From 4f221e271df37b0817c658eed7ccfc82ed796216 Mon Sep 17 00:00:00 2001 From: Weston Steimel Date: Fri, 31 May 2024 12:54:50 +0100 Subject: [PATCH] latest github_m records Signed-off-by: Weston Steimel --- data/anchore/2024/CVE-2024-3190.json | 1 - data/anchore/2024/CVE-2024-3269.json | 1 - data/anchore/2024/CVE-2024-32877.json | 38 +++++++++++++++++++++++ data/anchore/2024/CVE-2024-35189.json | 37 +++++++++++++++++++++++ data/anchore/2024/CVE-2024-35228.json | 43 +++++++++++++++++++++++++++ data/anchore/2024/CVE-2024-3583.json | 1 - data/anchore/2024/CVE-2024-36118.json | 36 ++++++++++++++++++++++ data/anchore/2024/CVE-2024-36119.json | 39 ++++++++++++++++++++++++ data/anchore/2024/CVE-2024-3943.json | 1 - data/anchore/2024/CVE-2024-3945.json | 1 - data/anchore/2024/CVE-2024-3946.json | 1 - data/anchore/2024/CVE-2024-3947.json | 1 - data/anchore/2024/CVE-2024-4355.json | 1 - data/anchore/2024/CVE-2024-5073.json | 1 - data/anchore/2024/CVE-2024-5223.json | 1 - data/anchore/2024/CVE-2024-5326.json | 1 - data/anchore/2024/CVE-2024-5327.json | 1 - data/anchore/2024/CVE-2024-5341.json | 1 - 18 files changed, 193 insertions(+), 13 deletions(-) create mode 100644 data/anchore/2024/CVE-2024-32877.json create mode 100644 data/anchore/2024/CVE-2024-35189.json create mode 100644 data/anchore/2024/CVE-2024-35228.json create mode 100644 data/anchore/2024/CVE-2024-36118.json create mode 100644 data/anchore/2024/CVE-2024-36119.json diff --git a/data/anchore/2024/CVE-2024-3190.json b/data/anchore/2024/CVE-2024-3190.json index 0b222576..2ad3f3d8 100644 --- a/data/anchore/2024/CVE-2024-3190.json +++ b/data/anchore/2024/CVE-2024-3190.json @@ -2,7 +2,6 @@ "additionalMetadata": { "cna": "wordfence", "cveId": "CVE-2024-3190", - "needsReview": true, "reason": "Added CPE configurations because not yet analyzed by NVD.", "references": [ "https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3090199%40unlimited-elements-for-elementor&new=3090199%40unlimited-elements-for-elementor&sfp_email=&sfph_mail=", diff --git a/data/anchore/2024/CVE-2024-3269.json b/data/anchore/2024/CVE-2024-3269.json index ca888666..15dc3687 100644 --- a/data/anchore/2024/CVE-2024-3269.json +++ b/data/anchore/2024/CVE-2024-3269.json @@ -2,7 +2,6 @@ "additionalMetadata": { "cna": "wordfence", "cveId": "CVE-2024-3269", - "needsReview": true, "reason": "Added CPE configurations because not yet analyzed by NVD.", "references": [ "https://plugins.trac.wordpress.org/changeset/3092928/download-monitor/trunk?contextall=1&old=3070504&old_path=%2Fdownload-monitor%2Ftrunk", diff --git a/data/anchore/2024/CVE-2024-32877.json b/data/anchore/2024/CVE-2024-32877.json new file mode 100644 index 00000000..7134f36e --- /dev/null +++ b/data/anchore/2024/CVE-2024-32877.json @@ -0,0 +1,38 @@ +{ + "additionalMetadata": { + "cna": "github_m", + "cveId": "CVE-2024-32877", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://github.com/yiisoft/yii2/commit/f7baab16e79f2369d4838ab5653c3c07ecf26615", + "https://github.com/yiisoft/yii2/security/advisories/GHSA-qg5r-95m4-mjgj" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://github.com", + "cpes": [ + "cpe:2.3:a:yiiframework:yii:*:*:*:*:*:*:*:*", + "cpe:2.3:a:yiiframework:yiiframework:*:*:*:*:*:*:*:*" + ], + "packageName": "yiisoft/yii2", + "product": "yii2", + "repo": "https://github.com/yiisoft/yii2", + "vendor": "yiisoft", + "versions": [ + { + "lessThan": "2.0.50", + "status": "affected", + "version": "2.0.49.3", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-35189.json b/data/anchore/2024/CVE-2024-35189.json new file mode 100644 index 00000000..9ba77293 --- /dev/null +++ b/data/anchore/2024/CVE-2024-35189.json @@ -0,0 +1,37 @@ +{ + "additionalMetadata": { + "cna": "github_m", + "cveId": "CVE-2024-35189", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://cloud.google.com/iam/docs/key-rotation", + "https://github.com/ethyca/fides/security/advisories/GHSA-rcvg-jj3g-rj7c" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://github.com", + "cpes": [ + "cpe:2.3:a:ethyca:fides:*:*:*:*:*:*:*:*" + ], + "packageName": "ethyca/fides", + "product": "fides", + "repo": "https://github.com/ethyca/fides", + "vendor": "ethyca", + "versions": [ + { + "lessThan": "2.37.0", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-35228.json b/data/anchore/2024/CVE-2024-35228.json new file mode 100644 index 00000000..a634da76 --- /dev/null +++ b/data/anchore/2024/CVE-2024-35228.json @@ -0,0 +1,43 @@ +{ + "additionalMetadata": { + "cna": "github_m", + "cveId": "CVE-2024-35228", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://github.com/wagtail/wagtail/commit/284f75a6f91f7ab18cc304d7d34f33b559ae37b1", + "https://github.com/wagtail/wagtail/security/advisories/GHSA-xxfm-vmcf-g33f" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://github.com", + "cpes": [ + "cpe:2.3:a:torchbox:wagtail:*:*:*:*:*:*:*:*" + ], + "packageName": "wagtail/wagtail", + "product": "wagtail", + "repo": "https://github.com/wagtail/wagtail", + "vendor": "wagtail", + "versions": [ + { + "lessThan": "6.0.5", + "status": "affected", + "version": "6.0.0", + "versionType": "custom" + }, + { + "lessThan": "6.1.2", + "status": "affected", + "version": "6.1.0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-3583.json b/data/anchore/2024/CVE-2024-3583.json index c3c81091..ffc37a0b 100644 --- a/data/anchore/2024/CVE-2024-3583.json +++ b/data/anchore/2024/CVE-2024-3583.json @@ -2,7 +2,6 @@ "additionalMetadata": { "cna": "wordfence", "cveId": "CVE-2024-3583", - "needsReview": true, "reason": "Added CPE configurations because not yet analyzed by NVD.", "references": [ "https://plugins.trac.wordpress.org/changeset/3092346/simple-facebook-plugin/trunk?contextall=1&old=3051436&old_path=%2Fsimple-facebook-plugin%2Ftrunk", diff --git a/data/anchore/2024/CVE-2024-36118.json b/data/anchore/2024/CVE-2024-36118.json new file mode 100644 index 00000000..8a759caa --- /dev/null +++ b/data/anchore/2024/CVE-2024-36118.json @@ -0,0 +1,36 @@ +{ + "additionalMetadata": { + "cna": "github_m", + "cveId": "CVE-2024-36118", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://github.com/metersphere/metersphere/security/advisories/GHSA-qxx2-p3w2-w4r6" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://github.com", + "cpes": [ + "cpe:2.3:a:metersphere:metersphere:*:*:*:*:*:*:*:*" + ], + "packageName": "metersphere/metersphere", + "product": "metersphere", + "repo": "https://github.com/metersphere/metersphere", + "vendor": "metersphere", + "versions": [ + { + "lessThan": "2.10.15-lts", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-36119.json b/data/anchore/2024/CVE-2024-36119.json new file mode 100644 index 00000000..10e16b28 --- /dev/null +++ b/data/anchore/2024/CVE-2024-36119.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "github_m", + "cveId": "CVE-2024-36119", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://dev.to/balogh08/cleaning-your-git-history-safely-removing-sensitive-data-10i5", + "https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/removing-sensitive-data-from-a-repository", + "https://github.com/statamic/cms/commit/0b804306c96c99b81755d5bd02df87ddf392853e", + "https://github.com/statamic/cms/security/advisories/GHSA-qvpj-w7xj-r6w9" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://github.com", + "cpes": [ + "cpe:2.3:a:statamic:statamic:*:*:*:*:*:*:*:*" + ], + "packageName": "statamic/cms", + "product": "cms", + "repo": "https://github.com/statamic/cms", + "vendor": "statamic", + "versions": [ + { + "lessThan": "5.6.2", + "status": "affected", + "version": "5.3.0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-3943.json b/data/anchore/2024/CVE-2024-3943.json index d0f1823b..b89dbc2a 100644 --- a/data/anchore/2024/CVE-2024-3943.json +++ b/data/anchore/2024/CVE-2024-3943.json @@ -2,7 +2,6 @@ "additionalMetadata": { "cna": "wordfence", "cveId": "CVE-2024-3943", - "needsReview": true, "reason": "Added CPE configurations because not yet analyzed by NVD.", "references": [ "https://plugins.trac.wordpress.org/browser/wp-todo/trunk/inc/Base/Model.php#L225", diff --git a/data/anchore/2024/CVE-2024-3945.json b/data/anchore/2024/CVE-2024-3945.json index 8e36e64b..4b17bd2b 100644 --- a/data/anchore/2024/CVE-2024-3945.json +++ b/data/anchore/2024/CVE-2024-3945.json @@ -2,7 +2,6 @@ "additionalMetadata": { "cna": "wordfence", "cveId": "CVE-2024-3945", - "needsReview": true, "reason": "Added CPE configurations because not yet analyzed by NVD.", "references": [ "https://plugins.trac.wordpress.org/browser/wp-todo/trunk/inc/Base/Model.php#L273", diff --git a/data/anchore/2024/CVE-2024-3946.json b/data/anchore/2024/CVE-2024-3946.json index 5555e899..ca60f6a3 100644 --- a/data/anchore/2024/CVE-2024-3946.json +++ b/data/anchore/2024/CVE-2024-3946.json @@ -2,7 +2,6 @@ "additionalMetadata": { "cna": "wordfence", "cveId": "CVE-2024-3946", - "needsReview": true, "reason": "Added CPE configurations because not yet analyzed by NVD.", "references": [ "https://plugins.trac.wordpress.org/browser/wp-todo/trunk/inc/Base/Model.php#L304", diff --git a/data/anchore/2024/CVE-2024-3947.json b/data/anchore/2024/CVE-2024-3947.json index aee8b1e7..de122090 100644 --- a/data/anchore/2024/CVE-2024-3947.json +++ b/data/anchore/2024/CVE-2024-3947.json @@ -2,7 +2,6 @@ "additionalMetadata": { "cna": "wordfence", "cveId": "CVE-2024-3947", - "needsReview": true, "reason": "Added CPE configurations because not yet analyzed by NVD.", "references": [ "https://plugins.trac.wordpress.org/browser/wp-todo/trunk/inc/Base/Model.php#L304", diff --git a/data/anchore/2024/CVE-2024-4355.json b/data/anchore/2024/CVE-2024-4355.json index 01c6ef81..2098aa99 100644 --- a/data/anchore/2024/CVE-2024-4355.json +++ b/data/anchore/2024/CVE-2024-4355.json @@ -2,7 +2,6 @@ "additionalMetadata": { "cna": "wordfence", "cveId": "CVE-2024-4355", - "needsReview": true, "reason": "Added CPE configurations because not yet analyzed by NVD.", "references": [ "https://wordpress.org/plugins/stopbadbots/", diff --git a/data/anchore/2024/CVE-2024-5073.json b/data/anchore/2024/CVE-2024-5073.json index 706ef87f..476d2725 100644 --- a/data/anchore/2024/CVE-2024-5073.json +++ b/data/anchore/2024/CVE-2024-5073.json @@ -2,7 +2,6 @@ "additionalMetadata": { "cna": "wordfence", "cveId": "CVE-2024-5073", - "needsReview": true, "reason": "Added CPE configurations because not yet analyzed by NVD.", "references": [ "https://plugins.trac.wordpress.org/browser/essential-addons-for-elementor-lite/trunk/includes/Traits/Twitter_Feed.php#L210", diff --git a/data/anchore/2024/CVE-2024-5223.json b/data/anchore/2024/CVE-2024-5223.json index 438705d2..4c830fe0 100644 --- a/data/anchore/2024/CVE-2024-5223.json +++ b/data/anchore/2024/CVE-2024-5223.json @@ -2,7 +2,6 @@ "additionalMetadata": { "cna": "wordfence", "cveId": "CVE-2024-5223", - "needsReview": true, "reason": "Added CPE configurations because not yet analyzed by NVD.", "references": [ "https://plugins.trac.wordpress.org/browser/ultimate-post/tags/4.0.4/addons/custom_font/Custom_Font.php#L13", diff --git a/data/anchore/2024/CVE-2024-5326.json b/data/anchore/2024/CVE-2024-5326.json index 77dc21cf..0ec15f9e 100644 --- a/data/anchore/2024/CVE-2024-5326.json +++ b/data/anchore/2024/CVE-2024-5326.json @@ -2,7 +2,6 @@ "additionalMetadata": { "cna": "wordfence", "cveId": "CVE-2024-5326", - "needsReview": true, "reason": "Added CPE configurations because not yet analyzed by NVD.", "references": [ "https://plugins.trac.wordpress.org/browser/ultimate-post/trunk/classes/Styles.php#L160", diff --git a/data/anchore/2024/CVE-2024-5327.json b/data/anchore/2024/CVE-2024-5327.json index cdd2850f..1018049f 100644 --- a/data/anchore/2024/CVE-2024-5327.json +++ b/data/anchore/2024/CVE-2024-5327.json @@ -2,7 +2,6 @@ "additionalMetadata": { "cna": "wordfence", "cveId": "CVE-2024-5327", - "needsReview": true, "reason": "Added CPE configurations because not yet analyzed by NVD.", "references": [ "https://plugins.trac.wordpress.org/browser/powerpack-lite-for-elementor/tags/2.7.19/extensions/animated-gradient-background.php#L322", diff --git a/data/anchore/2024/CVE-2024-5341.json b/data/anchore/2024/CVE-2024-5341.json index 3782008b..2f20f9c1 100644 --- a/data/anchore/2024/CVE-2024-5341.json +++ b/data/anchore/2024/CVE-2024-5341.json @@ -2,7 +2,6 @@ "additionalMetadata": { "cna": "wordfence", "cveId": "CVE-2024-5341", - "needsReview": true, "reason": "Added CPE configurations because not yet analyzed by NVD.", "references": [ "https://roadmap.theplusaddons.com/updates/",