & & & 21.36 & 19.66\\ \midrule +CVE-2016-10575 & & & & & \checkmark & & & & & & \checkmark & & & & & & & 26.95 & 25.28\\ \midrule +CVE-2016-10577 & & & & \checkmark & \checkmark & & & \checkmark & & & & & & & \checkmark & & & 1.51 & 0.11\\ \midrule +CVE-2016-10591 & & & & & \checkmark & & & & & & & & & & \checkmark & & & 4.14 & 2.66\\ \midrule +CVE-2016-10611 & & & & & \checkmark & & & & & & \checkmark & & & & & & & 17.29 & 15.65\\ \midrule +CVE-2016-10694 & & & & & \checkmark & & & & & \checkmark & & & & & & & & 11.64 & 8.99\\ \midrule +CVE-2016-10703 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & \checkmark & & & & & & 1.62 & 0.18\\ \midrule +CVE-2016-10735 & & & & & \checkmark & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & 16.56 & 0.76\\ \midrule +CVE-2016-1000236 & & & & \checkmark & & & & & & & & & & & & & & 3.51 & 0.08\\ \midrule +CVE-2016-1000338 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & \checkmark & 3.98 & 0.16\\ \midrule +CVE-2016-1000340 & & & & \checkmark & \checkmark & & & \checkmark & & \checkmark & \checkmark & & & & & & \checkmark & 3.24 & 0.51\\ \midrule +CVE-2016-1000343 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & \checkmark & 2.78 & 0.17\\ \midrule +CVE-2016-1000344 & & & & \checkmark & \checkmark & & & \checkmark & & \checkmark & \checkmark & & & & & & \checkmark & 2.61 & 0.17\\ \midrule +CVE-2017-0904 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & & \checkmark & & & & & & & 1.96 & 0.12\\ \midrule +CVE-2017-2617 & & & & & \checkmark & & & & & \checkmark & \checkmark & & & & & & & 28.86 & 26.14\\ \midrule +CVE-2017-2638 & & & & & & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & & 33.5 & 15.82\\ \midrule +CVE-2017-2652 & & & & & \checkmark & & & & & & & & & & & & & 17.97 & 12.85\\ \midrule +CVE-2017-2667 & & & & & \checkmark & & & \checkmark & & \checkmark & \checkmark & & & & \checkmark & & & 24.28 & 22.08\\ \midrule +CVE-2017-2809 & & & \checkmark & \checkmark & \checkmark & & & & & & \checkmark & \checkmark & & & \checkmark & & & 2.64 & 0.02\\ \midrule +CVE-2017-3204 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & \checkmark & & & 3.82 & 0.16\\ \midrule +CVE-2017-4973 & & & & & \checkmark & & & \checkmark & & \checkmark & \checkmark & & & & \checkmark & & & 28.63 & 26.95\\ \midrule +CVE-2017-5209 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & \checkmark & & & & & & & 2.67 & 0.22\\ \midrule +CVE-2017-5545 & & & \checkmark & \checkmark & \checkmark & & \checkmark & & \checkmark & & \checkmark & & & & \checkmark & & & 3.03 & 0.18\\ \midrule +CVE-2017-5591 & & & & \checkmark & \checkmark & & \checkmark & & & \checkmark & \checkmark & & & & & & & 2.04 & 0.07\\ \midrule +CVE-2017-5641 & & & & & \checkmark & & & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & & 13.59 & 11.09\\ \midrule +CVE-2017-5645 & & & & \checkmark & \checkmark & & & & & \checkmark & \checkmark & & & & & & & 33.72 & 0.17\\ \midrule +CVE-2017-5858 & & & & & \checkmark & & \checkmark & \checkmark & & & \checkmark & & & & & & \checkmark & 24.26 & 21.74\\ \midrule +CVE-2017-5934 & \checkmark & & & \checkmark & \checkmark & & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & 5.24 & 0.56\\ \midrule +CVE-2017-5936 & & & & \checkmark & \checkmark & & & \checkmark & & & \checkmark & & & & & & & 1.62 & 0.11\\ \midrule +CVE-2017-5946 & & & \checkmark & \checkmark & \checkmark & \checkmark & & & & & \checkmark & \checkmark & \checkmark & & \checkmark & & & 4.99 & 0.31\\ \midrule +CVE-2017-7540 & & & \checkmark & \checkmark & \checkmark & & & & & & & & & & \checkmark & & & 2.43 & 0.05\\ \midrule +CVE-2017-7654 & & & & \checkmark & \checkmark & & \checkmark & & \checkmark & & \checkmark & \checkmark & & & \checkmark & & & 3.98 & 0.17\\ \midrule +CVE-2017-7656 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & \checkmark & \checkmark & & & & \checkmark & & & 4.29 & 0.16\\ \midrule +CVE-2017-8028 & & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & \checkmark & & & 3.81 & 0.17\\ \midrule +CVE-2017-8418 & & & \checkmark & \checkmark & \checkmark & & & & \checkmark & & \checkmark & \checkmark & \checkmark & & \checkmark & & & 3.38 & 0.32\\ \midrule +CVE-2017-8932 & & & \checkmark & \checkmark & \checkmark & & & \checkmark & & \checkmark & \checkmark & & \checkmark & & \checkmark & & & 23.38 & 0.19\\ \midrule +CVE-2017-9796 & & & & & \checkmark & & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & & 32.87 & 23.7\\ \midrule +CVE-2017-11173 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & \checkmark & & & & \checkmark & & & 3.01 & 0.07\\ \midrule +CVE-2017-11427 & \checkmark & & & & \checkmark & & \checkmark & & & \checkmark & & \checkmark & & & & & & 24.08 & 22.63\\ \midrule +CVE-2017-11467 & & & & & \checkmark & & & & & \checkmark & \checkmark & \checkmark & & & & & & 24.43 & 22.08\\ \midrule +CVE-2017-11905 & \checkmark & & & & \checkmark & & & & & & & & & & & & & 20.24 & 16.39\\ \midrule +CVE-2017-11910 & \checkmark & & & & \checkmark & & & & & & & & & & & & & 20.2 & 16.52\\ \midrule +CVE-2017-12098 & & & \checkmark & \checkmark & \checkmark & & & & \checkmark & \checkmark & \checkmark & \checkmark & & & \checkmark & & & 2.37 & 0.16\\ \midrule +CVE-2017-12616 & & & & & \checkmark & & \checkmark & \checkmark & & \checkmark & & & & & & & & 16.08 & 11.16\\ \midrule +CVE-2017-12620 & & & & & \checkmark & & & \checkmark & \checkmark & & & & & & & \checkmark & & 24.18 & 22.14\\ \midrule +CVE-2017-12622 & & & & & & & \checkmark & \checkmark & & \checkmark & & & & & \checkmark & \checkmark & & 13.11 & 2.83\\ \midrule +CVE-2017-12867 & & & & \checkmark & \checkmark & & & & & \checkmark & \checkmark & \checkmark & & & & & \checkmark & 2.92 & 0.17\\ \midrule +CVE-2017-12871 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & \checkmark & 2.19 & 0.16\\ \midrule +CVE-2017-13098 & & & & \checkmark & \checkmark & & \checkmark & & & \checkmark & & & & & & & \checkmark & 3.43 & 0.16\\ \midrule +CVE-2017-14619 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & & \checkmark & & & & & & 1.63 & 0.03\\ \midrule +CVE-2017-14735 & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & \checkmark & & & 2.22 & 0.02\\ \midrule +CVE-2017-15051 & & & & \checkmark & \checkmark & & & \checkmark & & \checkmark & & & & & & & & 2.2 & 0.31\\ \midrule +CVE-2017-15052 & & & & \checkmark & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & & 2.09 & 0.28\\ \midrule +CVE-2017-15053 & & & & \checkmark & & & \checkmark & & & \checkmark & \checkmark & & & & & & & 2.07 & 0.33\\ \midrule +CVE-2017-15054 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & 2.1 & 0.36\\ \midrule +CVE-2017-15055 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & & & & & & & & 1.98 & 0.23\\ \midrule +CVE-2017-15133 & \checkmark & & \checkmark & \checkmark & \checkmark & & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & \checkmark & & & 3.35 & 0.15\\ \midrule +CVE-2017-15278 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & & & & & 2.59 & 0.17\\ \midrule +CVE-2017-15703 & & \checkmark & \checkmark & & & & & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & & 22.63 & 17.75\\ \midrule +CVE-2017-15728 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & & & \checkmark & & & & & & 1.67 & 0.17\\ \midrule +CVE-2017-15729 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & \checkmark & 2.82 & 0.29\\ \midrule +CVE-2017-15730 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & & & & & & & & 1.99 & 0.25\\ \midrule +CVE-2017-15731 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & \checkmark & 1.88 & 0.31\\ \midrule +CVE-2017-15733 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & \checkmark & 1.88 & 0.17\\ \midrule +CVE-2017-15734 & & & & \checkmark & \checkmark & & \checkmark & & \checkmark & \checkmark & \checkmark & & & & & & \checkmark & 2.19 & 0.25\\ \midrule +CVE-2017-15735 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & \checkmark & 2.25 & 0.28\\ \midrule +CVE-2017-15808 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & \checkmark & 1.7 & 0.19\\ \midrule +CVE-2017-15809 & & & & \checkmark & \checkmark & & \checkmark & & \checkmark & \checkmark & & \checkmark & & & & & & 1.66 & 0.17\\ \midrule +CVE-2017-15879 & & & \checkmark & \checkmark & & & & & & & & & & & \checkmark & & & 3.56 & 0.17\\ \midrule +CVE-2017-15928 & & & & \checkmark & \checkmark & & & & & & \checkmark & & & & & & & 2.46 & 0.08\\ \midrule +CVE-2017-16003 & & & & \checkmark & \checkmark & & & & & & & & & & & & & 1.61 & 0.17\\ \midrule +CVE-2017-16007 & & & & & \checkmark & & & \checkmark & & \checkmark & \checkmark & & & & \checkmark & & & 10.64 & 8.26\\ \midrule +CVE-2017-16008 & & & & \checkmark & \checkmark & & & & & \checkmark & \checkmark & \checkmark & & & & & & 2.79 & 0.24\\ \midrule +CVE-2017-16013 & & & \checkmark & \checkmark & \checkmark & & & \checkmark & \checkmark & & \checkmark & & \checkmark & & \checkmark & & & 2.06 & 0.03\\ \midrule +CVE-2017-16014 & & & & \checkmark & \checkmark & & \checkmark & & & & & \checkmark & & & & & \checkmark & 7.74 & 4.74\\ \midrule +CVE-2017-16015 & & & & \checkmark & \checkmark & & & \checkmark & & & \checkmark & & & & & & & 1.87 & 0.13\\ \midrule +CVE-2017-16016 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & 2.26 & 0.07\\ \midrule +CVE-2017-16017 & & & & \checkmark & \checkmark & & & & & & & & & & & & & 23.42 & 20.6\\ \midrule +CVE-2017-16023 & & & \checkmark & \checkmark & & & & & & & \checkmark & & & & \checkmark & & & 22.88 & 20.45\\ \midrule +CVE-2017-16025 & & & \checkmark & \checkmark & \checkmark & & & & & & \checkmark & & & & \checkmark & & & 8.72 & 6.89\\ \midrule +CVE-2017-16042 & & & \checkmark & \checkmark & \checkmark & & & & & & \checkmark & \checkmark & \checkmark & & \checkmark & & & 3.6 & 0.18\\ \midrule +CVE-2017-16136 & & & & \checkmark & & & & & & & \checkmark & & & & & & & 1.85 & 0.15\\ \midrule +CVE-2017-16228 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & & \checkmark & & & & & & & 6.06 & 0.16\\ \midrule +CVE-2017-16244 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & & \checkmark & & & & & & & 1.97 & 0.46\\ \midrule +CVE-2017-16613 & \checkmark & & & \checkmark & \checkmark & & \checkmark & & & \checkmark & \checkmark & & & & \checkmark & & & 3.71 & 0.05\\ \midrule +CVE-2017-16615 & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & & \checkmark & & & \checkmark & & & 2.01 & 0.04\\ \midrule +CVE-2017-16616 & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & \checkmark & & & 2.88 & 0.04\\ \midrule +CVE-2017-16618 & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & & & \checkmark & & & 2.38 & 0.04\\ \midrule +CVE-2017-16876 & \checkmark & & & \checkmark & \checkmark & & & & & & & & & & & & & 3.37 & 0.07\\ \midrule +CVE-2017-16877 & & & & \checkmark & & & & & & & \checkmark & & & & & & & 5.23 & 0.24\\ \midrule +CVE-2017-16880 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & 1.8 & 0.16\\ \midrule +CVE-2017-17042 & & & & \checkmark & \checkmark & & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & 2.08 & 0.19\\ \midrule +CVE-2017-18239 & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & \checkmark & & & 22.78 & 0.08\\ \midrule +CVE-2017-18367 & & & & \checkmark & \checkmark & & & & & & \checkmark & & & & & & & 5.5 & 0.05\\ \midrule +CVE-2017-1000188 & & & & \checkmark & \checkmark & & & & & & & \checkmark & & & & & & 2.63 & 0.23\\ \midrule +CVE-2017-1000189 & & & & \checkmark & \checkmark & & & & & & & \checkmark & & & & & & 2.18 & 0.19\\ \midrule +CVE-2017-1000228 & & & & \checkmark & \checkmark & & & & & & & & & & & & & 1.62 & 0.17\\ \midrule +CVE-2017-1000389 & & & & & \checkmark & & & \checkmark & & & \checkmark & & & & & & & 5.95 & 4.53\\ \midrule +CVE-2017-1000451 & & & & & & & & \checkmark & & & \checkmark & \checkmark & & & & & & 6.85 & 5.45\\ \midrule +CVE-2017-1000486 & & & & \checkmark & \checkmark & & & & & & & & & & & & & 2.96 & 0.17\\ \midrule +CVE-2017-1000487 & & & & \checkmark & \checkmark & & & & & \checkmark & \checkmark & \checkmark & & & & & & 3.95 & 0.02\\ \midrule +CVE-2017-1000491 & & & & \checkmark & \checkmark & & & & & \checkmark & & & & & & & \checkmark & 4.82 & 2.45\\ \midrule +CVE-2017-1001002 & & & & \checkmark & \checkmark & & & \checkmark & & & \checkmark & \checkmark & & & & & & 3.8 & 0.53\\ \midrule +CVE-2017-1001003 & & & & \checkmark & \checkmark & & & \checkmark & & \checkmark & \checkmark & \checkmark & & & & & & 2.98 & 0.67\\ \midrule +CVE-2017-1001004 & & & & \checkmark & \checkmark & & & & \checkmark & & \checkmark & \checkmark & & & & & & 1.82 & 0.04\\ \midrule +CVE-2017-1002150 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & & \checkmark & & & & & & & 1.76 & 0.15\\ \midrule +CVE-2018-1098 & & & \checkmark & & \checkmark & & & & & & \checkmark & \checkmark & & & \checkmark & & & 3.35 & 0.21\\ \midrule +CVE-2018-1099 & & & \checkmark & \checkmark & \checkmark & & & & \checkmark & & \checkmark & \checkmark & & & \checkmark & & & 21.57 & 16.61\\ \midrule +CVE-2018-1196 & & & & & & & & \checkmark & & \checkmark & \checkmark & & & & \checkmark & & & 6.25 & 1.05\\ \midrule +CVE-2018-1261 & & & & & \checkmark & & \checkmark & & & & \checkmark & & & & & & & 26.65 & 25.01\\ \midrule +CVE-2018-1263 & & & & & \checkmark & & \checkmark & & & & \checkmark & \checkmark & & & & & & 15.42 & 13.67\\ \midrule +CVE-2018-1309 & & \checkmark & \checkmark & & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & \checkmark & \checkmark & & 26.19 & 21.24\\ \midrule +CVE-2018-1320 & & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & \checkmark & & \checkmark & & 28.76 & 16.5\\ \midrule +CVE-2018-3712 & & & & \checkmark & \checkmark & & & & & \checkmark & \checkmark & & & & \checkmark & & & 2.22 & 0.15\\ \midrule +CVE-2018-3714 & & & & & \checkmark & & & & & & \checkmark & \checkmark & & & \checkmark & & & 1.38 & 0.05\\ \midrule +CVE-2018-3715 & & & & \checkmark & & & & & & & \checkmark & \checkmark & & & & & & 1.57 & 0.19\\ \midrule +CVE-2018-3721 & & & & \checkmark & \checkmark & & & & & & \checkmark & & & & & & & 4.04 & 0.18\\ \midrule +CVE-2018-3726 & & & & \checkmark & \checkmark & & & & & & \checkmark & & & & & & & 1.47 & 0.1\\ \midrule +CVE-2018-3731 & & & & & \checkmark & & & \checkmark & & & \checkmark & & & & & & & 1.9 & 0.05\\ \midrule +CVE-2018-3732 & & & & \checkmark & & & & & & & \checkmark & & & & & & & 1.65 & 0.08\\ \midrule +CVE-2018-3733 & & & & \checkmark & \checkmark & & & & & & & & & & & & & 1.46 & 0.1\\ \midrule +CVE-2018-3738 & & & & & & & & & \checkmark & & \checkmark & \checkmark & & & & & & 4.26 & 2.49\\ \midrule +CVE-2018-3740 & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & \checkmark & & & 4.0 & 0.16\\ \midrule +CVE-2018-3741 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & & \checkmark & & & & & & & 2.34 & 0.09\\ \midrule +CVE-2018-3750 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & \checkmark & & & & & & & 2.83 & 0.09\\ \midrule +CVE-2018-3759 & & & & \checkmark & \checkmark & & & & \checkmark & \checkmark & \checkmark & & & & & & & 1.37 & 0.07\\ \midrule +CVE-2018-3769 & & & \checkmark & \checkmark & \checkmark & & & & \checkmark & & \checkmark & \checkmark & \checkmark & & \checkmark & & & 2.81 & 0.03\\ \midrule +CVE-2018-3774 & & & & \checkmark & \checkmark & & & & & & & \checkmark & & & & & & 2.64 & 0.07\\ \midrule +CVE-2018-3778 & & & \checkmark & \checkmark & \checkmark & & & & & \checkmark & & & \checkmark & & \checkmark & & & 3.85 & 0.08\\ \midrule +CVE-2018-3786 & & & \checkmark & \checkmark & \checkmark & & & & & & & \checkmark & & & \checkmark & & & 2.68 & 0.19\\ \midrule +CVE-2018-5968 & & & \checkmark & \checkmark & \checkmark & & \checkmark & & & \checkmark & & & \checkmark & & \checkmark & & & 5.87 & 0.17\\ \midrule +CVE-2018-6333 & & & & \checkmark & \checkmark & & & & \checkmark & \checkmark & \checkmark & & & & & & & 2.46 & 0.16\\ \midrule +CVE-2018-6591 & & & & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & & 3.95 & 0.45\\ \midrule +CVE-2018-7260 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & 3.46 & 0.16\\ \midrule +CVE-2018-7408 & & & \checkmark & \checkmark & & & & \checkmark & \checkmark & \checkmark & \checkmark & & \checkmark & & \checkmark & & & 4.22 & 0.17\\ \midrule +CVE-2018-7560 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & & \checkmark & & & & & & 1.73 & 0.02\\ \midrule +CVE-2018-7576 & & & & & & & & & & & \checkmark & & & & & & & 360.42 & 31.43\\ \midrule +CVE-2018-7651 & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & & & \checkmark & & & 2.61 & 0.3\\ \midrule +CVE-2018-7753 & & & \checkmark & \checkmark & \checkmark & & & & & & & & & & \checkmark & & & 4.46 & 0.17\\ \midrule +CVE-2018-8013 & & \checkmark & & & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & \checkmark & & 22.69 & 17.85\\ \midrule +CVE-2018-8016 & & \checkmark & & \checkmark & & & & \checkmark & \checkmark & \checkmark & & & & \checkmark & & \checkmark & & 4.77 & 0.17\\ \midrule +CVE-2018-8128 & \checkmark & & & & \checkmark & & & & & & \checkmark & & & & & & & 7.64 & 0.18\\ \midrule +CVE-2018-8177 & \checkmark & & & & \checkmark & & & & & & \checkmark & & & & & & & 8.43 & 0.42\\ \midrule +CVE-2018-8178 & \checkmark & & & & \checkmark & & & & & & \checkmark & \checkmark & & & & & & 24.18 & 0.28\\ \midrule +CVE-2018-8381 & \checkmark & & & & \checkmark & & & & & & \checkmark & & & & & & & 27.66 & 25.47\\ \midrule +CVE-2018-8390 & \checkmark & & & & \checkmark & & & & & \checkmark & \checkmark & & & & & & & 24.52 & 22.32\\ \midrule +CVE-2018-9109 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & \checkmark & \checkmark & & & & & & 5.12 & 0.28\\ \midrule +CVE-2018-9110 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & \checkmark & \checkmark & & & & & & 4.16 & 0.31\\ \midrule +CVE-2018-9206 & & & \checkmark & \checkmark & \checkmark & & & & & & \checkmark & \checkmark & & & \checkmark & & \checkmark & 5.34 & 1.43\\ \midrule +CVE-2018-10092 & \checkmark & & & \checkmark & \checkmark & & & & & \checkmark & & & & & & & & 4.95 & 0.17\\ \midrule +CVE-2018-10094 & \checkmark & & & \checkmark & \checkmark & & & & & & & & & & & & & 4.99 & 0.2\\ \midrule +CVE-2018-10095 & \checkmark & & & \checkmark & \checkmark & & \checkmark & & & \checkmark & & & & & & & & 6.14 & 0.25\\ \midrule +CVE-2018-10188 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & \checkmark & & & 2.03 & 0.16\\ \midrule +CVE-2018-10366 & & & & \checkmark & & & & & & & & & & & & & & 1.4 & 0.05\\ \midrule +CVE-2018-10903 & & & \checkmark & \checkmark & \checkmark & & & \checkmark & \checkmark & & & & & & \checkmark & & & 3.7 & 0.17\\ \midrule +CVE-2018-10936 & \checkmark & & & \checkmark & & & & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & & 2.16 & 0.15\\ \midrule +CVE-2018-11093 & \checkmark & & & & \checkmark & & & & & & \checkmark & \checkmark & & & & & & 8.58 & 6.55\\ \midrule +CVE-2018-11771 & & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & & & & & & \checkmark & & 12.81 & 0.17\\ \midrule +CVE-2018-11798 & & & & \checkmark & \checkmark & & & & & \checkmark & \checkmark & & & & & & & 4.76 & 0.19\\ \midrule +CVE-2018-12043 & & & & \checkmark & \checkmark & & \checkmark & & & \checkmark & \checkmark & & & & & & & 1.43 & 0.08\\ \midrule +CVE-2018-12418 & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & & \checkmark & & & & \checkmark & & & 3.16 & 0.15\\ \midrule +CVE-2018-12541 & \checkmark & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & & \checkmark & & & & \checkmark & & & 9.95 & 0.16\\ \midrule +CVE-2018-12557 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & & \checkmark & & & & & & & 3.21 & 0.17\\ \midrule +CVE-2018-12615 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & & 2.11 & 0.16\\ \midrule +CVE-2018-12976 & \checkmark & & & \checkmark & \checkmark & & & \checkmark & & & & & & & & & & 1.51 & 0.06\\ \midrule +CVE-2018-13447 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & & 2.66 & 0.16\\ \midrule +CVE-2018-13448 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & & 2.65 & 0.27\\ \midrule +CVE-2018-13449 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & & 2.81 & 0.28\\ \midrule +CVE-2018-13450 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & & 2.87 & 0.28\\ \midrule +CVE-2018-13797 & & & \checkmark & \checkmark & \checkmark & & & & \checkmark & & \checkmark & \checkmark & \checkmark & & \checkmark & & & 4.63 & 0.22\\ \midrule +CVE-2018-13818 & & & & \checkmark & & & & & & & & & & & & & & 3.21 & 0.19\\ \midrule +CVE-2018-14041 & & & & \checkmark & \checkmark & & & & & \checkmark & \checkmark & \checkmark & & & & & & 5.64 & 0.17\\ \midrule +CVE-2018-14718 & & & \checkmark & \checkmark & \checkmark & & \checkmark & & & \checkmark & & & \checkmark & & \checkmark & & & 20.78 & 0.17\\ \midrule +CVE-2018-14719 & & & \checkmark & \checkmark & \checkmark & & \checkmark & & & \checkmark & & & \checkmark & & \checkmark & & & 17.2 & 0.28\\ \midrule +CVE-2018-14720 & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & & & \checkmark & & \checkmark & & & 15.12 & 0.26\\ \midrule +CVE-2018-14721 & & & \checkmark & \checkmark & \checkmark & & \checkmark & & & \checkmark & & & \checkmark & & \checkmark & & & 3.84 & 0.18\\ \midrule +CVE-2018-14840 & & & \checkmark & \checkmark & \checkmark & & & & & \checkmark & & & \checkmark & & \checkmark & & & 2.12 & 0.21\\ \midrule +CVE-2018-15178 & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & & \checkmark & & & 2.75 & 0.05\\ \midrule +CVE-2018-15531 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & & \checkmark & & & & & & 2.04 & 0.08\\ \midrule +CVE-2018-16329 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & \checkmark & 5.37 & 2.6\\ \midrule +CVE-2018-16459 & & & & & \checkmark & & & & & \checkmark & \checkmark & & & & & & & 7.33 & 5.9\\ \midrule +CVE-2018-16462 & & & & & \checkmark & & & & & & & & & & & & & 16.71 & 15.01\\ \midrule +CVE-2018-16470 & \checkmark & & & \checkmark & \checkmark & & & & & \checkmark & \checkmark & & & & \checkmark & & & 3.06 & 0.17\\ \midrule +CVE-2018-16472 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & 3.54 & 0.03\\ \midrule +CVE-2018-16490 & & & & & \checkmark & & & \checkmark & \checkmark & & \checkmark & & & & & & & 2.26 & 0.06\\ \midrule +CVE-2018-16492 & & & & \checkmark & \checkmark & & & \checkmark & & & \checkmark & & & & & & & 3.28 & 0.07\\ \midrule +CVE-2018-17104 & & & \checkmark & \checkmark & \checkmark & & & & & \checkmark & \checkmark & & \checkmark & & \checkmark & & & 3.14 & 0.18\\ \midrule +CVE-2018-17187 & & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & \checkmark & & \checkmark & & 4.64 & 0.17\\ \midrule +CVE-2018-17193 & & \checkmark & \checkmark & & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & \checkmark & \checkmark & \checkmark & & 3.09 & 0.13\\ \midrule +CVE-2018-17194 & & \checkmark & \checkmark & & \checkmark & & & \checkmark & & \checkmark & \checkmark & & & & \checkmark & \checkmark & & 7.66 & 2.87\\ \midrule +CVE-2018-17195 & & \checkmark & \checkmark & & \checkmark & & & & \checkmark & & \checkmark & & & & \checkmark & \checkmark & & 5.47 & 0.2\\ \midrule +CVE-2018-17419 & & & \checkmark & \checkmark & & & \checkmark & \checkmark & & & \checkmark & & & & \checkmark & & & 5.78 & 0.2\\ \midrule +CVE-2018-18389 & & & & \checkmark & \checkmark & & \checkmark & & & \checkmark & \checkmark & & & & & & & 3.3 & 0.17\\ \midrule +CVE-2018-18476 & & & \checkmark & \checkmark & \checkmark & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & \checkmark & & & 2.18 & 0.05\\ \midrule +CVE-2018-19048 & & & & \checkmark & & & & \checkmark & & & & \checkmark & & & & & & 3.05 & 0.05\\ \midrule +CVE-2018-19184 & & & & \checkmark & & & \checkmark & & & & & & & & \checkmark & & & 2.8 & 0.18\\ \midrule +CVE-2018-19360 & & & \checkmark & \checkmark & \checkmark & & \checkmark & & & \checkmark & & & & & \checkmark & & & 11.67 & 5.23\\ \midrule +CVE-2018-19361 & & & \checkmark & \checkmark & \checkmark & & \checkmark & & & \checkmark & & & & & \checkmark & & & 10.33 & 4.94\\ \midrule +CVE-2018-19362 & & & \checkmark & \checkmark & \checkmark & & \checkmark & & & \checkmark & & & & & \checkmark & & & 9.89 & 4.86\\ \midrule +CVE-2018-19992 & \checkmark & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & & & & & & & & 26.12 & 23.89\\ \midrule +CVE-2018-19993 & \checkmark & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & & & & & 18.17 & 14.11\\ \midrule +CVE-2018-19994 & \checkmark & & & \checkmark & \checkmark & & & & & \checkmark & & & & & & & & 28.2 & 26.81\\ \midrule +CVE-2018-20028 & \checkmark & & & & \checkmark & & & & & & \checkmark & & & & & & & 25.86 & 24.18\\ \midrule +CVE-2018-20059 & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & & & \checkmark & & \checkmark & & & 2.04 & 0.05\\ \midrule +CVE-2018-20433 & \checkmark & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & & \checkmark & & & & & & 4.28 & 0.08\\ \midrule +CVE-2018-20594 & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & & & & & \checkmark & & & 1.64 & 0.16\\ \midrule +CVE-2018-20595 & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & \checkmark & & & 2.28 & 0.17\\ \midrule +CVE-2018-20677 & & & \checkmark & \checkmark & \checkmark & & & & \checkmark & & \checkmark & \checkmark & \checkmark & & \checkmark & & & 8.0 & 0.31\\ \midrule +CVE-2018-20801 & & & & \checkmark & & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & & 11.88 & 8.83\\ \midrule +CVE-2018-20835 & & & & \checkmark & \checkmark & & & & & & \checkmark & & & & & & & 2.08 & 0.08\\ \midrule +CVE-2018-20962 & & & \checkmark & \checkmark & \checkmark & & & & & & \checkmark & \checkmark & & & \checkmark & & & 3.81 & 0.17\\ \midrule +CVE-2018-1000013 & & & & & \checkmark & & & \checkmark & & & \checkmark & & & & & & & 1.86 & 0.16\\ \midrule +CVE-2018-1000014 & & & & & \checkmark & & & \checkmark & & & \checkmark & & & & & & & 10.66 & 9.3\\ \midrule +CVE-2018-1000089 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & 2.14 & 0.3\\ \midrule +CVE-2018-1000119 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & & 8.93 & 4.86\\ \midrule +CVE-2018-1000129 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & & \checkmark & & & & & & 9.92 & 7.96\\ \midrule +CVE-2018-1000134 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & & 16.44 & 12.73\\ \midrule +CVE-2018-1000164 & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & & \checkmark & & & & \checkmark & & & 3.53 & 0.16\\ \midrule +CVE-2018-1000518 & & & & \checkmark & \checkmark & & & & & \checkmark & & \checkmark & & & & & & 2.6 & 0.16\\ \midrule +CVE-2018-1000525 & & & \checkmark & \checkmark & & & & & & \checkmark & \checkmark & & & & \checkmark & & & 6.56 & 4.59\\ \midrule +CVE-2018-1000531 & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & & \checkmark & & & 2.33 & 0.09\\ \midrule +CVE-2018-1000538 & & & \checkmark & \checkmark & \checkmark & & & & \checkmark & & \checkmark & \checkmark & & & \checkmark & & & 3.54 & 0.33\\ \midrule +CVE-2018-1000620 & & & \checkmark & \checkmark & \checkmark & & & \checkmark & & & & & & & \checkmark & & & 6.79 & 2.43\\ \midrule +CVE-2018-1000632 & & & \checkmark & \checkmark & \checkmark & & & \checkmark & & & \checkmark & & \checkmark & & \checkmark & & & 38.57 & 23.25\\ \midrule +CVE-2018-1000805 & & & \checkmark & \checkmark & \checkmark & & & & & & & & \checkmark & & \checkmark & & & 7.07 & 0.19\\ \midrule +CVE-2018-1000807 & & & \checkmark & \checkmark & \checkmark & & & & & & \checkmark & & & & \checkmark & & & 4.52 & 0.25\\ \midrule +CVE-2018-1000808 & & & \checkmark & \checkmark & \checkmark & & & \checkmark & & & \checkmark & & & & \checkmark & & & 5.0 & 0.29\\ \midrule +CVE-2018-1000814 & & & \checkmark & \checkmark & \checkmark & & & \checkmark & & & & & & & \checkmark & & & 3.82 & 0.15\\ \midrule +CVE-2018-1000843 & & & \checkmark & \checkmark & \checkmark & & & & & \checkmark & \checkmark & & & & \checkmark & & & 10.42 & 6.43\\ \midrule +CVE-2018-1000850 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & & 3.27 & 0.06\\ \midrule +CVE-2018-1000888 & & & & \checkmark & \checkmark & & & \checkmark & & & \checkmark & & & & & & & 25.98 & 21.16\\ \midrule +CVE-2018-1002201 & & & & \checkmark & \checkmark & & & & & & \checkmark & \checkmark & & & & & & 2.94 & 0.16\\ \midrule +CVE-2018-1002207 & & & \checkmark & \checkmark & \checkmark & & & & & & \checkmark & & \checkmark & & \checkmark & & & 2.81 & 0.02\\ \midrule +CVE-2018-1002208 & & & \checkmark & & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & \checkmark & & & 3.29 & 0.18\\ \midrule +CVE-2018-1999024 & & & & \checkmark & & & & & & & & & & & & & & 2.03 & 0.16\\ \midrule +CVE-2019-0219 & & & & & & & & \checkmark & & \checkmark & & & & & & & & 2.75 & 0.16\\ \midrule +CVE-2019-0911 & \checkmark & & & & \checkmark & & & & & & & & & & & & & 1.92 & 0.41\\ \midrule +CVE-2019-0912 & \checkmark & & & & \checkmark & & & & & & & & & & & & & 2.0 & 0.16\\ \midrule +CVE-2019-0917 & \checkmark & & & & \checkmark & & & & & & & & & & & & & 1.81 & 0.16\\ \midrule +CVE-2019-0922 & \checkmark & & & & \checkmark & & & & & & \checkmark & & & & & & & 1.69 & 0.16\\ \midrule +CVE-2019-0924 & \checkmark & & & & \checkmark & & & & & \checkmark & & & & & & & & 1.62 & 0.16\\ \midrule +CVE-2019-0925 & \checkmark & & & & \checkmark & & & & & & & & & & & & & 1.71 & 0.18\\ \midrule +CVE-2019-0933 & \checkmark & & & & \checkmark & & & & & & & & & & & & & 1.65 & 0.16\\ \midrule +CVE-2019-1052 & \checkmark & & & & \checkmark & & & & & & & & & & & & & 2.03 & 0.16\\ \midrule +CVE-2019-1062 & \checkmark & & & & \checkmark & & & & & & \checkmark & & & & & & & 1.77 & 0.2\\ \midrule +CVE-2019-1092 & \checkmark & & & & \checkmark & & & & & & & & & & & & & 1.66 & 0.17\\ \midrule +CVE-2019-1103 & \checkmark & & & & \checkmark & & & & & & & & & & & & & 2.06 & 0.53\\ \midrule +CVE-2019-1106 & \checkmark & & & & \checkmark & & & & & \checkmark & & & & & & & & 1.72 & 0.17\\ \midrule +CVE-2019-1107 & \checkmark & & & & \checkmark & & & & & & & & & & & & & 10.62 & 0.17\\ \midrule +CVE-2019-1139 & \checkmark & & & & \checkmark & & & & & & \checkmark & & & & & & & 1.98 & 0.16\\ \midrule +CVE-2019-1195 & \checkmark & & & & \checkmark & & & & & & \checkmark & \checkmark & & & & & & 2.01 & 0.17\\ \midrule +CVE-2019-1196 & \checkmark & & & & & & & & & \checkmark & \checkmark & & & & & & & 2.14 & 0.17\\ \midrule +CVE-2019-1197 & \checkmark & & & & \checkmark & & & & & & \checkmark & & & & & & & 2.06 & 0.17\\ \midrule +CVE-2019-3564 & & & & \checkmark & \checkmark & & & & & & \checkmark & \checkmark & & & & & & 2.25 & 0.2\\ \midrule +CVE-2019-3826 & & & \checkmark & \checkmark & & \checkmark & & & & & & & \checkmark & & \checkmark & & & 10.41 & 0.65\\ \midrule +CVE-2019-5413 & & & & \checkmark & \checkmark & & & & & & \checkmark & & & & & & & 2.24 & 0.09\\ \midrule +CVE-2019-5484 & & & & \checkmark & \checkmark & & & & & \checkmark & \checkmark & \checkmark & & & & & & 2.65 & 0.1\\ \midrule +CVE-2019-5884 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & 4.68 & 0.2\\ \midrule +CVE-2019-6798 & & & & \checkmark & \checkmark & & & & \checkmark & \checkmark & \checkmark & \checkmark & & & & & \checkmark & 9.68 & 0.18\\ \midrule +CVE-2019-7164 & & & \checkmark & \checkmark & & & & \checkmark & \checkmark & & & & & & \checkmark & & & 4.53 & 0.17\\ \midrule +CVE-2019-7548 & & & \checkmark & \checkmark & & & & \checkmark & \checkmark & & \checkmark & & & & \checkmark & & & 11.69 & 0.26\\ \midrule +CVE-2019-7617 & & & & & \checkmark & & & \checkmark & & & \checkmark & & & & \checkmark & & & 1.82 & 0.16\\ \midrule +CVE-2019-7722 & & & \checkmark & & \checkmark & & & \checkmark & \checkmark & \checkmark & & & \checkmark & & \checkmark & & & 3.87 & 0.21\\ \midrule +CVE-2019-8331 & & & & & \checkmark & & & \checkmark & & \checkmark & \checkmark & \checkmark & & & & & & 12.46 & 0.76\\ \midrule +CVE-2019-8457 & & & & \checkmark & & & & & & \checkmark & \checkmark & & & & & & & 7.52 & 0.19\\ \midrule +CVE-2019-9212 & & & & & \checkmark & & & \checkmark & & \checkmark & \checkmark & & & & \checkmark & & & 2.26 & 0.1\\ \midrule +CVE-2019-9658 & & & \checkmark & \checkmark & \checkmark & & & & & \checkmark & \checkmark & & \checkmark & & \checkmark & & & 11.82 & 0.16\\ \midrule +CVE-2019-9844 & & & & & \checkmark & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & 5.26 & 0.11\\ \midrule +CVE-2019-10077 & & & & & \checkmark & & & \checkmark & & & \checkmark & & & \checkmark & & \checkmark & & 2.82 & 0.19\\ \midrule +CVE-2019-10089 & & & & & & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & \checkmark & & 15.2 & 13.13\\ \midrule +CVE-2019-10090 & & & & & & & & \checkmark & & & \checkmark & \checkmark & & & & & & 14.22 & 12.18\\ \midrule +CVE-2019-10131 & & & & \checkmark & \checkmark & & \checkmark & & & \checkmark & & & & & & & \checkmark & 4.0 & 0.17\\ \midrule +CVE-2019-10157 & & & & \checkmark & & & & & & & & & & & & & & 2.99 & 0.13\\ \midrule +CVE-2019-10217 & & & \checkmark & \checkmark & \checkmark & & & \checkmark & & \checkmark & & & & & \checkmark & & & 9.84 & 0.18\\ \midrule +CVE-2019-10240 & & & & & \checkmark & & & & & & \checkmark & & & & \checkmark & & & 2.0 & 0.17\\ \midrule +CVE-2019-10241 & & & & \checkmark & & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & \checkmark & & & 7.79 & 0.16\\ \midrule +CVE-2019-10248 & & & \checkmark & & \checkmark & & & & & & & & & & \checkmark & & & 2.52 & 0.18\\ \midrule +CVE-2019-10642 & \checkmark & & & & \checkmark & & & \checkmark & & & & & & & & & & 1.65 & 0.17\\ \midrule +CVE-2019-10643 & \checkmark & & & & \checkmark & & & & & & \checkmark & & & & & & & 1.74 & 0.17\\ \midrule +CVE-2019-10682 & & & & \checkmark & & & & & & & \checkmark & & & & & & & 2.72 & 0.09\\ \midrule +CVE-2019-10745 & & & & & \checkmark & & & \checkmark & & & & & & & & & & 1.59 & 0.17\\ \midrule +CVE-2019-10748 & & & & & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & & \checkmark & & & 1.94 & 0.17\\ \midrule +CVE-2019-10749 & & & & \checkmark & & & & & & \checkmark & \checkmark & & & & \checkmark & & & 1.75 & 0.18\\ \midrule +CVE-2019-10750 & & & & & \checkmark & & \checkmark & \checkmark & & & & \checkmark & & & & & & 1.65 & 0.18\\ \midrule +CVE-2019-10751 & & & & \checkmark & & & \checkmark & \checkmark & \checkmark & & \checkmark & & & & & & & 4.21 & 0.18\\ \midrule +CVE-2019-10752 & & & & \checkmark & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & & \checkmark & & & 1.78 & 0.18\\ \midrule +CVE-2019-10756 & & & & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & & & & & & 2.22 & 0.27\\ \midrule +CVE-2019-10757 & & & & & & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & \checkmark & & & 1.82 & 0.18\\ \midrule +CVE-2019-10760 & & & & & \checkmark & & & & & & \checkmark & & & & & & & 1.46 & 0.09\\ \midrule +CVE-2019-10762 & & & & \checkmark & \checkmark & & & & \checkmark & \checkmark & \checkmark & & & & & & & 1.47 & 0.08\\ \midrule +CVE-2019-10764 & & & & & \checkmark & & & \checkmark & \checkmark & & \checkmark & & & & & & & 1.92 & 0.03\\ \midrule +CVE-2019-10767 & & & & \checkmark & \checkmark & & & & & & & \checkmark & & & & & & 1.77 & 0.17\\ \midrule +CVE-2019-10776 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & \checkmark & & & & & & & 1.73 & 0.16\\ \midrule +CVE-2019-10778 & & & & & \checkmark & & & \checkmark & & & \checkmark & \checkmark & & & & & & 1.64 & 0.12\\ \midrule +CVE-2019-10780 & & & & & \checkmark & & \checkmark & \checkmark & & & \checkmark & \checkmark & & & & & & 1.61 & 0.17\\ \midrule +CVE-2019-10781 & & & & \checkmark & & & & & & & & & \checkmark & & \checkmark & & & 1.47 & 0.07\\ \midrule +CVE-2019-10787 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & \checkmark & \checkmark & & & & & & 1.39 & 0.02\\ \midrule +CVE-2019-10792 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & \checkmark & & & 1.65 & 0.13\\ \midrule +CVE-2019-10793 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & & \checkmark & & & & & & & 1.52 & 0.07\\ \midrule +CVE-2019-10795 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & & \checkmark & & & & & & & 1.5 & 0.04\\ \midrule +CVE-2019-10797 & & & & & \checkmark & & \checkmark & & \checkmark & \checkmark & \checkmark & & & & & & & 26.93 & 25.42\\ \midrule +CVE-2019-10799 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & \checkmark & & & & & & 1.56 & 0.04\\ \midrule +CVE-2019-10867 & & & & \checkmark & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & & 2.07 & 0.17\\ \midrule +CVE-2019-11272 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & \checkmark & & & 3.08 & 0.17\\ \midrule +CVE-2019-11358 & & & \checkmark & \checkmark & \checkmark & & & \checkmark & & & \checkmark & & \checkmark & & \checkmark & & & 25.26 & 0.3\\ \midrule +CVE-2019-11512 & \checkmark & & & & \checkmark & & & & \checkmark & & \checkmark & & & & & & & 1.76 & 0.19\\ \midrule +CVE-2019-11514 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & \checkmark & 3.75 & 1.36\\ \midrule +CVE-2019-11767 & & & & & \checkmark & & & & & \checkmark & \checkmark & & & & & & & 4.03 & 0.74\\ \midrule +CVE-2019-11768 & & & & \checkmark & \checkmark & & & & & \checkmark & \checkmark & \checkmark & & & & & & 11.04 & 1.83\\ \midrule +CVE-2019-11777 & & & \checkmark & \checkmark & \checkmark & & \checkmark & & & \checkmark & \checkmark & & & & \checkmark & & & 4.67 & 0.16\\ \midrule +CVE-2019-12277 & & & & \checkmark & \checkmark & & & & \checkmark & & & \checkmark & & & & & & 1.67 & 0.19\\ \midrule +CVE-2019-12402 & & & & \checkmark & & & & & & \checkmark & \checkmark & & & & & & & 15.68 & 0.17\\ \midrule +CVE-2019-12404 & & & & & \checkmark & & \checkmark & \checkmark & & & \checkmark & \checkmark & & & & & & 8.68 & 6.73\\ \midrule +CVE-2019-12407 & & & & & \checkmark & & & & & & \checkmark & \checkmark & & & & & & 9.24 & 7.09\\ \midrule +CVE-2019-12616 & & & & \checkmark & \checkmark & & & & & & \checkmark & & & & & & & 5.83 & 0.19\\ \midrule +CVE-2019-12741 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & & & & & & 3.16 & 0.18\\ \midrule +CVE-2019-12814 & & & \checkmark & \checkmark & \checkmark & & \checkmark & & & \checkmark & & & & & \checkmark & & & 21.34 & 0.16\\ \midrule +CVE-2019-13127 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & & 1.78 & 0.03\\ \midrule +CVE-2019-13135 & & & & \checkmark & \checkmark & & & \checkmark & & \checkmark & \checkmark & & & & & & \checkmark & 4.06 & 0.17\\ \midrule +CVE-2019-13173 & & & & \checkmark & \checkmark & & & & & & \checkmark & & & & & & & 3.35 & 0.04\\ \midrule +CVE-2019-13295 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & \checkmark & 5.6 & 0.16\\ \midrule +CVE-2019-13574 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & & 3.54 & 0.2\\ \midrule +CVE-2019-13644 & & & \checkmark & \checkmark & \checkmark & & & & & \checkmark & & & & & \checkmark & & & 3.56 & 0.19\\ \midrule +CVE-2019-14537 & & & & & & & & & & & \checkmark & & & & & & & 23.13 & 19.0\\ \midrule +CVE-2019-14540 & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & & & \checkmark & & \checkmark & & & 14.47 & 0.16\\ \midrule +CVE-2019-14668 & & & \checkmark & \checkmark & \checkmark & & & & & \checkmark & & & & & \checkmark & & & 3.09 & 0.18\\ \midrule +CVE-2019-14669 & & & \checkmark & \checkmark & \checkmark & & & & & \checkmark & & & & & \checkmark & & & 3.37 & 0.4\\ \midrule +CVE-2019-14671 & & & \checkmark & \checkmark & \checkmark & & & \checkmark & & \checkmark & & & & & \checkmark & & & 3.62 & 0.45\\ \midrule +CVE-2019-14672 & & & \checkmark & \checkmark & \checkmark & & & & & \checkmark & & & & & \checkmark & & & 3.76 & 0.28\\ \midrule +CVE-2019-14751 & \checkmark & & & \checkmark & \checkmark & & & & & \checkmark & \checkmark & \checkmark & & & & & & 6.99 & 0.16\\ \midrule +CVE-2019-14806 & & & & \checkmark & & & & & & & \checkmark & & & & & & & 4.35 & 0.16\\ \midrule +CVE-2019-14837 & & & & \checkmark & & & & \checkmark & \checkmark & \checkmark & \checkmark & & & & \checkmark & & & 6.85 & 0.16\\ \midrule +CVE-2019-14862 & & & \checkmark & \checkmark & & & & & & & \checkmark & & \checkmark & & \checkmark & & & 5.59 & 0.13\\ \midrule +CVE-2019-14863 & & & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & \checkmark & \checkmark & & \checkmark & & & 5.47 & 0.16\\ \midrule +CVE-2019-14893 & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & & & \checkmark & & \checkmark & & & 5.18 & 0.16\\ \midrule +CVE-2019-14980 & & & & \checkmark & \checkmark & & & \checkmark & & & \checkmark & & & & & & \checkmark & 5.53 & 0.16\\ \midrule +CVE-2019-15481 & & & \checkmark & \checkmark & \checkmark & & & & & \checkmark & \checkmark & \checkmark & & & \checkmark & & & 3.17 & 0.19\\ \midrule +CVE-2019-15532 & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & & & 3.2 & 0.16\\ \midrule +CVE-2019-15657 & & & & & \checkmark & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & 2.85 & 0.16\\ \midrule +CVE-2019-15658 & & & \checkmark & & \checkmark & & & \checkmark & \checkmark & & \checkmark & & & & \checkmark & & & 1.58 & 0.17\\ \midrule +CVE-2019-16197 & & & & & \checkmark & & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & 5.57 & 0.17\\ \midrule +CVE-2019-16317 & & & & \checkmark & \checkmark & & & & \checkmark & & \checkmark & & & & & & & 2.04 & 0.28\\ \midrule +CVE-2019-16318 & & & & \checkmark & \checkmark & & & & & & \checkmark & & & & & & & 2.22 & 0.33\\ \midrule +CVE-2019-16335 & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & & & \checkmark & & \checkmark & & & 5.46 & 0.17\\ \midrule +CVE-2019-16676 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & \checkmark & & & & & & & 2.01 & 0.16\\ \midrule +CVE-2019-16761 & & & & \checkmark & & & & \checkmark & & \checkmark & \checkmark & & & & & & & 2.0 & 0.17\\ \midrule +CVE-2019-16762 & & & & \checkmark & & & & \checkmark & & \checkmark & & & & & & & & 1.83 & 0.09\\ \midrule +CVE-2019-16763 & & & & \checkmark & \checkmark & & & & \checkmark & & & \checkmark & & & & & & 2.08 & 0.27\\ \midrule +CVE-2019-16766 & & & & \checkmark & \checkmark & & & & & & \checkmark & & & & & & & 2.26 & 0.31\\ \midrule +CVE-2019-16769 & & & & \checkmark & \checkmark & & & \checkmark & & \checkmark & & & & & & & & 3.22 & 0.08\\ \midrule +CVE-2019-16771 & & & & \checkmark & \checkmark & & \checkmark & & \checkmark & \checkmark & \checkmark & & & & & & & 2.54 & 0.2\\ \midrule +CVE-2019-16778 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & & \checkmark & & & & & & & 10.48 & 0.92\\ \midrule +CVE-2019-16779 & & & & \checkmark & \checkmark & & & & & \checkmark & \checkmark & & & & & & & 3.87 & 0.1\\ \midrule +CVE-2019-16784 & \checkmark & & & \checkmark & \checkmark & & & & \checkmark & & \checkmark & \checkmark & & & & & & 2.42 & 0.4\\ \midrule +CVE-2019-16785 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & & 3.26 & 0.17\\ \midrule +CVE-2019-16786 & & & & \checkmark & \checkmark & & & & \checkmark & & \checkmark & & & & & & & 4.76 & 0.42\\ \midrule +CVE-2019-16789 & & & & \checkmark & \checkmark & & & & \checkmark & & \checkmark & & & & & & & 5.15 & 0.4\\ \midrule +CVE-2019-16792 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & & \checkmark & & & & & & & 2.62 & 0.44\\ \midrule +CVE-2019-17267 & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & & & & & \checkmark & & & 6.64 & 0.17\\ \midrule +CVE-2019-17496 & & & & \checkmark & & & & & \checkmark & & & \checkmark & & & & & & 4.09 & 0.23\\ \midrule +CVE-2019-17513 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & & 2.65 & 0.16\\ \midrule +CVE-2019-17531 & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & & & \checkmark & & \checkmark & & & 6.44 & 0.17\\ \midrule +CVE-2019-17541 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & \checkmark & 7.24 & 0.86\\ \midrule +CVE-2019-17592 & & & & \checkmark & \checkmark & & & \checkmark & & \checkmark & \checkmark & \checkmark & & & & & & 7.91 & 0.52\\ \midrule +CVE-2019-18622 & \checkmark & & & \checkmark & \checkmark & & & & & \checkmark & \checkmark & \checkmark & & & \checkmark & & & 15.17 & 0.2\\ \midrule +CVE-2019-18656 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & 2.13 & 0.18\\ \midrule +CVE-2019-18848 & \checkmark & & & \checkmark & \checkmark & & & & \checkmark & & \checkmark & & & & & & & 2.86 & 0.26\\ \midrule +CVE-2019-18857 & & & & \checkmark & \checkmark & & & & & & & & & & & & & 2.39 & 0.17\\ \midrule +CVE-2019-18874 & & & \checkmark & \checkmark & \checkmark & & & & & & \checkmark & & \checkmark & & \checkmark & & & 10.0 & 0.17\\ \midrule +CVE-2019-18889 & & & & & \checkmark & & & & & & \checkmark & \checkmark & & & & & & 3.29 & 0.17\\ \midrule +CVE-2019-18978 & & & & \checkmark & \checkmark & & \checkmark & & & & \checkmark & & & & & & & 3.48 & 0.19\\ \midrule +CVE-2019-18981 & & & & \checkmark & & & & & & \checkmark & \checkmark & & & & & & & 2.02 & 0.16\\ \midrule +CVE-2019-18982 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & & 2.37 & 0.17\\ \midrule +CVE-2019-18985 & & & & \checkmark & \checkmark & & & & & & \checkmark & \checkmark & & & & & & 2.61 & 0.28\\ \midrule +CVE-2019-18986 & & & & \checkmark & \checkmark & & & & \checkmark & \checkmark & \checkmark & & & & & & & 2.68 & 0.29\\ \midrule +CVE-2019-19010 & & & & \checkmark & \checkmark & & & & & \checkmark & \checkmark & & & & & & & 5.31 & 0.16\\ \midrule +CVE-2019-19212 & & & & & \checkmark & & \checkmark & & & \checkmark & & \checkmark & & & & & & 6.21 & 0.16\\ \midrule +CVE-2019-19275 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & & \checkmark & & & & \checkmark & & & 3.22 & 0.32\\ \midrule +CVE-2019-19507 & & & \checkmark & \checkmark & & & & \checkmark & & \checkmark & & & & & \checkmark & & & 2.16 & 0.09\\ \midrule +CVE-2019-19576 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & & & & & 3.45 & 0.17\\ \midrule +CVE-2019-19619 & & & & \checkmark & \checkmark & & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & 5.8 & 0.74\\ \midrule +CVE-2019-19703 & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & \checkmark & & & 2.37 & 0.17\\ \midrule +CVE-2019-19794 & & & \checkmark & \checkmark & \checkmark & & & & & & \checkmark & & \checkmark & & \checkmark & & & 6.69 & 0.17\\ \midrule +CVE-2019-20330 & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & & & \checkmark & & \checkmark & & & 18.46 & 0.16\\ \midrule +CVE-2019-1000005 & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & & \checkmark & \checkmark & & \checkmark & & & 2.45 & 0.13\\ \midrule +CVE-2019-1000021 & & & & \checkmark & \checkmark & & & & & \checkmark & \checkmark & & & & & & & 4.19 & 0.13\\ \midrule +CVE-2019-1010266 & & & & & \checkmark & & & & & & \checkmark & & & & & & & 26.56 & 23.32\\ \midrule +CVE-2019-1020012 & & & & \checkmark & \checkmark & & & \checkmark & & & & & & & & & & 2.47 & 0.18\\ \midrule +CVE-2020-1928 & & \checkmark & \checkmark & & \checkmark & & & & & & & & & & \checkmark & \checkmark & & 4.35 & 0.18\\ \midrule +CVE-2020-5219 & \checkmark & & & \checkmark & & & & \checkmark & & & & & & & & & & 2.04 & 0.11\\ \midrule +CVE-2020-5224 & & & & \checkmark & \checkmark & & \checkmark & & & \checkmark & \checkmark & & & & & & & 2.14 & 0.24\\ \midrule +CVE-2020-5227 & & & & \checkmark & \checkmark & & & & \checkmark & & \checkmark & & & & & & & 2.91 & 0.18\\ \midrule +CVE-2020-5229 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & & & 2.47 & 0.17\\ \midrule +CVE-2020-5232 & & & & \checkmark & & & & & & & & & & & & & & 1.8 & 0.1\\ \midrule +CVE-2020-5236 & & & & \checkmark & \checkmark & & & & & & \checkmark & & & & & & & 2.34 & 0.16\\ \midrule +CVE-2020-5249 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & \checkmark & & \checkmark & 4.25 & 0.23\\ \midrule +CVE-2020-5390 & \checkmark & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & & \checkmark & & & & & & & 3.46 & 0.16\\ \midrule +CVE-2020-5529 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & & 3.45 & 0.16\\ \midrule +CVE-2020-6836 & & & & \checkmark & & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & \checkmark & & & 1.7 & 0.1\\ \midrule +CVE-2020-7597 & & & & \checkmark & \checkmark & & & \checkmark & & & & & & & \checkmark & & & 1.55 & 0.16\\ \midrule +CVE-2020-7981 & & & & \checkmark & \checkmark & & & \checkmark & \checkmark & & & \checkmark & & & & & & 2.36 & 0.16\\ \midrule +CVE-2020-8125 & & & & & \checkmark & & & & & & & & & & \checkmark & & & 1.63 & 0.15\\ \midrule +CVE-2020-8131 & & & \checkmark & \checkmark & \checkmark & \checkmark & & & & & \checkmark & & & & \checkmark & & & 4.31 & 0.16\\ \midrule +CVE-2020-9281 & & & & & & & \checkmark & \checkmark & & \checkmark & & & & & & & & 23.27 & 15.7\\ \midrule +CVE-2020-9283 & \checkmark & & & \checkmark & \checkmark & & & \checkmark & & & \checkmark & & & & & & & 13.04 & 0.16\\ \midrule +CVE-2020-10236 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & \checkmark & & & & & & & 12.0 & 0.27\\ \midrule +CVE-2020-10591 & & & & \checkmark & \checkmark & & \checkmark & \checkmark & \checkmark & \checkmark & \checkmark & & & & \checkmark & & & 3.25 & 0.16\\ \midrule +CVE-2020-10672 & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & & & & & \checkmark & & & 10.99 & 0.41\\ \midrule +CVE-2020-10673 & & & \checkmark & \checkmark & \checkmark & & \checkmark & \checkmark & & \checkmark & & & & & \checkmark & & & 10.25 & 0.16\\ \midrule +\bottomrule +\end{longtabu} \ No newline at end of file diff --git a/prospector/evaluation/data/results/summary_execution_flow-analysis.json b/prospector/evaluation/data/results/summary_execution_flow-analysis.json new file mode 100644 index 000000000..21e0d5f6f --- /dev/null +++ b/prospector/evaluation/data/results/summary_execution_flow-analysis.json @@ -0,0 +1,2007 @@ +{ + "transitions": [ + { + "medium to high": [ + { + "CVE-2019-11767": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2016-10558": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2011-3923": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2019-10797": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2014-9970": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2020-8125": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2017-7674": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-10780": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2016-10575": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2014-2525": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2019-10778": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2016-4977": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2016-10529": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2017-12616": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2019-13209": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-1263": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2019-10240": { + "different first commit": false, + "different references": true + } + }, + { + "CVE-2017-9796": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-8331": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2017-5641": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2011-1950": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-9844": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2018-14637": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-10750": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2016-10694": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2016-10735": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2012-2378": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2018-3731": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2016-10611": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-1000013": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-10760": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2015-6524": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-9212": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2017-11467": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2016-10528": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2017-5858": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2013-4111": { + "different first commit": false, + "different references": true + } + }, + { + "CVE-2015-1772": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2016-10559": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2019-18889": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2013-2172": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2019-10745": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2014-3576": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2016-10591": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2017-2617": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-3714": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2018-1260": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2018-1000014": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2016-4000": { + "different first commit": false, + "different references": true + } + }, + { + "CVE-2016-8738": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-16490": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2019-10764": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2017-16007": { + "different first commit": false, + "different references": true + } + }, + { + "CVE-2019-1010266": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-10904": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2012-5812": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2017-4973": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-10748": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2017-1000389": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2019-12407": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2015-8862": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2017-12620": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2019-16197": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2017-2667": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-12404": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2016-10560": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2013-4316": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-16459": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-15657": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2012-3536": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2019-19212": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-7617": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-1261": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2014-3250": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-17197": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + } + ] + }, + { + "low to high": [ + { + "CVE-2013-1607": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2014-7809": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2014-3577": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2017-2652": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-16462": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + } + ] + }, + { + "not_reported to false_positive": [ + { + "CVE-2016-3959": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2016-6652": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2016-4465": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2019-10354": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-0953": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2019-19316": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2012-1986": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2016-1000282": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-1304": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2019-9155": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2016-0762": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2016-4972": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2014-3630": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2017-9214": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2012-1054": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2012-1099": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-10770": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2016-6793": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-14642": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2013-4152": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-11758": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2013-4428": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2016-8629": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-19919": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2019-3894": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2014-3709": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-17554": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2017-7660": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2011-2732": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-3808": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-8359": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-10766": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2010-2076": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2015-2068": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-3728": { + "different first commit": true, + "different references": true + } + }, + { + "CVE-2018-13790": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2017-7675": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2019-17359": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-11087": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2016-10582": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2015-0293": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2016-10557": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2019-10158": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2012-1098": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2017-5954": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2015-5250": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-12203": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2015-5207": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2013-2115": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2019-12748": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2016-6519": { + "different first commit": false, + "different references": true + } + }, + { + "CVE-2019-3810": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-14280": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2013-0285": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2014-0116": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-8473": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2015-5241": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2020-1938": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2019-10071": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2014-0097": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2013-1654": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2016-10542": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2016-8745": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2014-1829": { + "different first commit": true, + "different references": true + } + }, + { + "CVE-2019-17223": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2012-3451": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2017-12159": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2017-7666": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-1193": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-8008": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2015-0208": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2017-4952": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2017-0224": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-3743": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2012-1987": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2017-1000042": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2019-1001": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-12423": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2017-11503": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2017-7957": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2015-3192": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2019-7537": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2010-4535": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-1339": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-10174": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2017-12158": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2014-0086": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-10912": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-19787": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2013-2254": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2016-10579": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2017-9265": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2010-0156": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2016-6817": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-5018": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2013-4761": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-8541": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2013-7315": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2016-6797": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2016-10550": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2017-9096": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2016-3081": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2012-3867": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2012-1906": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-10862": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2014-0035": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2017-2649": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-8315": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2017-14683": { + "different first commit": false, + "different references": true + } + }, + { + "CVE-2019-11269": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2014-0228": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2016-6794": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2017-7661": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-15608": { + "different first commit": false, + "different references": true + } + }, + { + "CVE-2017-12160": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2012-4449": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2019-0226": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-3799": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2019-11289": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-1314": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2015-8861": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2012-5055": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-11328": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-12245": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-3847": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2017-7662": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2015-0289": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2019-3850": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2016-10750": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-15758": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-11016": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2020-7596": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2015-5211": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2016-6796": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2012-2379": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2017-12631": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-12617": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2017-2592": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2019-14838": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-11777": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2012-0392": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-8510": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2017-15720": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2019-3774": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2010-4534": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2011-3848": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-10763": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2019-7644": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2016-5388": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2020-1937": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2015-1830": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2017-17835": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2019-12419": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2019-10754": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2010-5142": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-3758": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-1000854": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2020-8134": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-8465": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + }, + { + "CVE-2018-1259": { + "different first commit": false, + "different references": false, + "different keywords": false, + "same commits, ordered differently": false, + "same relevance sum": false + } + }, + { + "CVE-2011-1772": { + "different first commit": true, + "different references": false, + "different keywords": false, + "same commits, ordered differently": true + } + } + ] + } + ], + "category_adjustments": { + "medium": -75, + "high": 80, + "low": -5, + "not_reported": -161, + "false_positive": 161 + } +} \ No newline at end of file diff --git a/prospector/evaluation/data/results/summary_execution_mvi_table.tex b/prospector/evaluation/data/results/summary_execution_mvi_table.tex new file mode 100644 index 000000000..d92e53274 --- /dev/null +++ b/prospector/evaluation/data/results/summary_execution_mvi_table.tex @@ -0,0 +1,32 @@ +\begin{table} + \centering + % \tiny + \begin{tabular}{| l c c c c |} + \rowcolor{gray!50} \textbf{Result} & \textbf{Without LLM} & \textbf{\%} & \textbf{With LLM} & \textbf{\%} \\ \hline + High confidence & 468 & 35.86 & 548 & 41.99 \\ + \rowcolor{gray!20} \begin{tabular}{l} + \quad Commit in reference* \\ + \end{tabular} & 413 & 88.25 & 413 & 75.36 \\ + \rowcolor{gray!20} \begin{tabular}{l} + \quad CVE ID in message* \\ + \end{tabular} & 69 & 14.74 & 69 & 12.59 \\ + \rowcolor{gray!20} \begin{tabular}{l} + \quad CVE ID in Issue* \\ + \end{tabular} & 12 & 2.56 & 12 & 2.19 \\ + \rowcolor{gray!20} \begin{tabular}{l} + \quad Cross Reference* \\ + \end{tabular} & 135 & 28.85 & 135 & 24.64 \\ + \rowcolor{gray!20} \begin{tabular}{l} + \quad Commit is Security Relevant* \\ + \end{tabular} & 0 & 0.0 & 488 & 37.39 \\ + Medium confidence & 93 & 7.13 & 18 & 1.38 \\ + Low confidence & 11 & 0.84 & 6 & 0.46 \\ + Not found (rank $> 10$) & 11 & 0.84 & 11 & 0.84 \\ + Not reported & 205 & 15.71 & 44 & 3.37 \\ + False Positive & 517 & 39.62 & 678 & 51.95 \\ + Aborted (due to exceeding candidate limit) & 14 & 1.07 & 14 & 1.07 \\ + \textbf{Total} & \textbf{1305} & & \textbf{1305} & \\ \hline + \end{tabular} + \caption{Prospector Evaluation Results (* percentage of high confidence category)} + \label{tab:tracer_dataset_results_mvi} +\end{table} \ No newline at end of file diff --git a/prospector/evaluation/data/results/summary_execution_mvi_with_llm.json b/prospector/evaluation/data/results/summary_execution_mvi_with_llm.json new file mode 100644 index 000000000..874c41197 --- /dev/null +++ b/prospector/evaluation/data/results/summary_execution_mvi_with_llm.json @@ -0,0 +1,4966 @@ +{ + "summary_execution_details": [ + { + "timestamp": "30-08-2024, 09:08", + "results": { + "high": [ + "CVE-2010-5312", + "CVE-2011-1950", + "CVE-2011-2765", + "CVE-2011-3186", + "CVE-2011-3923", + "CVE-2011-4030", + "CVE-2011-4461", + "CVE-2012-1109", + "CVE-2012-1176", + "CVE-2012-2378", + "CVE-2012-2417", + "CVE-2012-3366", + "CVE-2012-3408", + "CVE-2012-3458", + "CVE-2012-3536", + "CVE-2012-5812", + "CVE-2012-6550", + "CVE-2013-0256", + "CVE-2013-0294", + "CVE-2013-1607", + "CVE-2013-1800", + "CVE-2013-1801", + "CVE-2013-1879", + "CVE-2013-1880", + "CVE-2013-2013", + "CVE-2013-2035", + "CVE-2013-2172", + "CVE-2013-2191", + "CVE-2013-3300", + "CVE-2013-4111", + "CVE-2013-4116", + "CVE-2013-4316", + "CVE-2013-4413", + "CVE-2013-4562", + "CVE-2013-4701", + "CVE-2013-6465", + "CVE-2013-7378", + "CVE-2013-7459", + "CVE-2014-0072", + "CVE-2014-0073", + "CVE-2014-0120", + "CVE-2014-0121", + "CVE-2014-0160", + "CVE-2014-0177", + "CVE-2014-1202", + "CVE-2014-1403", + "CVE-2014-1604", + "CVE-2014-1904", + "CVE-2014-2525", + "CVE-2014-3120", + "CVE-2014-3250", + "CVE-2014-3488", + "CVE-2014-3576", + "CVE-2014-3577", + "CVE-2014-3579", + "CVE-2014-3599", + "CVE-2014-3612", + "CVE-2014-3741", + "CVE-2014-3995", + "CVE-2014-4657", + "CVE-2014-6394", + "CVE-2014-7192", + "CVE-2014-7193", + "CVE-2014-7809", + "CVE-2014-8115", + "CVE-2014-8152", + "CVE-2014-8681", + "CVE-2014-8682", + "CVE-2014-9130", + "CVE-2014-9489", + "CVE-2014-9682", + "CVE-2014-9721", + "CVE-2014-9970", + "CVE-2015-0276", + "CVE-2015-0838", + "CVE-2015-0846", + "CVE-2015-1326", + "CVE-2015-1772", + "CVE-2015-1782", + "CVE-2015-1838", + "CVE-2015-3206", + "CVE-2015-3220", + "CVE-2015-4082", + "CVE-2015-4410", + "CVE-2015-4412", + "CVE-2015-4619", + "CVE-2015-5081", + "CVE-2015-5147", + "CVE-2015-6524", + "CVE-2015-6584", + "CVE-2015-7294", + "CVE-2015-7337", + "CVE-2015-7541", + "CVE-2015-7809", + "CVE-2015-8309", + "CVE-2015-8310", + "CVE-2015-8747", + "CVE-2015-8814", + "CVE-2015-8854", + "CVE-2015-8862", + "CVE-2015-9235", + "CVE-2015-9241", + "CVE-2016-0750", + "CVE-2016-1505", + "CVE-2016-2166", + "CVE-2016-2537", + "CVE-2016-3114", + "CVE-2016-3693", + "CVE-2016-3720", + "CVE-2016-4000", + "CVE-2016-4442", + "CVE-2016-4562", + "CVE-2016-4563", + "CVE-2016-4564", + "CVE-2016-4974", + "CVE-2016-4977", + "CVE-2016-5007", + "CVE-2016-5104", + "CVE-2016-5180", + "CVE-2016-5431", + "CVE-2016-5697", + "CVE-2016-5841", + "CVE-2016-5842", + "CVE-2016-5851", + "CVE-2016-6298", + "CVE-2016-7528", + "CVE-2016-8738", + "CVE-2016-9298", + "CVE-2016-9909", + "CVE-2016-9910", + "CVE-2016-10149", + "CVE-2016-10173", + "CVE-2016-10345", + "CVE-2016-10522", + "CVE-2016-10524", + "CVE-2016-10528", + "CVE-2016-10529", + "CVE-2016-10531", + "CVE-2016-10536", + "CVE-2016-10540", + "CVE-2016-10544", + "CVE-2016-10554", + "CVE-2016-10556", + "CVE-2016-10558", + "CVE-2016-10559", + "CVE-2016-10560", + "CVE-2016-10575", + "CVE-2016-10577", + "CVE-2016-10591", + "CVE-2016-10611", + "CVE-2016-10694", + "CVE-2016-10703", + "CVE-2016-10735", + "CVE-2016-1000236", + "CVE-2016-1000338", + "CVE-2016-1000340", + "CVE-2016-1000343", + "CVE-2016-1000344", + "CVE-2017-0904", + "CVE-2017-2617", + "CVE-2017-2652", + "CVE-2017-2667", + "CVE-2017-2809", + "CVE-2017-3204", + "CVE-2017-4973", + "CVE-2017-5209", + "CVE-2017-5545", + "CVE-2017-5591", + "CVE-2017-5641", + "CVE-2017-5645", + "CVE-2017-5858", + "CVE-2017-5934", + "CVE-2017-5936", + "CVE-2017-5946", + "CVE-2017-7540", + "CVE-2017-7654", + "CVE-2017-7656", + "CVE-2017-7674", + "CVE-2017-8028", + "CVE-2017-8418", + "CVE-2017-8932", + "CVE-2017-9796", + "CVE-2017-11173", + "CVE-2017-11427", + "CVE-2017-11467", + "CVE-2017-11905", + "CVE-2017-11910", + "CVE-2017-12098", + "CVE-2017-12616", + "CVE-2017-12620", + "CVE-2017-12867", + "CVE-2017-12871", + "CVE-2017-13098", + "CVE-2017-14619", + "CVE-2017-14735", + "CVE-2017-15051", + "CVE-2017-15052", + "CVE-2017-15053", + "CVE-2017-15054", + "CVE-2017-15055", + "CVE-2017-15133", + "CVE-2017-15278", + "CVE-2017-15703", + "CVE-2017-15728", + "CVE-2017-15729", + "CVE-2017-15730", + "CVE-2017-15731", + "CVE-2017-15733", + "CVE-2017-15734", + "CVE-2017-15735", + "CVE-2017-15808", + "CVE-2017-15809", + "CVE-2017-15879", + "CVE-2017-15928", + "CVE-2017-16003", + "CVE-2017-16007", + "CVE-2017-16008", + "CVE-2017-16013", + "CVE-2017-16014", + "CVE-2017-16015", + "CVE-2017-16016", + "CVE-2017-16017", + "CVE-2017-16023", + "CVE-2017-16025", + "CVE-2017-16042", + "CVE-2017-16136", + "CVE-2017-16226", + "CVE-2017-16228", + "CVE-2017-16244", + "CVE-2017-16613", + "CVE-2017-16615", + "CVE-2017-16616", + "CVE-2017-16618", + "CVE-2017-16876", + "CVE-2017-16877", + "CVE-2017-16880", + "CVE-2017-17042", + "CVE-2017-18239", + "CVE-2017-18367", + "CVE-2017-1000188", + "CVE-2017-1000189", + "CVE-2017-1000228", + "CVE-2017-1000389", + "CVE-2017-1000486", + "CVE-2017-1000487", + "CVE-2017-1000491", + "CVE-2017-1001002", + "CVE-2017-1001003", + "CVE-2017-1001004", + "CVE-2017-1002150", + "CVE-2018-1098", + "CVE-2018-1099", + "CVE-2018-1260", + "CVE-2018-1261", + "CVE-2018-1263", + "CVE-2018-1309", + "CVE-2018-1320", + "CVE-2018-3712", + "CVE-2018-3714", + "CVE-2018-3715", + "CVE-2018-3721", + "CVE-2018-3726", + "CVE-2018-3731", + "CVE-2018-3732", + "CVE-2018-3733", + "CVE-2018-3740", + "CVE-2018-3741", + "CVE-2018-3750", + "CVE-2018-3759", + "CVE-2018-3769", + "CVE-2018-3774", + "CVE-2018-3778", + "CVE-2018-3786", + "CVE-2018-5968", + "CVE-2018-6333", + "CVE-2018-7260", + "CVE-2018-7408", + "CVE-2018-7560", + "CVE-2018-7651", + "CVE-2018-7753", + "CVE-2018-8013", + "CVE-2018-8016", + "CVE-2018-8128", + "CVE-2018-8177", + "CVE-2018-8178", + "CVE-2018-8381", + "CVE-2018-8390", + "CVE-2018-9109", + "CVE-2018-9110", + "CVE-2018-9206", + "CVE-2018-10092", + "CVE-2018-10094", + "CVE-2018-10095", + "CVE-2018-10188", + "CVE-2018-10366", + "CVE-2018-10903", + "CVE-2018-10936", + "CVE-2018-11093", + "CVE-2018-11771", + "CVE-2018-11798", + "CVE-2018-12043", + "CVE-2018-12418", + "CVE-2018-12541", + "CVE-2018-12557", + "CVE-2018-12615", + "CVE-2018-12976", + "CVE-2018-13447", + "CVE-2018-13448", + "CVE-2018-13449", + "CVE-2018-13450", + "CVE-2018-13797", + "CVE-2018-13818", + "CVE-2018-14041", + "CVE-2018-14637", + "CVE-2018-14718", + "CVE-2018-14719", + "CVE-2018-14720", + "CVE-2018-14721", + "CVE-2018-14840", + "CVE-2018-15178", + "CVE-2018-15531", + "CVE-2018-16329", + "CVE-2018-16459", + "CVE-2018-16462", + "CVE-2018-16470", + "CVE-2018-16472", + "CVE-2018-16490", + "CVE-2018-16492", + "CVE-2018-17104", + "CVE-2018-17187", + "CVE-2018-17193", + "CVE-2018-17194", + "CVE-2018-17195", + "CVE-2018-17197", + "CVE-2018-17419", + "CVE-2018-18389", + "CVE-2018-18476", + "CVE-2018-19048", + "CVE-2018-19184", + "CVE-2018-19360", + "CVE-2018-19361", + "CVE-2018-19362", + "CVE-2018-19992", + "CVE-2018-19993", + "CVE-2018-19994", + "CVE-2018-20028", + "CVE-2018-20059", + "CVE-2018-20433", + "CVE-2018-20594", + "CVE-2018-20595", + "CVE-2018-20677", + "CVE-2018-20801", + "CVE-2018-20835", + "CVE-2018-20962", + "CVE-2018-1000013", + "CVE-2018-1000014", + "CVE-2018-1000089", + "CVE-2018-1000119", + "CVE-2018-1000129", + "CVE-2018-1000134", + "CVE-2018-1000164", + "CVE-2018-1000518", + "CVE-2018-1000525", + "CVE-2018-1000531", + "CVE-2018-1000538", + "CVE-2018-1000620", + "CVE-2018-1000632", + "CVE-2018-1000805", + "CVE-2018-1000807", + "CVE-2018-1000808", + "CVE-2018-1000814", + "CVE-2018-1000843", + "CVE-2018-1000850", + "CVE-2018-1000888", + "CVE-2018-1002201", + "CVE-2018-1002207", + "CVE-2018-1002208", + "CVE-2018-1999024", + "CVE-2019-0911", + "CVE-2019-0912", + "CVE-2019-0917", + "CVE-2019-0922", + "CVE-2019-0924", + "CVE-2019-0925", + "CVE-2019-0933", + "CVE-2019-1052", + "CVE-2019-1062", + "CVE-2019-1092", + "CVE-2019-1103", + "CVE-2019-1106", + "CVE-2019-1107", + "CVE-2019-1139", + "CVE-2019-1195", + "CVE-2019-1196", + "CVE-2019-1197", + "CVE-2019-3564", + "CVE-2019-3826", + "CVE-2019-5413", + "CVE-2019-5484", + "CVE-2019-5884", + "CVE-2019-6798", + "CVE-2019-7164", + "CVE-2019-7548", + "CVE-2019-7617", + "CVE-2019-7722", + "CVE-2019-8331", + "CVE-2019-8457", + "CVE-2019-9212", + "CVE-2019-9658", + "CVE-2019-9844", + "CVE-2019-10131", + "CVE-2019-10157", + "CVE-2019-10217", + "CVE-2019-10240", + "CVE-2019-10241", + "CVE-2019-10248", + "CVE-2019-10642", + "CVE-2019-10643", + "CVE-2019-10682", + "CVE-2019-10745", + "CVE-2019-10748", + "CVE-2019-10749", + "CVE-2019-10750", + "CVE-2019-10751", + "CVE-2019-10752", + "CVE-2019-10760", + "CVE-2019-10762", + "CVE-2019-10764", + "CVE-2019-10767", + "CVE-2019-10776", + "CVE-2019-10778", + "CVE-2019-10780", + "CVE-2019-10781", + "CVE-2019-10787", + "CVE-2019-10792", + "CVE-2019-10793", + "CVE-2019-10795", + "CVE-2019-10797", + "CVE-2019-10799", + "CVE-2019-10867", + "CVE-2019-10904", + "CVE-2019-11272", + "CVE-2019-11358", + "CVE-2019-11512", + "CVE-2019-11514", + "CVE-2019-11767", + "CVE-2019-11768", + "CVE-2019-11777", + "CVE-2019-12277", + "CVE-2019-12402", + "CVE-2019-12404", + "CVE-2019-12407", + "CVE-2019-12616", + "CVE-2019-12741", + "CVE-2019-12814", + "CVE-2019-13127", + "CVE-2019-13135", + "CVE-2019-13173", + "CVE-2019-13209", + "CVE-2019-13295", + "CVE-2019-13574", + "CVE-2019-13644", + "CVE-2019-14540", + "CVE-2019-14668", + "CVE-2019-14669", + "CVE-2019-14671", + "CVE-2019-14672", + "CVE-2019-14751", + "CVE-2019-14806", + "CVE-2019-14837", + "CVE-2019-14862", + "CVE-2019-14863", + "CVE-2019-14893", + "CVE-2019-14980", + "CVE-2019-15481", + "CVE-2019-15532", + "CVE-2019-15657", + "CVE-2019-15658", + "CVE-2019-16197", + "CVE-2019-16317", + "CVE-2019-16318", + "CVE-2019-16335", + "CVE-2019-16676", + "CVE-2019-16761", + "CVE-2019-16762", + "CVE-2019-16763", + "CVE-2019-16766", + "CVE-2019-16769", + "CVE-2019-16771", + "CVE-2019-16778", + "CVE-2019-16779", + "CVE-2019-16784", + "CVE-2019-16785", + "CVE-2019-16786", + "CVE-2019-16789", + "CVE-2019-16792", + "CVE-2019-17267", + "CVE-2019-17496", + "CVE-2019-17513", + "CVE-2019-17531", + "CVE-2019-17541", + "CVE-2019-17592", + "CVE-2019-18622", + "CVE-2019-18656", + "CVE-2019-18848", + "CVE-2019-18857", + "CVE-2019-18874", + "CVE-2019-18889", + "CVE-2019-18978", + "CVE-2019-18981", + "CVE-2019-18982", + "CVE-2019-18985", + "CVE-2019-18986", + "CVE-2019-19010", + "CVE-2019-19212", + "CVE-2019-19275", + "CVE-2019-19507", + "CVE-2019-19576", + "CVE-2019-19619", + "CVE-2019-19687", + "CVE-2019-19703", + "CVE-2019-19794", + "CVE-2019-20330", + "CVE-2019-1000005", + "CVE-2019-1000021", + "CVE-2019-1010266", + "CVE-2019-1020012", + "CVE-2020-1747", + "CVE-2020-1928", + "CVE-2020-5219", + "CVE-2020-5224", + "CVE-2020-5227", + "CVE-2020-5229", + "CVE-2020-5232", + "CVE-2020-5236", + "CVE-2020-5249", + "CVE-2020-5390", + "CVE-2020-5529", + "CVE-2020-6836", + "CVE-2020-7597", + "CVE-2020-7981", + "CVE-2020-8125", + "CVE-2020-8131", + "CVE-2020-9283", + "CVE-2020-10236", + "CVE-2020-10591", + "CVE-2020-10672", + "CVE-2020-10673" + ], + "COMMIT_IN_REFERENCE": [ + "CVE-2010-5312", + "CVE-2011-2765", + "CVE-2011-3186", + "CVE-2011-4030", + "CVE-2011-4461", + "CVE-2012-1109", + "CVE-2012-1176", + "CVE-2012-2417", + "CVE-2012-3366", + "CVE-2012-3408", + "CVE-2012-3458", + "CVE-2012-6550", + "CVE-2013-0256", + "CVE-2013-0294", + "CVE-2013-1800", + "CVE-2013-1801", + "CVE-2013-2013", + "CVE-2013-2035", + "CVE-2013-2191", + "CVE-2013-3300", + "CVE-2013-4116", + "CVE-2013-4413", + "CVE-2013-4562", + "CVE-2013-4701", + "CVE-2013-6465", + "CVE-2013-7378", + "CVE-2013-7459", + "CVE-2014-0072", + "CVE-2014-0073", + "CVE-2014-0120", + "CVE-2014-0121", + "CVE-2014-0160", + "CVE-2014-0177", + "CVE-2014-1202", + "CVE-2014-1403", + "CVE-2014-1604", + "CVE-2014-1904", + "CVE-2014-3120", + "CVE-2014-3488", + "CVE-2014-3579", + "CVE-2014-3599", + "CVE-2014-3741", + "CVE-2014-3995", + "CVE-2014-4657", + "CVE-2014-6394", + "CVE-2014-7192", + "CVE-2014-7193", + "CVE-2014-8115", + "CVE-2014-8681", + "CVE-2014-8682", + "CVE-2014-9130", + "CVE-2014-9489", + "CVE-2014-9682", + "CVE-2014-9721", + "CVE-2015-0846", + "CVE-2015-1326", + "CVE-2015-1838", + "CVE-2015-3206", + "CVE-2015-3220", + "CVE-2015-4082", + "CVE-2015-4410", + "CVE-2015-4412", + "CVE-2015-4619", + "CVE-2015-5081", + "CVE-2015-5147", + "CVE-2015-6584", + "CVE-2015-7294", + "CVE-2015-7337", + "CVE-2015-7541", + "CVE-2015-7809", + "CVE-2015-8309", + "CVE-2015-8310", + "CVE-2015-8747", + "CVE-2015-8814", + "CVE-2015-9235", + "CVE-2015-9241", + "CVE-2016-0750", + "CVE-2016-1505", + "CVE-2016-2166", + "CVE-2016-2537", + "CVE-2016-3693", + "CVE-2016-3720", + "CVE-2016-4442", + "CVE-2016-4562", + "CVE-2016-4563", + "CVE-2016-4564", + "CVE-2016-5104", + "CVE-2016-5431", + "CVE-2016-5697", + "CVE-2016-5841", + "CVE-2016-5842", + "CVE-2016-5851", + "CVE-2016-6298", + "CVE-2016-7528", + "CVE-2016-9298", + "CVE-2016-9909", + "CVE-2016-9910", + "CVE-2016-10149", + "CVE-2016-10345", + "CVE-2016-10522", + "CVE-2016-10524", + "CVE-2016-10531", + "CVE-2016-10536", + "CVE-2016-10540", + "CVE-2016-10544", + "CVE-2016-10554", + "CVE-2016-10556", + "CVE-2016-10577", + "CVE-2016-10703", + "CVE-2016-1000236", + "CVE-2016-1000338", + "CVE-2016-1000340", + "CVE-2016-1000343", + "CVE-2016-1000344", + "CVE-2017-0904", + "CVE-2017-2809", + "CVE-2017-3204", + "CVE-2017-5209", + "CVE-2017-5545", + "CVE-2017-5591", + "CVE-2017-5645", + "CVE-2017-5934", + "CVE-2017-5936", + "CVE-2017-5946", + "CVE-2017-7540", + "CVE-2017-7654", + "CVE-2017-7656", + "CVE-2017-8028", + "CVE-2017-8418", + "CVE-2017-8932", + "CVE-2017-11173", + "CVE-2017-12098", + "CVE-2017-12867", + "CVE-2017-12871", + "CVE-2017-13098", + "CVE-2017-14619", + "CVE-2017-14735", + "CVE-2017-15051", + "CVE-2017-15052", + "CVE-2017-15053", + "CVE-2017-15054", + "CVE-2017-15055", + "CVE-2017-15133", + "CVE-2017-15278", + "CVE-2017-15728", + "CVE-2017-15729", + "CVE-2017-15730", + "CVE-2017-15731", + "CVE-2017-15733", + "CVE-2017-15734", + "CVE-2017-15735", + "CVE-2017-15808", + "CVE-2017-15809", + "CVE-2017-15879", + "CVE-2017-15928", + "CVE-2017-16003", + "CVE-2017-16008", + "CVE-2017-16013", + "CVE-2017-16014", + "CVE-2017-16015", + "CVE-2017-16016", + "CVE-2017-16017", + "CVE-2017-16023", + "CVE-2017-16025", + "CVE-2017-16042", + "CVE-2017-16136", + "CVE-2017-16226", + "CVE-2017-16228", + "CVE-2017-16244", + "CVE-2017-16613", + "CVE-2017-16615", + "CVE-2017-16616", + "CVE-2017-16618", + "CVE-2017-16876", + "CVE-2017-16877", + "CVE-2017-16880", + "CVE-2017-17042", + "CVE-2017-18239", + "CVE-2017-18367", + "CVE-2017-1000188", + "CVE-2017-1000189", + "CVE-2017-1000228", + "CVE-2017-1000486", + "CVE-2017-1000487", + "CVE-2017-1000491", + "CVE-2017-1001002", + "CVE-2017-1001003", + "CVE-2017-1001004", + "CVE-2017-1002150", + "CVE-2018-1099", + "CVE-2018-1320", + "CVE-2018-3712", + "CVE-2018-3715", + "CVE-2018-3721", + "CVE-2018-3726", + "CVE-2018-3732", + "CVE-2018-3733", + "CVE-2018-3740", + "CVE-2018-3741", + "CVE-2018-3750", + "CVE-2018-3759", + "CVE-2018-3769", + "CVE-2018-3774", + "CVE-2018-3778", + "CVE-2018-3786", + "CVE-2018-5968", + "CVE-2018-6333", + "CVE-2018-7260", + "CVE-2018-7408", + "CVE-2018-7560", + "CVE-2018-7651", + "CVE-2018-7753", + "CVE-2018-8016", + "CVE-2018-9109", + "CVE-2018-9110", + "CVE-2018-9206", + "CVE-2018-10092", + "CVE-2018-10094", + "CVE-2018-10095", + "CVE-2018-10188", + "CVE-2018-10366", + "CVE-2018-10903", + "CVE-2018-10936", + "CVE-2018-11771", + "CVE-2018-11798", + "CVE-2018-12043", + "CVE-2018-12418", + "CVE-2018-12541", + "CVE-2018-12557", + "CVE-2018-12615", + "CVE-2018-12976", + "CVE-2018-13447", + "CVE-2018-13448", + "CVE-2018-13449", + "CVE-2018-13450", + "CVE-2018-13797", + "CVE-2018-13818", + "CVE-2018-14041", + "CVE-2018-14718", + "CVE-2018-14719", + "CVE-2018-14720", + "CVE-2018-14721", + "CVE-2018-14840", + "CVE-2018-15178", + "CVE-2018-15531", + "CVE-2018-16329", + "CVE-2018-16470", + "CVE-2018-16472", + "CVE-2018-16492", + "CVE-2018-17104", + "CVE-2018-17187", + "CVE-2018-17419", + "CVE-2018-18389", + "CVE-2018-18476", + "CVE-2018-19048", + "CVE-2018-19184", + "CVE-2018-19360", + "CVE-2018-19361", + "CVE-2018-19362", + "CVE-2018-19992", + "CVE-2018-19993", + "CVE-2018-19994", + "CVE-2018-20059", + "CVE-2018-20433", + "CVE-2018-20594", + "CVE-2018-20595", + "CVE-2018-20677", + "CVE-2018-20801", + "CVE-2018-20835", + "CVE-2018-20962", + "CVE-2018-1000089", + "CVE-2018-1000119", + "CVE-2018-1000129", + "CVE-2018-1000134", + "CVE-2018-1000164", + "CVE-2018-1000518", + "CVE-2018-1000525", + "CVE-2018-1000531", + "CVE-2018-1000538", + "CVE-2018-1000620", + "CVE-2018-1000632", + "CVE-2018-1000805", + "CVE-2018-1000807", + "CVE-2018-1000808", + "CVE-2018-1000814", + "CVE-2018-1000843", + "CVE-2018-1000850", + "CVE-2018-1000888", + "CVE-2018-1002201", + "CVE-2018-1002207", + "CVE-2018-1999024", + "CVE-2019-3564", + "CVE-2019-3826", + "CVE-2019-5413", + "CVE-2019-5484", + "CVE-2019-5884", + "CVE-2019-6798", + "CVE-2019-7164", + "CVE-2019-7548", + "CVE-2019-8457", + "CVE-2019-9658", + "CVE-2019-10131", + "CVE-2019-10157", + "CVE-2019-10217", + "CVE-2019-10241", + "CVE-2019-10682", + "CVE-2019-10749", + "CVE-2019-10751", + "CVE-2019-10752", + "CVE-2019-10762", + "CVE-2019-10767", + "CVE-2019-10776", + "CVE-2019-10781", + "CVE-2019-10787", + "CVE-2019-10792", + "CVE-2019-10793", + "CVE-2019-10795", + "CVE-2019-10799", + "CVE-2019-10867", + "CVE-2019-11272", + "CVE-2019-11358", + "CVE-2019-11514", + "CVE-2019-11768", + "CVE-2019-11777", + "CVE-2019-12277", + "CVE-2019-12402", + "CVE-2019-12616", + "CVE-2019-12741", + "CVE-2019-12814", + "CVE-2019-13127", + "CVE-2019-13135", + "CVE-2019-13173", + "CVE-2019-13295", + "CVE-2019-13574", + "CVE-2019-13644", + "CVE-2019-14540", + "CVE-2019-14668", + "CVE-2019-14669", + "CVE-2019-14671", + "CVE-2019-14672", + "CVE-2019-14751", + "CVE-2019-14806", + "CVE-2019-14837", + "CVE-2019-14862", + "CVE-2019-14863", + "CVE-2019-14893", + "CVE-2019-14980", + "CVE-2019-15481", + "CVE-2019-15532", + "CVE-2019-16317", + "CVE-2019-16318", + "CVE-2019-16335", + "CVE-2019-16676", + "CVE-2019-16761", + "CVE-2019-16762", + "CVE-2019-16763", + "CVE-2019-16766", + "CVE-2019-16769", + "CVE-2019-16771", + "CVE-2019-16778", + "CVE-2019-16779", + "CVE-2019-16784", + "CVE-2019-16785", + "CVE-2019-16786", + "CVE-2019-16789", + "CVE-2019-16792", + "CVE-2019-17267", + "CVE-2019-17496", + "CVE-2019-17513", + "CVE-2019-17531", + "CVE-2019-17541", + "CVE-2019-17592", + "CVE-2019-18622", + "CVE-2019-18656", + "CVE-2019-18848", + "CVE-2019-18857", + "CVE-2019-18874", + "CVE-2019-18978", + "CVE-2019-18981", + "CVE-2019-18982", + "CVE-2019-18985", + "CVE-2019-18986", + "CVE-2019-19010", + "CVE-2019-19275", + "CVE-2019-19507", + "CVE-2019-19576", + "CVE-2019-19619", + "CVE-2019-19687", + "CVE-2019-19703", + "CVE-2019-19794", + "CVE-2019-20330", + "CVE-2019-1000005", + "CVE-2019-1000021", + "CVE-2019-1020012", + "CVE-2020-1747", + "CVE-2020-5219", + "CVE-2020-5224", + "CVE-2020-5227", + "CVE-2020-5229", + "CVE-2020-5232", + "CVE-2020-5236", + "CVE-2020-5249", + "CVE-2020-5390", + "CVE-2020-5529", + "CVE-2020-6836", + "CVE-2020-7597", + "CVE-2020-7981", + "CVE-2020-8131", + "CVE-2020-9283", + "CVE-2020-10236", + "CVE-2020-10591", + "CVE-2020-10672", + "CVE-2020-10673" + ], + "VULN_ID_IN_MESSAGE": [ + "CVE-2013-0256", + "CVE-2013-2191", + "CVE-2014-0160", + "CVE-2014-0177", + "CVE-2014-1403", + "CVE-2014-8152", + "CVE-2015-0276", + "CVE-2015-0838", + "CVE-2015-1326", + "CVE-2015-1782", + "CVE-2015-7541", + "CVE-2015-8309", + "CVE-2016-3114", + "CVE-2016-4974", + "CVE-2016-5180", + "CVE-2016-6298", + "CVE-2016-10173", + "CVE-2017-5934", + "CVE-2017-11427", + "CVE-2017-11905", + "CVE-2017-11910", + "CVE-2017-15133", + "CVE-2017-16613", + "CVE-2017-16876", + "CVE-2018-8128", + "CVE-2018-8177", + "CVE-2018-8178", + "CVE-2018-8381", + "CVE-2018-8390", + "CVE-2018-10092", + "CVE-2018-10094", + "CVE-2018-10095", + "CVE-2018-10936", + "CVE-2018-11093", + "CVE-2018-12541", + "CVE-2018-12976", + "CVE-2018-16470", + "CVE-2018-19992", + "CVE-2018-19993", + "CVE-2018-19994", + "CVE-2018-20028", + "CVE-2018-20433", + "CVE-2019-0911", + "CVE-2019-0912", + "CVE-2019-0917", + "CVE-2019-0922", + "CVE-2019-0924", + "CVE-2019-0925", + "CVE-2019-0933", + "CVE-2019-1052", + "CVE-2019-1062", + "CVE-2019-1092", + "CVE-2019-1103", + "CVE-2019-1106", + "CVE-2019-1107", + "CVE-2019-1139", + "CVE-2019-1195", + "CVE-2019-1196", + "CVE-2019-1197", + "CVE-2019-10642", + "CVE-2019-10643", + "CVE-2019-11512", + "CVE-2019-14751", + "CVE-2019-16784", + "CVE-2019-18622", + "CVE-2019-18848", + "CVE-2020-5219", + "CVE-2020-5390", + "CVE-2020-9283" + ], + "VULN_ID_IN_LINKED_ISSUE": [ + "CVE-2014-3579", + "CVE-2014-3612", + "CVE-2016-4974", + "CVE-2016-6298", + "CVE-2016-10173", + "CVE-2017-5946", + "CVE-2017-8028", + "CVE-2018-1320", + "CVE-2019-3826", + "CVE-2019-14863", + "CVE-2020-1747", + "CVE-2020-8131" + ], + "XREF_BUG": [ + "CVE-2013-1879", + "CVE-2013-1880", + "CVE-2014-3579", + "CVE-2016-2166", + "CVE-2017-15703", + "CVE-2018-1309", + "CVE-2018-1320", + "CVE-2018-8013", + "CVE-2018-8016", + "CVE-2018-11771", + "CVE-2018-17187", + "CVE-2018-17193", + "CVE-2018-17194", + "CVE-2018-17195", + "CVE-2020-1928", + "CVE-2012-1176", + "CVE-2013-4116", + "CVE-2014-3120", + "CVE-2014-6394", + "CVE-2014-9721", + "CVE-2015-4082", + "CVE-2015-7294", + "CVE-2015-8854", + "CVE-2016-3720", + "CVE-2016-5007", + "CVE-2016-6298", + "CVE-2016-9909", + "CVE-2016-9910", + "CVE-2016-10149", + "CVE-2016-10173", + "CVE-2017-2809", + "CVE-2017-5545", + "CVE-2017-5946", + "CVE-2017-7540", + "CVE-2017-8028", + "CVE-2017-8418", + "CVE-2017-8932", + "CVE-2017-12098", + "CVE-2017-14735", + "CVE-2017-15133", + "CVE-2017-15703", + "CVE-2017-15879", + "CVE-2017-16013", + "CVE-2017-16023", + "CVE-2017-16025", + "CVE-2017-16042", + "CVE-2017-16615", + "CVE-2017-16616", + "CVE-2017-16618", + "CVE-2017-18239", + "CVE-2018-1098", + "CVE-2018-1099", + "CVE-2018-1309", + "CVE-2018-3740", + "CVE-2018-3769", + "CVE-2018-3778", + "CVE-2018-3786", + "CVE-2018-5968", + "CVE-2018-7408", + "CVE-2018-7651", + "CVE-2018-7753", + "CVE-2018-9206", + "CVE-2018-10903", + "CVE-2018-12418", + "CVE-2018-12541", + "CVE-2018-13797", + "CVE-2018-14718", + "CVE-2018-14719", + "CVE-2018-14720", + "CVE-2018-14721", + "CVE-2018-14840", + "CVE-2018-15178", + "CVE-2018-17104", + "CVE-2018-17193", + "CVE-2018-17194", + "CVE-2018-17195", + "CVE-2018-17419", + "CVE-2018-18476", + "CVE-2018-19360", + "CVE-2018-19361", + "CVE-2018-19362", + "CVE-2018-20059", + "CVE-2018-20594", + "CVE-2018-20595", + "CVE-2018-20677", + "CVE-2018-20962", + "CVE-2018-1000164", + "CVE-2018-1000525", + "CVE-2018-1000531", + "CVE-2018-1000538", + "CVE-2018-1000620", + "CVE-2018-1000632", + "CVE-2018-1000805", + "CVE-2018-1000807", + "CVE-2018-1000808", + "CVE-2018-1000814", + "CVE-2018-1000843", + "CVE-2018-1002207", + "CVE-2018-1002208", + "CVE-2019-3826", + "CVE-2019-7164", + "CVE-2019-7548", + "CVE-2019-7722", + "CVE-2019-9658", + "CVE-2019-10217", + "CVE-2019-10248", + "CVE-2019-11358", + "CVE-2019-11777", + "CVE-2019-12814", + "CVE-2019-13644", + "CVE-2019-14540", + "CVE-2019-14668", + "CVE-2019-14669", + "CVE-2019-14671", + "CVE-2019-14672", + "CVE-2019-14862", + "CVE-2019-14863", + "CVE-2019-14893", + "CVE-2019-15481", + "CVE-2019-15532", + "CVE-2019-15658", + "CVE-2019-16335", + "CVE-2019-17267", + "CVE-2019-17531", + "CVE-2019-18874", + "CVE-2019-19507", + "CVE-2019-19703", + "CVE-2019-19794", + "CVE-2019-20330", + "CVE-2019-1000005", + "CVE-2020-1747", + "CVE-2020-1928", + "CVE-2020-8131", + "CVE-2020-10672", + "CVE-2020-10673" + ], + "COMMIT_IS_SECURITY_RELEVANT": [ + "CVE-2010-5312", + "CVE-2011-1950", + "CVE-2011-2765", + "CVE-2011-3186", + "CVE-2011-3923", + "CVE-2011-4030", + "CVE-2011-4461", + "CVE-2012-1176", + "CVE-2012-2378", + "CVE-2012-2417", + "CVE-2012-3366", + "CVE-2012-3408", + "CVE-2012-3458", + "CVE-2012-3536", + "CVE-2012-5812", + "CVE-2012-6550", + "CVE-2013-0256", + "CVE-2013-0294", + "CVE-2013-1607", + "CVE-2013-1800", + "CVE-2013-1801", + "CVE-2013-1879", + "CVE-2013-1880", + "CVE-2013-2013", + "CVE-2013-2172", + "CVE-2013-2191", + "CVE-2013-3300", + "CVE-2013-4111", + "CVE-2013-4116", + "CVE-2013-4316", + "CVE-2013-4413", + "CVE-2013-4562", + "CVE-2013-4701", + "CVE-2013-6465", + "CVE-2013-7378", + "CVE-2013-7459", + "CVE-2014-0072", + "CVE-2014-0073", + "CVE-2014-0120", + "CVE-2014-0121", + "CVE-2014-0160", + "CVE-2014-0177", + "CVE-2014-1403", + "CVE-2014-1604", + "CVE-2014-1904", + "CVE-2014-2525", + "CVE-2014-3120", + "CVE-2014-3250", + "CVE-2014-3488", + "CVE-2014-3576", + "CVE-2014-3577", + "CVE-2014-3579", + "CVE-2014-3612", + "CVE-2014-3741", + "CVE-2014-3995", + "CVE-2014-4657", + "CVE-2014-6394", + "CVE-2014-7192", + "CVE-2014-7193", + "CVE-2014-7809", + "CVE-2014-8152", + "CVE-2014-8681", + "CVE-2014-8682", + "CVE-2014-9130", + "CVE-2014-9489", + "CVE-2014-9682", + "CVE-2014-9721", + "CVE-2014-9970", + "CVE-2015-0276", + "CVE-2015-0838", + "CVE-2015-0846", + "CVE-2015-1326", + "CVE-2015-1772", + "CVE-2015-1782", + "CVE-2015-3206", + "CVE-2015-3220", + "CVE-2015-4082", + "CVE-2015-4412", + "CVE-2015-4619", + "CVE-2015-5081", + "CVE-2015-6524", + "CVE-2015-6584", + "CVE-2015-7294", + "CVE-2015-7541", + "CVE-2015-7809", + "CVE-2015-8309", + "CVE-2015-8310", + "CVE-2015-8747", + "CVE-2015-8814", + "CVE-2015-8854", + "CVE-2015-8862", + "CVE-2015-9235", + "CVE-2016-1505", + "CVE-2016-2166", + "CVE-2016-2537", + "CVE-2016-3114", + "CVE-2016-3693", + "CVE-2016-3720", + "CVE-2016-4000", + "CVE-2016-4562", + "CVE-2016-4563", + "CVE-2016-4564", + "CVE-2016-4974", + "CVE-2016-4977", + "CVE-2016-5104", + "CVE-2016-5180", + "CVE-2016-5431", + "CVE-2016-5697", + "CVE-2016-5841", + "CVE-2016-5842", + "CVE-2016-5851", + "CVE-2016-6298", + "CVE-2016-7528", + "CVE-2016-8738", + "CVE-2016-9909", + "CVE-2016-9910", + "CVE-2016-10149", + "CVE-2016-10173", + "CVE-2016-10345", + "CVE-2016-10522", + "CVE-2016-10524", + "CVE-2016-10528", + "CVE-2016-10529", + "CVE-2016-10531", + "CVE-2016-10536", + "CVE-2016-10540", + "CVE-2016-10544", + "CVE-2016-10554", + "CVE-2016-10556", + "CVE-2016-10558", + "CVE-2016-10559", + "CVE-2016-10560", + "CVE-2016-10575", + "CVE-2016-10577", + "CVE-2016-10591", + "CVE-2016-10611", + "CVE-2016-10694", + "CVE-2016-10703", + "CVE-2016-10735", + "CVE-2016-1000338", + "CVE-2016-1000340", + "CVE-2016-1000343", + "CVE-2016-1000344", + "CVE-2017-0904", + "CVE-2017-2617", + "CVE-2017-2652", + "CVE-2017-2667", + "CVE-2017-2809", + "CVE-2017-3204", + "CVE-2017-4973", + "CVE-2017-5209", + "CVE-2017-5545", + "CVE-2017-5591", + "CVE-2017-5641", + "CVE-2017-5645", + "CVE-2017-5858", + "CVE-2017-5934", + "CVE-2017-5936", + "CVE-2017-5946", + "CVE-2017-7540", + "CVE-2017-7654", + "CVE-2017-7656", + "CVE-2017-7674", + "CVE-2017-8028", + "CVE-2017-8418", + "CVE-2017-8932", + "CVE-2017-9796", + "CVE-2017-11173", + "CVE-2017-11427", + "CVE-2017-11467", + "CVE-2017-11905", + "CVE-2017-11910", + "CVE-2017-12098", + "CVE-2017-12616", + "CVE-2017-12620", + "CVE-2017-12867", + "CVE-2017-12871", + "CVE-2017-13098", + "CVE-2017-14619", + "CVE-2017-14735", + "CVE-2017-15051", + "CVE-2017-15054", + "CVE-2017-15055", + "CVE-2017-15133", + "CVE-2017-15278", + "CVE-2017-15728", + "CVE-2017-15729", + "CVE-2017-15730", + "CVE-2017-15731", + "CVE-2017-15733", + "CVE-2017-15734", + "CVE-2017-15735", + "CVE-2017-15808", + "CVE-2017-15809", + "CVE-2017-15928", + "CVE-2017-16003", + "CVE-2017-16007", + "CVE-2017-16008", + "CVE-2017-16013", + "CVE-2017-16014", + "CVE-2017-16015", + "CVE-2017-16016", + "CVE-2017-16017", + "CVE-2017-16025", + "CVE-2017-16042", + "CVE-2017-16226", + "CVE-2017-16228", + "CVE-2017-16244", + "CVE-2017-16613", + "CVE-2017-16615", + "CVE-2017-16616", + "CVE-2017-16618", + "CVE-2017-16876", + "CVE-2017-16880", + "CVE-2017-17042", + "CVE-2017-18239", + "CVE-2017-18367", + "CVE-2017-1000188", + "CVE-2017-1000189", + "CVE-2017-1000228", + "CVE-2017-1000389", + "CVE-2017-1000486", + "CVE-2017-1000487", + "CVE-2017-1000491", + "CVE-2017-1001002", + "CVE-2017-1001003", + "CVE-2017-1001004", + "CVE-2017-1002150", + "CVE-2018-1098", + "CVE-2018-1099", + "CVE-2018-1260", + "CVE-2018-1261", + "CVE-2018-1263", + "CVE-2018-1309", + "CVE-2018-1320", + "CVE-2018-3712", + "CVE-2018-3714", + "CVE-2018-3721", + "CVE-2018-3726", + "CVE-2018-3731", + "CVE-2018-3733", + "CVE-2018-3740", + "CVE-2018-3741", + "CVE-2018-3750", + "CVE-2018-3759", + "CVE-2018-3769", + "CVE-2018-3774", + "CVE-2018-3778", + "CVE-2018-3786", + "CVE-2018-5968", + "CVE-2018-6333", + "CVE-2018-7260", + "CVE-2018-7560", + "CVE-2018-7651", + "CVE-2018-7753", + "CVE-2018-8013", + "CVE-2018-8128", + "CVE-2018-8177", + "CVE-2018-8178", + "CVE-2018-8381", + "CVE-2018-8390", + "CVE-2018-9109", + "CVE-2018-9110", + "CVE-2018-9206", + "CVE-2018-10092", + "CVE-2018-10094", + "CVE-2018-10095", + "CVE-2018-10188", + "CVE-2018-10903", + "CVE-2018-11093", + "CVE-2018-11771", + "CVE-2018-11798", + "CVE-2018-12043", + "CVE-2018-12418", + "CVE-2018-12541", + "CVE-2018-12557", + "CVE-2018-12615", + "CVE-2018-12976", + "CVE-2018-13447", + "CVE-2018-13448", + "CVE-2018-13449", + "CVE-2018-13450", + "CVE-2018-13797", + "CVE-2018-14041", + "CVE-2018-14637", + "CVE-2018-14718", + "CVE-2018-14719", + "CVE-2018-14720", + "CVE-2018-14721", + "CVE-2018-14840", + "CVE-2018-15178", + "CVE-2018-15531", + "CVE-2018-16329", + "CVE-2018-16459", + "CVE-2018-16462", + "CVE-2018-16470", + "CVE-2018-16472", + "CVE-2018-16490", + "CVE-2018-16492", + "CVE-2018-17104", + "CVE-2018-17187", + "CVE-2018-17193", + "CVE-2018-17194", + "CVE-2018-17195", + "CVE-2018-17197", + "CVE-2018-18389", + "CVE-2018-18476", + "CVE-2018-19360", + "CVE-2018-19361", + "CVE-2018-19362", + "CVE-2018-19992", + "CVE-2018-19993", + "CVE-2018-19994", + "CVE-2018-20028", + "CVE-2018-20059", + "CVE-2018-20433", + "CVE-2018-20594", + "CVE-2018-20595", + "CVE-2018-20677", + "CVE-2018-20835", + "CVE-2018-20962", + "CVE-2018-1000013", + "CVE-2018-1000014", + "CVE-2018-1000089", + "CVE-2018-1000119", + "CVE-2018-1000129", + "CVE-2018-1000134", + "CVE-2018-1000164", + "CVE-2018-1000518", + "CVE-2018-1000531", + "CVE-2018-1000538", + "CVE-2018-1000620", + "CVE-2018-1000632", + "CVE-2018-1000805", + "CVE-2018-1000807", + "CVE-2018-1000808", + "CVE-2018-1000814", + "CVE-2018-1000843", + "CVE-2018-1000850", + "CVE-2018-1000888", + "CVE-2018-1002201", + "CVE-2018-1002207", + "CVE-2018-1002208", + "CVE-2019-0911", + "CVE-2019-0912", + "CVE-2019-0917", + "CVE-2019-0922", + "CVE-2019-0924", + "CVE-2019-0925", + "CVE-2019-0933", + "CVE-2019-1052", + "CVE-2019-1062", + "CVE-2019-1092", + "CVE-2019-1103", + "CVE-2019-1106", + "CVE-2019-1107", + "CVE-2019-1139", + "CVE-2019-1195", + "CVE-2019-1197", + "CVE-2019-3564", + "CVE-2019-5413", + "CVE-2019-5484", + "CVE-2019-5884", + "CVE-2019-6798", + "CVE-2019-7617", + "CVE-2019-7722", + "CVE-2019-8331", + "CVE-2019-9212", + "CVE-2019-9658", + "CVE-2019-9844", + "CVE-2019-10131", + "CVE-2019-10217", + "CVE-2019-10240", + "CVE-2019-10248", + "CVE-2019-10642", + "CVE-2019-10643", + "CVE-2019-10745", + "CVE-2019-10748", + "CVE-2019-10750", + "CVE-2019-10760", + "CVE-2019-10762", + "CVE-2019-10764", + "CVE-2019-10767", + "CVE-2019-10776", + "CVE-2019-10778", + "CVE-2019-10780", + "CVE-2019-10787", + "CVE-2019-10792", + "CVE-2019-10793", + "CVE-2019-10795", + "CVE-2019-10797", + "CVE-2019-10799", + "CVE-2019-10904", + "CVE-2019-11272", + "CVE-2019-11358", + "CVE-2019-11512", + "CVE-2019-11514", + "CVE-2019-11767", + "CVE-2019-11768", + "CVE-2019-11777", + "CVE-2019-12277", + "CVE-2019-12404", + "CVE-2019-12407", + "CVE-2019-12616", + "CVE-2019-12741", + "CVE-2019-12814", + "CVE-2019-13127", + "CVE-2019-13135", + "CVE-2019-13173", + "CVE-2019-13209", + "CVE-2019-13295", + "CVE-2019-13574", + "CVE-2019-13644", + "CVE-2019-14540", + "CVE-2019-14668", + "CVE-2019-14669", + "CVE-2019-14671", + "CVE-2019-14672", + "CVE-2019-14751", + "CVE-2019-14863", + "CVE-2019-14893", + "CVE-2019-14980", + "CVE-2019-15481", + "CVE-2019-15532", + "CVE-2019-15657", + "CVE-2019-15658", + "CVE-2019-16197", + "CVE-2019-16317", + "CVE-2019-16318", + "CVE-2019-16335", + "CVE-2019-16676", + "CVE-2019-16763", + "CVE-2019-16766", + "CVE-2019-16769", + "CVE-2019-16771", + "CVE-2019-16778", + "CVE-2019-16779", + "CVE-2019-16784", + "CVE-2019-16785", + "CVE-2019-16786", + "CVE-2019-16789", + "CVE-2019-16792", + "CVE-2019-17267", + "CVE-2019-17513", + "CVE-2019-17531", + "CVE-2019-17541", + "CVE-2019-17592", + "CVE-2019-18622", + "CVE-2019-18656", + "CVE-2019-18848", + "CVE-2019-18857", + "CVE-2019-18874", + "CVE-2019-18889", + "CVE-2019-18978", + "CVE-2019-18982", + "CVE-2019-18985", + "CVE-2019-18986", + "CVE-2019-19010", + "CVE-2019-19212", + "CVE-2019-19275", + "CVE-2019-19576", + "CVE-2019-19619", + "CVE-2019-19687", + "CVE-2019-19703", + "CVE-2019-19794", + "CVE-2019-20330", + "CVE-2019-1000005", + "CVE-2019-1000021", + "CVE-2019-1010266", + "CVE-2019-1020012", + "CVE-2020-1747", + "CVE-2020-1928", + "CVE-2020-5224", + "CVE-2020-5227", + "CVE-2020-5229", + "CVE-2020-5236", + "CVE-2020-5249", + "CVE-2020-5390", + "CVE-2020-5529", + "CVE-2020-7597", + "CVE-2020-7981", + "CVE-2020-8125", + "CVE-2020-8131", + "CVE-2020-9283", + "CVE-2020-10236", + "CVE-2020-10591", + "CVE-2020-10672", + "CVE-2020-10673" + ], + "medium": [ + "CVE-2013-3567", + "CVE-2013-4002", + "CVE-2014-5277", + "CVE-2014-7189", + "CVE-2016-10100", + "CVE-2016-10574", + "CVE-2017-2638", + "CVE-2017-12622", + "CVE-2017-1000451", + "CVE-2018-3738", + "CVE-2018-6591", + "CVE-2019-0207", + "CVE-2019-3772", + "CVE-2019-10089", + "CVE-2019-10090", + "CVE-2019-10756", + "CVE-2019-10757", + "CVE-2020-9281" + ], + "low": [ + "CVE-2016-4438", + "CVE-2016-10543", + "CVE-2016-10564", + "CVE-2016-10569", + "CVE-2017-7688", + "CVE-2019-10077" + ], + "not_found": [ + "CVE-2012-0881", + "CVE-2014-7143", + "CVE-2015-0250", + "CVE-2015-3627", + "CVE-2016-9962", + "CVE-2018-1196", + "CVE-2018-7576", + "CVE-2018-8031", + "CVE-2019-0219", + "CVE-2019-3792", + "CVE-2019-14537" + ], + "not_reported": [ + "CVE-2010-2245", + "CVE-2011-2730", + "CVE-2013-0248", + "CVE-2013-4204", + "CVE-2013-4286", + "CVE-2013-4322", + "CVE-2013-6235", + "CVE-2014-0050", + "CVE-2016-8739", + "CVE-2016-10532", + "CVE-2016-10562", + "CVE-2016-10566", + "CVE-2016-10567", + "CVE-2016-10568", + "CVE-2016-10570", + "CVE-2016-10571", + "CVE-2016-10572", + "CVE-2016-10573", + "CVE-2016-10576", + "CVE-2016-10586", + "CVE-2016-10587", + "CVE-2016-10588", + "CVE-2016-10626", + "CVE-2017-4971", + "CVE-2017-5638", + "CVE-2017-8046", + "CVE-2017-16029", + "CVE-2017-16083", + "CVE-2017-16084", + "CVE-2017-16107", + "CVE-2017-1000431", + "CVE-2018-3757", + "CVE-2018-6341", + "CVE-2018-6873", + "CVE-2018-8026", + "CVE-2018-14732", + "CVE-2018-16485", + "CVE-2018-17184", + "CVE-2018-20094", + "CVE-2019-5444", + "CVE-2019-5479", + "CVE-2019-10771", + "CVE-2019-10777", + "CVE-2019-12405" + ], + "false_positive": [ + "CVE-2010-0156", + "CVE-2010-0684", + "CVE-2010-2076", + "CVE-2010-4534", + "CVE-2010-4535", + "CVE-2010-5142", + "CVE-2011-1772", + "CVE-2011-2732", + "CVE-2011-2929", + "CVE-2011-2930", + "CVE-2011-2931", + "CVE-2011-2932", + "CVE-2011-3848", + "CVE-2011-3869", + "CVE-2011-3870", + "CVE-2011-3871", + "CVE-2011-3872", + "CVE-2011-4104", + "CVE-2011-4838", + "CVE-2011-5036", + "CVE-2011-5097", + "CVE-2011-5098", + "CVE-2012-0392", + "CVE-2012-0394", + "CVE-2012-1054", + "CVE-2012-1098", + "CVE-2012-1099", + "CVE-2012-1906", + "CVE-2012-1986", + "CVE-2012-1987", + "CVE-2012-2098", + "CVE-2012-2139", + "CVE-2012-2379", + "CVE-2012-2660", + "CVE-2012-2661", + "CVE-2012-3451", + "CVE-2012-3865", + "CVE-2012-3867", + "CVE-2012-4386", + "CVE-2012-4387", + "CVE-2012-4449", + "CVE-2012-4520", + "CVE-2012-5055", + "CVE-2012-5633", + "CVE-2012-6662", + "CVE-2012-6684", + "CVE-2012-6685", + "CVE-2012-6708", + "CVE-2013-0262", + "CVE-2013-0263", + "CVE-2013-0285", + "CVE-2013-1654", + "CVE-2013-1812", + "CVE-2013-2115", + "CVE-2013-2132", + "CVE-2013-2134", + "CVE-2013-2135", + "CVE-2013-2254", + "CVE-2013-2275", + "CVE-2013-4152", + "CVE-2013-4249", + "CVE-2013-4251", + "CVE-2013-4353", + "CVE-2013-4428", + "CVE-2013-4477", + "CVE-2013-4761", + "CVE-2013-5093", + "CVE-2013-5123", + "CVE-2013-6044", + "CVE-2013-6348", + "CVE-2013-6429", + "CVE-2013-6430", + "CVE-2013-7315", + "CVE-2013-7370", + "CVE-2013-7397", + "CVE-2013-7398", + "CVE-2014-0012", + "CVE-2014-0014", + "CVE-2014-0035", + "CVE-2014-0075", + "CVE-2014-0086", + "CVE-2014-0097", + "CVE-2014-0107", + "CVE-2014-0109", + "CVE-2014-0110", + "CVE-2014-0116", + "CVE-2014-0193", + "CVE-2014-0224", + "CVE-2014-0225", + "CVE-2014-0228", + "CVE-2014-1402", + "CVE-2014-1829", + "CVE-2014-1830", + "CVE-2014-1832", + "CVE-2014-1858", + "CVE-2014-1859", + "CVE-2014-1869", + "CVE-2014-1932", + "CVE-2014-1933", + "CVE-2014-2053", + "CVE-2014-2235", + "CVE-2014-2538", + "CVE-2014-3007", + "CVE-2014-3505", + "CVE-2014-3506", + "CVE-2014-3509", + "CVE-2014-3511", + "CVE-2014-3572", + "CVE-2014-3578", + "CVE-2014-3600", + "CVE-2014-3625", + "CVE-2014-3630", + "CVE-2014-3709", + "CVE-2014-3994", + "CVE-2014-4172", + "CVE-2014-4658", + "CVE-2014-4678", + "CVE-2014-7202", + "CVE-2014-7203", + "CVE-2014-7205", + "CVE-2014-8176", + "CVE-2014-8547", + "CVE-2014-8548", + "CVE-2014-8549", + "CVE-2014-8650", + "CVE-2014-8991", + "CVE-2014-9720", + "CVE-2014-10068", + "CVE-2014-10077", + "CVE-2015-0204", + "CVE-2015-0205", + "CVE-2015-0206", + "CVE-2015-0208", + "CVE-2015-0209", + "CVE-2015-0286", + "CVE-2015-0287", + "CVE-2015-0288", + "CVE-2015-0289", + "CVE-2015-0290", + "CVE-2015-0292", + "CVE-2015-0293", + "CVE-2015-1208", + "CVE-2015-1788", + "CVE-2015-1789", + "CVE-2015-1791", + "CVE-2015-1792", + "CVE-2015-1793", + "CVE-2015-1830", + "CVE-2015-2068", + "CVE-2015-2156", + "CVE-2015-2296", + "CVE-2015-2912", + "CVE-2015-2913", + "CVE-2015-3010", + "CVE-2015-3192", + "CVE-2015-3193", + "CVE-2015-3195", + "CVE-2015-3196", + "CVE-2015-3197", + "CVE-2015-3253", + "CVE-2015-3395", + "CVE-2015-3996", + "CVE-2015-4053", + "CVE-2015-4706", + "CVE-2015-5159", + "CVE-2015-5207", + "CVE-2015-5211", + "CVE-2015-5241", + "CVE-2015-5250", + "CVE-2015-5253", + "CVE-2015-5254", + "CVE-2015-5305", + "CVE-2015-5344", + "CVE-2015-5349", + "CVE-2015-5607", + "CVE-2015-6748", + "CVE-2015-6818", + "CVE-2015-6821", + "CVE-2015-6822", + "CVE-2015-6823", + "CVE-2015-6824", + "CVE-2015-6918", + "CVE-2015-7314", + "CVE-2015-7315", + "CVE-2015-7316", + "CVE-2015-7528", + "CVE-2015-7559", + "CVE-2015-8213", + "CVE-2015-8216", + "CVE-2015-8217", + "CVE-2015-8218", + "CVE-2015-8618", + "CVE-2015-8748", + "CVE-2015-8861", + "CVE-2015-8968", + "CVE-2015-9243", + "CVE-2015-9251", + "CVE-2016-0762", + "CVE-2016-1905", + "CVE-2016-2108", + "CVE-2016-2160", + "CVE-2016-2177", + "CVE-2016-2512", + "CVE-2016-2513", + "CVE-2016-2788", + "CVE-2016-3081", + "CVE-2016-3092", + "CVE-2016-3094", + "CVE-2016-3959", + "CVE-2016-4009", + "CVE-2016-4055", + "CVE-2016-4425", + "CVE-2016-4465", + "CVE-2016-4855", + "CVE-2016-4970", + "CVE-2016-4972", + "CVE-2016-5388", + "CVE-2016-6186", + "CVE-2016-6304", + "CVE-2016-6519", + "CVE-2016-6580", + "CVE-2016-6581", + "CVE-2016-6652", + "CVE-2016-6793", + "CVE-2016-6794", + "CVE-2016-6796", + "CVE-2016-6797", + "CVE-2016-6801", + "CVE-2016-6814", + "CVE-2016-6816", + "CVE-2016-6817", + "CVE-2016-6823", + "CVE-2016-7036", + "CVE-2016-7569", + "CVE-2016-8568", + "CVE-2016-8569", + "CVE-2016-8579", + "CVE-2016-8610", + "CVE-2016-8629", + "CVE-2016-8640", + "CVE-2016-8745", + "CVE-2016-8747", + "CVE-2016-8750", + "CVE-2016-8867", + "CVE-2016-9015", + "CVE-2016-9121", + "CVE-2016-9122", + "CVE-2016-9189", + "CVE-2016-9190", + "CVE-2016-9243", + "CVE-2016-9814", + "CVE-2016-9878", + "CVE-2016-9879", + "CVE-2016-10033", + "CVE-2016-10127", + "CVE-2016-10129", + "CVE-2016-10190", + "CVE-2016-10191", + "CVE-2016-10192", + "CVE-2016-10193", + "CVE-2016-10526", + "CVE-2016-10538", + "CVE-2016-10542", + "CVE-2016-10550", + "CVE-2016-10555", + "CVE-2016-10557", + "CVE-2016-10579", + "CVE-2016-10582", + "CVE-2016-10745", + "CVE-2016-10750", + "CVE-2016-1000232", + "CVE-2016-1000282", + "CVE-2017-0224", + "CVE-2017-0905", + "CVE-2017-0906", + "CVE-2017-0907", + "CVE-2017-0909", + "CVE-2017-0929", + "CVE-2017-2582", + "CVE-2017-2592", + "CVE-2017-2649", + "CVE-2017-2670", + "CVE-2017-3156", + "CVE-2017-4952", + "CVE-2017-4995", + "CVE-2017-5537", + "CVE-2017-5594", + "CVE-2017-5637", + "CVE-2017-5954", + "CVE-2017-7481", + "CVE-2017-7525", + "CVE-2017-7536", + "CVE-2017-7545", + "CVE-2017-7653", + "CVE-2017-7657", + "CVE-2017-7660", + "CVE-2017-7661", + "CVE-2017-7662", + "CVE-2017-7666", + "CVE-2017-7675", + "CVE-2017-7860", + "CVE-2017-7861", + "CVE-2017-7957", + "CVE-2017-8045", + "CVE-2017-8109", + "CVE-2017-8342", + "CVE-2017-8359", + "CVE-2017-9096", + "CVE-2017-9214", + "CVE-2017-9265", + "CVE-2017-9841", + "CVE-2017-10910", + "CVE-2017-11424", + "CVE-2017-11428", + "CVE-2017-11503", + "CVE-2017-11610", + "CVE-2017-12158", + "CVE-2017-12159", + "CVE-2017-12160", + "CVE-2017-12605", + "CVE-2017-12624", + "CVE-2017-12629", + "CVE-2017-12631", + "CVE-2017-12868", + "CVE-2017-12873", + "CVE-2017-14063", + "CVE-2017-14136", + "CVE-2017-14506", + "CVE-2017-14623", + "CVE-2017-14683", + "CVE-2017-15103", + "CVE-2017-15288", + "CVE-2017-15612", + "CVE-2017-15720", + "CVE-2017-15914", + "CVE-2017-16006", + "CVE-2017-16010", + "CVE-2017-16018", + "CVE-2017-16026", + "CVE-2017-16031", + "CVE-2017-16138", + "CVE-2017-16558", + "CVE-2017-16570", + "CVE-2017-16759", + "CVE-2017-16762", + "CVE-2017-16792", + "CVE-2017-17485", + "CVE-2017-17760", + "CVE-2017-17835", + "CVE-2017-17837", + "CVE-2017-18076", + "CVE-2017-18077", + "CVE-2017-18361", + "CVE-2017-18635", + "CVE-2017-1000001", + "CVE-2017-1000042", + "CVE-2017-1000056", + "CVE-2017-1000069", + "CVE-2017-1000070", + "CVE-2017-1000209", + "CVE-2017-1000246", + "CVE-2017-1000248", + "CVE-2017-1000427", + "CVE-2017-1000433", + "CVE-2017-1000450", + "CVE-2018-0737", + "CVE-2018-0953", + "CVE-2018-1067", + "CVE-2018-1114", + "CVE-2018-1193", + "CVE-2018-1199", + "CVE-2018-1259", + "CVE-2018-1272", + "CVE-2018-1273", + "CVE-2018-1274", + "CVE-2018-1284", + "CVE-2018-1304", + "CVE-2018-1314", + "CVE-2018-1336", + "CVE-2018-1339", + "CVE-2018-3711", + "CVE-2018-3728", + "CVE-2018-3743", + "CVE-2018-3758", + "CVE-2018-3777", + "CVE-2018-5773", + "CVE-2018-6517", + "CVE-2018-6596", + "CVE-2018-7212", + "CVE-2018-7489", + "CVE-2018-7575", + "CVE-2018-7711", + "CVE-2018-7750", + "CVE-2018-8006", + "CVE-2018-8008", + "CVE-2018-8009", + "CVE-2018-8014", + "CVE-2018-8017", + "CVE-2018-8025", + "CVE-2018-8027", + "CVE-2018-8030", + "CVE-2018-8037", + "CVE-2018-8038", + "CVE-2018-8039", + "CVE-2018-8088", + "CVE-2018-8097", + "CVE-2018-8315", + "CVE-2018-8359", + "CVE-2018-8416", + "CVE-2018-8465", + "CVE-2018-8473", + "CVE-2018-8510", + "CVE-2018-8541", + "CVE-2018-8899", + "CVE-2018-9856", + "CVE-2018-10237", + "CVE-2018-10862", + "CVE-2018-10912", + "CVE-2018-11039", + "CVE-2018-11040", + "CVE-2018-11087", + "CVE-2018-11248", + "CVE-2018-11307", + "CVE-2018-11627", + "CVE-2018-11647", + "CVE-2018-11758", + "CVE-2018-11761", + "CVE-2018-11762", + "CVE-2018-11775", + "CVE-2018-11777", + "CVE-2018-11784", + "CVE-2018-11786", + "CVE-2018-11787", + "CVE-2018-11788", + "CVE-2018-11797", + "CVE-2018-12022", + "CVE-2018-12023", + "CVE-2018-12537", + "CVE-2018-12540", + "CVE-2018-12544", + "CVE-2018-12608", + "CVE-2018-13790", + "CVE-2018-13863", + "CVE-2018-14040", + "CVE-2018-14042", + "CVE-2018-14371", + "CVE-2018-14574", + "CVE-2018-14635", + "CVE-2018-14642", + "CVE-2018-14731", + "CVE-2018-14774", + "CVE-2018-15727", + "CVE-2018-15756", + "CVE-2018-15758", + "CVE-2018-16468", + "CVE-2018-16471", + "CVE-2018-16733", + "CVE-2018-16837", + "CVE-2018-16859", + "CVE-2018-16876", + "CVE-2018-16886", + "CVE-2018-16984", + "CVE-2018-17057", + "CVE-2018-17175", + "CVE-2018-17246", + "CVE-2018-18074", + "CVE-2018-18206", + "CVE-2018-18854", + "CVE-2018-18893", + "CVE-2018-18926", + "CVE-2018-19133", + "CVE-2018-19351", + "CVE-2018-19352", + "CVE-2018-19370", + "CVE-2018-19620", + "CVE-2018-19787", + "CVE-2018-20000", + "CVE-2018-20227", + "CVE-2018-20745", + "CVE-2018-20756", + "CVE-2018-20834", + "CVE-2018-20975", + "CVE-2018-1000060", + "CVE-2018-1000088", + "CVE-2018-1000096", + "CVE-2018-1000118", + "CVE-2018-1000159", + "CVE-2018-1000539", + "CVE-2018-1000559", + "CVE-2018-1000613", + "CVE-2018-1000644", + "CVE-2018-1000665", + "CVE-2018-1000803", + "CVE-2018-1000809", + "CVE-2018-1000820", + "CVE-2018-1000822", + "CVE-2018-1000854", + "CVE-2018-1000855", + "CVE-2018-1000872", + "CVE-2018-1002101", + "CVE-2018-1002105", + "CVE-2018-1002150", + "CVE-2018-1002200", + "CVE-2018-1002203", + "CVE-2018-1002204", + "CVE-2018-1002205", + "CVE-2019-0194", + "CVE-2019-0201", + "CVE-2019-0210", + "CVE-2019-0226", + "CVE-2019-0228", + "CVE-2019-1001", + "CVE-2019-1552", + "CVE-2019-3465", + "CVE-2019-3498", + "CVE-2019-3774", + "CVE-2019-3799", + "CVE-2019-3808", + "CVE-2019-3810", + "CVE-2019-3847", + "CVE-2019-3850", + "CVE-2019-3888", + "CVE-2019-3894", + "CVE-2019-5018", + "CVE-2019-5421", + "CVE-2019-5448", + "CVE-2019-5477", + "CVE-2019-6802", + "CVE-2019-6975", + "CVE-2019-7313", + "CVE-2019-7537", + "CVE-2019-7644", + "CVE-2019-8903", + "CVE-2019-9153", + "CVE-2019-9154", + "CVE-2019-9155", + "CVE-2019-9512", + "CVE-2019-9826", + "CVE-2019-9942", + "CVE-2019-10071", + "CVE-2019-10072", + "CVE-2019-10086", + "CVE-2019-10094", + "CVE-2019-10158", + "CVE-2019-10174", + "CVE-2019-10184", + "CVE-2019-10206", + "CVE-2019-10219", + "CVE-2019-10246", + "CVE-2019-10247", + "CVE-2019-10249", + "CVE-2019-10255", + "CVE-2019-10354", + "CVE-2019-10641", + "CVE-2019-10754", + "CVE-2019-10763", + "CVE-2019-10766", + "CVE-2019-10768", + "CVE-2019-10770", + "CVE-2019-10773", + "CVE-2019-10774", + "CVE-2019-10806", + "CVE-2019-10874", + "CVE-2019-10912", + "CVE-2019-11016", + "CVE-2019-11082", + "CVE-2019-11244", + "CVE-2019-11245", + "CVE-2019-11269", + "CVE-2019-11289", + "CVE-2019-11325", + "CVE-2019-11328", + "CVE-2019-11405", + "CVE-2019-11458", + "CVE-2019-11470", + "CVE-2019-11808", + "CVE-2019-12041", + "CVE-2019-12086", + "CVE-2019-12203", + "CVE-2019-12245", + "CVE-2019-12308", + "CVE-2019-12313", + "CVE-2019-12387", + "CVE-2019-12418", + "CVE-2019-12419", + "CVE-2019-12422", + "CVE-2019-12423", + "CVE-2019-12617", + "CVE-2019-12748", + "CVE-2019-12781", + "CVE-2019-14262", + "CVE-2019-14280", + "CVE-2019-14838", + "CVE-2019-14892", + "CVE-2019-14933", + "CVE-2019-15062", + "CVE-2019-15477", + "CVE-2019-15482", + "CVE-2019-15483", + "CVE-2019-15484", + "CVE-2019-15485", + "CVE-2019-15486", + "CVE-2019-15587", + "CVE-2019-15599", + "CVE-2019-15608", + "CVE-2019-15782", + "CVE-2019-16060", + "CVE-2019-16097", + "CVE-2019-16145", + "CVE-2019-16403", + "CVE-2019-16768", + "CVE-2019-16770", + "CVE-2019-16772", + "CVE-2019-16774", + "CVE-2019-16782", + "CVE-2019-16869", + "CVE-2019-16884", + "CVE-2019-16942", + "CVE-2019-16943", + "CVE-2019-17206", + "CVE-2019-17223", + "CVE-2019-17359", + "CVE-2019-17383", + "CVE-2019-17426", + "CVE-2019-17554", + "CVE-2019-17563", + "CVE-2019-17569", + "CVE-2019-17632", + "CVE-2019-18841", + "CVE-2019-18886", + "CVE-2019-18887", + "CVE-2019-18888", + "CVE-2019-18923", + "CVE-2019-18954", + "CVE-2019-19118", + "CVE-2019-19274", + "CVE-2019-19316", + "CVE-2019-19325", + "CVE-2019-19844", + "CVE-2019-19919", + "CVE-2019-20444", + "CVE-2019-1000007", + "CVE-2019-1002101", + "CVE-2019-1010142", + "CVE-2019-1010306", + "CVE-2020-1935", + "CVE-2020-1937", + "CVE-2020-1938", + "CVE-2020-1940", + "CVE-2020-5215", + "CVE-2020-5223", + "CVE-2020-5230", + "CVE-2020-5233", + "CVE-2020-5237", + "CVE-2020-5243", + "CVE-2020-5245", + "CVE-2020-5247", + "CVE-2020-5310", + "CVE-2020-5311", + "CVE-2020-5312", + "CVE-2020-5313", + "CVE-2020-5398", + "CVE-2020-6802", + "CVE-2020-6816", + "CVE-2020-7212", + "CVE-2020-7219", + "CVE-2020-7596", + "CVE-2020-7598", + "CVE-2020-7608", + "CVE-2020-8116", + "CVE-2020-8134", + "CVE-2020-8840", + "CVE-2020-8945", + "CVE-2020-9402", + "CVE-2020-9546", + "CVE-2020-9547", + "CVE-2020-9548", + "CVE-2020-10594" + ], + "aborted": [ + "CVE-2009-0217", + "CVE-2015-1169", + "CVE-2015-3208", + "CVE-2015-6826", + "CVE-2015-7577", + "CVE-2016-5386", + "CVE-2017-5643", + "CVE-2017-8658", + "CVE-2017-14695", + "CVE-2018-10055", + "CVE-2018-11804", + "CVE-2018-20713", + "CVE-2018-1002102", + "CVE-2019-10154" + ], + "missing": [ + "CVE-2009-0217", + "CVE-2015-1169", + "CVE-2015-3208", + "CVE-2015-6826", + "CVE-2015-7577", + "CVE-2016-5386", + "CVE-2017-5643", + "CVE-2017-8658", + "CVE-2017-14695", + "CVE-2018-10055", + "CVE-2018-11804", + "CVE-2018-20713", + "CVE-2018-1002102", + "CVE-2019-10154" + ] + } + }, + { + "timestamp": "30-08-2024, 09:37", + "results": { + "high": [ + "CVE-2010-5312", + "CVE-2011-1950", + "CVE-2011-2765", + "CVE-2011-3186", + "CVE-2011-3923", + "CVE-2011-4030", + "CVE-2011-4461", + "CVE-2012-1109", + "CVE-2012-1176", + "CVE-2012-2378", + "CVE-2012-2417", + "CVE-2012-3366", + "CVE-2012-3408", + "CVE-2012-3458", + "CVE-2012-3536", + "CVE-2012-5812", + "CVE-2012-6550", + "CVE-2013-0256", + "CVE-2013-0294", + "CVE-2013-1607", + "CVE-2013-1800", + "CVE-2013-1801", + "CVE-2013-1879", + "CVE-2013-1880", + "CVE-2013-2013", + "CVE-2013-2035", + "CVE-2013-2172", + "CVE-2013-2191", + "CVE-2013-3300", + "CVE-2013-4111", + "CVE-2013-4116", + "CVE-2013-4316", + "CVE-2013-4413", + "CVE-2013-4562", + "CVE-2013-4701", + "CVE-2013-6465", + "CVE-2013-7378", + "CVE-2013-7459", + "CVE-2014-0072", + "CVE-2014-0073", + "CVE-2014-0120", + "CVE-2014-0121", + "CVE-2014-0160", + "CVE-2014-0177", + "CVE-2014-1202", + "CVE-2014-1403", + "CVE-2014-1604", + "CVE-2014-1904", + "CVE-2014-2525", + "CVE-2014-3120", + "CVE-2014-3250", + "CVE-2014-3488", + "CVE-2014-3576", + "CVE-2014-3577", + "CVE-2014-3579", + "CVE-2014-3599", + "CVE-2014-3612", + "CVE-2014-3741", + "CVE-2014-3995", + "CVE-2014-4657", + "CVE-2014-6394", + "CVE-2014-7192", + "CVE-2014-7193", + "CVE-2014-7809", + "CVE-2014-8115", + "CVE-2014-8152", + "CVE-2014-8681", + "CVE-2014-8682", + "CVE-2014-9130", + "CVE-2014-9489", + "CVE-2014-9682", + "CVE-2014-9721", + "CVE-2014-9970", + "CVE-2015-0276", + "CVE-2015-0838", + "CVE-2015-0846", + "CVE-2015-1326", + "CVE-2015-1772", + "CVE-2015-1782", + "CVE-2015-1838", + "CVE-2015-3206", + "CVE-2015-3220", + "CVE-2015-4082", + "CVE-2015-4410", + "CVE-2015-4412", + "CVE-2015-4619", + "CVE-2015-5081", + "CVE-2015-5147", + "CVE-2015-6524", + "CVE-2015-6584", + "CVE-2015-7294", + "CVE-2015-7337", + "CVE-2015-7541", + "CVE-2015-7809", + "CVE-2015-8309", + "CVE-2015-8310", + "CVE-2015-8747", + "CVE-2015-8814", + "CVE-2015-8854", + "CVE-2015-8862", + "CVE-2015-9235", + "CVE-2015-9241", + "CVE-2016-0750", + "CVE-2016-1505", + "CVE-2016-2166", + "CVE-2016-2537", + "CVE-2016-3114", + "CVE-2016-3693", + "CVE-2016-3720", + "CVE-2016-4000", + "CVE-2016-4442", + "CVE-2016-4562", + "CVE-2016-4563", + "CVE-2016-4564", + "CVE-2016-4974", + "CVE-2016-4977", + "CVE-2016-5007", + "CVE-2016-5104", + "CVE-2016-5180", + "CVE-2016-5431", + "CVE-2016-5697", + "CVE-2016-5841", + "CVE-2016-5842", + "CVE-2016-5851", + "CVE-2016-6298", + "CVE-2016-7528", + "CVE-2016-8738", + "CVE-2016-9298", + "CVE-2016-9909", + "CVE-2016-9910", + "CVE-2016-10149", + "CVE-2016-10173", + "CVE-2016-10345", + "CVE-2016-10522", + "CVE-2016-10524", + "CVE-2016-10528", + "CVE-2016-10529", + "CVE-2016-10531", + "CVE-2016-10536", + "CVE-2016-10540", + "CVE-2016-10544", + "CVE-2016-10554", + "CVE-2016-10556", + "CVE-2016-10558", + "CVE-2016-10559", + "CVE-2016-10560", + "CVE-2016-10575", + "CVE-2016-10577", + "CVE-2016-10591", + "CVE-2016-10611", + "CVE-2016-10694", + "CVE-2016-10703", + "CVE-2016-10735", + "CVE-2016-1000236", + "CVE-2016-1000338", + "CVE-2016-1000340", + "CVE-2016-1000343", + "CVE-2016-1000344", + "CVE-2017-0904", + "CVE-2017-2617", + "CVE-2017-2652", + "CVE-2017-2667", + "CVE-2017-2809", + "CVE-2017-3204", + "CVE-2017-4973", + "CVE-2017-5209", + "CVE-2017-5545", + "CVE-2017-5591", + "CVE-2017-5641", + "CVE-2017-5645", + "CVE-2017-5858", + "CVE-2017-5934", + "CVE-2017-5936", + "CVE-2017-5946", + "CVE-2017-7540", + "CVE-2017-7654", + "CVE-2017-7656", + "CVE-2017-7674", + "CVE-2017-8028", + "CVE-2017-8418", + "CVE-2017-8932", + "CVE-2017-9796", + "CVE-2017-11173", + "CVE-2017-11427", + "CVE-2017-11467", + "CVE-2017-11905", + "CVE-2017-11910", + "CVE-2017-12098", + "CVE-2017-12616", + "CVE-2017-12620", + "CVE-2017-12867", + "CVE-2017-12871", + "CVE-2017-13098", + "CVE-2017-14619", + "CVE-2017-14735", + "CVE-2017-15051", + "CVE-2017-15052", + "CVE-2017-15053", + "CVE-2017-15054", + "CVE-2017-15055", + "CVE-2017-15133", + "CVE-2017-15278", + "CVE-2017-15703", + "CVE-2017-15728", + "CVE-2017-15729", + "CVE-2017-15730", + "CVE-2017-15731", + "CVE-2017-15733", + "CVE-2017-15734", + "CVE-2017-15735", + "CVE-2017-15808", + "CVE-2017-15809", + "CVE-2017-15879", + "CVE-2017-15928", + "CVE-2017-16003", + "CVE-2017-16007", + "CVE-2017-16008", + "CVE-2017-16013", + "CVE-2017-16014", + "CVE-2017-16015", + "CVE-2017-16016", + "CVE-2017-16017", + "CVE-2017-16023", + "CVE-2017-16025", + "CVE-2017-16042", + "CVE-2017-16136", + "CVE-2017-16226", + "CVE-2017-16228", + "CVE-2017-16244", + "CVE-2017-16613", + "CVE-2017-16615", + "CVE-2017-16616", + "CVE-2017-16618", + "CVE-2017-16876", + "CVE-2017-16877", + "CVE-2017-16880", + "CVE-2017-17042", + "CVE-2017-18239", + "CVE-2017-18367", + "CVE-2017-1000188", + "CVE-2017-1000189", + "CVE-2017-1000228", + "CVE-2017-1000389", + "CVE-2017-1000486", + "CVE-2017-1000487", + "CVE-2017-1000491", + "CVE-2017-1001002", + "CVE-2017-1001003", + "CVE-2017-1001004", + "CVE-2017-1002150", + "CVE-2018-1098", + "CVE-2018-1099", + "CVE-2018-1260", + "CVE-2018-1261", + "CVE-2018-1263", + "CVE-2018-1309", + "CVE-2018-1320", + "CVE-2018-3712", + "CVE-2018-3714", + "CVE-2018-3715", + "CVE-2018-3721", + "CVE-2018-3726", + "CVE-2018-3731", + "CVE-2018-3732", + "CVE-2018-3733", + "CVE-2018-3740", + "CVE-2018-3741", + "CVE-2018-3750", + "CVE-2018-3759", + "CVE-2018-3769", + "CVE-2018-3774", + "CVE-2018-3778", + "CVE-2018-3786", + "CVE-2018-5968", + "CVE-2018-6333", + "CVE-2018-7260", + "CVE-2018-7408", + "CVE-2018-7560", + "CVE-2018-7651", + "CVE-2018-7753", + "CVE-2018-8013", + "CVE-2018-8016", + "CVE-2018-8128", + "CVE-2018-8177", + "CVE-2018-8178", + "CVE-2018-8381", + "CVE-2018-8390", + "CVE-2018-9109", + "CVE-2018-9110", + "CVE-2018-9206", + "CVE-2018-10092", + "CVE-2018-10094", + "CVE-2018-10095", + "CVE-2018-10188", + "CVE-2018-10366", + "CVE-2018-10903", + "CVE-2018-10936", + "CVE-2018-11093", + "CVE-2018-11771", + "CVE-2018-11798", + "CVE-2018-12043", + "CVE-2018-12418", + "CVE-2018-12541", + "CVE-2018-12557", + "CVE-2018-12615", + "CVE-2018-12976", + "CVE-2018-13447", + "CVE-2018-13448", + "CVE-2018-13449", + "CVE-2018-13450", + "CVE-2018-13797", + "CVE-2018-13818", + "CVE-2018-14041", + "CVE-2018-14637", + "CVE-2018-14718", + "CVE-2018-14719", + "CVE-2018-14720", + "CVE-2018-14721", + "CVE-2018-14840", + "CVE-2018-15178", + "CVE-2018-15531", + "CVE-2018-16329", + "CVE-2018-16459", + "CVE-2018-16462", + "CVE-2018-16470", + "CVE-2018-16472", + "CVE-2018-16490", + "CVE-2018-16492", + "CVE-2018-17104", + "CVE-2018-17187", + "CVE-2018-17193", + "CVE-2018-17194", + "CVE-2018-17195", + "CVE-2018-17197", + "CVE-2018-17419", + "CVE-2018-18389", + "CVE-2018-18476", + "CVE-2018-19048", + "CVE-2018-19184", + "CVE-2018-19360", + "CVE-2018-19361", + "CVE-2018-19362", + "CVE-2018-19992", + "CVE-2018-19993", + "CVE-2018-19994", + "CVE-2018-20028", + "CVE-2018-20059", + "CVE-2018-20433", + "CVE-2018-20594", + "CVE-2018-20595", + "CVE-2018-20677", + "CVE-2018-20801", + "CVE-2018-20835", + "CVE-2018-20962", + "CVE-2018-1000013", + "CVE-2018-1000014", + "CVE-2018-1000089", + "CVE-2018-1000119", + "CVE-2018-1000129", + "CVE-2018-1000134", + "CVE-2018-1000164", + "CVE-2018-1000518", + "CVE-2018-1000525", + "CVE-2018-1000531", + "CVE-2018-1000538", + "CVE-2018-1000620", + "CVE-2018-1000632", + "CVE-2018-1000805", + "CVE-2018-1000807", + "CVE-2018-1000808", + "CVE-2018-1000814", + "CVE-2018-1000843", + "CVE-2018-1000850", + "CVE-2018-1000888", + "CVE-2018-1002201", + "CVE-2018-1002207", + "CVE-2018-1002208", + "CVE-2018-1999024", + "CVE-2019-0911", + "CVE-2019-0912", + "CVE-2019-0917", + "CVE-2019-0922", + "CVE-2019-0924", + "CVE-2019-0925", + "CVE-2019-0933", + "CVE-2019-1052", + "CVE-2019-1062", + "CVE-2019-1092", + "CVE-2019-1103", + "CVE-2019-1106", + "CVE-2019-1107", + "CVE-2019-1139", + "CVE-2019-1195", + "CVE-2019-1196", + "CVE-2019-1197", + "CVE-2019-3564", + "CVE-2019-3826", + "CVE-2019-5413", + "CVE-2019-5484", + "CVE-2019-5884", + "CVE-2019-6798", + "CVE-2019-7164", + "CVE-2019-7548", + "CVE-2019-7617", + "CVE-2019-7722", + "CVE-2019-8331", + "CVE-2019-8457", + "CVE-2019-9212", + "CVE-2019-9658", + "CVE-2019-9844", + "CVE-2019-10131", + "CVE-2019-10157", + "CVE-2019-10217", + "CVE-2019-10240", + "CVE-2019-10241", + "CVE-2019-10248", + "CVE-2019-10642", + "CVE-2019-10643", + "CVE-2019-10682", + "CVE-2019-10745", + "CVE-2019-10748", + "CVE-2019-10749", + "CVE-2019-10750", + "CVE-2019-10751", + "CVE-2019-10752", + "CVE-2019-10760", + "CVE-2019-10762", + "CVE-2019-10764", + "CVE-2019-10767", + "CVE-2019-10776", + "CVE-2019-10778", + "CVE-2019-10780", + "CVE-2019-10781", + "CVE-2019-10787", + "CVE-2019-10792", + "CVE-2019-10793", + "CVE-2019-10795", + "CVE-2019-10797", + "CVE-2019-10799", + "CVE-2019-10867", + "CVE-2019-10904", + "CVE-2019-11272", + "CVE-2019-11358", + "CVE-2019-11512", + "CVE-2019-11514", + "CVE-2019-11767", + "CVE-2019-11768", + "CVE-2019-11777", + "CVE-2019-12277", + "CVE-2019-12402", + "CVE-2019-12404", + "CVE-2019-12407", + "CVE-2019-12616", + "CVE-2019-12741", + "CVE-2019-12814", + "CVE-2019-13127", + "CVE-2019-13135", + "CVE-2019-13173", + "CVE-2019-13209", + "CVE-2019-13295", + "CVE-2019-13574", + "CVE-2019-13644", + "CVE-2019-14540", + "CVE-2019-14668", + "CVE-2019-14669", + "CVE-2019-14671", + "CVE-2019-14672", + "CVE-2019-14751", + "CVE-2019-14806", + "CVE-2019-14837", + "CVE-2019-14862", + "CVE-2019-14863", + "CVE-2019-14893", + "CVE-2019-14980", + "CVE-2019-15481", + "CVE-2019-15532", + "CVE-2019-15657", + "CVE-2019-15658", + "CVE-2019-16197", + "CVE-2019-16317", + "CVE-2019-16318", + "CVE-2019-16335", + "CVE-2019-16676", + "CVE-2019-16761", + "CVE-2019-16762", + "CVE-2019-16763", + "CVE-2019-16766", + "CVE-2019-16769", + "CVE-2019-16771", + "CVE-2019-16778", + "CVE-2019-16779", + "CVE-2019-16784", + "CVE-2019-16785", + "CVE-2019-16786", + "CVE-2019-16789", + "CVE-2019-16792", + "CVE-2019-17267", + "CVE-2019-17496", + "CVE-2019-17513", + "CVE-2019-17531", + "CVE-2019-17541", + "CVE-2019-17592", + "CVE-2019-18622", + "CVE-2019-18656", + "CVE-2019-18848", + "CVE-2019-18857", + "CVE-2019-18874", + "CVE-2019-18889", + "CVE-2019-18978", + "CVE-2019-18981", + "CVE-2019-18982", + "CVE-2019-18985", + "CVE-2019-18986", + "CVE-2019-19010", + "CVE-2019-19212", + "CVE-2019-19275", + "CVE-2019-19507", + "CVE-2019-19576", + "CVE-2019-19619", + "CVE-2019-19687", + "CVE-2019-19703", + "CVE-2019-19794", + "CVE-2019-20330", + "CVE-2019-1000005", + "CVE-2019-1000021", + "CVE-2019-1010266", + "CVE-2019-1020012", + "CVE-2020-1747", + "CVE-2020-1928", + "CVE-2020-5219", + "CVE-2020-5224", + "CVE-2020-5227", + "CVE-2020-5229", + "CVE-2020-5232", + "CVE-2020-5236", + "CVE-2020-5249", + "CVE-2020-5390", + "CVE-2020-5529", + "CVE-2020-6836", + "CVE-2020-7597", + "CVE-2020-7981", + "CVE-2020-8125", + "CVE-2020-8131", + "CVE-2020-9283", + "CVE-2020-10236", + "CVE-2020-10591", + "CVE-2020-10672", + "CVE-2020-10673" + ], + "COMMIT_IN_REFERENCE": [ + "CVE-2010-5312", + "CVE-2011-2765", + "CVE-2011-3186", + "CVE-2011-4030", + "CVE-2011-4461", + "CVE-2012-1109", + "CVE-2012-1176", + "CVE-2012-2417", + "CVE-2012-3366", + "CVE-2012-3408", + "CVE-2012-3458", + "CVE-2012-6550", + "CVE-2013-0256", + "CVE-2013-0294", + "CVE-2013-1800", + "CVE-2013-1801", + "CVE-2013-2013", + "CVE-2013-2035", + "CVE-2013-2191", + "CVE-2013-3300", + "CVE-2013-4116", + "CVE-2013-4413", + "CVE-2013-4562", + "CVE-2013-4701", + "CVE-2013-6465", + "CVE-2013-7378", + "CVE-2013-7459", + "CVE-2014-0072", + "CVE-2014-0073", + "CVE-2014-0120", + "CVE-2014-0121", + "CVE-2014-0160", + "CVE-2014-0177", + "CVE-2014-1202", + "CVE-2014-1403", + "CVE-2014-1604", + "CVE-2014-1904", + "CVE-2014-3120", + "CVE-2014-3488", + "CVE-2014-3579", + "CVE-2014-3599", + "CVE-2014-3741", + "CVE-2014-3995", + "CVE-2014-4657", + "CVE-2014-6394", + "CVE-2014-7192", + "CVE-2014-7193", + "CVE-2014-8115", + "CVE-2014-8681", + "CVE-2014-8682", + "CVE-2014-9130", + "CVE-2014-9489", + "CVE-2014-9682", + "CVE-2014-9721", + "CVE-2015-0846", + "CVE-2015-1326", + "CVE-2015-1838", + "CVE-2015-3206", + "CVE-2015-3220", + "CVE-2015-4082", + "CVE-2015-4410", + "CVE-2015-4412", + "CVE-2015-4619", + "CVE-2015-5081", + "CVE-2015-5147", + "CVE-2015-6584", + "CVE-2015-7294", + "CVE-2015-7337", + "CVE-2015-7541", + "CVE-2015-7809", + "CVE-2015-8309", + "CVE-2015-8310", + "CVE-2015-8747", + "CVE-2015-8814", + "CVE-2015-9235", + "CVE-2015-9241", + "CVE-2016-0750", + "CVE-2016-1505", + "CVE-2016-2166", + "CVE-2016-2537", + "CVE-2016-3693", + "CVE-2016-3720", + "CVE-2016-4442", + "CVE-2016-4562", + "CVE-2016-4563", + "CVE-2016-4564", + "CVE-2016-5104", + "CVE-2016-5431", + "CVE-2016-5697", + "CVE-2016-5841", + "CVE-2016-5842", + "CVE-2016-5851", + "CVE-2016-6298", + "CVE-2016-7528", + "CVE-2016-9298", + "CVE-2016-9909", + "CVE-2016-9910", + "CVE-2016-10149", + "CVE-2016-10345", + "CVE-2016-10522", + "CVE-2016-10524", + "CVE-2016-10531", + "CVE-2016-10536", + "CVE-2016-10540", + "CVE-2016-10544", + "CVE-2016-10554", + "CVE-2016-10556", + "CVE-2016-10577", + "CVE-2016-10703", + "CVE-2016-1000236", + "CVE-2016-1000338", + "CVE-2016-1000340", + "CVE-2016-1000343", + "CVE-2016-1000344", + "CVE-2017-0904", + "CVE-2017-2809", + "CVE-2017-3204", + "CVE-2017-5209", + "CVE-2017-5545", + "CVE-2017-5591", + "CVE-2017-5645", + "CVE-2017-5934", + "CVE-2017-5936", + "CVE-2017-5946", + "CVE-2017-7540", + "CVE-2017-7654", + "CVE-2017-7656", + "CVE-2017-8028", + "CVE-2017-8418", + "CVE-2017-8932", + "CVE-2017-11173", + "CVE-2017-12098", + "CVE-2017-12867", + "CVE-2017-12871", + "CVE-2017-13098", + "CVE-2017-14619", + "CVE-2017-14735", + "CVE-2017-15051", + "CVE-2017-15052", + "CVE-2017-15053", + "CVE-2017-15054", + "CVE-2017-15055", + "CVE-2017-15133", + "CVE-2017-15278", + "CVE-2017-15728", + "CVE-2017-15729", + "CVE-2017-15730", + "CVE-2017-15731", + "CVE-2017-15733", + "CVE-2017-15734", + "CVE-2017-15735", + "CVE-2017-15808", + "CVE-2017-15809", + "CVE-2017-15879", + "CVE-2017-15928", + "CVE-2017-16003", + "CVE-2017-16008", + "CVE-2017-16013", + "CVE-2017-16014", + "CVE-2017-16015", + "CVE-2017-16016", + "CVE-2017-16017", + "CVE-2017-16023", + "CVE-2017-16025", + "CVE-2017-16042", + "CVE-2017-16136", + "CVE-2017-16226", + "CVE-2017-16228", + "CVE-2017-16244", + "CVE-2017-16613", + "CVE-2017-16615", + "CVE-2017-16616", + "CVE-2017-16618", + "CVE-2017-16876", + "CVE-2017-16877", + "CVE-2017-16880", + "CVE-2017-17042", + "CVE-2017-18239", + "CVE-2017-18367", + "CVE-2017-1000188", + "CVE-2017-1000189", + "CVE-2017-1000228", + "CVE-2017-1000486", + "CVE-2017-1000487", + "CVE-2017-1000491", + "CVE-2017-1001002", + "CVE-2017-1001003", + "CVE-2017-1001004", + "CVE-2017-1002150", + "CVE-2018-1099", + "CVE-2018-1320", + "CVE-2018-3712", + "CVE-2018-3715", + "CVE-2018-3721", + "CVE-2018-3726", + "CVE-2018-3732", + "CVE-2018-3733", + "CVE-2018-3740", + "CVE-2018-3741", + "CVE-2018-3750", + "CVE-2018-3759", + "CVE-2018-3769", + "CVE-2018-3774", + "CVE-2018-3778", + "CVE-2018-3786", + "CVE-2018-5968", + "CVE-2018-6333", + "CVE-2018-7260", + "CVE-2018-7408", + "CVE-2018-7560", + "CVE-2018-7651", + "CVE-2018-7753", + "CVE-2018-8016", + "CVE-2018-9109", + "CVE-2018-9110", + "CVE-2018-9206", + "CVE-2018-10092", + "CVE-2018-10094", + "CVE-2018-10095", + "CVE-2018-10188", + "CVE-2018-10366", + "CVE-2018-10903", + "CVE-2018-10936", + "CVE-2018-11771", + "CVE-2018-11798", + "CVE-2018-12043", + "CVE-2018-12418", + "CVE-2018-12541", + "CVE-2018-12557", + "CVE-2018-12615", + "CVE-2018-12976", + "CVE-2018-13447", + "CVE-2018-13448", + "CVE-2018-13449", + "CVE-2018-13450", + "CVE-2018-13797", + "CVE-2018-13818", + "CVE-2018-14041", + "CVE-2018-14718", + "CVE-2018-14719", + "CVE-2018-14720", + "CVE-2018-14721", + "CVE-2018-14840", + "CVE-2018-15178", + "CVE-2018-15531", + "CVE-2018-16329", + "CVE-2018-16470", + "CVE-2018-16472", + "CVE-2018-16492", + "CVE-2018-17104", + "CVE-2018-17187", + "CVE-2018-17419", + "CVE-2018-18389", + "CVE-2018-18476", + "CVE-2018-19048", + "CVE-2018-19184", + "CVE-2018-19360", + "CVE-2018-19361", + "CVE-2018-19362", + "CVE-2018-19992", + "CVE-2018-19993", + "CVE-2018-19994", + "CVE-2018-20059", + "CVE-2018-20433", + "CVE-2018-20594", + "CVE-2018-20595", + "CVE-2018-20677", + "CVE-2018-20801", + "CVE-2018-20835", + "CVE-2018-20962", + "CVE-2018-1000089", + "CVE-2018-1000119", + "CVE-2018-1000129", + "CVE-2018-1000134", + "CVE-2018-1000164", + "CVE-2018-1000518", + "CVE-2018-1000525", + "CVE-2018-1000531", + "CVE-2018-1000538", + "CVE-2018-1000620", + "CVE-2018-1000632", + "CVE-2018-1000805", + "CVE-2018-1000807", + "CVE-2018-1000808", + "CVE-2018-1000814", + "CVE-2018-1000843", + "CVE-2018-1000850", + "CVE-2018-1000888", + "CVE-2018-1002201", + "CVE-2018-1002207", + "CVE-2018-1999024", + "CVE-2019-3564", + "CVE-2019-3826", + "CVE-2019-5413", + "CVE-2019-5484", + "CVE-2019-5884", + "CVE-2019-6798", + "CVE-2019-7164", + "CVE-2019-7548", + "CVE-2019-8457", + "CVE-2019-9658", + "CVE-2019-10131", + "CVE-2019-10157", + "CVE-2019-10217", + "CVE-2019-10241", + "CVE-2019-10682", + "CVE-2019-10749", + "CVE-2019-10751", + "CVE-2019-10752", + "CVE-2019-10762", + "CVE-2019-10767", + "CVE-2019-10776", + "CVE-2019-10781", + "CVE-2019-10787", + "CVE-2019-10792", + "CVE-2019-10793", + "CVE-2019-10795", + "CVE-2019-10799", + "CVE-2019-10867", + "CVE-2019-11272", + "CVE-2019-11358", + "CVE-2019-11514", + "CVE-2019-11768", + "CVE-2019-11777", + "CVE-2019-12277", + "CVE-2019-12402", + "CVE-2019-12616", + "CVE-2019-12741", + "CVE-2019-12814", + "CVE-2019-13127", + "CVE-2019-13135", + "CVE-2019-13173", + "CVE-2019-13295", + "CVE-2019-13574", + "CVE-2019-13644", + "CVE-2019-14540", + "CVE-2019-14668", + "CVE-2019-14669", + "CVE-2019-14671", + "CVE-2019-14672", + "CVE-2019-14751", + "CVE-2019-14806", + "CVE-2019-14837", + "CVE-2019-14862", + "CVE-2019-14863", + "CVE-2019-14893", + "CVE-2019-14980", + "CVE-2019-15481", + "CVE-2019-15532", + "CVE-2019-16317", + "CVE-2019-16318", + "CVE-2019-16335", + "CVE-2019-16676", + "CVE-2019-16761", + "CVE-2019-16762", + "CVE-2019-16763", + "CVE-2019-16766", + "CVE-2019-16769", + "CVE-2019-16771", + "CVE-2019-16778", + "CVE-2019-16779", + "CVE-2019-16784", + "CVE-2019-16785", + "CVE-2019-16786", + "CVE-2019-16789", + "CVE-2019-16792", + "CVE-2019-17267", + "CVE-2019-17496", + "CVE-2019-17513", + "CVE-2019-17531", + "CVE-2019-17541", + "CVE-2019-17592", + "CVE-2019-18622", + "CVE-2019-18656", + "CVE-2019-18848", + "CVE-2019-18857", + "CVE-2019-18874", + "CVE-2019-18978", + "CVE-2019-18981", + "CVE-2019-18982", + "CVE-2019-18985", + "CVE-2019-18986", + "CVE-2019-19010", + "CVE-2019-19275", + "CVE-2019-19507", + "CVE-2019-19576", + "CVE-2019-19619", + "CVE-2019-19687", + "CVE-2019-19703", + "CVE-2019-19794", + "CVE-2019-20330", + "CVE-2019-1000005", + "CVE-2019-1000021", + "CVE-2019-1020012", + "CVE-2020-1747", + "CVE-2020-5219", + "CVE-2020-5224", + "CVE-2020-5227", + "CVE-2020-5229", + "CVE-2020-5232", + "CVE-2020-5236", + "CVE-2020-5249", + "CVE-2020-5390", + "CVE-2020-5529", + "CVE-2020-6836", + "CVE-2020-7597", + "CVE-2020-7981", + "CVE-2020-8131", + "CVE-2020-9283", + "CVE-2020-10236", + "CVE-2020-10591", + "CVE-2020-10672", + "CVE-2020-10673" + ], + "VULN_ID_IN_MESSAGE": [ + "CVE-2013-0256", + "CVE-2013-2191", + "CVE-2014-0160", + "CVE-2014-0177", + "CVE-2014-1403", + "CVE-2014-8152", + "CVE-2015-0276", + "CVE-2015-0838", + "CVE-2015-1326", + "CVE-2015-1782", + "CVE-2015-7541", + "CVE-2015-8309", + "CVE-2016-3114", + "CVE-2016-4974", + "CVE-2016-5180", + "CVE-2016-6298", + "CVE-2016-10173", + "CVE-2017-5934", + "CVE-2017-11427", + "CVE-2017-11905", + "CVE-2017-11910", + "CVE-2017-15133", + "CVE-2017-16613", + "CVE-2017-16876", + "CVE-2018-8128", + "CVE-2018-8177", + "CVE-2018-8178", + "CVE-2018-8381", + "CVE-2018-8390", + "CVE-2018-10092", + "CVE-2018-10094", + "CVE-2018-10095", + "CVE-2018-10936", + "CVE-2018-11093", + "CVE-2018-12541", + "CVE-2018-12976", + "CVE-2018-16470", + "CVE-2018-19992", + "CVE-2018-19993", + "CVE-2018-19994", + "CVE-2018-20028", + "CVE-2018-20433", + "CVE-2019-0911", + "CVE-2019-0912", + "CVE-2019-0917", + "CVE-2019-0922", + "CVE-2019-0924", + "CVE-2019-0925", + "CVE-2019-0933", + "CVE-2019-1052", + "CVE-2019-1062", + "CVE-2019-1092", + "CVE-2019-1103", + "CVE-2019-1106", + "CVE-2019-1107", + "CVE-2019-1139", + "CVE-2019-1195", + "CVE-2019-1196", + "CVE-2019-1197", + "CVE-2019-10642", + "CVE-2019-10643", + "CVE-2019-11512", + "CVE-2019-14751", + "CVE-2019-16784", + "CVE-2019-18622", + "CVE-2019-18848", + "CVE-2020-5219", + "CVE-2020-5390", + "CVE-2020-9283" + ], + "VULN_ID_IN_LINKED_ISSUE": [ + "CVE-2014-3579", + "CVE-2014-3612", + "CVE-2016-4974", + "CVE-2016-6298", + "CVE-2016-10173", + "CVE-2017-5946", + "CVE-2017-8028", + "CVE-2018-1320", + "CVE-2019-3826", + "CVE-2019-14863", + "CVE-2020-1747", + "CVE-2020-8131" + ], + "XREF_BUG": [ + "CVE-2013-1879", + "CVE-2013-1880", + "CVE-2014-3579", + "CVE-2016-2166", + "CVE-2017-15703", + "CVE-2018-1309", + "CVE-2018-1320", + "CVE-2018-8013", + "CVE-2018-8016", + "CVE-2018-11771", + "CVE-2018-17187", + "CVE-2018-17193", + "CVE-2018-17194", + "CVE-2018-17195", + "CVE-2020-1928", + "CVE-2012-1176", + "CVE-2013-4116", + "CVE-2014-3120", + "CVE-2014-6394", + "CVE-2014-9721", + "CVE-2015-4082", + "CVE-2015-7294", + "CVE-2015-8854", + "CVE-2016-3720", + "CVE-2016-5007", + "CVE-2016-6298", + "CVE-2016-9909", + "CVE-2016-9910", + "CVE-2016-10149", + "CVE-2016-10173", + "CVE-2017-2809", + "CVE-2017-5545", + "CVE-2017-5946", + "CVE-2017-7540", + "CVE-2017-8028", + "CVE-2017-8418", + "CVE-2017-8932", + "CVE-2017-12098", + "CVE-2017-14735", + "CVE-2017-15133", + "CVE-2017-15703", + "CVE-2017-15879", + "CVE-2017-16013", + "CVE-2017-16023", + "CVE-2017-16025", + "CVE-2017-16042", + "CVE-2017-16615", + "CVE-2017-16616", + "CVE-2017-16618", + "CVE-2017-18239", + "CVE-2018-1098", + "CVE-2018-1099", + "CVE-2018-1309", + "CVE-2018-3740", + "CVE-2018-3769", + "CVE-2018-3778", + "CVE-2018-3786", + "CVE-2018-5968", + "CVE-2018-7408", + "CVE-2018-7651", + "CVE-2018-7753", + "CVE-2018-9206", + "CVE-2018-10903", + "CVE-2018-12418", + "CVE-2018-12541", + "CVE-2018-13797", + "CVE-2018-14718", + "CVE-2018-14719", + "CVE-2018-14720", + "CVE-2018-14721", + "CVE-2018-14840", + "CVE-2018-15178", + "CVE-2018-17104", + "CVE-2018-17193", + "CVE-2018-17194", + "CVE-2018-17195", + "CVE-2018-17419", + "CVE-2018-18476", + "CVE-2018-19360", + "CVE-2018-19361", + "CVE-2018-19362", + "CVE-2018-20059", + "CVE-2018-20594", + "CVE-2018-20595", + "CVE-2018-20677", + "CVE-2018-20962", + "CVE-2018-1000164", + "CVE-2018-1000525", + "CVE-2018-1000531", + "CVE-2018-1000538", + "CVE-2018-1000620", + "CVE-2018-1000632", + "CVE-2018-1000805", + "CVE-2018-1000807", + "CVE-2018-1000808", + "CVE-2018-1000814", + "CVE-2018-1000843", + "CVE-2018-1002207", + "CVE-2018-1002208", + "CVE-2019-3826", + "CVE-2019-7164", + "CVE-2019-7548", + "CVE-2019-7722", + "CVE-2019-9658", + "CVE-2019-10217", + "CVE-2019-10248", + "CVE-2019-11358", + "CVE-2019-11777", + "CVE-2019-12814", + "CVE-2019-13644", + "CVE-2019-14540", + "CVE-2019-14668", + "CVE-2019-14669", + "CVE-2019-14671", + "CVE-2019-14672", + "CVE-2019-14862", + "CVE-2019-14863", + "CVE-2019-14893", + "CVE-2019-15481", + "CVE-2019-15532", + "CVE-2019-15658", + "CVE-2019-16335", + "CVE-2019-17267", + "CVE-2019-17531", + "CVE-2019-18874", + "CVE-2019-19507", + "CVE-2019-19703", + "CVE-2019-19794", + "CVE-2019-20330", + "CVE-2019-1000005", + "CVE-2020-1747", + "CVE-2020-1928", + "CVE-2020-8131", + "CVE-2020-10672", + "CVE-2020-10673" + ], + "COMMIT_IS_SECURITY_RELEVANT": [ + "CVE-2010-5312", + "CVE-2011-1950", + "CVE-2011-2765", + "CVE-2011-3186", + "CVE-2011-3923", + "CVE-2011-4030", + "CVE-2011-4461", + "CVE-2012-1176", + "CVE-2012-2378", + "CVE-2012-2417", + "CVE-2012-3366", + "CVE-2012-3408", + "CVE-2012-3458", + "CVE-2012-3536", + "CVE-2012-5812", + "CVE-2012-6550", + "CVE-2013-0256", + "CVE-2013-0294", + "CVE-2013-1607", + "CVE-2013-1800", + "CVE-2013-1801", + "CVE-2013-1879", + "CVE-2013-1880", + "CVE-2013-2013", + "CVE-2013-2172", + "CVE-2013-2191", + "CVE-2013-3300", + "CVE-2013-4111", + "CVE-2013-4116", + "CVE-2013-4316", + "CVE-2013-4413", + "CVE-2013-4562", + "CVE-2013-4701", + "CVE-2013-6465", + "CVE-2013-7378", + "CVE-2013-7459", + "CVE-2014-0072", + "CVE-2014-0073", + "CVE-2014-0120", + "CVE-2014-0121", + "CVE-2014-0160", + "CVE-2014-0177", + "CVE-2014-1403", + "CVE-2014-1604", + "CVE-2014-1904", + "CVE-2014-2525", + "CVE-2014-3120", + "CVE-2014-3250", + "CVE-2014-3488", + "CVE-2014-3576", + "CVE-2014-3577", + "CVE-2014-3579", + "CVE-2014-3612", + "CVE-2014-3741", + "CVE-2014-3995", + "CVE-2014-4657", + "CVE-2014-6394", + "CVE-2014-7192", + "CVE-2014-7193", + "CVE-2014-7809", + "CVE-2014-8152", + "CVE-2014-8681", + "CVE-2014-8682", + "CVE-2014-9130", + "CVE-2014-9489", + "CVE-2014-9682", + "CVE-2014-9721", + "CVE-2014-9970", + "CVE-2015-0276", + "CVE-2015-0838", + "CVE-2015-0846", + "CVE-2015-1326", + "CVE-2015-1772", + "CVE-2015-1782", + "CVE-2015-3206", + "CVE-2015-3220", + "CVE-2015-4082", + "CVE-2015-4412", + "CVE-2015-4619", + "CVE-2015-5081", + "CVE-2015-6524", + "CVE-2015-6584", + "CVE-2015-7294", + "CVE-2015-7541", + "CVE-2015-7809", + "CVE-2015-8309", + "CVE-2015-8310", + "CVE-2015-8747", + "CVE-2015-8814", + "CVE-2015-8854", + "CVE-2015-8862", + "CVE-2015-9235", + "CVE-2016-1505", + "CVE-2016-2166", + "CVE-2016-2537", + "CVE-2016-3114", + "CVE-2016-3693", + "CVE-2016-3720", + "CVE-2016-4000", + "CVE-2016-4562", + "CVE-2016-4563", + "CVE-2016-4564", + "CVE-2016-4974", + "CVE-2016-4977", + "CVE-2016-5104", + "CVE-2016-5180", + "CVE-2016-5431", + "CVE-2016-5697", + "CVE-2016-5841", + "CVE-2016-5842", + "CVE-2016-5851", + "CVE-2016-6298", + "CVE-2016-7528", + "CVE-2016-8738", + "CVE-2016-9909", + "CVE-2016-9910", + "CVE-2016-10149", + "CVE-2016-10173", + "CVE-2016-10345", + "CVE-2016-10522", + "CVE-2016-10524", + "CVE-2016-10528", + "CVE-2016-10529", + "CVE-2016-10531", + "CVE-2016-10536", + "CVE-2016-10540", + "CVE-2016-10544", + "CVE-2016-10554", + "CVE-2016-10556", + "CVE-2016-10558", + "CVE-2016-10559", + "CVE-2016-10560", + "CVE-2016-10575", + "CVE-2016-10577", + "CVE-2016-10591", + "CVE-2016-10611", + "CVE-2016-10694", + "CVE-2016-10703", + "CVE-2016-10735", + "CVE-2016-1000338", + "CVE-2016-1000340", + "CVE-2016-1000343", + "CVE-2016-1000344", + "CVE-2017-0904", + "CVE-2017-2617", + "CVE-2017-2652", + "CVE-2017-2667", + "CVE-2017-2809", + "CVE-2017-3204", + "CVE-2017-4973", + "CVE-2017-5209", + "CVE-2017-5545", + "CVE-2017-5591", + "CVE-2017-5641", + "CVE-2017-5645", + "CVE-2017-5858", + "CVE-2017-5934", + "CVE-2017-5936", + "CVE-2017-5946", + "CVE-2017-7540", + "CVE-2017-7654", + "CVE-2017-7656", + "CVE-2017-7674", + "CVE-2017-8028", + "CVE-2017-8418", + "CVE-2017-8932", + "CVE-2017-9796", + "CVE-2017-11173", + "CVE-2017-11427", + "CVE-2017-11467", + "CVE-2017-11905", + "CVE-2017-11910", + "CVE-2017-12098", + "CVE-2017-12616", + "CVE-2017-12620", + "CVE-2017-12867", + "CVE-2017-12871", + "CVE-2017-13098", + "CVE-2017-14619", + "CVE-2017-14735", + "CVE-2017-15051", + "CVE-2017-15054", + "CVE-2017-15055", + "CVE-2017-15133", + "CVE-2017-15278", + "CVE-2017-15728", + "CVE-2017-15729", + "CVE-2017-15730", + "CVE-2017-15731", + "CVE-2017-15733", + "CVE-2017-15734", + "CVE-2017-15735", + "CVE-2017-15808", + "CVE-2017-15809", + "CVE-2017-15928", + "CVE-2017-16003", + "CVE-2017-16007", + "CVE-2017-16008", + "CVE-2017-16013", + "CVE-2017-16014", + "CVE-2017-16015", + "CVE-2017-16016", + "CVE-2017-16017", + "CVE-2017-16025", + "CVE-2017-16042", + "CVE-2017-16226", + "CVE-2017-16228", + "CVE-2017-16244", + "CVE-2017-16613", + "CVE-2017-16615", + "CVE-2017-16616", + "CVE-2017-16618", + "CVE-2017-16876", + "CVE-2017-16880", + "CVE-2017-17042", + "CVE-2017-18239", + "CVE-2017-18367", + "CVE-2017-1000188", + "CVE-2017-1000189", + "CVE-2017-1000228", + "CVE-2017-1000389", + "CVE-2017-1000486", + "CVE-2017-1000487", + "CVE-2017-1000491", + "CVE-2017-1001002", + "CVE-2017-1001003", + "CVE-2017-1001004", + "CVE-2017-1002150", + "CVE-2018-1098", + "CVE-2018-1099", + "CVE-2018-1260", + "CVE-2018-1261", + "CVE-2018-1263", + "CVE-2018-1309", + "CVE-2018-1320", + "CVE-2018-3712", + "CVE-2018-3714", + "CVE-2018-3721", + "CVE-2018-3726", + "CVE-2018-3731", + "CVE-2018-3733", + "CVE-2018-3740", + "CVE-2018-3741", + "CVE-2018-3750", + "CVE-2018-3759", + "CVE-2018-3769", + "CVE-2018-3774", + "CVE-2018-3778", + "CVE-2018-3786", + "CVE-2018-5968", + "CVE-2018-6333", + "CVE-2018-7260", + "CVE-2018-7560", + "CVE-2018-7651", + "CVE-2018-7753", + "CVE-2018-8013", + "CVE-2018-8128", + "CVE-2018-8177", + "CVE-2018-8178", + "CVE-2018-8381", + "CVE-2018-8390", + "CVE-2018-9109", + "CVE-2018-9110", + "CVE-2018-9206", + "CVE-2018-10092", + "CVE-2018-10094", + "CVE-2018-10095", + "CVE-2018-10188", + "CVE-2018-10903", + "CVE-2018-11093", + "CVE-2018-11771", + "CVE-2018-11798", + "CVE-2018-12043", + "CVE-2018-12418", + "CVE-2018-12541", + "CVE-2018-12557", + "CVE-2018-12615", + "CVE-2018-12976", + "CVE-2018-13447", + "CVE-2018-13448", + "CVE-2018-13449", + "CVE-2018-13450", + "CVE-2018-13797", + "CVE-2018-14041", + "CVE-2018-14637", + "CVE-2018-14718", + "CVE-2018-14719", + "CVE-2018-14720", + "CVE-2018-14721", + "CVE-2018-14840", + "CVE-2018-15178", + "CVE-2018-15531", + "CVE-2018-16329", + "CVE-2018-16459", + "CVE-2018-16462", + "CVE-2018-16470", + "CVE-2018-16472", + "CVE-2018-16490", + "CVE-2018-16492", + "CVE-2018-17104", + "CVE-2018-17187", + "CVE-2018-17193", + "CVE-2018-17194", + "CVE-2018-17195", + "CVE-2018-17197", + "CVE-2018-18389", + "CVE-2018-18476", + "CVE-2018-19360", + "CVE-2018-19361", + "CVE-2018-19362", + "CVE-2018-19992", + "CVE-2018-19993", + "CVE-2018-19994", + "CVE-2018-20028", + "CVE-2018-20059", + "CVE-2018-20433", + "CVE-2018-20594", + "CVE-2018-20595", + "CVE-2018-20677", + "CVE-2018-20835", + "CVE-2018-20962", + "CVE-2018-1000013", + "CVE-2018-1000014", + "CVE-2018-1000089", + "CVE-2018-1000119", + "CVE-2018-1000129", + "CVE-2018-1000134", + "CVE-2018-1000164", + "CVE-2018-1000518", + "CVE-2018-1000531", + "CVE-2018-1000538", + "CVE-2018-1000620", + "CVE-2018-1000632", + "CVE-2018-1000805", + "CVE-2018-1000807", + "CVE-2018-1000808", + "CVE-2018-1000814", + "CVE-2018-1000843", + "CVE-2018-1000850", + "CVE-2018-1000888", + "CVE-2018-1002201", + "CVE-2018-1002207", + "CVE-2018-1002208", + "CVE-2019-0911", + "CVE-2019-0912", + "CVE-2019-0917", + "CVE-2019-0922", + "CVE-2019-0924", + "CVE-2019-0925", + "CVE-2019-0933", + "CVE-2019-1052", + "CVE-2019-1062", + "CVE-2019-1092", + "CVE-2019-1103", + "CVE-2019-1106", + "CVE-2019-1107", + "CVE-2019-1139", + "CVE-2019-1195", + "CVE-2019-1197", + "CVE-2019-3564", + "CVE-2019-5413", + "CVE-2019-5484", + "CVE-2019-5884", + "CVE-2019-6798", + "CVE-2019-7617", + "CVE-2019-7722", + "CVE-2019-8331", + "CVE-2019-9212", + "CVE-2019-9658", + "CVE-2019-9844", + "CVE-2019-10131", + "CVE-2019-10217", + "CVE-2019-10240", + "CVE-2019-10248", + "CVE-2019-10642", + "CVE-2019-10643", + "CVE-2019-10745", + "CVE-2019-10748", + "CVE-2019-10750", + "CVE-2019-10760", + "CVE-2019-10762", + "CVE-2019-10764", + "CVE-2019-10767", + "CVE-2019-10776", + "CVE-2019-10778", + "CVE-2019-10780", + "CVE-2019-10787", + "CVE-2019-10792", + "CVE-2019-10793", + "CVE-2019-10795", + "CVE-2019-10797", + "CVE-2019-10799", + "CVE-2019-10904", + "CVE-2019-11272", + "CVE-2019-11358", + "CVE-2019-11512", + "CVE-2019-11514", + "CVE-2019-11767", + "CVE-2019-11768", + "CVE-2019-11777", + "CVE-2019-12277", + "CVE-2019-12404", + "CVE-2019-12407", + "CVE-2019-12616", + "CVE-2019-12741", + "CVE-2019-12814", + "CVE-2019-13127", + "CVE-2019-13135", + "CVE-2019-13173", + "CVE-2019-13209", + "CVE-2019-13295", + "CVE-2019-13574", + "CVE-2019-13644", + "CVE-2019-14540", + "CVE-2019-14668", + "CVE-2019-14669", + "CVE-2019-14671", + "CVE-2019-14672", + "CVE-2019-14751", + "CVE-2019-14863", + "CVE-2019-14893", + "CVE-2019-14980", + "CVE-2019-15481", + "CVE-2019-15532", + "CVE-2019-15657", + "CVE-2019-15658", + "CVE-2019-16197", + "CVE-2019-16317", + "CVE-2019-16318", + "CVE-2019-16335", + "CVE-2019-16676", + "CVE-2019-16763", + "CVE-2019-16766", + "CVE-2019-16769", + "CVE-2019-16771", + "CVE-2019-16778", + "CVE-2019-16779", + "CVE-2019-16784", + "CVE-2019-16785", + "CVE-2019-16786", + "CVE-2019-16789", + "CVE-2019-16792", + "CVE-2019-17267", + "CVE-2019-17513", + "CVE-2019-17531", + "CVE-2019-17541", + "CVE-2019-17592", + "CVE-2019-18622", + "CVE-2019-18656", + "CVE-2019-18848", + "CVE-2019-18857", + "CVE-2019-18874", + "CVE-2019-18889", + "CVE-2019-18978", + "CVE-2019-18982", + "CVE-2019-18985", + "CVE-2019-18986", + "CVE-2019-19010", + "CVE-2019-19212", + "CVE-2019-19275", + "CVE-2019-19576", + "CVE-2019-19619", + "CVE-2019-19687", + "CVE-2019-19703", + "CVE-2019-19794", + "CVE-2019-20330", + "CVE-2019-1000005", + "CVE-2019-1000021", + "CVE-2019-1010266", + "CVE-2019-1020012", + "CVE-2020-1747", + "CVE-2020-1928", + "CVE-2020-5224", + "CVE-2020-5227", + "CVE-2020-5229", + "CVE-2020-5236", + "CVE-2020-5249", + "CVE-2020-5390", + "CVE-2020-5529", + "CVE-2020-7597", + "CVE-2020-7981", + "CVE-2020-8125", + "CVE-2020-8131", + "CVE-2020-9283", + "CVE-2020-10236", + "CVE-2020-10591", + "CVE-2020-10672", + "CVE-2020-10673" + ], + "medium": [ + "CVE-2013-3567", + "CVE-2013-4002", + "CVE-2014-5277", + "CVE-2014-7189", + "CVE-2016-10100", + "CVE-2016-10574", + "CVE-2017-2638", + "CVE-2017-12622", + "CVE-2017-1000451", + "CVE-2018-3738", + "CVE-2018-6591", + "CVE-2019-0207", + "CVE-2019-3772", + "CVE-2019-10089", + "CVE-2019-10090", + "CVE-2019-10756", + "CVE-2019-10757", + "CVE-2020-9281" + ], + "low": [ + "CVE-2016-4438", + "CVE-2016-10543", + "CVE-2016-10564", + "CVE-2016-10569", + "CVE-2017-7688", + "CVE-2019-10077" + ], + "not_found": [ + "CVE-2012-0881", + "CVE-2014-7143", + "CVE-2015-0250", + "CVE-2015-3627", + "CVE-2016-9962", + "CVE-2018-1196", + "CVE-2018-7576", + "CVE-2018-8031", + "CVE-2019-0219", + "CVE-2019-3792", + "CVE-2019-14537" + ], + "not_reported": [ + "CVE-2010-2245", + "CVE-2011-2730", + "CVE-2013-0248", + "CVE-2013-4204", + "CVE-2013-4286", + "CVE-2013-4322", + "CVE-2013-6235", + "CVE-2014-0050", + "CVE-2016-8739", + "CVE-2016-10532", + "CVE-2016-10562", + "CVE-2016-10566", + "CVE-2016-10567", + "CVE-2016-10568", + "CVE-2016-10570", + "CVE-2016-10571", + "CVE-2016-10572", + "CVE-2016-10573", + "CVE-2016-10576", + "CVE-2016-10586", + "CVE-2016-10587", + "CVE-2016-10588", + "CVE-2016-10626", + "CVE-2017-4971", + "CVE-2017-5638", + "CVE-2017-8046", + "CVE-2017-16029", + "CVE-2017-16083", + "CVE-2017-16084", + "CVE-2017-16107", + "CVE-2017-1000431", + "CVE-2018-3757", + "CVE-2018-6341", + "CVE-2018-6873", + "CVE-2018-8026", + "CVE-2018-14732", + "CVE-2018-16485", + "CVE-2018-17184", + "CVE-2018-20094", + "CVE-2019-5444", + "CVE-2019-5479", + "CVE-2019-10771", + "CVE-2019-10777", + "CVE-2019-12405" + ], + "false_positive": [ + "CVE-2010-0156", + "CVE-2010-0684", + "CVE-2010-2076", + "CVE-2010-4534", + "CVE-2010-4535", + "CVE-2010-5142", + "CVE-2011-1772", + "CVE-2011-2732", + "CVE-2011-2929", + "CVE-2011-2930", + "CVE-2011-2931", + "CVE-2011-2932", + "CVE-2011-3848", + "CVE-2011-3869", + "CVE-2011-3870", + "CVE-2011-3871", + "CVE-2011-3872", + "CVE-2011-4104", + "CVE-2011-4838", + "CVE-2011-5036", + "CVE-2011-5097", + "CVE-2011-5098", + "CVE-2012-0392", + "CVE-2012-0394", + "CVE-2012-1054", + "CVE-2012-1098", + "CVE-2012-1099", + "CVE-2012-1906", + "CVE-2012-1986", + "CVE-2012-1987", + "CVE-2012-2098", + "CVE-2012-2139", + "CVE-2012-2379", + "CVE-2012-2660", + "CVE-2012-2661", + "CVE-2012-3451", + "CVE-2012-3865", + "CVE-2012-3867", + "CVE-2012-4386", + "CVE-2012-4387", + "CVE-2012-4449", + "CVE-2012-4520", + "CVE-2012-5055", + "CVE-2012-5633", + "CVE-2012-6662", + "CVE-2012-6684", + "CVE-2012-6685", + "CVE-2012-6708", + "CVE-2013-0262", + "CVE-2013-0263", + "CVE-2013-0285", + "CVE-2013-1654", + "CVE-2013-1812", + "CVE-2013-2115", + "CVE-2013-2132", + "CVE-2013-2134", + "CVE-2013-2135", + "CVE-2013-2254", + "CVE-2013-2275", + "CVE-2013-4152", + "CVE-2013-4249", + "CVE-2013-4251", + "CVE-2013-4353", + "CVE-2013-4428", + "CVE-2013-4477", + "CVE-2013-4761", + "CVE-2013-5093", + "CVE-2013-5123", + "CVE-2013-6044", + "CVE-2013-6348", + "CVE-2013-6429", + "CVE-2013-6430", + "CVE-2013-7315", + "CVE-2013-7370", + "CVE-2013-7397", + "CVE-2013-7398", + "CVE-2014-0012", + "CVE-2014-0014", + "CVE-2014-0035", + "CVE-2014-0075", + "CVE-2014-0086", + "CVE-2014-0097", + "CVE-2014-0107", + "CVE-2014-0109", + "CVE-2014-0110", + "CVE-2014-0116", + "CVE-2014-0193", + "CVE-2014-0224", + "CVE-2014-0225", + "CVE-2014-0228", + "CVE-2014-1402", + "CVE-2014-1829", + "CVE-2014-1830", + "CVE-2014-1832", + "CVE-2014-1858", + "CVE-2014-1859", + "CVE-2014-1869", + "CVE-2014-1932", + "CVE-2014-1933", + "CVE-2014-2053", + "CVE-2014-2235", + "CVE-2014-2538", + "CVE-2014-3007", + "CVE-2014-3505", + "CVE-2014-3506", + "CVE-2014-3509", + "CVE-2014-3511", + "CVE-2014-3572", + "CVE-2014-3578", + "CVE-2014-3600", + "CVE-2014-3625", + "CVE-2014-3630", + "CVE-2014-3709", + "CVE-2014-3994", + "CVE-2014-4172", + "CVE-2014-4658", + "CVE-2014-4678", + "CVE-2014-7202", + "CVE-2014-7203", + "CVE-2014-7205", + "CVE-2014-8176", + "CVE-2014-8547", + "CVE-2014-8548", + "CVE-2014-8549", + "CVE-2014-8650", + "CVE-2014-8991", + "CVE-2014-9720", + "CVE-2014-10068", + "CVE-2014-10077", + "CVE-2015-0204", + "CVE-2015-0205", + "CVE-2015-0206", + "CVE-2015-0208", + "CVE-2015-0209", + "CVE-2015-0286", + "CVE-2015-0287", + "CVE-2015-0288", + "CVE-2015-0289", + "CVE-2015-0290", + "CVE-2015-0292", + "CVE-2015-0293", + "CVE-2015-1208", + "CVE-2015-1788", + "CVE-2015-1789", + "CVE-2015-1791", + "CVE-2015-1792", + "CVE-2015-1793", + "CVE-2015-1830", + "CVE-2015-2068", + "CVE-2015-2156", + "CVE-2015-2296", + "CVE-2015-2912", + "CVE-2015-2913", + "CVE-2015-3010", + "CVE-2015-3192", + "CVE-2015-3193", + "CVE-2015-3195", + "CVE-2015-3196", + "CVE-2015-3197", + "CVE-2015-3253", + "CVE-2015-3395", + "CVE-2015-3996", + "CVE-2015-4053", + "CVE-2015-4706", + "CVE-2015-5159", + "CVE-2015-5207", + "CVE-2015-5211", + "CVE-2015-5241", + "CVE-2015-5250", + "CVE-2015-5253", + "CVE-2015-5254", + "CVE-2015-5305", + "CVE-2015-5344", + "CVE-2015-5349", + "CVE-2015-5607", + "CVE-2015-6748", + "CVE-2015-6818", + "CVE-2015-6821", + "CVE-2015-6822", + "CVE-2015-6823", + "CVE-2015-6824", + "CVE-2015-6918", + "CVE-2015-7314", + "CVE-2015-7315", + "CVE-2015-7316", + "CVE-2015-7528", + "CVE-2015-7559", + "CVE-2015-8213", + "CVE-2015-8216", + "CVE-2015-8217", + "CVE-2015-8218", + "CVE-2015-8618", + "CVE-2015-8748", + "CVE-2015-8861", + "CVE-2015-8968", + "CVE-2015-9243", + "CVE-2015-9251", + "CVE-2016-0762", + "CVE-2016-1905", + "CVE-2016-2108", + "CVE-2016-2160", + "CVE-2016-2177", + "CVE-2016-2512", + "CVE-2016-2513", + "CVE-2016-2788", + "CVE-2016-3081", + "CVE-2016-3092", + "CVE-2016-3094", + "CVE-2016-3959", + "CVE-2016-4009", + "CVE-2016-4055", + "CVE-2016-4425", + "CVE-2016-4465", + "CVE-2016-4855", + "CVE-2016-4970", + "CVE-2016-4972", + "CVE-2016-5388", + "CVE-2016-6186", + "CVE-2016-6304", + "CVE-2016-6519", + "CVE-2016-6580", + "CVE-2016-6581", + "CVE-2016-6652", + "CVE-2016-6793", + "CVE-2016-6794", + "CVE-2016-6796", + "CVE-2016-6797", + "CVE-2016-6801", + "CVE-2016-6814", + "CVE-2016-6816", + "CVE-2016-6817", + "CVE-2016-6823", + "CVE-2016-7036", + "CVE-2016-7569", + "CVE-2016-8568", + "CVE-2016-8569", + "CVE-2016-8579", + "CVE-2016-8610", + "CVE-2016-8629", + "CVE-2016-8640", + "CVE-2016-8745", + "CVE-2016-8747", + "CVE-2016-8750", + "CVE-2016-8867", + "CVE-2016-9015", + "CVE-2016-9121", + "CVE-2016-9122", + "CVE-2016-9189", + "CVE-2016-9190", + "CVE-2016-9243", + "CVE-2016-9814", + "CVE-2016-9878", + "CVE-2016-9879", + "CVE-2016-10033", + "CVE-2016-10127", + "CVE-2016-10129", + "CVE-2016-10190", + "CVE-2016-10191", + "CVE-2016-10192", + "CVE-2016-10193", + "CVE-2016-10526", + "CVE-2016-10538", + "CVE-2016-10542", + "CVE-2016-10550", + "CVE-2016-10555", + "CVE-2016-10557", + "CVE-2016-10579", + "CVE-2016-10582", + "CVE-2016-10745", + "CVE-2016-10750", + "CVE-2016-1000232", + "CVE-2016-1000282", + "CVE-2017-0224", + "CVE-2017-0905", + "CVE-2017-0906", + "CVE-2017-0907", + "CVE-2017-0909", + "CVE-2017-0929", + "CVE-2017-2582", + "CVE-2017-2592", + "CVE-2017-2649", + "CVE-2017-2670", + "CVE-2017-3156", + "CVE-2017-4952", + "CVE-2017-4995", + "CVE-2017-5537", + "CVE-2017-5594", + "CVE-2017-5637", + "CVE-2017-5954", + "CVE-2017-7481", + "CVE-2017-7525", + "CVE-2017-7536", + "CVE-2017-7545", + "CVE-2017-7653", + "CVE-2017-7657", + "CVE-2017-7660", + "CVE-2017-7661", + "CVE-2017-7662", + "CVE-2017-7666", + "CVE-2017-7675", + "CVE-2017-7860", + "CVE-2017-7861", + "CVE-2017-7957", + "CVE-2017-8045", + "CVE-2017-8109", + "CVE-2017-8342", + "CVE-2017-8359", + "CVE-2017-9096", + "CVE-2017-9214", + "CVE-2017-9265", + "CVE-2017-9841", + "CVE-2017-10910", + "CVE-2017-11424", + "CVE-2017-11428", + "CVE-2017-11503", + "CVE-2017-11610", + "CVE-2017-12158", + "CVE-2017-12159", + "CVE-2017-12160", + "CVE-2017-12605", + "CVE-2017-12624", + "CVE-2017-12629", + "CVE-2017-12631", + "CVE-2017-12868", + "CVE-2017-12873", + "CVE-2017-14063", + "CVE-2017-14136", + "CVE-2017-14506", + "CVE-2017-14623", + "CVE-2017-14683", + "CVE-2017-15103", + "CVE-2017-15288", + "CVE-2017-15612", + "CVE-2017-15720", + "CVE-2017-15914", + "CVE-2017-16006", + "CVE-2017-16010", + "CVE-2017-16018", + "CVE-2017-16026", + "CVE-2017-16031", + "CVE-2017-16138", + "CVE-2017-16558", + "CVE-2017-16570", + "CVE-2017-16759", + "CVE-2017-16762", + "CVE-2017-16792", + "CVE-2017-17485", + "CVE-2017-17760", + "CVE-2017-17835", + "CVE-2017-17837", + "CVE-2017-18076", + "CVE-2017-18077", + "CVE-2017-18361", + "CVE-2017-18635", + "CVE-2017-1000001", + "CVE-2017-1000042", + "CVE-2017-1000056", + "CVE-2017-1000069", + "CVE-2017-1000070", + "CVE-2017-1000209", + "CVE-2017-1000246", + "CVE-2017-1000248", + "CVE-2017-1000427", + "CVE-2017-1000433", + "CVE-2017-1000450", + "CVE-2018-0737", + "CVE-2018-0953", + "CVE-2018-1067", + "CVE-2018-1114", + "CVE-2018-1193", + "CVE-2018-1199", + "CVE-2018-1259", + "CVE-2018-1272", + "CVE-2018-1273", + "CVE-2018-1274", + "CVE-2018-1284", + "CVE-2018-1304", + "CVE-2018-1314", + "CVE-2018-1336", + "CVE-2018-1339", + "CVE-2018-3711", + "CVE-2018-3728", + "CVE-2018-3743", + "CVE-2018-3758", + "CVE-2018-3777", + "CVE-2018-5773", + "CVE-2018-6517", + "CVE-2018-6596", + "CVE-2018-7212", + "CVE-2018-7489", + "CVE-2018-7575", + "CVE-2018-7711", + "CVE-2018-7750", + "CVE-2018-8006", + "CVE-2018-8008", + "CVE-2018-8009", + "CVE-2018-8014", + "CVE-2018-8017", + "CVE-2018-8025", + "CVE-2018-8027", + "CVE-2018-8030", + "CVE-2018-8037", + "CVE-2018-8038", + "CVE-2018-8039", + "CVE-2018-8088", + "CVE-2018-8097", + "CVE-2018-8315", + "CVE-2018-8359", + "CVE-2018-8416", + "CVE-2018-8465", + "CVE-2018-8473", + "CVE-2018-8510", + "CVE-2018-8541", + "CVE-2018-8899", + "CVE-2018-9856", + "CVE-2018-10237", + "CVE-2018-10862", + "CVE-2018-10912", + "CVE-2018-11039", + "CVE-2018-11040", + "CVE-2018-11087", + "CVE-2018-11248", + "CVE-2018-11307", + "CVE-2018-11627", + "CVE-2018-11647", + "CVE-2018-11758", + "CVE-2018-11761", + "CVE-2018-11762", + "CVE-2018-11775", + "CVE-2018-11777", + "CVE-2018-11784", + "CVE-2018-11786", + "CVE-2018-11787", + "CVE-2018-11788", + "CVE-2018-11797", + "CVE-2018-12022", + "CVE-2018-12023", + "CVE-2018-12537", + "CVE-2018-12540", + "CVE-2018-12544", + "CVE-2018-12608", + "CVE-2018-13790", + "CVE-2018-13863", + "CVE-2018-14040", + "CVE-2018-14042", + "CVE-2018-14371", + "CVE-2018-14574", + "CVE-2018-14635", + "CVE-2018-14642", + "CVE-2018-14731", + "CVE-2018-14774", + "CVE-2018-15727", + "CVE-2018-15756", + "CVE-2018-15758", + "CVE-2018-16468", + "CVE-2018-16471", + "CVE-2018-16733", + "CVE-2018-16837", + "CVE-2018-16859", + "CVE-2018-16876", + "CVE-2018-16886", + "CVE-2018-16984", + "CVE-2018-17057", + "CVE-2018-17175", + "CVE-2018-17246", + "CVE-2018-18074", + "CVE-2018-18206", + "CVE-2018-18854", + "CVE-2018-18893", + "CVE-2018-18926", + "CVE-2018-19133", + "CVE-2018-19351", + "CVE-2018-19352", + "CVE-2018-19370", + "CVE-2018-19620", + "CVE-2018-19787", + "CVE-2018-20000", + "CVE-2018-20227", + "CVE-2018-20745", + "CVE-2018-20756", + "CVE-2018-20834", + "CVE-2018-20975", + "CVE-2018-1000060", + "CVE-2018-1000088", + "CVE-2018-1000096", + "CVE-2018-1000118", + "CVE-2018-1000159", + "CVE-2018-1000539", + "CVE-2018-1000559", + "CVE-2018-1000613", + "CVE-2018-1000644", + "CVE-2018-1000665", + "CVE-2018-1000803", + "CVE-2018-1000809", + "CVE-2018-1000820", + "CVE-2018-1000822", + "CVE-2018-1000854", + "CVE-2018-1000855", + "CVE-2018-1000872", + "CVE-2018-1002101", + "CVE-2018-1002105", + "CVE-2018-1002150", + "CVE-2018-1002200", + "CVE-2018-1002203", + "CVE-2018-1002204", + "CVE-2018-1002205", + "CVE-2019-0194", + "CVE-2019-0201", + "CVE-2019-0210", + "CVE-2019-0226", + "CVE-2019-0228", + "CVE-2019-1001", + "CVE-2019-1552", + "CVE-2019-3465", + "CVE-2019-3498", + "CVE-2019-3774", + "CVE-2019-3799", + "CVE-2019-3808", + "CVE-2019-3810", + "CVE-2019-3847", + "CVE-2019-3850", + "CVE-2019-3888", + "CVE-2019-3894", + "CVE-2019-5018", + "CVE-2019-5421", + "CVE-2019-5448", + "CVE-2019-5477", + "CVE-2019-6802", + "CVE-2019-6975", + "CVE-2019-7313", + "CVE-2019-7537", + "CVE-2019-7644", + "CVE-2019-8903", + "CVE-2019-9153", + "CVE-2019-9154", + "CVE-2019-9155", + "CVE-2019-9512", + "CVE-2019-9826", + "CVE-2019-9942", + "CVE-2019-10071", + "CVE-2019-10072", + "CVE-2019-10086", + "CVE-2019-10094", + "CVE-2019-10158", + "CVE-2019-10174", + "CVE-2019-10184", + "CVE-2019-10206", + "CVE-2019-10219", + "CVE-2019-10246", + "CVE-2019-10247", + "CVE-2019-10249", + "CVE-2019-10255", + "CVE-2019-10354", + "CVE-2019-10641", + "CVE-2019-10754", + "CVE-2019-10763", + "CVE-2019-10766", + "CVE-2019-10768", + "CVE-2019-10770", + "CVE-2019-10773", + "CVE-2019-10774", + "CVE-2019-10806", + "CVE-2019-10874", + "CVE-2019-10912", + "CVE-2019-11016", + "CVE-2019-11082", + "CVE-2019-11244", + "CVE-2019-11245", + "CVE-2019-11269", + "CVE-2019-11289", + "CVE-2019-11325", + "CVE-2019-11328", + "CVE-2019-11405", + "CVE-2019-11458", + "CVE-2019-11470", + "CVE-2019-11808", + "CVE-2019-12041", + "CVE-2019-12086", + "CVE-2019-12203", + "CVE-2019-12245", + "CVE-2019-12308", + "CVE-2019-12313", + "CVE-2019-12387", + "CVE-2019-12418", + "CVE-2019-12419", + "CVE-2019-12422", + "CVE-2019-12423", + "CVE-2019-12617", + "CVE-2019-12748", + "CVE-2019-12781", + "CVE-2019-14262", + "CVE-2019-14280", + "CVE-2019-14838", + "CVE-2019-14892", + "CVE-2019-14933", + "CVE-2019-15062", + "CVE-2019-15477", + "CVE-2019-15482", + "CVE-2019-15483", + "CVE-2019-15484", + "CVE-2019-15485", + "CVE-2019-15486", + "CVE-2019-15587", + "CVE-2019-15599", + "CVE-2019-15608", + "CVE-2019-15782", + "CVE-2019-16060", + "CVE-2019-16097", + "CVE-2019-16145", + "CVE-2019-16403", + "CVE-2019-16768", + "CVE-2019-16770", + "CVE-2019-16772", + "CVE-2019-16774", + "CVE-2019-16782", + "CVE-2019-16869", + "CVE-2019-16884", + "CVE-2019-16942", + "CVE-2019-16943", + "CVE-2019-17206", + "CVE-2019-17223", + "CVE-2019-17359", + "CVE-2019-17383", + "CVE-2019-17426", + "CVE-2019-17554", + "CVE-2019-17563", + "CVE-2019-17569", + "CVE-2019-17632", + "CVE-2019-18841", + "CVE-2019-18886", + "CVE-2019-18887", + "CVE-2019-18888", + "CVE-2019-18923", + "CVE-2019-18954", + "CVE-2019-19118", + "CVE-2019-19274", + "CVE-2019-19316", + "CVE-2019-19325", + "CVE-2019-19844", + "CVE-2019-19919", + "CVE-2019-20444", + "CVE-2019-1000007", + "CVE-2019-1002101", + "CVE-2019-1010142", + "CVE-2019-1010306", + "CVE-2020-1935", + "CVE-2020-1937", + "CVE-2020-1938", + "CVE-2020-1940", + "CVE-2020-5215", + "CVE-2020-5223", + "CVE-2020-5230", + "CVE-2020-5233", + "CVE-2020-5237", + "CVE-2020-5243", + "CVE-2020-5245", + "CVE-2020-5247", + "CVE-2020-5310", + "CVE-2020-5311", + "CVE-2020-5312", + "CVE-2020-5313", + "CVE-2020-5398", + "CVE-2020-6802", + "CVE-2020-6816", + "CVE-2020-7212", + "CVE-2020-7219", + "CVE-2020-7596", + "CVE-2020-7598", + "CVE-2020-7608", + "CVE-2020-8116", + "CVE-2020-8134", + "CVE-2020-8840", + "CVE-2020-8945", + "CVE-2020-9402", + "CVE-2020-9546", + "CVE-2020-9547", + "CVE-2020-9548", + "CVE-2020-10594" + ], + "aborted": [ + "CVE-2009-0217", + "CVE-2015-1169", + "CVE-2015-3208", + "CVE-2015-6826", + "CVE-2015-7577", + "CVE-2016-5386", + "CVE-2017-5643", + "CVE-2017-8658", + "CVE-2017-14695", + "CVE-2018-10055", + "CVE-2018-11804", + "CVE-2018-20713", + "CVE-2018-1002102", + "CVE-2019-10154" + ], + "missing": [ + "CVE-2009-0217", + "CVE-2015-1169", + "CVE-2015-3208", + "CVE-2015-6826", + "CVE-2015-7577", + "CVE-2016-5386", + "CVE-2017-5643", + "CVE-2017-8658", + "CVE-2017-14695", + "CVE-2018-10055", + "CVE-2018-11804", + "CVE-2018-20713", + "CVE-2018-1002102", + "CVE-2019-10154" + ] + } + } + ] +} \ No newline at end of file diff --git a/prospector/evaluation/data/results/summary_execution_mvi_without_llm.json b/prospector/evaluation/data/results/summary_execution_mvi_without_llm.json new file mode 100644 index 000000000..f392c7e19 --- /dev/null +++ b/prospector/evaluation/data/results/summary_execution_mvi_without_llm.json @@ -0,0 +1,1996 @@ +{ + "summary_execution_details": [ + { + "timestamp": "30-08-2024, 09:46", + "results": { + "high": [ + "CVE-2010-5312", + "CVE-2011-2765", + "CVE-2011-3186", + "CVE-2011-4030", + "CVE-2011-4461", + "CVE-2012-1109", + "CVE-2012-1176", + "CVE-2012-2417", + "CVE-2012-3366", + "CVE-2012-3408", + "CVE-2012-3458", + "CVE-2012-6550", + "CVE-2013-0256", + "CVE-2013-0294", + "CVE-2013-1800", + "CVE-2013-1801", + "CVE-2013-1879", + "CVE-2013-1880", + "CVE-2013-2013", + "CVE-2013-2035", + "CVE-2013-2191", + "CVE-2013-3300", + "CVE-2013-4116", + "CVE-2013-4413", + "CVE-2013-4562", + "CVE-2013-4701", + "CVE-2013-6465", + "CVE-2013-7378", + "CVE-2013-7459", + "CVE-2014-0072", + "CVE-2014-0073", + "CVE-2014-0120", + "CVE-2014-0121", + "CVE-2014-0160", + "CVE-2014-0177", + "CVE-2014-1202", + "CVE-2014-1403", + "CVE-2014-1604", + "CVE-2014-1904", + "CVE-2014-3120", + "CVE-2014-3488", + "CVE-2014-3579", + "CVE-2014-3599", + "CVE-2014-3612", + "CVE-2014-3741", + "CVE-2014-3995", + "CVE-2014-4657", + "CVE-2014-6394", + "CVE-2014-7192", + "CVE-2014-7193", + "CVE-2014-8115", + "CVE-2014-8152", + "CVE-2014-8681", + "CVE-2014-8682", + "CVE-2014-9130", + "CVE-2014-9489", + "CVE-2014-9682", + "CVE-2014-9721", + "CVE-2015-0276", + "CVE-2015-0838", + "CVE-2015-0846", + "CVE-2015-1326", + "CVE-2015-1782", + "CVE-2015-1838", + "CVE-2015-3206", + "CVE-2015-3220", + "CVE-2015-4082", + "CVE-2015-4410", + "CVE-2015-4412", + "CVE-2015-4619", + "CVE-2015-5081", + "CVE-2015-5147", + "CVE-2015-6584", + "CVE-2015-7294", + "CVE-2015-7337", + "CVE-2015-7541", + "CVE-2015-7809", + "CVE-2015-8309", + "CVE-2015-8310", + "CVE-2015-8747", + "CVE-2015-8814", + "CVE-2015-8854", + "CVE-2015-9235", + "CVE-2015-9241", + "CVE-2016-0750", + "CVE-2016-1505", + "CVE-2016-2166", + "CVE-2016-2537", + "CVE-2016-3114", + "CVE-2016-3693", + "CVE-2016-3720", + "CVE-2016-4442", + "CVE-2016-4562", + "CVE-2016-4563", + "CVE-2016-4564", + "CVE-2016-4974", + "CVE-2016-5007", + "CVE-2016-5104", + "CVE-2016-5180", + "CVE-2016-5431", + "CVE-2016-5697", + "CVE-2016-5841", + "CVE-2016-5842", + "CVE-2016-5851", + "CVE-2016-6298", + "CVE-2016-7528", + "CVE-2016-9298", + "CVE-2016-9909", + "CVE-2016-9910", + "CVE-2016-10149", + "CVE-2016-10173", + "CVE-2016-10345", + "CVE-2016-10522", + "CVE-2016-10524", + "CVE-2016-10531", + "CVE-2016-10536", + "CVE-2016-10540", + "CVE-2016-10544", + "CVE-2016-10554", + "CVE-2016-10556", + "CVE-2016-10577", + "CVE-2016-10703", + "CVE-2016-1000236", + "CVE-2016-1000338", + "CVE-2016-1000340", + "CVE-2016-1000343", + "CVE-2016-1000344", + "CVE-2017-0904", + "CVE-2017-2809", + "CVE-2017-3204", + "CVE-2017-5209", + "CVE-2017-5545", + "CVE-2017-5591", + "CVE-2017-5645", + "CVE-2017-5934", + "CVE-2017-5936", + "CVE-2017-5946", + "CVE-2017-7540", + "CVE-2017-7654", + "CVE-2017-7656", + "CVE-2017-8028", + "CVE-2017-8418", + "CVE-2017-8932", + "CVE-2017-11173", + "CVE-2017-11427", + "CVE-2017-11905", + "CVE-2017-11910", + "CVE-2017-12098", + "CVE-2017-12867", + "CVE-2017-12871", + "CVE-2017-13098", + "CVE-2017-14619", + "CVE-2017-14735", + "CVE-2017-15051", + "CVE-2017-15052", + "CVE-2017-15053", + "CVE-2017-15054", + "CVE-2017-15055", + "CVE-2017-15133", + "CVE-2017-15278", + "CVE-2017-15703", + "CVE-2017-15728", + "CVE-2017-15729", + "CVE-2017-15730", + "CVE-2017-15731", + "CVE-2017-15733", + "CVE-2017-15734", + "CVE-2017-15735", + "CVE-2017-15808", + "CVE-2017-15809", + "CVE-2017-15879", + "CVE-2017-15928", + "CVE-2017-16003", + "CVE-2017-16008", + "CVE-2017-16013", + "CVE-2017-16014", + "CVE-2017-16015", + "CVE-2017-16016", + "CVE-2017-16017", + "CVE-2017-16023", + "CVE-2017-16025", + "CVE-2017-16042", + "CVE-2017-16136", + "CVE-2017-16226", + "CVE-2017-16228", + "CVE-2017-16244", + "CVE-2017-16613", + "CVE-2017-16615", + "CVE-2017-16616", + "CVE-2017-16618", + "CVE-2017-16876", + "CVE-2017-16877", + "CVE-2017-16880", + "CVE-2017-17042", + "CVE-2017-18239", + "CVE-2017-18367", + "CVE-2017-1000188", + "CVE-2017-1000189", + "CVE-2017-1000228", + "CVE-2017-1000486", + "CVE-2017-1000487", + "CVE-2017-1000491", + "CVE-2017-1001002", + "CVE-2017-1001003", + "CVE-2017-1001004", + "CVE-2017-1002150", + "CVE-2018-1098", + "CVE-2018-1099", + "CVE-2018-1309", + "CVE-2018-1320", + "CVE-2018-3712", + "CVE-2018-3715", + "CVE-2018-3721", + "CVE-2018-3726", + "CVE-2018-3732", + "CVE-2018-3733", + "CVE-2018-3740", + "CVE-2018-3741", + "CVE-2018-3750", + "CVE-2018-3759", + "CVE-2018-3769", + "CVE-2018-3774", + "CVE-2018-3778", + "CVE-2018-3786", + "CVE-2018-5968", + "CVE-2018-6333", + "CVE-2018-7260", + "CVE-2018-7408", + "CVE-2018-7560", + "CVE-2018-7651", + "CVE-2018-7753", + "CVE-2018-8013", + "CVE-2018-8016", + "CVE-2018-8128", + "CVE-2018-8177", + "CVE-2018-8178", + "CVE-2018-8381", + "CVE-2018-8390", + "CVE-2018-9109", + "CVE-2018-9110", + "CVE-2018-9206", + "CVE-2018-10092", + "CVE-2018-10094", + "CVE-2018-10095", + "CVE-2018-10188", + "CVE-2018-10366", + "CVE-2018-10903", + "CVE-2018-10936", + "CVE-2018-11093", + "CVE-2018-11771", + "CVE-2018-11798", + "CVE-2018-12043", + "CVE-2018-12418", + "CVE-2018-12541", + "CVE-2018-12557", + "CVE-2018-12615", + "CVE-2018-12976", + "CVE-2018-13447", + "CVE-2018-13448", + "CVE-2018-13449", + "CVE-2018-13450", + "CVE-2018-13797", + "CVE-2018-13818", + "CVE-2018-14041", + "CVE-2018-14718", + "CVE-2018-14719", + "CVE-2018-14720", + "CVE-2018-14721", + "CVE-2018-14840", + "CVE-2018-15178", + "CVE-2018-15531", + "CVE-2018-16329", + "CVE-2018-16470", + "CVE-2018-16472", + "CVE-2018-16492", + "CVE-2018-17104", + "CVE-2018-17187", + "CVE-2018-17193", + "CVE-2018-17194", + "CVE-2018-17195", + "CVE-2018-17419", + "CVE-2018-18389", + "CVE-2018-18476", + "CVE-2018-19048", + "CVE-2018-19184", + "CVE-2018-19360", + "CVE-2018-19361", + "CVE-2018-19362", + "CVE-2018-19992", + "CVE-2018-19993", + "CVE-2018-19994", + "CVE-2018-20028", + "CVE-2018-20059", + "CVE-2018-20433", + "CVE-2018-20594", + "CVE-2018-20595", + "CVE-2018-20677", + "CVE-2018-20801", + "CVE-2018-20835", + "CVE-2018-20962", + "CVE-2018-1000089", + "CVE-2018-1000119", + "CVE-2018-1000129", + "CVE-2018-1000134", + "CVE-2018-1000164", + "CVE-2018-1000518", + "CVE-2018-1000525", + "CVE-2018-1000531", + "CVE-2018-1000538", + "CVE-2018-1000620", + "CVE-2018-1000632", + "CVE-2018-1000805", + "CVE-2018-1000807", + "CVE-2018-1000808", + "CVE-2018-1000814", + "CVE-2018-1000843", + "CVE-2018-1000850", + "CVE-2018-1000888", + "CVE-2018-1002201", + "CVE-2018-1002207", + "CVE-2018-1002208", + "CVE-2018-1999024", + "CVE-2019-0911", + "CVE-2019-0912", + "CVE-2019-0917", + "CVE-2019-0922", + "CVE-2019-0924", + "CVE-2019-0925", + "CVE-2019-0933", + "CVE-2019-1052", + "CVE-2019-1062", + "CVE-2019-1092", + "CVE-2019-1103", + "CVE-2019-1106", + "CVE-2019-1107", + "CVE-2019-1139", + "CVE-2019-1195", + "CVE-2019-1196", + "CVE-2019-1197", + "CVE-2019-3564", + "CVE-2019-3826", + "CVE-2019-5413", + "CVE-2019-5484", + "CVE-2019-5884", + "CVE-2019-6798", + "CVE-2019-7164", + "CVE-2019-7548", + "CVE-2019-7722", + "CVE-2019-8457", + "CVE-2019-9658", + "CVE-2019-10131", + "CVE-2019-10157", + "CVE-2019-10217", + "CVE-2019-10241", + "CVE-2019-10248", + "CVE-2019-10642", + "CVE-2019-10643", + "CVE-2019-10682", + "CVE-2019-10749", + "CVE-2019-10751", + "CVE-2019-10752", + "CVE-2019-10762", + "CVE-2019-10767", + "CVE-2019-10776", + "CVE-2019-10781", + "CVE-2019-10787", + "CVE-2019-10792", + "CVE-2019-10793", + "CVE-2019-10795", + "CVE-2019-10799", + "CVE-2019-10867", + "CVE-2019-11272", + "CVE-2019-11358", + "CVE-2019-11512", + "CVE-2019-11514", + "CVE-2019-11768", + "CVE-2019-11777", + "CVE-2019-12277", + "CVE-2019-12402", + "CVE-2019-12616", + "CVE-2019-12741", + "CVE-2019-12814", + "CVE-2019-13127", + "CVE-2019-13135", + "CVE-2019-13173", + "CVE-2019-13295", + "CVE-2019-13574", + "CVE-2019-13644", + "CVE-2019-14540", + "CVE-2019-14668", + "CVE-2019-14669", + "CVE-2019-14671", + "CVE-2019-14672", + "CVE-2019-14751", + "CVE-2019-14806", + "CVE-2019-14837", + "CVE-2019-14862", + "CVE-2019-14863", + "CVE-2019-14893", + "CVE-2019-14980", + "CVE-2019-15481", + "CVE-2019-15532", + "CVE-2019-15658", + "CVE-2019-16317", + "CVE-2019-16318", + "CVE-2019-16335", + "CVE-2019-16676", + "CVE-2019-16761", + "CVE-2019-16762", + "CVE-2019-16763", + "CVE-2019-16766", + "CVE-2019-16769", + "CVE-2019-16771", + "CVE-2019-16778", + "CVE-2019-16779", + "CVE-2019-16784", + "CVE-2019-16785", + "CVE-2019-16786", + "CVE-2019-16789", + "CVE-2019-16792", + "CVE-2019-17267", + "CVE-2019-17496", + "CVE-2019-17513", + "CVE-2019-17531", + "CVE-2019-17541", + "CVE-2019-17592", + "CVE-2019-18622", + "CVE-2019-18656", + "CVE-2019-18848", + "CVE-2019-18857", + "CVE-2019-18874", + "CVE-2019-18978", + "CVE-2019-18981", + "CVE-2019-18982", + "CVE-2019-18985", + "CVE-2019-18986", + "CVE-2019-19010", + "CVE-2019-19275", + "CVE-2019-19507", + "CVE-2019-19576", + "CVE-2019-19619", + "CVE-2019-19687", + "CVE-2019-19703", + "CVE-2019-19794", + "CVE-2019-20330", + "CVE-2019-1000005", + "CVE-2019-1000021", + "CVE-2019-1020012", + "CVE-2020-1747", + "CVE-2020-1928", + "CVE-2020-5219", + "CVE-2020-5224", + "CVE-2020-5227", + "CVE-2020-5229", + "CVE-2020-5232", + "CVE-2020-5236", + "CVE-2020-5249", + "CVE-2020-5390", + "CVE-2020-5529", + "CVE-2020-6836", + "CVE-2020-7597", + "CVE-2020-7981", + "CVE-2020-8131", + "CVE-2020-9283", + "CVE-2020-10236", + "CVE-2020-10591", + "CVE-2020-10672", + "CVE-2020-10673" + ], + "COMMIT_IN_REFERENCE": [ + "CVE-2010-5312", + "CVE-2011-2765", + "CVE-2011-3186", + "CVE-2011-4030", + "CVE-2011-4461", + "CVE-2012-1109", + "CVE-2012-1176", + "CVE-2012-2417", + "CVE-2012-3366", + "CVE-2012-3408", + "CVE-2012-3458", + "CVE-2012-6550", + "CVE-2013-0256", + "CVE-2013-0294", + "CVE-2013-1800", + "CVE-2013-1801", + "CVE-2013-2013", + "CVE-2013-2035", + "CVE-2013-2191", + "CVE-2013-3300", + "CVE-2013-4116", + "CVE-2013-4413", + "CVE-2013-4562", + "CVE-2013-4701", + "CVE-2013-6465", + "CVE-2013-7378", + "CVE-2013-7459", + "CVE-2014-0072", + "CVE-2014-0073", + "CVE-2014-0120", + "CVE-2014-0121", + "CVE-2014-0160", + "CVE-2014-0177", + "CVE-2014-1202", + "CVE-2014-1403", + "CVE-2014-1604", + "CVE-2014-1904", + "CVE-2014-3120", + "CVE-2014-3488", + "CVE-2014-3579", + "CVE-2014-3599", + "CVE-2014-3741", + "CVE-2014-3995", + "CVE-2014-4657", + "CVE-2014-6394", + "CVE-2014-7192", + "CVE-2014-7193", + "CVE-2014-8115", + "CVE-2014-8681", + "CVE-2014-8682", + "CVE-2014-9130", + "CVE-2014-9489", + "CVE-2014-9682", + "CVE-2014-9721", + "CVE-2015-0846", + "CVE-2015-1326", + "CVE-2015-1838", + "CVE-2015-3206", + "CVE-2015-3220", + "CVE-2015-4082", + "CVE-2015-4410", + "CVE-2015-4412", + "CVE-2015-4619", + "CVE-2015-5081", + "CVE-2015-5147", + "CVE-2015-6584", + "CVE-2015-7294", + "CVE-2015-7337", + "CVE-2015-7541", + "CVE-2015-7809", + "CVE-2015-8309", + "CVE-2015-8310", + "CVE-2015-8747", + "CVE-2015-8814", + "CVE-2015-9235", + "CVE-2015-9241", + "CVE-2016-0750", + "CVE-2016-1505", + "CVE-2016-2166", + "CVE-2016-2537", + "CVE-2016-3693", + "CVE-2016-3720", + "CVE-2016-4442", + "CVE-2016-4562", + "CVE-2016-4563", + "CVE-2016-4564", + "CVE-2016-5104", + "CVE-2016-5431", + "CVE-2016-5697", + "CVE-2016-5841", + "CVE-2016-5842", + "CVE-2016-5851", + "CVE-2016-6298", + "CVE-2016-7528", + "CVE-2016-9298", + "CVE-2016-9909", + "CVE-2016-9910", + "CVE-2016-10149", + "CVE-2016-10345", + "CVE-2016-10522", + "CVE-2016-10524", + "CVE-2016-10531", + "CVE-2016-10536", + "CVE-2016-10540", + "CVE-2016-10544", + "CVE-2016-10554", + "CVE-2016-10556", + "CVE-2016-10577", + "CVE-2016-10703", + "CVE-2016-1000236", + "CVE-2016-1000338", + "CVE-2016-1000340", + "CVE-2016-1000343", + "CVE-2016-1000344", + "CVE-2017-0904", + "CVE-2017-2809", + "CVE-2017-3204", + "CVE-2017-5209", + "CVE-2017-5545", + "CVE-2017-5591", + "CVE-2017-5645", + "CVE-2017-5934", + "CVE-2017-5936", + "CVE-2017-5946", + "CVE-2017-7540", + "CVE-2017-7654", + "CVE-2017-7656", + "CVE-2017-8028", + "CVE-2017-8418", + "CVE-2017-8932", + "CVE-2017-11173", + "CVE-2017-12098", + "CVE-2017-12867", + "CVE-2017-12871", + "CVE-2017-13098", + "CVE-2017-14619", + "CVE-2017-14735", + "CVE-2017-15051", + "CVE-2017-15052", + "CVE-2017-15053", + "CVE-2017-15054", + "CVE-2017-15055", + "CVE-2017-15133", + "CVE-2017-15278", + "CVE-2017-15728", + "CVE-2017-15729", + "CVE-2017-15730", + "CVE-2017-15731", + "CVE-2017-15733", + "CVE-2017-15734", + "CVE-2017-15735", + "CVE-2017-15808", + "CVE-2017-15809", + "CVE-2017-15879", + "CVE-2017-15928", + "CVE-2017-16003", + "CVE-2017-16008", + "CVE-2017-16013", + "CVE-2017-16014", + "CVE-2017-16015", + "CVE-2017-16016", + "CVE-2017-16017", + "CVE-2017-16023", + "CVE-2017-16025", + "CVE-2017-16042", + "CVE-2017-16136", + "CVE-2017-16226", + "CVE-2017-16228", + "CVE-2017-16244", + "CVE-2017-16613", + "CVE-2017-16615", + "CVE-2017-16616", + "CVE-2017-16618", + "CVE-2017-16876", + "CVE-2017-16877", + "CVE-2017-16880", + "CVE-2017-17042", + "CVE-2017-18239", + "CVE-2017-18367", + "CVE-2017-1000188", + "CVE-2017-1000189", + "CVE-2017-1000228", + "CVE-2017-1000486", + "CVE-2017-1000487", + "CVE-2017-1000491", + "CVE-2017-1001002", + "CVE-2017-1001003", + "CVE-2017-1001004", + "CVE-2017-1002150", + "CVE-2018-1099", + "CVE-2018-1320", + "CVE-2018-3712", + "CVE-2018-3715", + "CVE-2018-3721", + "CVE-2018-3726", + "CVE-2018-3732", + "CVE-2018-3733", + "CVE-2018-3740", + "CVE-2018-3741", + "CVE-2018-3750", + "CVE-2018-3759", + "CVE-2018-3769", + "CVE-2018-3774", + "CVE-2018-3778", + "CVE-2018-3786", + "CVE-2018-5968", + "CVE-2018-6333", + "CVE-2018-7260", + "CVE-2018-7408", + "CVE-2018-7560", + "CVE-2018-7651", + "CVE-2018-7753", + "CVE-2018-8016", + "CVE-2018-9109", + "CVE-2018-9110", + "CVE-2018-9206", + "CVE-2018-10092", + "CVE-2018-10094", + "CVE-2018-10095", + "CVE-2018-10188", + "CVE-2018-10366", + "CVE-2018-10903", + "CVE-2018-10936", + "CVE-2018-11771", + "CVE-2018-11798", + "CVE-2018-12043", + "CVE-2018-12418", + "CVE-2018-12541", + "CVE-2018-12557", + "CVE-2018-12615", + "CVE-2018-12976", + "CVE-2018-13447", + "CVE-2018-13448", + "CVE-2018-13449", + "CVE-2018-13450", + "CVE-2018-13797", + "CVE-2018-13818", + "CVE-2018-14041", + "CVE-2018-14718", + "CVE-2018-14719", + "CVE-2018-14720", + "CVE-2018-14721", + "CVE-2018-14840", + "CVE-2018-15178", + "CVE-2018-15531", + "CVE-2018-16329", + "CVE-2018-16470", + "CVE-2018-16472", + "CVE-2018-16492", + "CVE-2018-17104", + "CVE-2018-17187", + "CVE-2018-17419", + "CVE-2018-18389", + "CVE-2018-18476", + "CVE-2018-19048", + "CVE-2018-19184", + "CVE-2018-19360", + "CVE-2018-19361", + "CVE-2018-19362", + "CVE-2018-19992", + "CVE-2018-19993", + "CVE-2018-19994", + "CVE-2018-20059", + "CVE-2018-20433", + "CVE-2018-20594", + "CVE-2018-20595", + "CVE-2018-20677", + "CVE-2018-20801", + "CVE-2018-20835", + "CVE-2018-20962", + "CVE-2018-1000089", + "CVE-2018-1000119", + "CVE-2018-1000129", + "CVE-2018-1000134", + "CVE-2018-1000164", + "CVE-2018-1000518", + "CVE-2018-1000525", + "CVE-2018-1000531", + "CVE-2018-1000538", + "CVE-2018-1000620", + "CVE-2018-1000632", + "CVE-2018-1000805", + "CVE-2018-1000807", + "CVE-2018-1000808", + "CVE-2018-1000814", + "CVE-2018-1000843", + "CVE-2018-1000850", + "CVE-2018-1000888", + "CVE-2018-1002201", + "CVE-2018-1002207", + "CVE-2018-1999024", + "CVE-2019-3564", + "CVE-2019-3826", + "CVE-2019-5413", + "CVE-2019-5484", + "CVE-2019-5884", + "CVE-2019-6798", + "CVE-2019-7164", + "CVE-2019-7548", + "CVE-2019-8457", + "CVE-2019-9658", + "CVE-2019-10131", + "CVE-2019-10157", + "CVE-2019-10217", + "CVE-2019-10241", + "CVE-2019-10682", + "CVE-2019-10749", + "CVE-2019-10751", + "CVE-2019-10752", + "CVE-2019-10762", + "CVE-2019-10767", + "CVE-2019-10776", + "CVE-2019-10781", + "CVE-2019-10787", + "CVE-2019-10792", + "CVE-2019-10793", + "CVE-2019-10795", + "CVE-2019-10799", + "CVE-2019-10867", + "CVE-2019-11272", + "CVE-2019-11358", + "CVE-2019-11514", + "CVE-2019-11768", + "CVE-2019-11777", + "CVE-2019-12277", + "CVE-2019-12402", + "CVE-2019-12616", + "CVE-2019-12741", + "CVE-2019-12814", + "CVE-2019-13127", + "CVE-2019-13135", + "CVE-2019-13173", + "CVE-2019-13295", + "CVE-2019-13574", + "CVE-2019-13644", + "CVE-2019-14540", + "CVE-2019-14668", + "CVE-2019-14669", + "CVE-2019-14671", + "CVE-2019-14672", + "CVE-2019-14751", + "CVE-2019-14806", + "CVE-2019-14837", + "CVE-2019-14862", + "CVE-2019-14863", + "CVE-2019-14893", + "CVE-2019-14980", + "CVE-2019-15481", + "CVE-2019-15532", + "CVE-2019-16317", + "CVE-2019-16318", + "CVE-2019-16335", + "CVE-2019-16676", + "CVE-2019-16761", + "CVE-2019-16762", + "CVE-2019-16763", + "CVE-2019-16766", + "CVE-2019-16769", + "CVE-2019-16771", + "CVE-2019-16778", + "CVE-2019-16779", + "CVE-2019-16784", + "CVE-2019-16785", + "CVE-2019-16786", + "CVE-2019-16789", + "CVE-2019-16792", + "CVE-2019-17267", + "CVE-2019-17496", + "CVE-2019-17513", + "CVE-2019-17531", + "CVE-2019-17541", + "CVE-2019-17592", + "CVE-2019-18622", + "CVE-2019-18656", + "CVE-2019-18848", + "CVE-2019-18857", + "CVE-2019-18874", + "CVE-2019-18978", + "CVE-2019-18981", + "CVE-2019-18982", + "CVE-2019-18985", + "CVE-2019-18986", + "CVE-2019-19010", + "CVE-2019-19275", + "CVE-2019-19507", + "CVE-2019-19576", + "CVE-2019-19619", + "CVE-2019-19687", + "CVE-2019-19703", + "CVE-2019-19794", + "CVE-2019-20330", + "CVE-2019-1000005", + "CVE-2019-1000021", + "CVE-2019-1020012", + "CVE-2020-1747", + "CVE-2020-5219", + "CVE-2020-5224", + "CVE-2020-5227", + "CVE-2020-5229", + "CVE-2020-5232", + "CVE-2020-5236", + "CVE-2020-5249", + "CVE-2020-5390", + "CVE-2020-5529", + "CVE-2020-6836", + "CVE-2020-7597", + "CVE-2020-7981", + "CVE-2020-8131", + "CVE-2020-9283", + "CVE-2020-10236", + "CVE-2020-10591", + "CVE-2020-10672", + "CVE-2020-10673" + ], + "VULN_ID_IN_MESSAGE": [ + "CVE-2013-0256", + "CVE-2013-2191", + "CVE-2014-0160", + "CVE-2014-0177", + "CVE-2014-1403", + "CVE-2014-8152", + "CVE-2015-0276", + "CVE-2015-0838", + "CVE-2015-1326", + "CVE-2015-1782", + "CVE-2015-7541", + "CVE-2015-8309", + "CVE-2016-3114", + "CVE-2016-4974", + "CVE-2016-5180", + "CVE-2016-6298", + "CVE-2016-10173", + "CVE-2017-5934", + "CVE-2017-11427", + "CVE-2017-11905", + "CVE-2017-11910", + "CVE-2017-15133", + "CVE-2017-16613", + "CVE-2017-16876", + "CVE-2018-8128", + "CVE-2018-8177", + "CVE-2018-8178", + "CVE-2018-8381", + "CVE-2018-8390", + "CVE-2018-10092", + "CVE-2018-10094", + "CVE-2018-10095", + "CVE-2018-10936", + "CVE-2018-11093", + "CVE-2018-12541", + "CVE-2018-12976", + "CVE-2018-16470", + "CVE-2018-19992", + "CVE-2018-19993", + "CVE-2018-19994", + "CVE-2018-20028", + "CVE-2018-20433", + "CVE-2019-0911", + "CVE-2019-0912", + "CVE-2019-0917", + "CVE-2019-0922", + "CVE-2019-0924", + "CVE-2019-0925", + "CVE-2019-0933", + "CVE-2019-1052", + "CVE-2019-1062", + "CVE-2019-1092", + "CVE-2019-1103", + "CVE-2019-1106", + "CVE-2019-1107", + "CVE-2019-1139", + "CVE-2019-1195", + "CVE-2019-1196", + "CVE-2019-1197", + "CVE-2019-10642", + "CVE-2019-10643", + "CVE-2019-11512", + "CVE-2019-14751", + "CVE-2019-16784", + "CVE-2019-18622", + "CVE-2019-18848", + "CVE-2020-5219", + "CVE-2020-5390", + "CVE-2020-9283" + ], + "VULN_ID_IN_LINKED_ISSUE": [ + "CVE-2014-3579", + "CVE-2014-3612", + "CVE-2016-4974", + "CVE-2016-6298", + "CVE-2016-10173", + "CVE-2017-5946", + "CVE-2017-8028", + "CVE-2018-1320", + "CVE-2019-3826", + "CVE-2019-14863", + "CVE-2020-1747", + "CVE-2020-8131" + ], + "XREF_BUG": [ + "CVE-2013-1879", + "CVE-2013-1880", + "CVE-2014-3579", + "CVE-2016-2166", + "CVE-2017-15703", + "CVE-2018-1309", + "CVE-2018-1320", + "CVE-2018-8013", + "CVE-2018-8016", + "CVE-2018-11771", + "CVE-2018-17187", + "CVE-2018-17193", + "CVE-2018-17194", + "CVE-2018-17195", + "CVE-2020-1928", + "CVE-2012-1176", + "CVE-2013-4116", + "CVE-2014-3120", + "CVE-2014-6394", + "CVE-2014-9721", + "CVE-2015-4082", + "CVE-2015-7294", + "CVE-2015-8854", + "CVE-2016-3720", + "CVE-2016-5007", + "CVE-2016-6298", + "CVE-2016-9909", + "CVE-2016-9910", + "CVE-2016-10149", + "CVE-2016-10173", + "CVE-2017-2809", + "CVE-2017-5545", + "CVE-2017-5946", + "CVE-2017-7540", + "CVE-2017-8028", + "CVE-2017-8418", + "CVE-2017-8932", + "CVE-2017-12098", + "CVE-2017-14735", + "CVE-2017-15133", + "CVE-2017-15703", + "CVE-2017-15879", + "CVE-2017-16013", + "CVE-2017-16023", + "CVE-2017-16025", + "CVE-2017-16042", + "CVE-2017-16615", + "CVE-2017-16616", + "CVE-2017-16618", + "CVE-2017-18239", + "CVE-2018-1098", + "CVE-2018-1099", + "CVE-2018-1309", + "CVE-2018-3740", + "CVE-2018-3769", + "CVE-2018-3778", + "CVE-2018-3786", + "CVE-2018-5968", + "CVE-2018-7408", + "CVE-2018-7651", + "CVE-2018-7753", + "CVE-2018-9206", + "CVE-2018-10903", + "CVE-2018-12418", + "CVE-2018-12541", + "CVE-2018-13797", + "CVE-2018-14718", + "CVE-2018-14719", + "CVE-2018-14720", + "CVE-2018-14721", + "CVE-2018-14840", + "CVE-2018-15178", + "CVE-2018-17104", + "CVE-2018-17193", + "CVE-2018-17194", + "CVE-2018-17195", + "CVE-2018-17419", + "CVE-2018-18476", + "CVE-2018-19360", + "CVE-2018-19361", + "CVE-2018-19362", + "CVE-2018-20059", + "CVE-2018-20594", + "CVE-2018-20595", + "CVE-2018-20677", + "CVE-2018-20962", + "CVE-2018-1000164", + "CVE-2018-1000525", + "CVE-2018-1000531", + "CVE-2018-1000538", + "CVE-2018-1000620", + "CVE-2018-1000632", + "CVE-2018-1000805", + "CVE-2018-1000807", + "CVE-2018-1000808", + "CVE-2018-1000814", + "CVE-2018-1000843", + "CVE-2018-1002207", + "CVE-2018-1002208", + "CVE-2019-3826", + "CVE-2019-7164", + "CVE-2019-7548", + "CVE-2019-7722", + "CVE-2019-9658", + "CVE-2019-10217", + "CVE-2019-10248", + "CVE-2019-11358", + "CVE-2019-11777", + "CVE-2019-12814", + "CVE-2019-13644", + "CVE-2019-14540", + "CVE-2019-14668", + "CVE-2019-14669", + "CVE-2019-14671", + "CVE-2019-14672", + "CVE-2019-14862", + "CVE-2019-14863", + "CVE-2019-14893", + "CVE-2019-15481", + "CVE-2019-15532", + "CVE-2019-15658", + "CVE-2019-16335", + "CVE-2019-17267", + "CVE-2019-17531", + "CVE-2019-18874", + "CVE-2019-19507", + "CVE-2019-19703", + "CVE-2019-19794", + "CVE-2019-20330", + "CVE-2019-1000005", + "CVE-2020-1747", + "CVE-2020-1928", + "CVE-2020-8131", + "CVE-2020-10672", + "CVE-2020-10673" + ], + "COMMIT_IS_SECURITY_RELEVANT": [], + "medium": [ + "CVE-2011-1950", + "CVE-2011-3923", + "CVE-2012-2378", + "CVE-2012-3536", + "CVE-2012-5812", + "CVE-2013-2172", + "CVE-2013-3567", + "CVE-2013-4002", + "CVE-2013-4111", + "CVE-2013-4316", + "CVE-2014-2525", + "CVE-2014-3250", + "CVE-2014-3576", + "CVE-2014-5277", + "CVE-2014-7189", + "CVE-2014-9970", + "CVE-2015-1772", + "CVE-2015-6524", + "CVE-2015-8862", + "CVE-2016-4000", + "CVE-2016-4977", + "CVE-2016-8738", + "CVE-2016-10100", + "CVE-2016-10528", + "CVE-2016-10529", + "CVE-2016-10558", + "CVE-2016-10559", + "CVE-2016-10560", + "CVE-2016-10574", + "CVE-2016-10575", + "CVE-2016-10591", + "CVE-2016-10611", + "CVE-2016-10694", + "CVE-2016-10735", + "CVE-2017-2617", + "CVE-2017-2638", + "CVE-2017-2667", + "CVE-2017-4973", + "CVE-2017-5641", + "CVE-2017-5858", + "CVE-2017-7674", + "CVE-2017-9796", + "CVE-2017-11467", + "CVE-2017-12616", + "CVE-2017-12620", + "CVE-2017-12622", + "CVE-2017-16007", + "CVE-2017-1000389", + "CVE-2017-1000451", + "CVE-2018-1260", + "CVE-2018-1261", + "CVE-2018-1263", + "CVE-2018-3714", + "CVE-2018-3731", + "CVE-2018-3738", + "CVE-2018-6591", + "CVE-2018-14637", + "CVE-2018-16459", + "CVE-2018-16490", + "CVE-2018-17197", + "CVE-2018-1000013", + "CVE-2018-1000014", + "CVE-2019-0207", + "CVE-2019-3772", + "CVE-2019-7617", + "CVE-2019-8331", + "CVE-2019-9212", + "CVE-2019-9844", + "CVE-2019-10089", + "CVE-2019-10090", + "CVE-2019-10240", + "CVE-2019-10745", + "CVE-2019-10748", + "CVE-2019-10750", + "CVE-2019-10756", + "CVE-2019-10757", + "CVE-2019-10760", + "CVE-2019-10764", + "CVE-2019-10778", + "CVE-2019-10780", + "CVE-2019-10797", + "CVE-2019-10904", + "CVE-2019-11767", + "CVE-2019-12404", + "CVE-2019-12407", + "CVE-2019-13209", + "CVE-2019-15657", + "CVE-2019-16197", + "CVE-2019-18889", + "CVE-2019-19212", + "CVE-2019-1010266", + "CVE-2020-8125", + "CVE-2020-9281" + ], + "low": [ + "CVE-2013-1607", + "CVE-2014-3577", + "CVE-2014-7809", + "CVE-2016-4438", + "CVE-2016-10543", + "CVE-2016-10564", + "CVE-2016-10569", + "CVE-2017-2652", + "CVE-2017-7688", + "CVE-2018-16462", + "CVE-2019-10077" + ], + "not_found": [ + "CVE-2012-0881", + "CVE-2014-7143", + "CVE-2015-0250", + "CVE-2015-3627", + "CVE-2016-9962", + "CVE-2018-1196", + "CVE-2018-7576", + "CVE-2018-8031", + "CVE-2019-0219", + "CVE-2019-3792", + "CVE-2019-14537" + ], + "not_reported": [ + "CVE-2010-0156", + "CVE-2010-2076", + "CVE-2010-2245", + "CVE-2010-4534", + "CVE-2010-4535", + "CVE-2010-5142", + "CVE-2011-1772", + "CVE-2011-2730", + "CVE-2011-2732", + "CVE-2011-3848", + "CVE-2012-0392", + "CVE-2012-1054", + "CVE-2012-1098", + "CVE-2012-1099", + "CVE-2012-1906", + "CVE-2012-1986", + "CVE-2012-1987", + "CVE-2012-2379", + "CVE-2012-3451", + "CVE-2012-3867", + "CVE-2012-4449", + "CVE-2012-5055", + "CVE-2013-0248", + "CVE-2013-0285", + "CVE-2013-1654", + "CVE-2013-2115", + "CVE-2013-2254", + "CVE-2013-4152", + "CVE-2013-4204", + "CVE-2013-4286", + "CVE-2013-4322", + "CVE-2013-4428", + "CVE-2013-4761", + "CVE-2013-6235", + "CVE-2013-7315", + "CVE-2014-0035", + "CVE-2014-0050", + "CVE-2014-0086", + "CVE-2014-0097", + "CVE-2014-0116", + "CVE-2014-0228", + "CVE-2014-1829", + "CVE-2014-3630", + "CVE-2014-3709", + "CVE-2015-0208", + "CVE-2015-0289", + "CVE-2015-0293", + "CVE-2015-1830", + "CVE-2015-2068", + "CVE-2015-3192", + "CVE-2015-5207", + "CVE-2015-5211", + "CVE-2015-5241", + "CVE-2015-5250", + "CVE-2015-8861", + "CVE-2016-0762", + "CVE-2016-3081", + "CVE-2016-3959", + "CVE-2016-4465", + "CVE-2016-4972", + "CVE-2016-5388", + "CVE-2016-6519", + "CVE-2016-6652", + "CVE-2016-6793", + "CVE-2016-6794", + "CVE-2016-6796", + "CVE-2016-6797", + "CVE-2016-6817", + "CVE-2016-8629", + "CVE-2016-8739", + "CVE-2016-8745", + "CVE-2016-10532", + "CVE-2016-10542", + "CVE-2016-10550", + "CVE-2016-10557", + "CVE-2016-10562", + "CVE-2016-10566", + "CVE-2016-10567", + "CVE-2016-10568", + "CVE-2016-10570", + "CVE-2016-10571", + "CVE-2016-10572", + "CVE-2016-10573", + "CVE-2016-10576", + "CVE-2016-10579", + "CVE-2016-10582", + "CVE-2016-10586", + "CVE-2016-10587", + "CVE-2016-10588", + "CVE-2016-10626", + "CVE-2016-10750", + "CVE-2016-1000282", + "CVE-2017-0224", + "CVE-2017-2592", + "CVE-2017-2649", + "CVE-2017-4952", + "CVE-2017-4971", + "CVE-2017-5638", + "CVE-2017-5954", + "CVE-2017-7660", + "CVE-2017-7661", + "CVE-2017-7662", + "CVE-2017-7666", + "CVE-2017-7675", + "CVE-2017-7957", + "CVE-2017-8046", + "CVE-2017-9096", + "CVE-2017-9214", + "CVE-2017-9265", + "CVE-2017-11503", + "CVE-2017-12158", + "CVE-2017-12159", + "CVE-2017-12160", + "CVE-2017-12631", + "CVE-2017-14683", + "CVE-2017-15720", + "CVE-2017-16029", + "CVE-2017-16083", + "CVE-2017-16084", + "CVE-2017-16107", + "CVE-2017-17835", + "CVE-2017-1000042", + "CVE-2017-1000431", + "CVE-2018-0953", + "CVE-2018-1193", + "CVE-2018-1259", + "CVE-2018-1304", + "CVE-2018-1314", + "CVE-2018-1339", + "CVE-2018-3728", + "CVE-2018-3743", + "CVE-2018-3757", + "CVE-2018-3758", + "CVE-2018-6341", + "CVE-2018-6873", + "CVE-2018-8008", + "CVE-2018-8026", + "CVE-2018-8315", + "CVE-2018-8359", + "CVE-2018-8465", + "CVE-2018-8473", + "CVE-2018-8510", + "CVE-2018-8541", + "CVE-2018-10862", + "CVE-2018-10912", + "CVE-2018-11087", + "CVE-2018-11758", + "CVE-2018-11777", + "CVE-2018-13790", + "CVE-2018-14642", + "CVE-2018-14732", + "CVE-2018-15758", + "CVE-2018-16485", + "CVE-2018-17184", + "CVE-2018-19787", + "CVE-2018-20094", + "CVE-2018-1000854", + "CVE-2019-0226", + "CVE-2019-1001", + "CVE-2019-3774", + "CVE-2019-3799", + "CVE-2019-3808", + "CVE-2019-3810", + "CVE-2019-3847", + "CVE-2019-3850", + "CVE-2019-3894", + "CVE-2019-5018", + "CVE-2019-5444", + "CVE-2019-5479", + "CVE-2019-7537", + "CVE-2019-7644", + "CVE-2019-9155", + "CVE-2019-10071", + "CVE-2019-10158", + "CVE-2019-10174", + "CVE-2019-10354", + "CVE-2019-10754", + "CVE-2019-10763", + "CVE-2019-10766", + "CVE-2019-10770", + "CVE-2019-10771", + "CVE-2019-10777", + "CVE-2019-11016", + "CVE-2019-11269", + "CVE-2019-11289", + "CVE-2019-11328", + "CVE-2019-12203", + "CVE-2019-12245", + "CVE-2019-12405", + "CVE-2019-12419", + "CVE-2019-12423", + "CVE-2019-12617", + "CVE-2019-12748", + "CVE-2019-14280", + "CVE-2019-14838", + "CVE-2019-15608", + "CVE-2019-17223", + "CVE-2019-17359", + "CVE-2019-17554", + "CVE-2019-19316", + "CVE-2019-19919", + "CVE-2020-1937", + "CVE-2020-1938", + "CVE-2020-7596", + "CVE-2020-8134" + ], + "false_positive": [ + "CVE-2010-0684", + "CVE-2011-2929", + "CVE-2011-2930", + "CVE-2011-2931", + "CVE-2011-2932", + "CVE-2011-3869", + "CVE-2011-3870", + "CVE-2011-3871", + "CVE-2011-3872", + "CVE-2011-4104", + "CVE-2011-4838", + "CVE-2011-5036", + "CVE-2011-5097", + "CVE-2011-5098", + "CVE-2012-0394", + "CVE-2012-2098", + "CVE-2012-2139", + "CVE-2012-2660", + "CVE-2012-2661", + "CVE-2012-3865", + "CVE-2012-4386", + "CVE-2012-4387", + "CVE-2012-4520", + "CVE-2012-5633", + "CVE-2012-6662", + "CVE-2012-6684", + "CVE-2012-6685", + "CVE-2012-6708", + "CVE-2013-0262", + "CVE-2013-0263", + "CVE-2013-1812", + "CVE-2013-2132", + "CVE-2013-2134", + "CVE-2013-2135", + "CVE-2013-2275", + "CVE-2013-4249", + "CVE-2013-4251", + "CVE-2013-4353", + "CVE-2013-4477", + "CVE-2013-5093", + "CVE-2013-5123", + "CVE-2013-6044", + "CVE-2013-6348", + "CVE-2013-6429", + "CVE-2013-6430", + "CVE-2013-7370", + "CVE-2013-7397", + "CVE-2013-7398", + "CVE-2014-0012", + "CVE-2014-0014", + "CVE-2014-0075", + "CVE-2014-0107", + "CVE-2014-0109", + "CVE-2014-0110", + "CVE-2014-0193", + "CVE-2014-0224", + "CVE-2014-0225", + "CVE-2014-1402", + "CVE-2014-1830", + "CVE-2014-1832", + "CVE-2014-1858", + "CVE-2014-1859", + "CVE-2014-1869", + "CVE-2014-1932", + "CVE-2014-1933", + "CVE-2014-2053", + "CVE-2014-2235", + "CVE-2014-2538", + "CVE-2014-3007", + "CVE-2014-3505", + "CVE-2014-3506", + "CVE-2014-3509", + "CVE-2014-3511", + "CVE-2014-3572", + "CVE-2014-3578", + "CVE-2014-3600", + "CVE-2014-3625", + "CVE-2014-3994", + "CVE-2014-4172", + "CVE-2014-4658", + "CVE-2014-4678", + "CVE-2014-7202", + "CVE-2014-7203", + "CVE-2014-7205", + "CVE-2014-8176", + "CVE-2014-8547", + "CVE-2014-8548", + "CVE-2014-8549", + "CVE-2014-8650", + "CVE-2014-8991", + "CVE-2014-9720", + "CVE-2014-10068", + "CVE-2014-10077", + "CVE-2015-0204", + "CVE-2015-0205", + "CVE-2015-0206", + "CVE-2015-0209", + "CVE-2015-0286", + "CVE-2015-0287", + "CVE-2015-0288", + "CVE-2015-0290", + "CVE-2015-0292", + "CVE-2015-1208", + "CVE-2015-1788", + "CVE-2015-1789", + "CVE-2015-1791", + "CVE-2015-1792", + "CVE-2015-1793", + "CVE-2015-2156", + "CVE-2015-2296", + "CVE-2015-2912", + "CVE-2015-2913", + "CVE-2015-3010", + "CVE-2015-3193", + "CVE-2015-3195", + "CVE-2015-3196", + "CVE-2015-3197", + "CVE-2015-3253", + "CVE-2015-3395", + "CVE-2015-3996", + "CVE-2015-4053", + "CVE-2015-4706", + "CVE-2015-5159", + "CVE-2015-5253", + "CVE-2015-5254", + "CVE-2015-5305", + "CVE-2015-5344", + "CVE-2015-5349", + "CVE-2015-5607", + "CVE-2015-6748", + "CVE-2015-6818", + "CVE-2015-6821", + "CVE-2015-6822", + "CVE-2015-6823", + "CVE-2015-6824", + "CVE-2015-6918", + "CVE-2015-7314", + "CVE-2015-7315", + "CVE-2015-7316", + "CVE-2015-7528", + "CVE-2015-7559", + "CVE-2015-8213", + "CVE-2015-8216", + "CVE-2015-8217", + "CVE-2015-8218", + "CVE-2015-8618", + "CVE-2015-8748", + "CVE-2015-8968", + "CVE-2015-9243", + "CVE-2015-9251", + "CVE-2016-1905", + "CVE-2016-2108", + "CVE-2016-2160", + "CVE-2016-2177", + "CVE-2016-2512", + "CVE-2016-2513", + "CVE-2016-2788", + "CVE-2016-3092", + "CVE-2016-3094", + "CVE-2016-4009", + "CVE-2016-4055", + "CVE-2016-4425", + "CVE-2016-4855", + "CVE-2016-4970", + "CVE-2016-6186", + "CVE-2016-6304", + "CVE-2016-6580", + "CVE-2016-6581", + "CVE-2016-6801", + "CVE-2016-6814", + "CVE-2016-6816", + "CVE-2016-6823", + "CVE-2016-7036", + "CVE-2016-7569", + "CVE-2016-8568", + "CVE-2016-8569", + "CVE-2016-8579", + "CVE-2016-8610", + "CVE-2016-8640", + "CVE-2016-8747", + "CVE-2016-8750", + "CVE-2016-8867", + "CVE-2016-9015", + "CVE-2016-9121", + "CVE-2016-9122", + "CVE-2016-9189", + "CVE-2016-9190", + "CVE-2016-9243", + "CVE-2016-9814", + "CVE-2016-9878", + "CVE-2016-9879", + "CVE-2016-10033", + "CVE-2016-10127", + "CVE-2016-10129", + "CVE-2016-10190", + "CVE-2016-10191", + "CVE-2016-10192", + "CVE-2016-10193", + "CVE-2016-10526", + "CVE-2016-10538", + "CVE-2016-10555", + "CVE-2016-10745", + "CVE-2016-1000232", + "CVE-2017-0905", + "CVE-2017-0906", + "CVE-2017-0907", + "CVE-2017-0909", + "CVE-2017-0929", + "CVE-2017-2582", + "CVE-2017-2670", + "CVE-2017-3156", + "CVE-2017-4995", + "CVE-2017-5537", + "CVE-2017-5594", + "CVE-2017-5637", + "CVE-2017-7481", + "CVE-2017-7525", + "CVE-2017-7536", + "CVE-2017-7545", + "CVE-2017-7653", + "CVE-2017-7657", + "CVE-2017-7860", + "CVE-2017-7861", + "CVE-2017-8045", + "CVE-2017-8109", + "CVE-2017-8342", + "CVE-2017-8359", + "CVE-2017-9841", + "CVE-2017-10910", + "CVE-2017-11424", + "CVE-2017-11428", + "CVE-2017-11610", + "CVE-2017-12605", + "CVE-2017-12624", + "CVE-2017-12629", + "CVE-2017-12868", + "CVE-2017-12873", + "CVE-2017-14063", + "CVE-2017-14136", + "CVE-2017-14506", + "CVE-2017-14623", + "CVE-2017-15103", + "CVE-2017-15288", + "CVE-2017-15612", + "CVE-2017-15914", + "CVE-2017-16006", + "CVE-2017-16010", + "CVE-2017-16018", + "CVE-2017-16026", + "CVE-2017-16031", + "CVE-2017-16138", + "CVE-2017-16558", + "CVE-2017-16570", + "CVE-2017-16759", + "CVE-2017-16762", + "CVE-2017-16792", + "CVE-2017-17485", + "CVE-2017-17760", + "CVE-2017-17837", + "CVE-2017-18076", + "CVE-2017-18077", + "CVE-2017-18361", + "CVE-2017-18635", + "CVE-2017-1000001", + "CVE-2017-1000056", + "CVE-2017-1000069", + "CVE-2017-1000070", + "CVE-2017-1000209", + "CVE-2017-1000246", + "CVE-2017-1000248", + "CVE-2017-1000427", + "CVE-2017-1000433", + "CVE-2017-1000450", + "CVE-2018-0737", + "CVE-2018-1067", + "CVE-2018-1114", + "CVE-2018-1199", + "CVE-2018-1272", + "CVE-2018-1273", + "CVE-2018-1274", + "CVE-2018-1284", + "CVE-2018-1336", + "CVE-2018-3711", + "CVE-2018-3777", + "CVE-2018-5773", + "CVE-2018-6517", + "CVE-2018-6596", + "CVE-2018-7212", + "CVE-2018-7489", + "CVE-2018-7575", + "CVE-2018-7711", + "CVE-2018-7750", + "CVE-2018-8006", + "CVE-2018-8009", + "CVE-2018-8014", + "CVE-2018-8017", + "CVE-2018-8025", + "CVE-2018-8027", + "CVE-2018-8030", + "CVE-2018-8037", + "CVE-2018-8038", + "CVE-2018-8039", + "CVE-2018-8088", + "CVE-2018-8097", + "CVE-2018-8416", + "CVE-2018-8899", + "CVE-2018-9856", + "CVE-2018-10237", + "CVE-2018-11039", + "CVE-2018-11040", + "CVE-2018-11248", + "CVE-2018-11307", + "CVE-2018-11627", + "CVE-2018-11647", + "CVE-2018-11761", + "CVE-2018-11762", + "CVE-2018-11775", + "CVE-2018-11784", + "CVE-2018-11786", + "CVE-2018-11787", + "CVE-2018-11788", + "CVE-2018-11797", + "CVE-2018-12022", + "CVE-2018-12023", + "CVE-2018-12537", + "CVE-2018-12540", + "CVE-2018-12544", + "CVE-2018-12608", + "CVE-2018-13863", + "CVE-2018-14040", + "CVE-2018-14042", + "CVE-2018-14371", + "CVE-2018-14574", + "CVE-2018-14635", + "CVE-2018-14731", + "CVE-2018-14774", + "CVE-2018-15727", + "CVE-2018-15756", + "CVE-2018-16468", + "CVE-2018-16471", + "CVE-2018-16733", + "CVE-2018-16837", + "CVE-2018-16859", + "CVE-2018-16876", + "CVE-2018-16886", + "CVE-2018-16984", + "CVE-2018-17057", + "CVE-2018-17175", + "CVE-2018-17246", + "CVE-2018-18074", + "CVE-2018-18206", + "CVE-2018-18854", + "CVE-2018-18893", + "CVE-2018-18926", + "CVE-2018-19133", + "CVE-2018-19351", + "CVE-2018-19352", + "CVE-2018-19370", + "CVE-2018-19620", + "CVE-2018-20000", + "CVE-2018-20227", + "CVE-2018-20745", + "CVE-2018-20756", + "CVE-2018-20834", + "CVE-2018-20975", + "CVE-2018-1000060", + "CVE-2018-1000088", + "CVE-2018-1000096", + "CVE-2018-1000118", + "CVE-2018-1000159", + "CVE-2018-1000539", + "CVE-2018-1000559", + "CVE-2018-1000613", + "CVE-2018-1000644", + "CVE-2018-1000665", + "CVE-2018-1000803", + "CVE-2018-1000809", + "CVE-2018-1000820", + "CVE-2018-1000822", + "CVE-2018-1000855", + "CVE-2018-1000872", + "CVE-2018-1002101", + "CVE-2018-1002105", + "CVE-2018-1002150", + "CVE-2018-1002200", + "CVE-2018-1002203", + "CVE-2018-1002204", + "CVE-2018-1002205", + "CVE-2019-0194", + "CVE-2019-0201", + "CVE-2019-0210", + "CVE-2019-0228", + "CVE-2019-1552", + "CVE-2019-3465", + "CVE-2019-3498", + "CVE-2019-3888", + "CVE-2019-5421", + "CVE-2019-5448", + "CVE-2019-5477", + "CVE-2019-6802", + "CVE-2019-6975", + "CVE-2019-7313", + "CVE-2019-8903", + "CVE-2019-9153", + "CVE-2019-9154", + "CVE-2019-9512", + "CVE-2019-9826", + "CVE-2019-9942", + "CVE-2019-10072", + "CVE-2019-10086", + "CVE-2019-10094", + "CVE-2019-10184", + "CVE-2019-10206", + "CVE-2019-10219", + "CVE-2019-10246", + "CVE-2019-10247", + "CVE-2019-10249", + "CVE-2019-10255", + "CVE-2019-10641", + "CVE-2019-10768", + "CVE-2019-10773", + "CVE-2019-10774", + "CVE-2019-10806", + "CVE-2019-10874", + "CVE-2019-10912", + "CVE-2019-11082", + "CVE-2019-11244", + "CVE-2019-11245", + "CVE-2019-11325", + "CVE-2019-11405", + "CVE-2019-11458", + "CVE-2019-11470", + "CVE-2019-11808", + "CVE-2019-12041", + "CVE-2019-12086", + "CVE-2019-12308", + "CVE-2019-12313", + "CVE-2019-12387", + "CVE-2019-12418", + "CVE-2019-12422", + "CVE-2019-12781", + "CVE-2019-14262", + "CVE-2019-14892", + "CVE-2019-14933", + "CVE-2019-15062", + "CVE-2019-15477", + "CVE-2019-15482", + "CVE-2019-15483", + "CVE-2019-15484", + "CVE-2019-15485", + "CVE-2019-15486", + "CVE-2019-15587", + "CVE-2019-15599", + "CVE-2019-15782", + "CVE-2019-16060", + "CVE-2019-16097", + "CVE-2019-16145", + "CVE-2019-16403", + "CVE-2019-16768", + "CVE-2019-16770", + "CVE-2019-16772", + "CVE-2019-16774", + "CVE-2019-16782", + "CVE-2019-16869", + "CVE-2019-16884", + "CVE-2019-16942", + "CVE-2019-16943", + "CVE-2019-17206", + "CVE-2019-17383", + "CVE-2019-17426", + "CVE-2019-17563", + "CVE-2019-17569", + "CVE-2019-17632", + "CVE-2019-18841", + "CVE-2019-18886", + "CVE-2019-18887", + "CVE-2019-18888", + "CVE-2019-18923", + "CVE-2019-18954", + "CVE-2019-19118", + "CVE-2019-19274", + "CVE-2019-19325", + "CVE-2019-19844", + "CVE-2019-20444", + "CVE-2019-1000007", + "CVE-2019-1002101", + "CVE-2019-1010142", + "CVE-2019-1010306", + "CVE-2020-1935", + "CVE-2020-1940", + "CVE-2020-5215", + "CVE-2020-5223", + "CVE-2020-5230", + "CVE-2020-5233", + "CVE-2020-5237", + "CVE-2020-5243", + "CVE-2020-5245", + "CVE-2020-5247", + "CVE-2020-5310", + "CVE-2020-5311", + "CVE-2020-5312", + "CVE-2020-5313", + "CVE-2020-5398", + "CVE-2020-6802", + "CVE-2020-6816", + "CVE-2020-7212", + "CVE-2020-7219", + "CVE-2020-7598", + "CVE-2020-7608", + "CVE-2020-8116", + "CVE-2020-8840", + "CVE-2020-8945", + "CVE-2020-9402", + "CVE-2020-9546", + "CVE-2020-9547", + "CVE-2020-9548", + "CVE-2020-10594" + ], + "aborted": [ + "CVE-2009-0217", + "CVE-2015-1169", + "CVE-2015-3208", + "CVE-2015-6826", + "CVE-2015-7577", + "CVE-2016-5386", + "CVE-2017-5643", + "CVE-2017-8658", + "CVE-2017-14695", + "CVE-2018-10055", + "CVE-2018-11804", + "CVE-2018-20713", + "CVE-2018-1002102", + "CVE-2019-10154" + ], + "missing": [ + "CVE-2009-0217", + "CVE-2015-1169", + "CVE-2015-3208", + "CVE-2015-6826", + "CVE-2015-7577", + "CVE-2016-5386", + "CVE-2017-5643", + "CVE-2017-8658", + "CVE-2017-14695", + "CVE-2018-10055", + "CVE-2018-11804", + "CVE-2018-20713", + "CVE-2018-1002102", + "CVE-2019-10154" + ] + } + } + ] +} \ No newline at end of file diff --git a/prospector/evaluation/data/results/summary_execution_nvi_table.tex b/prospector/evaluation/data/results/summary_execution_nvi_table.tex new file mode 100644 index 000000000..d3bdd8f78 --- /dev/null +++ b/prospector/evaluation/data/results/summary_execution_nvi_table.tex @@ -0,0 +1,32 @@ +\begin{table} + \centering + % \tiny + \begin{tabular}{| l c c c c|} + \rowcolor{gray!50} \textbf{Result} & \textbf{Without LLM} & \textbf{\%} & \textbf{With LLM} & \textbf{\%} \\ \hline + High confidence & 899 & 69.58 & 977 & 75.62 \\ + \rowcolor{gray!20} \begin{tabular}{l} + \quad Commit in reference* \\ + \end{tabular} & 835 & 92.88 & 835 & 85.47 \\ + \rowcolor{gray!20} \begin{tabular}{l} + \quad CVE ID in message* \\ + \end{tabular} & 122 & 13.57 & 123 & 12.59 \\ + \rowcolor{gray!20} \begin{tabular}{l} + \quad CVE ID in Issue* \\ + \end{tabular} & 32 & 3.56 & 32 & 3.28 \\ + \rowcolor{gray!20} \begin{tabular}{l} + \quad Cross Reference* \\ + \end{tabular} & 322 & 35.82 & 319 & 32.65 \\ + \rowcolor{gray!20} \begin{tabular}{l} + \quad Commit is Security Relevant* \\ + \end{tabular} & 0 & 0.0 & 857 & 66.33 \\ + Medium confidence & 82 & 6.35 & 10 & 0.77 \\ + Low confidence & 14 & 1.08 & 8 & 0.62 \\ + Not found (rank $> 10$) & 31 & 2.4 & 30 & 2.32 \\ + Not reported & 243 & 18.81 & 85 & 6.58 \\ + False Positive & 23 & 1.78 & 182 & 14.09 \\ + Aborted (candidate and time limit exceeded) & 27 & 2.09 & 27 & 2.09 \\ + \textbf{Total} & \textbf{1292} & & \textbf{1292} & \\ \hline + \end{tabular} + \caption{Evaluation Results without version interval (* percentage of high confidence category)} + \label{tab:tracer_dataset_results_nvi} +\end{table} \ No newline at end of file diff --git a/prospector/evaluation/dispatch_jobs.py b/prospector/evaluation/dispatch_jobs.py new file mode 100644 index 000000000..62a4b7f19 --- /dev/null +++ b/prospector/evaluation/dispatch_jobs.py @@ -0,0 +1,129 @@ +import os + +import redis +from rq import Connection, Queue +from rq.job import Job + +from core.prospector import prospector +from core.report import generate_report +from evaluation.utils import ( + INPUT_DATA_PATH, + PROSPECTOR_REPORTS_PATH_HOST, + PROSPECTOR_REPORTS_PATH_CONTAINER, + load_dataset, + logger, + config, +) +from llm.llm_service import LLMService + +prospector_config = config.prospector_settings + + +def dispatch_prospector_jobs(filename: str, selected_cves: str): + """Dispatches jobs to the queue.""" + + dataset = load_dataset(INPUT_DATA_PATH + filename + ".csv") + # dataset = dataset[200:300] # done 0-100, + + # Only run a subset of CVEs if the user supplied a selected set + if len(selected_cves) != 0: + dataset = [c for c in dataset if c[0] in selected_cves] + + logger.debug(f"Enabled rules: {prospector_config.enabled_rules}") + logger.info(f"Prospector settings: {prospector_config.enabled_rules}") + + dispatched_jobs = 0 + for cve in dataset: + # Skip already existing reports + if os.path.exists(f"{PROSPECTOR_REPORTS_PATH_HOST}/{cve[0]}.json"): + continue + + dispatched_jobs += 1 + + # Send them to Prospector to run + with Connection(redis.from_url(prospector_config.redis_url)): + queue = Queue(default_timeout=3600) + + job = Job.create( + _run_prospector_and_generate_report, + kwargs={ + "cve_id": cve[0], + "version_interval": ( + cve[2] if config.version_interval else "None:None" + ), + "report_type": "json", + "output_file": f"{PROSPECTOR_REPORTS_PATH_CONTAINER}{cve[0]}.json", + "repository_url": cve[1], + }, + description="Prospector Job", + id=cve[0], + ) + + queue.enqueue_job(job) + + logger.info(f"Dispatched {dispatched_jobs} jobs.") + print(f"Dispatched {dispatched_jobs} jobs.") + + +def _run_prospector_and_generate_report( + cve_id, + version_interval, + report_type: str, + output_file, + repository_url: str, +): + """Call the prospector() and generate_report() functions. This also creates the LLMService singleton + so that it is available in the context of the job. + """ + params = { + "vulnerability_id": cve_id, + "repository_url": repository_url, + "version_interval": version_interval, + "use_backend": prospector_config.use_backend, + "backend_address": prospector_config.backend, + "git_cache": prospector_config.git_cache, + "limit_candidates": prospector_config.max_candidates, + "use_llm_repository_url": False, + "enabled_rules": prospector_config.enabled_rules, + } + + if prospector_config.llm_service.use_llm_repository_url: + try: + LLMService(prospector_config.llm_service) + except Exception as e: + logger.error(f"LLM Service could not be instantiated: {e}") + raise e + + try: + results, advisory_record = prospector(**params) + except Exception as e: + logger.error(f"prospector() crashed at {cve_id}: {e}") + raise e + + logger.info("prospector() returned. Generating report now.") + + try: + generate_report( + results, + advisory_record, + report_type, + output_file, + prospector_params=params, + ) + except Exception as e: + logger.error(f"Could not create report: {e}") + raise e + + # return results, advisory_record + return f"Ran Prospector on {cve_id}" + + +def empty_queue(): + """Remove all jobs from the queue. Attention: this does not stop jobs that + are currently executing.""" + with Connection(redis.from_url(prospector_config.redis_url)): + queue = Queue("default") + + queue.empty() + + print("Emptied the queue.") diff --git a/prospector/evaluation/main.py b/prospector/evaluation/main.py new file mode 100644 index 000000000..28ff8bc2f --- /dev/null +++ b/prospector/evaluation/main.py @@ -0,0 +1,110 @@ +import signal +import sys +from typing import Callable, Dict +from omegaconf import OmegaConf +from evaluation.analyse import ( + analyse_category_flows, + analyse_prospector_reports, + count_existing_reports, + generate_checkmarks_table, + generate_sankey_diagram, +) +from evaluation.analyse_statistics import ( + analyse_statistics, + overall_execution_time, +) +from evaluation.dispatch_jobs import dispatch_prospector_jobs, empty_queue +from evaluation.utils import config + + +class CommandRegistry: + def __init__(self): + self.commands: Dict[str, Callable] = {} + + def register(self, name: str): + def decorator(func: Callable): + self.commands[name] = func + return func + + return decorator + + def execute(self, name: str, *args, **kwargs): + if name not in self.commands: + raise ValueError(f"Command '{name}' not found") + return self.commands[name](*args, **kwargs) + + +registry = CommandRegistry() + + +@registry.register("execute") +def execute_command(config): + dispatch_prospector_jobs(config.input, config.cve) + + +@registry.register("analyse_reports") +def analyze_reports_command(config): + analyse_prospector_reports(config.input, config.cve) + + +@registry.register("analyse_statistics") +def analyze_stats_command(config): + analyse_statistics(config.input) + + +@registry.register("execution_time") +def execution_time_command(config): + overall_execution_time(config.input) + + +@registry.register("category_flows") +def category_flows_command(config): + analyse_category_flows() + + +@registry.register("checkmarks") +def checkmarks_command(config): + generate_checkmarks_table(config.input, config.cve) + + +@registry.register("empty_queue") +def empty_queue_command(config): + empty_queue() + + +@registry.register("count_reports") +def count_reports_command(config): + count_existing_reports(config.input) + + +@registry.register("sankey_diagram") +def sankey_diagram_command(config): + generate_sankey_diagram( + "mvi_old_reports", + "mvi_old_reports(new_categories)", + "mvi_without_llm", + ) + + +def sig_handler(signum, frame): + print("You pressed Ctrl+C!") + sys.exit(0) + + +def main(): + if len(sys.argv) < 2: + print("Usage: python script.py ") + sys.exit(1) + + command = sys.argv[1] + + try: + registry.execute(command, config) + except ValueError as e: + print(f"Error: {e}") + sys.exit(1) + + +if __name__ == "__main__": + signal.signal(signal.SIGINT, sig_handler) + main() diff --git a/prospector/evaluation/utils.py b/prospector/evaluation/utils.py new file mode 100644 index 000000000..335a332b5 --- /dev/null +++ b/prospector/evaluation/utils.py @@ -0,0 +1,172 @@ +import csv +import json + +from omegaconf import OmegaConf +from log.logger import create_logger + +config = OmegaConf.load("evaluation/config.yaml") + +logger = create_logger("evaluation.log") +logger.setLevel(config.debug_level) + + +def load_dataset(path: str): + with open(path, "r") as file: + reader = csv.reader(file, delimiter=";") + logger.debug(f"Loaded Dataset at {path}") + print(f"Loaded Dataset at {path}") + return [row for row in reader if "CVE" in row[0] and row[3] != "True"] + + +def load_json_file(path: str) -> dict: + try: + with open(path, "r") as f: + return json.load(f) + except FileNotFoundError: + raise + except Exception: + raise + + +def save_dict_to_json(dictionary: dict, path: str): + with open(path, "w+") as file: + return json.dump(dictionary, file, indent=4) + + +def update_summary_execution_table(results: dict, total: str) -> None: + """Updates the LaTeX table at {ANALYSIS_RESULTS_PATH}/summary_execution_ + [mvi|nvi]_table.tex. + + Params: + results (dict): Dictionary with result counts. + total (str): The total amount of reports, to be inserted in the last row of the table. + + Saves: + The newly updated LaTeX table at `filepath`. + """ + # Combine the two Cross Reference rules into one count + if config.batch in ["regular", "old_code"]: + results["XREF_BUG"] += results["XREF_GH"] + results.pop("XREF_GH") + else: + results["CROSS_REFERENCED_JIRA_LINK"] += results[ + "CROSS_REFERENCED_GH_LINK" + ] + results.pop("CROSS_REFERENCED_GH_LINK") + + table_data = [] + for i, (key, v) in enumerate(results.items()): + v = len(v) + logger.info(f"\t{v}\t{key}") + + if i > 0 and i < 5: + total_high_confidence = len(results.get("high")) + table_data.append([v, round(v / total_high_confidence * 100, 2)]) + else: + table_data.append([v, round(v / total * 100, 2)]) + + # Choose which column to update: + if config.version_interval: + filepath = ANALYSIS_RESULTS_PATH + "summary_execution_mvi_table.tex" + col_indices = [1, 2] if not config.llm_support else [3, 4] + + else: + filepath = ANALYSIS_RESULTS_PATH + "summary_execution_nvi_table.tex" + col_indices = [1, 2] if not config.llm_support else [3, 4] + + with open(filepath, "r") as file: + table_lines = file.readlines() + + # Find the row numbers to edit; CHANGE if table changes! + lines_to_edit = [5, 8, 11, 14, 17, 20, 21, 22, 23, 24, 25, 26] + + # Update the corresponding columns based on the mode + try: + # For every index and line to edit + for i, line_number in enumerate(lines_to_edit): + # split the row into parts/sections (at every &) + columns = table_lines[line_number].split("&") + # for every index and column in this line (each part is a column, since it's split at &) + for j, col_index in enumerate(col_indices): + # make the text gray if it's the prior eval column + if config.batch == "old_reports": + columns[col_index] = ( + f"\\color{{gray}} {table_data[i][j]} " + ) + # else just regular black + else: + columns[col_index] = f" {table_data[i][j]} " + + # Preserve everything after the last column we're updating + last_updated_col = max(col_indices) + end_part = " & ".join(columns[last_updated_col + 1 :]).strip() + + # Reconstruct the line, preserving formatting + updated_parts = columns[: last_updated_col + 1] + if end_part: + updated_parts.append(end_part) + table_lines[line_number] = " & ".join(updated_parts) + + # Ensure the line ends with \\ and a newline + if not table_lines[line_number].strip().endswith("\\\\"): + table_lines[line_number] = ( + table_lines[line_number] + " \\\\\n" + ) + elif not table_lines[line_number].endswith("\n"): + table_lines[line_number] += "\n" + + except IndexError: + raise IndexError( + f"Invalid data structure at row {line_number}, column {j}" + ) + + # Add the last row showing the total count + last_row = table_lines[27] + last_row_parts = last_row.split("&") + if config.batch == "old_reports": + last_row_parts[col_indices[0]] = ( + f"\\color{{gray}} \\textbf{{{total}}} " + ) + else: + last_row_parts[col_indices[0]] = f" \\textbf{{{total}}} " + table_lines[27] = "&".join(last_row_parts) + + # Write the updated table back to the file + with open(filepath, "w") as file: + file.writelines(table_lines) + + print(f"Updated latex table at {filepath}") + + +def select_reports_path_host( + version_interval: bool, llm_support: bool, batch: str +): + """Select where to store generated reports, or where to find reports for + analysis.""" + if version_interval and batch == "old_code": + return f"{config.reports_directory}mvi_old_code/" + if version_interval and batch == "old_reports": + return f"{config.reports_directory}mvi_old_reports/" + if version_interval and not llm_support: + return f"{config.reports_directory}mvi_without_llm/" + if version_interval and llm_support: + return f"{config.reports_directory}mvi_with_llm/" + + if not version_interval and batch == "old_code": + return f"{config.reports_directory}nvi_old_code/" + if not version_interval and not llm_support: + return f"{config.reports_directory}nvi_without_llm/" + if not version_interval and llm_support: + return f"{config.reports_directory}nvi_with_llm/" + + +INPUT_DATA_PATH = config.input_data_path +# Select the folder depending whether LLMs are used or not +PROSPECTOR_REPORTS_PATH_HOST = select_reports_path_host( + config.version_interval, config.llm_support, config.batch +) +BATCH = config.batch +PROSPECTOR_REPORTS_PATH_CONTAINER = "/app/evaluation/data/reports/" +ANALYSIS_RESULTS_PATH = "evaluation/data/results/" +# Comparison dirs +COMPARISON_DIRECTORY = config.compare_directory diff --git a/prospector/git/git.py b/prospector/git/git.py index adf6eb853..dd30021c3 100644 --- a/prospector/git/git.py +++ b/prospector/git/git.py @@ -13,8 +13,12 @@ from typing import Dict, List from urllib.parse import urlparse +from tqdm import tqdm + +import multiprocessing.pool as mpp from git.exec import Exec from git.raw_commit import RawCommit +from git.version_to_tag import get_possible_tags from log.logger import logger from stats.execution import execution_statistics, measure_execution_time @@ -25,32 +29,77 @@ HALF_MONTH_TIME_DELTA = 15 * 24 * 60 * 60 -# def do_clone(url, output_folder, shallow=False, skip_existing=False): -# git = Git(url, cache_path=output_folder, shallow=shallow) -# git.clone(shallow=shallow, skip_existing=skip_existing) -# return str(len(git.get_commits())) +def istarmap(self, func, iterable, chunksize=1): + """Credit: https://stackoverflow.com/questions/57354700/starmap-combined-with-tqdm""" + self._check_running() + if chunksize < 1: + raise ValueError("Chunksize must be 1+, not {0:n}".format(chunksize)) + + task_batches = mpp.Pool._get_tasks(func, iterable, chunksize) + result = mpp.IMapIterator(self) + self._taskqueue.put( + ( + self._guarded_task_generation( + result._job, mpp.starmapstar, task_batches + ), + result._set_length, + ) + ) + return (item for chunk in result for item in chunk) + + +mpp.Pool.istarmap = istarmap -def do_clone(): - pass +def do_clone(url: str, output_folder, shallow=False, skip_existing=False): + """ + This function clones a git repository from the given URL to the specified + output folder. It can perform a shallow clone and skip existing repositories if specified. + + Args: + url (str): The URL of the git repository to clone. + output_folder (str): The path to the folder where the repository should + be cloned to. + shallow (bool, optional): If True, perform a shallow clone. + skip_existing (bool, optional): If True skip cloning if already exists. + + Returns: + str: The number of commits in the cloned repository as a string. + """ + git = Git(url, cache_path=output_folder, shallow=shallow) + git.clone(shallow=shallow, skip_existing=skip_existing) + + return def clone_repo_multiple( url_list, output_folder, - proxy="", shallow=False, skip_existing=False, concurrent=multiprocessing.cpu_count(), ): """ - This is the parallelized version of clone_repo (works with a list of repositories). + This is the parallelized version of clone_repo (works with a list of + repositories). This uses a tqdm progress bar to show how many repos + have been cloned. """ + logger.setLevel( + "DEBUG" + ) # Need to manually set as this method is called without using `main.py` logger.debug(f"Using {concurrent} parallel workers") - with multiprocessing.Pool(concurrent) as pool: - args = ((url, output_folder, proxy, shallow, skip_existing) for url in url_list) - results = pool.starmap(do_clone, args) + with multiprocessing.Pool(concurrent) as pool: + args = [ + (url, output_folder, shallow, skip_existing) for url in url_list + ] + results = list( + tqdm( + pool.istarmap(do_clone, args), + total=len(url_list), + desc="Cloning repositories", + ) + ) return results @@ -159,7 +208,9 @@ def clone(self, shallow=None, skip_existing=False): if skip_existing: logger.debug(f"Skipping fetch of {self.url} in {self.path}") else: - logger.debug(f"Found repo {self.url} in {self.path}.\nFetching....") + logger.debug( + f"Found repo {self.url} in {self.path}.\nFetching with `git fetch --progress --all --tags --force`." + ) self.execute("git fetch --progress --all --tags --force") return @@ -170,7 +221,9 @@ def clone(self, shallow=None, skip_existing=False): os.makedirs(self.path) - logger.debug(f"Cloning {self.url} (shallow={self.shallow_clone})") + logger.debug( + f"Cloning {self.url} (shallow={self.shallow_clone}) in folder {self.path}" + ) if not self.execute("git init", silent=False): logger.error(f"Failed to initialize repository in {self.path}") @@ -181,7 +234,9 @@ def clone(self, shallow=None, skip_existing=False): silent=True, ) except Exception as e: - logger.error(f"Could not update remote in {self.path}", exc_info=True) + logger.error( + f"Could not update remote in {self.path}", exc_info=True + ) shutil.rmtree(self.path) raise e @@ -206,27 +261,45 @@ def get_commits( until=None, filter_extension=None, ) -> Dict[str, RawCommit]: + """Retrieves git commits: executes `git log` and parses the output to + return a dictionary of commits. + + Args: + next_tag (str, optional): The later tag to bound the commit range. + prev_tag (str, optional): The earlier tag to bound the commit range. + since (str, optional): The start date for filtering commits. + until (str, optional): The end date for filtering commits. + filter_extension (list, optional): List of file extensions to filter commits by. + + Returns: + Dict[str, RawCommit]: A dictionary where keys are commit hashes and values are + RawCommit objects containing commit details. + """ cmd = f"git log --all --name-only --full-index --format=%n{GIT_SEPARATOR}%n%H:%at:%P%n{GIT_SEPARATOR}%n%B%n{GIT_SEPARATOR}%n" + if next_tag and prev_tag: - cmd += f"{prev_tag}..{next_tag}" + cmd += f" {prev_tag}..{next_tag}" elif next_tag and not prev_tag: ts = self.get_timestamp(next_tag, "c") - cmd += f"--until={ts}" + cmd += f" --until={ts}" elif not next_tag and prev_tag: ts = self.get_timestamp(prev_tag, "a") - cmd += f"--since={ts}" + cmd += f" --since={ts}" else: - cmd += f"--since={since} --until={until}" + cmd += f" --since={since} --until={until}" if filter_extension: cmd += " *." + " *.".join(filter_extension) try: - logger.debug(cmd) + logger.debug(f"Retrieving commits with: {cmd}") out = self.execute(cmd) + logger.debug(f"Commit Logs (truncated): {out[:50]}") return self.parse_git_output(out) except Exception: - logger.error("Git command failed, cannot get commits", exc_info=True) + logger.error( + "Git command failed, cannot get commits", exc_info=True + ) return dict() @measure_execution_time(execution_statistics.sub_collection("core")) @@ -261,12 +334,14 @@ def create_commits( cmd += " *." + " *.".join(filter_extension) try: - logger.debug(cmd) + logger.debug(f"Executing git command: {cmd}") out = self.execute(cmd) return self.parse_git_output(out) except Exception: - logger.error("Git command failed, cannot get commits", exc_info=True) + logger.error( + "Git command failed, cannot get commits", exc_info=True + ) return dict() def create_commit(self, commit_id: str) -> RawCommit: @@ -277,7 +352,9 @@ def create_commit(self, commit_id: str) -> RawCommit: return self.parse_git_output(out)[commit_id] except Exception: - logger.error("Git command failed, cannot get commits", exc_info=True) + logger.error( + "Git command failed, cannot get commits", exc_info=True + ) return None def parse_git_output(self, raw: List[str]) -> Dict[str, RawCommit]: @@ -357,7 +434,9 @@ def get_tag_for_version(self, version): best_match = ("", 0.0) for tag in tags: t_strip = re.sub("[^0-9]", "", tag) - match_score = difflib.SequenceMatcher(None, t_strip, version).ratio() + match_score = difflib.SequenceMatcher( + None, t_strip, version + ).ratio() # print(t, match_score) if match_score > best_match[1]: best_match = (tag, match_score) @@ -367,12 +446,19 @@ def get_tag_for_version(self, version): def get_timestamp(self, item: str, ts_format: str) -> int: # ct is committer date, it is the default for the research using --until and --since out = self.execute(f"git log -1 --format=%{ts_format}t {item}") + logger.debug( + f"Got timestamp with `git log -1 --format=%{ts_format}t {item}`." + ) return int(out[0]) def get_tags(self): try: # Committer date to have the proper tag ordering - return self.execute("git tag --sort=committerdate") + results = self.execute("git tag --sort=committerdate") + logger.debug( + "Git command `git tag --sort=committerdate` successfully executed." + ) + return results except subprocess.CalledProcessError as exc: logger.error("Git command failed." + str(exc.output), exc_info=True) return [] diff --git a/prospector/git/raw_commit.py b/prospector/git/raw_commit.py index 26d50eb18..e23103192 100644 --- a/prospector/git/raw_commit.py +++ b/prospector/git/raw_commit.py @@ -76,7 +76,9 @@ def get_diff(self) -> Tuple[List[str], int]: return "", 0 try: # We already filtered out in Git the "useless files, so we can exclude them from the diff also. Reduces false positives rules." - cmd = f"git diff --unified=1 {self.id}^! -- " + " ".join(self.changed_files) + cmd = f"git diff --unified=1 {self.id}^! -- " + " ".join( + self.changed_files + ) diffs = self.execute(cmd) return diffs, self.get_hunks_count(diffs) diff --git a/prospector/git/version_to_tag.py b/prospector/git/version_to_tag.py index 7cc4c15a1..d1b37d5fe 100644 --- a/prospector/git/version_to_tag.py +++ b/prospector/git/version_to_tag.py @@ -20,7 +20,9 @@ def is_rc_or_date(tag: str) -> bool: def get_possible_missing_tag( - tags: list[str], prev_tag: Optional[str] = None, next_tag: Optional[str] = None + tags: list[str], + prev_tag: Optional[str] = None, + next_tag: Optional[str] = None, ): """Given the tag list and a tag, return either the previous or the next tag candidates.""" if next_tag is None: @@ -74,7 +76,9 @@ def ends_with_zero(version: str): # flake8: noqa: C901 -def get_possible_tags(tags: list[str], versions: str, unsupervised: bool = True): +def get_possible_tags( + tags: list[str], versions: str, unsupervised: bool = True +): """Given a list of tags and a version interval, return the possible tag interval that matches.""" prev_version, next_version = versions.replace("None", "").split(":") prev_tag = handle_tag_or_substring(prev_version, tags) @@ -98,20 +102,28 @@ def get_possible_tags(tags: list[str], versions: str, unsupervised: bool = True) return prev_tag[0], next_tag[0] elif len(prev_tag) == 1 and len(next_tag) > 1: next_tag = [ - tag for tag in next_tag if tag != prev_tag[0] or tag not in prev_tag[0] + tag + for tag in next_tag + if tag != prev_tag[0] or tag not in prev_tag[0] ] # this may lead to empty list logger.info(f"Possible tags are:{prev_tag}:{next_tag}") return ( prev_tag[0], - next_tag[0], # difflib.get_close_matches(prev_tag[0], next_tag, n=1)[0], + next_tag[ + 0 + ], # difflib.get_close_matches(prev_tag[0], next_tag, n=1)[0], ) elif len(prev_tag) > 1 and len(next_tag) == 1: prev_tag = [ - tag for tag in prev_tag if tag != next_tag[0] or next_tag[0] not in tag + tag + for tag in prev_tag + if tag != next_tag[0] or next_tag[0] not in tag ] logger.info(f"Possible tags are:{prev_tag}:{next_tag}") return ( - prev_tag[-1], # difflib.get_close_matches(next_tag[0], prev_tag, n=1)[0], + prev_tag[ + -1 + ], # difflib.get_close_matches(next_tag[0], prev_tag, n=1)[0], next_tag[0], ) # If there is one exact match but no candidates for the other tag, exit and hint the user with possible candidates @@ -128,8 +140,12 @@ def get_possible_tags(tags: list[str], versions: str, unsupervised: bool = True) elif len(prev_tag) > 1 and len(next_tag) > 1: logger.info("Multiple tag candidates found.") else: - prev_tag = [tag for tag in tags if prev_version in clean_tag(tag, False)] - next_tag = [tag for tag in tags if next_version in clean_tag(tag, False)] + prev_tag = [ + tag for tag in tags if prev_version in clean_tag(tag, False) + ] + next_tag = [ + tag for tag in tags if next_version in clean_tag(tag, False) + ] # print(f"Possible tags are:\n\t{prev_tag}\n\t{next_tag}") if len(prev_tag) == 1 and len(next_tag) == 1: return prev_tag[0], next_tag[0] diff --git a/prospector/llm/llm_service.py b/prospector/llm/llm_service.py index c88e81895..af16b858b 100644 --- a/prospector/llm/llm_service.py +++ b/prospector/llm/llm_service.py @@ -1,5 +1,6 @@ import itertools import re +import time import validators from langchain_core.language_models.llms import LLM @@ -59,6 +60,17 @@ def get_repository_url( try: chain = prompt_best_guess | self.model | StrOutputParser() + # Shorten the dictionary of references to avoid exceeding the token limit + if len(advisory_references) >= 300: + sorted_references = dict( + sorted( + advisory_references.items(), key=lambda item: item[1] + ) + ) + advisory_references = dict( + itertools.islice(sorted_references.items(), 200) + ) + url = chain.invoke( { "description": advisory_description, @@ -107,6 +119,8 @@ def classify_commit( ) logger.info(f"LLM returned is_relevant={is_relevant}") + time.sleep(1) + except HTTPError as e: # if the diff is too big, a 400 error is returned -> silently ignore by returning False for this commit status_code = e.response.status_code diff --git a/prospector/log/logger.py b/prospector/log/logger.py index 38986097b..6e68a08c6 100644 --- a/prospector/log/logger.py +++ b/prospector/log/logger.py @@ -18,7 +18,9 @@ def get_level(string: bool = False): return logger.level -def create_logger(name: str = LOGGER_NAME) -> logging.Logger: +def create_logger( + log_file: str = "prospector.log", name: str = LOGGER_NAME +) -> logging.Logger: logger = logging.getLogger(name) logger.setLevel(logging.INFO) formatter = logging.Formatter( @@ -26,7 +28,7 @@ def create_logger(name: str = LOGGER_NAME) -> logging.Logger: "%m-%d %H:%M:%S", ) log_file = logging.handlers.RotatingFileHandler( - "prospector.log", maxBytes=2 * (10**6), backupCount=3 + log_file, maxBytes=2 * (10**6), backupCount=3 ) log_file.setFormatter(formatter) logger.addHandler(log_file) diff --git a/prospector/pipeline/cloning_repos.py b/prospector/pipeline/cloning_repos.py new file mode 100644 index 000000000..aa95fb198 --- /dev/null +++ b/prospector/pipeline/cloning_repos.py @@ -0,0 +1,39 @@ +from evaluation.utils import load_dataset +from git.git import clone_repo_multiple + + +# Get the URLs from d63.csv -> set +urls = set() +dataset = load_dataset( + "/home/i748376/prospector/project-kb/prospector/evaluation/data/input/d63.csv" +) + +for cve_record in dataset: + urls.add(cve_record[1]) + +# urls = list(urls) +# urls = [ +# "https://github.com/Turistforeningen/node-im-resize", # CVE-2019-10787 +# "https://github.com/remy/undefsafe", # CVE-2019-10795 +# "https://github.com/Froxlor/Froxlor", # CVE-2020-10236 +# "https://github.com/jnunemaker/crack", +# "https://github.com/django-tastypie/django-tastypie", +# "https://github.com/pyinstaller/pyinstaller", +# "https://github.com/rails/rails-html-sanitizer", +# "https://github.com/scipy/scipy", +# "https://github.com/parcel-bundler/parcel", +# "https://github.com/javamelody/javamelody", +# ] + +print(f"Retrieved {len(urls)} distinct repositories from the dataset.") + +# Call clone_repo_multiple() on this set +results = clone_repo_multiple( + urls, + output_folder="/home/i748376/data/gitcache", + skip_existing=False, + shallow=False, + concurrent=1, +) + +print("Cloning completed. Results: ", results) diff --git a/prospector/requirements-dev.txt b/prospector/requirements-dev.txt index 54637c9f7..f0e457c3a 100644 --- a/prospector/requirements-dev.txt +++ b/prospector/requirements-dev.txt @@ -1,9 +1,11 @@ autopep8 black +flake8 +matplotlib pylint pytest pytest-cov pycodestyle -flake8 -requests-mock pre-commit +requests-mock +seaborn \ No newline at end of file diff --git a/prospector/rules/rules.py b/prospector/rules/rules.py index eb1c6a78d..cdc1d8d64 100644 --- a/prospector/rules/rules.py +++ b/prospector/rules/rules.py @@ -491,5 +491,5 @@ def apply( ] RULES_PHASE_2: List[Rule] = [ - CommitIsSecurityRelevant("COMMIT_IS_SECURITY_RELEVANT", 32) + CommitIsSecurityRelevant("COMMIT_IS_SECURITY_RELEVANT", 16) ] diff --git a/prospector/run_prospector.sh b/prospector/run_prospector.sh index 91288fbd5..8b450752a 100755 --- a/prospector/run_prospector.sh +++ b/prospector/run_prospector.sh @@ -36,4 +36,9 @@ fi # echo $(pwd)/$OUTPUT_DIR # Sanity Check # run the docker container -docker run --network=prospector_default --rm -t -v $(pwd)/$OUTPUT_DIR:/app/$OUTPUT_DIR $IMAGE_NAME "$@" +docker run --network=prospector_default --rm -t \ + --user $(id -u):$(id -g) \ + -v $(pwd)/$OUTPUT_DIR:/app/$OUTPUT_DIR \ + -v ${GIT_CACHE_HOST}:/tmp/gitcache \ + $IMAGE_NAME \ + "$@" diff --git a/prospector/util/http.py b/prospector/util/http.py index feac446c0..bb7305666 100644 --- a/prospector/util/http.py +++ b/prospector/util/http.py @@ -8,7 +8,9 @@ from log.logger import logger -def fetch_url(url: str, params=None, extract_text=True) -> Union[str, BeautifulSoup]: +def fetch_url( + url: str, params=None, extract_text=True +) -> Union[str, BeautifulSoup]: """ Fetches the content of a web page located at the specified URL and optionally extracts text from it. @@ -23,8 +25,10 @@ def fetch_url(url: str, params=None, extract_text=True) -> Union[str, BeautifulS If an exception occurs during the HTTP request, an empty string ("") is returned. """ + try: - session = requests_cache.CachedSession("requests-cache", expire_after=604800) + # session = requests_cache.CachedSession("requests-cache", expire_after=0) + session = requests.Session() if params is None: content = session.get(url).content else: @@ -75,13 +79,18 @@ def get_urls(url: str) -> List[str]: # TODO: properly scrape github issues -def extract_from_webpage(url: str, attr_name: str, attr_value: List[str]) -> str: +def extract_from_webpage( + url: str, attr_name: str, attr_value: List[str] +) -> str: content = fetch_url(url, None, False) if not content: return "" print(content.get_text()) print( - [result.group(0) for result in re.finditer(r"[A-Z]+-\d+", content.get_text())] + [ + result.group(0) + for result in re.finditer(r"[A-Z]+-\d+", content.get_text()) + ] ) return [ link.get("href") @@ -115,10 +124,13 @@ def get_from_xml(id: str): if item is None or item == -1: return "" relevant_data = [ - itm.text for itm in item.findAll(["description", "summary", "comments"]) + itm.text + for itm in item.find_all(["description", "summary", "comments"]) ] - relevant_data = BeautifulSoup("\n".join(relevant_data), features="html.parser") + relevant_data = BeautifulSoup( + "\n".join(relevant_data), features="html.parser" + ) return " ".join(relevant_data.stripped_strings) except Exception: