latest github_m records

Signed-off-by: Weston Steimel <[email protected]>
anchore · May 31, 2024 · 4f221e2 · 4f221e2
1 parent 6daab63
commit 4f221e2
Show file tree

Hide file tree

Showing 18 changed files with 193 additions and 13 deletions.
diff --git a/data/anchore/2024/CVE-2024-3190.json b/data/anchore/2024/CVE-2024-3190.json
@@ -2,7 +2,6 @@
   "additionalMetadata": {
     "cna": "wordfence",
     "cveId": "CVE-2024-3190",
-    "needsReview": true,
     "reason": "Added CPE configurations because not yet analyzed by NVD.",
     "references": [
       "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3090199%40unlimited-elements-for-elementor&new=3090199%40unlimited-elements-for-elementor&sfp_email=&sfph_mail=",

diff --git a/data/anchore/2024/CVE-2024-3269.json b/data/anchore/2024/CVE-2024-3269.json
@@ -2,7 +2,6 @@
   "additionalMetadata": {
     "cna": "wordfence",
     "cveId": "CVE-2024-3269",
-    "needsReview": true,
     "reason": "Added CPE configurations because not yet analyzed by NVD.",
     "references": [
       "https://plugins.trac.wordpress.org/changeset/3092928/download-monitor/trunk?contextall=1&old=3070504&old_path=%2Fdownload-monitor%2Ftrunk",

diff --git a/data/anchore/2024/CVE-2024-32877.json b/data/anchore/2024/CVE-2024-32877.json
@@ -0,0 +1,38 @@
+{
+  "additionalMetadata": {
+    "cna": "github_m",
+    "cveId": "CVE-2024-32877",
+    "reason": "Added CPE configurations because not yet analyzed by NVD.",
+    "references": [
+      "https://github.com/yiisoft/yii2/commit/f7baab16e79f2369d4838ab5653c3c07ecf26615",
+      "https://github.com/yiisoft/yii2/security/advisories/GHSA-qg5r-95m4-mjgj"
+    ]
+  },
+  "adp": {
+    "affected": [
+      {
+        "collectionURL": "https://github.com",
+        "cpes": [
+          "cpe:2.3:a:yiiframework:yii:*:*:*:*:*:*:*:*",
+          "cpe:2.3:a:yiiframework:yiiframework:*:*:*:*:*:*:*:*"
+        ],
+        "packageName": "yiisoft/yii2",
+        "product": "yii2",
+        "repo": "https://github.com/yiisoft/yii2",
+        "vendor": "yiisoft",
+        "versions": [
+          {
+            "lessThan": "2.0.50",
+            "status": "affected",
+            "version": "2.0.49.3",
+            "versionType": "custom"
+          }
+        ]
+      }
+    ],
+    "providerMetadata": {
+      "orgId": "00000000-0000-4000-8000-000000000000",
+      "shortName": "anchoreadp"
+    }
+  }
+}
diff --git a/data/anchore/2024/CVE-2024-35189.json b/data/anchore/2024/CVE-2024-35189.json
@@ -0,0 +1,37 @@
+{
+  "additionalMetadata": {
+    "cna": "github_m",
+    "cveId": "CVE-2024-35189",
+    "reason": "Added CPE configurations because not yet analyzed by NVD.",
+    "references": [
+      "https://cloud.google.com/iam/docs/key-rotation",
+      "https://github.com/ethyca/fides/security/advisories/GHSA-rcvg-jj3g-rj7c"
+    ]
+  },
+  "adp": {
+    "affected": [
+      {
+        "collectionURL": "https://github.com",
+        "cpes": [
+          "cpe:2.3:a:ethyca:fides:*:*:*:*:*:*:*:*"
+        ],
+        "packageName": "ethyca/fides",
+        "product": "fides",
+        "repo": "https://github.com/ethyca/fides",
+        "vendor": "ethyca",
+        "versions": [
+          {
+            "lessThan": "2.37.0",
+            "status": "affected",
+            "version": "0",
+            "versionType": "custom"
+          }
+        ]
+      }
+    ],
+    "providerMetadata": {
+      "orgId": "00000000-0000-4000-8000-000000000000",
+      "shortName": "anchoreadp"
+    }
+  }
+}
diff --git a/data/anchore/2024/CVE-2024-35228.json b/data/anchore/2024/CVE-2024-35228.json
@@ -0,0 +1,43 @@
+{
+  "additionalMetadata": {
+    "cna": "github_m",
+    "cveId": "CVE-2024-35228",
+    "reason": "Added CPE configurations because not yet analyzed by NVD.",
+    "references": [
+      "https://github.com/wagtail/wagtail/commit/284f75a6f91f7ab18cc304d7d34f33b559ae37b1",
+      "https://github.com/wagtail/wagtail/security/advisories/GHSA-xxfm-vmcf-g33f"
+    ]
+  },
+  "adp": {
+    "affected": [
+      {
+        "collectionURL": "https://github.com",
+        "cpes": [
+          "cpe:2.3:a:torchbox:wagtail:*:*:*:*:*:*:*:*"
+        ],
+        "packageName": "wagtail/wagtail",
+        "product": "wagtail",
+        "repo": "https://github.com/wagtail/wagtail",
+        "vendor": "wagtail",
+        "versions": [
+          {
+            "lessThan": "6.0.5",
+            "status": "affected",
+            "version": "6.0.0",
+            "versionType": "custom"
+          },
+          {
+            "lessThan": "6.1.2",
+            "status": "affected",
+            "version": "6.1.0",
+            "versionType": "custom"
+          }
+        ]
+      }
+    ],
+    "providerMetadata": {
+      "orgId": "00000000-0000-4000-8000-000000000000",
+      "shortName": "anchoreadp"
+    }
+  }
+}
diff --git a/data/anchore/2024/CVE-2024-3583.json b/data/anchore/2024/CVE-2024-3583.json
@@ -2,7 +2,6 @@
   "additionalMetadata": {
     "cna": "wordfence",
     "cveId": "CVE-2024-3583",
-    "needsReview": true,
     "reason": "Added CPE configurations because not yet analyzed by NVD.",
     "references": [
       "https://plugins.trac.wordpress.org/changeset/3092346/simple-facebook-plugin/trunk?contextall=1&old=3051436&old_path=%2Fsimple-facebook-plugin%2Ftrunk",

diff --git a/data/anchore/2024/CVE-2024-36118.json b/data/anchore/2024/CVE-2024-36118.json
@@ -0,0 +1,36 @@
+{
+  "additionalMetadata": {
+    "cna": "github_m",
+    "cveId": "CVE-2024-36118",
+    "reason": "Added CPE configurations because not yet analyzed by NVD.",
+    "references": [
+      "https://github.com/metersphere/metersphere/security/advisories/GHSA-qxx2-p3w2-w4r6"
+    ]
+  },
+  "adp": {
+    "affected": [
+      {
+        "collectionURL": "https://github.com",
+        "cpes": [
+          "cpe:2.3:a:metersphere:metersphere:*:*:*:*:*:*:*:*"
+        ],
+        "packageName": "metersphere/metersphere",
+        "product": "metersphere",
+        "repo": "https://github.com/metersphere/metersphere",
+        "vendor": "metersphere",
+        "versions": [
+          {
+            "lessThan": "2.10.15-lts",
+            "status": "affected",
+            "version": "0",
+            "versionType": "custom"
+          }
+        ]
+      }
+    ],
+    "providerMetadata": {
+      "orgId": "00000000-0000-4000-8000-000000000000",
+      "shortName": "anchoreadp"
+    }
+  }
+}
diff --git a/data/anchore/2024/CVE-2024-36119.json b/data/anchore/2024/CVE-2024-36119.json
@@ -0,0 +1,39 @@
+{
+  "additionalMetadata": {
+    "cna": "github_m",
+    "cveId": "CVE-2024-36119",
+    "reason": "Added CPE configurations because not yet analyzed by NVD.",
+    "references": [
+      "https://dev.to/balogh08/cleaning-your-git-history-safely-removing-sensitive-data-10i5",
+      "https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/removing-sensitive-data-from-a-repository",
+      "https://github.com/statamic/cms/commit/0b804306c96c99b81755d5bd02df87ddf392853e",
+      "https://github.com/statamic/cms/security/advisories/GHSA-qvpj-w7xj-r6w9"
+    ]
+  },
+  "adp": {
+    "affected": [
+      {
+        "collectionURL": "https://github.com",
+        "cpes": [
+          "cpe:2.3:a:statamic:statamic:*:*:*:*:*:*:*:*"
+        ],
+        "packageName": "statamic/cms",
+        "product": "cms",
+        "repo": "https://github.com/statamic/cms",
+        "vendor": "statamic",
+        "versions": [
+          {
+            "lessThan": "5.6.2",
+            "status": "affected",
+            "version": "5.3.0",
+            "versionType": "custom"
+          }
+        ]
+      }
+    ],
+    "providerMetadata": {
+      "orgId": "00000000-0000-4000-8000-000000000000",
+      "shortName": "anchoreadp"
+    }
+  }
+}
diff --git a/data/anchore/2024/CVE-2024-3943.json b/data/anchore/2024/CVE-2024-3943.json
@@ -2,7 +2,6 @@
   "additionalMetadata": {
     "cna": "wordfence",
     "cveId": "CVE-2024-3943",
-    "needsReview": true,
     "reason": "Added CPE configurations because not yet analyzed by NVD.",
     "references": [
       "https://plugins.trac.wordpress.org/browser/wp-todo/trunk/inc/Base/Model.php#L225",

diff --git a/data/anchore/2024/CVE-2024-3945.json b/data/anchore/2024/CVE-2024-3945.json
@@ -2,7 +2,6 @@
   "additionalMetadata": {
     "cna": "wordfence",
     "cveId": "CVE-2024-3945",
-    "needsReview": true,
     "reason": "Added CPE configurations because not yet analyzed by NVD.",
     "references": [
       "https://plugins.trac.wordpress.org/browser/wp-todo/trunk/inc/Base/Model.php#L273",

diff --git a/data/anchore/2024/CVE-2024-3946.json b/data/anchore/2024/CVE-2024-3946.json
@@ -2,7 +2,6 @@
   "additionalMetadata": {
     "cna": "wordfence",
     "cveId": "CVE-2024-3946",
-    "needsReview": true,
     "reason": "Added CPE configurations because not yet analyzed by NVD.",
     "references": [
       "https://plugins.trac.wordpress.org/browser/wp-todo/trunk/inc/Base/Model.php#L304",

diff --git a/data/anchore/2024/CVE-2024-3947.json b/data/anchore/2024/CVE-2024-3947.json
@@ -2,7 +2,6 @@
   "additionalMetadata": {
     "cna": "wordfence",
     "cveId": "CVE-2024-3947",
-    "needsReview": true,
     "reason": "Added CPE configurations because not yet analyzed by NVD.",
     "references": [
       "https://plugins.trac.wordpress.org/browser/wp-todo/trunk/inc/Base/Model.php#L304",

diff --git a/data/anchore/2024/CVE-2024-4355.json b/data/anchore/2024/CVE-2024-4355.json
@@ -2,7 +2,6 @@
   "additionalMetadata": {
     "cna": "wordfence",
     "cveId": "CVE-2024-4355",
-    "needsReview": true,
     "reason": "Added CPE configurations because not yet analyzed by NVD.",
     "references": [
       "https://wordpress.org/plugins/stopbadbots/",

diff --git a/data/anchore/2024/CVE-2024-5073.json b/data/anchore/2024/CVE-2024-5073.json
@@ -2,7 +2,6 @@
   "additionalMetadata": {
     "cna": "wordfence",
     "cveId": "CVE-2024-5073",
-    "needsReview": true,
     "reason": "Added CPE configurations because not yet analyzed by NVD.",
     "references": [
       "https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/trunk/includes/Traits/Twitter_Feed.php#L210",

diff --git a/data/anchore/2024/CVE-2024-5223.json b/data/anchore/2024/CVE-2024-5223.json
@@ -2,7 +2,6 @@
   "additionalMetadata": {
     "cna": "wordfence",
     "cveId": "CVE-2024-5223",
-    "needsReview": true,
     "reason": "Added CPE configurations because not yet analyzed by NVD.",
     "references": [
       "https://plugins.trac.wordpress.org/browser/ultimate-post/tags/4.0.4/addons/custom_font/Custom_Font.php#L13",

diff --git a/data/anchore/2024/CVE-2024-5326.json b/data/anchore/2024/CVE-2024-5326.json
@@ -2,7 +2,6 @@
   "additionalMetadata": {
     "cna": "wordfence",
     "cveId": "CVE-2024-5326",
-    "needsReview": true,
     "reason": "Added CPE configurations because not yet analyzed by NVD.",
     "references": [
       "https://plugins.trac.wordpress.org/browser/ultimate-post/trunk/classes/Styles.php#L160",

diff --git a/data/anchore/2024/CVE-2024-5327.json b/data/anchore/2024/CVE-2024-5327.json
@@ -2,7 +2,6 @@
   "additionalMetadata": {
     "cna": "wordfence",
     "cveId": "CVE-2024-5327",
-    "needsReview": true,
     "reason": "Added CPE configurations because not yet analyzed by NVD.",
     "references": [
       "https://plugins.trac.wordpress.org/browser/powerpack-lite-for-elementor/tags/2.7.19/extensions/animated-gradient-background.php#L322",

diff --git a/data/anchore/2024/CVE-2024-5341.json b/data/anchore/2024/CVE-2024-5341.json
@@ -2,7 +2,6 @@
   "additionalMetadata": {
     "cna": "wordfence",
     "cveId": "CVE-2024-5341",
-    "needsReview": true,
     "reason": "Added CPE configurations because not yet analyzed by NVD.",
     "references": [
       "https://roadmap.theplusaddons.com/updates/",