From 16586e8a10df15ac356def9c242d1ea26ead0694 Mon Sep 17 00:00:00 2001
From: Weston Steimel <commits@weston.slmail.me>
Date: Thu, 23 May 2024 17:24:33 +0100
Subject: [PATCH] convert CVE-2023-45853

Signed-off-by: Weston Steimel <commits@weston.slmail.me>
---
 data/anchore/2023/CVE-2023-45853.json | 60 +++++++++++++++++++++++++++
 1 file changed, 60 insertions(+)
 create mode 100644 data/anchore/2023/CVE-2023-45853.json

diff --git a/data/anchore/2023/CVE-2023-45853.json b/data/anchore/2023/CVE-2023-45853.json
new file mode 100644
index 00000000..67e4c4e7
--- /dev/null
+++ b/data/anchore/2023/CVE-2023-45853.json
@@ -0,0 +1,60 @@
+{
+  "additionalMetadata": {
+    "cna": "mitre",
+    "cveId": "CVE-2023-45853",
+    "reason": "Adjust CPE configurations to indicate that version 1.3.1 addressing the flaw is published.",
+    "references": [
+      "http://www.openwall.com/lists/oss-security/2023/10/20/9",
+      "http://www.openwall.com/lists/oss-security/2024/01/24/10",
+      "https://chromium.googlesource.com/chromium/src/+/d709fb23806858847131027da95ef4c548813356",
+      "https://chromium.googlesource.com/chromium/src/+/de29dd6c7151d3cd37cb4cf0036800ddfb1d8b61",
+      "https://github.com/madler/zlib/blob/ac8f12c97d1afd9bafa9c710f827d40a407d3266/contrib/README.contrib#L1-L4",
+      "https://github.com/madler/zlib/pull/843",
+      "https://lists.debian.org/debian-lts-announce/2023/11/msg00026.html",
+      "https://pypi.org/project/pyminizip/#history",
+      "https://security.gentoo.org/glsa/202401-18",
+      "https://security.netapp.com/advisory/ntap-20231130-0009/",
+      "https://www.winimage.com/zLibDll/minizip.html"
+    ]
+  },
+  "adp": {
+    "affected": [
+      {
+        "cpes": [
+          "cpe:2.3:a:zlib:zlib:*:*:*:*:*:*:*:*"
+        ],
+        "product": "zlib",
+        "repo": "https://github.com/madler/zlib",
+        "vendor": "madler",
+        "versions": [
+          {
+            "lessThan": "1.3.1",
+            "status": "affected",
+            "version": "0",
+            "versionType": "custom"
+          }
+        ]
+      },
+      {
+        "cpes": [
+          "cpe:2.3:a:minizip_project:minizip:*:*:*:*:*:*:*:*"
+        ],
+        "product": "minizip-ng",
+        "repo": "https://github.com/zlib-ng/minizip-ng",
+        "vendor": "zlib-ng",
+        "versions": [
+          {
+            "lessThan": "1.3.1",
+            "status": "affected",
+            "version": "0",
+            "versionType": "custom"
+          }
+        ]
+      }
+    ],
+    "providerMetadata": {
+      "orgId": "00000000-0000-4000-8000-000000000000",
+      "shortName": "anchoreadp"
+    }
+  }
+}
\ No newline at end of file