Update known vulnerabilities

doc/known-vulnerabilities.csv

@@ -1,4 +1,5 @@
 DependencyName,DependencyPath,Description,License,Md5,Sha1,Identifiers,CPE,CVE,CWE,Vulnerability,Source,CVSSv2_Severity,CVSSv2_Score,CVSSv2,CVSSv3_BaseSeverity,CVSSv3_BaseScore,CVSSv3,CPE Confidence,Evidence Count,VendorProject,Product,Name,DateAdded,ShortDescription,RequiredAction,DueDate,Notes
+clojure-1.12.0-alpha8.jar,/home/runner/.m2/repository/org/clojure/clojure/1.12.0-alpha8/clojure-1.12.0-alpha8.jar,Clojure core environment and runtime library.,Eclipse Public License 1.0: http://opensource.org/licenses/eclipse-1.0.php,98a5b63b4c1ba4bacefa1047f99a2606,86af583307a8349fb2d332b0938c6308c33b855a,pkg:maven/org.clojure/clojure@1.12.0-alpha8,cpe:2.3:a:clojure:clojure:1.12.0:pha8:*:*:*:*:*:*,CVE-2024-22871,CWE-400 Uncontrolled Resource Consumption,An issue in Clojure versions 1.20 to 1.12.0-alpha5 allows an attacker to cause a denial of service (DoS) via the clojure.core$partial$fn__5920 function.,OSSINDEX,,,,HIGH,7.5,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H,HIGH,20,,,,,,,,
 commons-compress-1.21.jar,/home/runner/.m2/repository/org/apache/commons/commons-compress/1.21/commons-compress-1.21.jar,"Apache Commons Compress software defines an API for working with compression and archive formats.  These include: bzip2, gzip, pack200, lzma, xz, Snappy, traditional Unix Compress, DEFLATE, DEFLATE64, LZ4, Brotli, Zstandard and ar, cpio, jar, tar, zip, dump, 7z, arj.",https://www.apache.org/licenses/LICENSE-2.0.txt,2a713d10331bc4e13459a3dc0463f16f,4ec95b60d4e86b5c95a0e919cb172a0af98011ef,pkg:maven/org.apache.commons/commons-compress@1.21,cpe:2.3:a:apache:commons_compress:1.21:*:*:*:*:*:*:*,CVE-2024-25710,CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop'),Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.3 through 1.25.0.  Users are recommended to upgrade to version 1.26.0 which fixes the issue.,NVD,,,,MEDIUM,5.5,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H/E:1.8/RC:R/MAV:A,HIGH,104,,,,,,,,
 commons-compress-1.21.jar,/home/runner/.m2/repository/org/apache/commons/commons-compress/1.21/commons-compress-1.21.jar,"Apache Commons Compress software defines an API for working with compression and archive formats.  These include: bzip2, gzip, pack200, lzma, xz, Snappy, traditional Unix Compress, DEFLATE, DEFLATE64, LZ4, Brotli, Zstandard and ar, cpio, jar, tar, zip, dump, 7z, arj.",https://www.apache.org/licenses/LICENSE-2.0.txt,2a713d10331bc4e13459a3dc0463f16f,4ec95b60d4e86b5c95a0e919cb172a0af98011ef,pkg:maven/org.apache.commons/commons-compress@1.21,cpe:2.3:a:apache:commons_compress:1.21:*:*:*:*:*:*:*,CVE-2024-26308,CWE-770 Allocation of Resources Without Limits or Throttling,"Allocation of Resources Without Limits or Throttling vulnerability in Apache Commons Compress.This issue affects Apache Commons Compress: from 1.21 before 1.26.  Users are recommended to upgrade to version 1.26, which fixes the issue.",OSSINDEX,,,,MEDIUM,5.5,CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H,HIGH,104,,,,,,,,
 core.specs.alpha-0.2.62.jar,/home/runner/.m2/repository/org/clojure/core.specs.alpha/0.2.62/core.specs.alpha-0.2.62.jar,Specs for clojure.core,Eclipse Public License 1.0: http://opensource.org/licenses/eclipse-1.0.php,b1e37e6e8efdade6b7c2a4dd17c0d437,a2a7ea21a695561924bc8506f3feb5d8c8f894d5,pkg:maven/org.clojure/core.specs.alpha@0.2.62,cpe:2.3:a:clojure:clojure:0.2.62:*:*:*:*:*:*:*,CVE-2017-20189,CWE-502 Deserialization of Untrusted Data,"In Clojure before 1.9.0, classes can be used to construct a serialized object that executes arbitrary code upon deserialization. This is relevant if a server deserializes untrusted objects.",NVD,,,,CRITICAL,9.8,CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:3.9/RC:R/MAV:A,HIGH,17,,,,,,,,