tests: Add new expected vulnerabilities to test results

afsmeira · afsmeira · commit f8f33f2533b8 · 2025-12-23T09:36:13.000Z
diff --git a/docs/multiple-tests/all-patterns/results.xml b/docs/multiple-tests/all-patterns/results.xml
@@ -21,6 +21,12 @@
             message="Insecure dependency maven/org.apache.logging.log4j/log4j-core@2.17.0 (CVE-2021-44832: log4j-core: remote code execution via JDBC Appender) (update to 2.17.1)"
             severity="warning"
         />
+        <error
+            source="vulnerability_medium"
+            line="1"
+            message="Insecure dependency maven/org.apache.logging.log4j/log4j-core@2.17.0 (CVE-2025-68161: The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2. ...) (update to 2.25.3)"
+            severity="warning"
+        />
         <error
             source="vulnerability_critical"
             line="2"
diff --git a/docs/multiple-tests/pattern-vulnerability-critical/results.xml b/docs/multiple-tests/pattern-vulnerability-critical/results.xml
@@ -7,6 +7,12 @@
             message="Insecure dependency golang/stdlib@v1.21.4 (CVE-2024-24790: golang: net/netip: Unexpected behavior from Is methods for IPv4-mapped IPv6 addresses) (update to 1.21.11)"
             severity="error"
         />
+        <error
+            source="vulnerability_critical"
+            line="8"
+            message="Insecure dependency golang/github.com/ollama/ollama@v0.1.46 (CVE-2025-63389: Ollama Platform has missing authentication enabling attackers to perform model management operations) (no fix available)"
+            severity="error"
+        />
     </file>
 
     <file name="gradle/gradle.lockfile">
diff --git a/docs/multiple-tests/pattern-vulnerability-high/results.xml b/docs/multiple-tests/pattern-vulnerability-high/results.xml
@@ -85,19 +85,13 @@
         <error
             source="vulnerability_high"
             line="5"
-            message="Insecure dependency golang/stdlib@v1.21.4 (CVE-2025-58186: Despite HTTP headers having a default limit of 1MB, the number of cook ...) (update to 1.24.8)"
-            severity="high"
-        />
-        <error
-            source="vulnerability_high"
-            line="5"
-            message="Insecure dependency golang/stdlib@v1.21.4 (CVE-2025-58187: Due to the design of the name constraint checking algorithm, the proce ...) (update to 1.24.9)"
+            message="Insecure dependency golang/stdlib@v1.21.4 (CVE-2025-58183: golang: archive/tar: Unbounded allocation when parsing GNU sparse map) (update to 1.24.8)"
             severity="high"
         />
         <error
             source="vulnerability_high"
             line="5"
-            message="Insecure dependency golang/stdlib@v1.21.4 (CVE-2025-58183: golang: archive/tar: Unbounded allocation when parsing GNU sparse map) (update to 1.24.8)"
+            message="Insecure dependency golang/stdlib@v1.21.4 (CVE-2025-61729: crypto/x509: Excessive resource consumption when printing error string for host certificate validation in crypto/x509) (update to 1.24.11)"
             severity="high"
         />
     </file>
diff --git a/docs/multiple-tests/pattern-vulnerability-medium/results.xml b/docs/multiple-tests/pattern-vulnerability-medium/results.xml
@@ -170,9 +170,33 @@
             message="Insecure dependency golang/stdlib@v1.21.4 (CVE-2025-58188: crypto/x509: golang: Panic when validating certificates with DSA public keys in crypto/x509) (update to 1.24.8)"
             severity="warning"
         />
+        <error
+            source="vulnerability_medium"
+            line="3"
+            message="Insecure dependency golang/stdlib@v1.21.4 (CVE-2025-58186: golang.org/net/http: Lack of limit when parsing cookies can cause memory exhaustion in net/http) (update to 1.24.8)"
+            severity="warning"
+        />
+        <error
+            source="vulnerability_medium"
+            line="3"
+            message="Insecure dependency golang/stdlib@v1.21.4 (CVE-2025-58187: crypto/x509: Quadratic complexity when checking name constraints in crypto/x509) (update to 1.24.9)"
+            severity="warning"
+        />
+        <error
+            source="vulnerability_medium"
+            line="3"
+            message="Insecure dependency golang/stdlib@v1.21.4 (CVE-2025-61727: golang: crypto/x509: excluded subdomain constraint does not restrict wildcard SANs) (update to 1.24.11)"
+            severity="warning"
+        />
     </file>
 
     <file name="gradle/gradle.lockfile">
+        <error
+            source="vulnerability_medium"
+            line="1"
+            message="Insecure dependency maven/org.apache.logging.log4j/log4j-core@2.17.0 (CVE-2025-68161: The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2. ...) (update to 2.25.3)"
+            severity="warning"
+        />
         <error
             source="vulnerability_medium"
             line="1"
@@ -188,6 +212,12 @@
             message="Insecure dependency maven/org.apache.logging.log4j/log4j-core@2.17.0 (CVE-2021-44832: log4j-core: remote code execution via JDBC Appender) (update to 2.17.1)"
             severity="warning"
         />
+        <error
+            source="vulnerability_medium"
+            line="14"
+            message="Insecure dependency maven/org.apache.logging.log4j/log4j-core@2.17.0 (CVE-2025-68161: The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2. ...) (update to 2.25.3)"
+            severity="warning"
+        />
     </file>
 
     <file name="javascript/package-lock.json">
