From 559013bee9c570d9c73c30cdad0146fd9eab90ce Mon Sep 17 00:00:00 2001 From: Weston Steimel Date: Tue, 21 May 2024 14:48:55 +0100 Subject: [PATCH] conversion for snyk records Signed-off-by: Weston Steimel --- data/anchore/2024/CVE-2024-21492.json | 38 ++++++++++++++++++++++++++ data/anchore/2024/CVE-2024-21493.json | 38 ++++++++++++++++++++++++++ data/anchore/2024/CVE-2024-21494.json | 38 ++++++++++++++++++++++++++ data/anchore/2024/CVE-2024-21495.json | 39 +++++++++++++++++++++++++++ data/anchore/2024/CVE-2024-21496.json | 38 ++++++++++++++++++++++++++ data/anchore/2024/CVE-2024-21497.json | 38 ++++++++++++++++++++++++++ data/anchore/2024/CVE-2024-21498.json | 38 ++++++++++++++++++++++++++ data/anchore/2024/CVE-2024-21499.json | 38 ++++++++++++++++++++++++++ data/anchore/2024/CVE-2024-21500.json | 38 ++++++++++++++++++++++++++ data/anchore/2024/CVE-2024-21501.json | 38 ++++++++++++++++++++++++++ data/anchore/2024/CVE-2024-21502.json | 36 +++++++++++++++++++++++++ data/anchore/2024/CVE-2024-21503.json | 38 ++++++++++++++++++++++++++ 12 files changed, 455 insertions(+) create mode 100644 data/anchore/2024/CVE-2024-21492.json create mode 100644 data/anchore/2024/CVE-2024-21493.json create mode 100644 data/anchore/2024/CVE-2024-21494.json create mode 100644 data/anchore/2024/CVE-2024-21495.json create mode 100644 data/anchore/2024/CVE-2024-21496.json create mode 100644 data/anchore/2024/CVE-2024-21497.json create mode 100644 data/anchore/2024/CVE-2024-21498.json create mode 100644 data/anchore/2024/CVE-2024-21499.json create mode 100644 data/anchore/2024/CVE-2024-21500.json create mode 100644 data/anchore/2024/CVE-2024-21501.json create mode 100644 data/anchore/2024/CVE-2024-21502.json create mode 100644 data/anchore/2024/CVE-2024-21503.json diff --git a/data/anchore/2024/CVE-2024-21492.json b/data/anchore/2024/CVE-2024-21492.json new file mode 100644 index 00000000..dc63a052 --- /dev/null +++ b/data/anchore/2024/CVE-2024-21492.json @@ -0,0 +1,38 @@ +{ + "additionalMetadata": { + "cna": "snyk", + "cveId": "CVE-2024-21492", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://github.com/greenpau/caddy-security/issues/272", + "https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGREENPAUCADDYSECURITY-5920787", + "https://blog.trailofbits.com/2023/09/18/security-flaws-in-an-sso-plugin-for-caddy/" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://pkg.go.dev", + "packageName": "github.com/greenpau/caddy-security", + "repo": "https://github.com/greenpau/caddy-security", + "cpes": [ + "cpe:2.3:a:greenpau:caddy-security:*:*:*:*:*:*:*:*" + ], + "product": "github.com/greenpau/caddy-security", + "vendor": "greenpau", + "versions": [ + { + "lessThanOrEqual": "*", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-21493.json b/data/anchore/2024/CVE-2024-21493.json new file mode 100644 index 00000000..d911c174 --- /dev/null +++ b/data/anchore/2024/CVE-2024-21493.json @@ -0,0 +1,38 @@ +{ + "additionalMetadata": { + "cna": "snyk", + "cveId": "CVE-2024-21493", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGREENPAUCADDYSECURITY-5961078", + "https://github.com/greenpau/caddy-security/issues/263", + "https://blog.trailofbits.com/2023/09/18/security-flaws-in-an-sso-plugin-for-caddy/" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://pkg.go.dev", + "packageName": "github.com/greenpau/caddy-security", + "repo": "https://github.com/greenpau/caddy-security", + "cpes": [ + "cpe:2.3:a:greenpau:caddy-security:*:*:*:*:*:*:*:*" + ], + "product": "github.com/greenpau/caddy-security", + "vendor": "greenpau", + "versions": [ + { + "lessThanOrEqual": "*", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-21494.json b/data/anchore/2024/CVE-2024-21494.json new file mode 100644 index 00000000..e4791148 --- /dev/null +++ b/data/anchore/2024/CVE-2024-21494.json @@ -0,0 +1,38 @@ +{ + "additionalMetadata": { + "cna": "snyk", + "cveId": "CVE-2024-21494", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://blog.trailofbits.com/2023/09/18/security-flaws-in-an-sso-plugin-for-caddy/", + "https://github.com/greenpau/caddy-security/issues/266", + "https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGREENPAUCADDYSECURITY-6249859" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://pkg.go.dev", + "packageName": "github.com/greenpau/caddy-security", + "repo": "https://github.com/greenpau/caddy-security", + "cpes": [ + "cpe:2.3:a:greenpau:caddy-security:*:*:*:*:*:*:*:*" + ], + "product": "github.com/greenpau/caddy-security", + "vendor": "greenpau", + "versions": [ + { + "lessThanOrEqual": "*", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-21495.json b/data/anchore/2024/CVE-2024-21495.json new file mode 100644 index 00000000..6a6074da --- /dev/null +++ b/data/anchore/2024/CVE-2024-21495.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "snyk", + "cveId": "CVE-2024-21495", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://github.com/greenpau/caddy-security/issues/265", + "https://github.com/greenpau/go-authcrunch/commit/ecd3725baf2683eb1519bb3c81ae41085fbf7dc2", + "https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGREENPAUCADDYSECURITY-6248275", + "https://blog.trailofbits.com/2023/09/18/security-flaws-in-an-sso-plugin-for-caddy/" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://pkg.go.dev", + "packageName": "github.com/greenpau/caddy-security", + "repo": "https://github.com/greenpau/caddy-security", + "cpes": [ + "cpe:2.3:a:greenpau:caddy-security:*:*:*:*:*:*:*:*" + ], + "product": "github.com/greenpau/caddy-security", + "vendor": "greenpau", + "versions": [ + { + "lessThan": "1.0.42", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-21496.json b/data/anchore/2024/CVE-2024-21496.json new file mode 100644 index 00000000..7555c8d1 --- /dev/null +++ b/data/anchore/2024/CVE-2024-21496.json @@ -0,0 +1,38 @@ +{ + "additionalMetadata": { + "cna": "snyk", + "cveId": "CVE-2024-21496", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGREENPAUCADDYSECURITY-6249860", + "https://github.com/greenpau/caddy-security/issues/267", + "https://blog.trailofbits.com/2023/09/18/security-flaws-in-an-sso-plugin-for-caddy/" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://pkg.go.dev", + "packageName": "github.com/greenpau/caddy-security", + "repo": "https://github.com/greenpau/caddy-security", + "cpes": [ + "cpe:2.3:a:greenpau:caddy-security:*:*:*:*:*:*:*:*" + ], + "product": "github.com/greenpau/caddy-security", + "vendor": "greenpau", + "versions": [ + { + "lessThanOrEqual": "*", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-21497.json b/data/anchore/2024/CVE-2024-21497.json new file mode 100644 index 00000000..3bb6d03c --- /dev/null +++ b/data/anchore/2024/CVE-2024-21497.json @@ -0,0 +1,38 @@ +{ + "additionalMetadata": { + "cna": "snyk", + "cveId": "CVE-2024-21497", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGREENPAUCADDYSECURITY-6249861", + "https://github.com/greenpau/caddy-security/issues/268", + "https://blog.trailofbits.com/2023/09/18/security-flaws-in-an-sso-plugin-for-caddy/" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://pkg.go.dev", + "packageName": "github.com/greenpau/caddy-security", + "repo": "https://github.com/greenpau/caddy-security", + "cpes": [ + "cpe:2.3:a:greenpau:caddy-security:*:*:*:*:*:*:*:*" + ], + "product": "github.com/greenpau/caddy-security", + "vendor": "greenpau", + "versions": [ + { + "lessThanOrEqual": "*", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-21498.json b/data/anchore/2024/CVE-2024-21498.json new file mode 100644 index 00000000..371b15c9 --- /dev/null +++ b/data/anchore/2024/CVE-2024-21498.json @@ -0,0 +1,38 @@ +{ + "additionalMetadata": { + "cna": "snyk", + "cveId": "CVE-2024-21498", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://blog.trailofbits.com/2023/09/18/security-flaws-in-an-sso-plugin-for-caddy/", + "https://github.com/greenpau/caddy-security/issues/269", + "https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGREENPAUCADDYSECURITY-6249862" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://pkg.go.dev", + "packageName": "github.com/greenpau/caddy-security", + "repo": "https://github.com/greenpau/caddy-security", + "cpes": [ + "cpe:2.3:a:greenpau:caddy-security:*:*:*:*:*:*:*:*" + ], + "product": "github.com/greenpau/caddy-security", + "vendor": "greenpau", + "versions": [ + { + "lessThanOrEqual": "*", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-21499.json b/data/anchore/2024/CVE-2024-21499.json new file mode 100644 index 00000000..116f6736 --- /dev/null +++ b/data/anchore/2024/CVE-2024-21499.json @@ -0,0 +1,38 @@ +{ + "additionalMetadata": { + "cna": "snyk", + "cveId": "CVE-2024-21499", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGREENPAUCADDYSECURITY-6249863", + "https://blog.trailofbits.com/2023/09/18/security-flaws-in-an-sso-plugin-for-caddy/", + "https://github.com/greenpau/caddy-security/issues/270" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://pkg.go.dev", + "packageName": "github.com/greenpau/caddy-security", + "repo": "https://github.com/greenpau/caddy-security", + "cpes": [ + "cpe:2.3:a:greenpau:caddy-security:*:*:*:*:*:*:*:*" + ], + "product": "github.com/greenpau/caddy-security", + "vendor": "greenpau", + "versions": [ + { + "lessThanOrEqual": "*", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-21500.json b/data/anchore/2024/CVE-2024-21500.json new file mode 100644 index 00000000..7a94c51b --- /dev/null +++ b/data/anchore/2024/CVE-2024-21500.json @@ -0,0 +1,38 @@ +{ + "additionalMetadata": { + "cna": "snyk", + "cveId": "CVE-2024-21500", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGREENPAUCADDYSECURITY-6249864", + "https://github.com/greenpau/caddy-security/issues/271", + "https://blog.trailofbits.com/2023/09/18/security-flaws-in-an-sso-plugin-for-caddy/" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://pkg.go.dev", + "packageName": "github.com/greenpau/caddy-security", + "repo": "https://github.com/greenpau/caddy-security", + "cpes": [ + "cpe:2.3:a:greenpau:caddy-security:*:*:*:*:*:*:*:*" + ], + "product": "github.com/greenpau/caddy-security", + "vendor": "greenpau", + "versions": [ + { + "lessThanOrEqual": "*", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-21501.json b/data/anchore/2024/CVE-2024-21501.json new file mode 100644 index 00000000..711dfbaf --- /dev/null +++ b/data/anchore/2024/CVE-2024-21501.json @@ -0,0 +1,38 @@ +{ + "additionalMetadata": { + "cna": "snyk", + "cveId": "CVE-2024-21501", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://gist.github.com/Slonser/8b4d061abe6ee1b2e10c7242987674cf", + "https://security.snyk.io/vuln/SNYK-JS-SANITIZEHTML-6256334", + "https://github.com/apostrophecms/sanitize-html/commit/c5dbdf77fe8b836d3bf4554ea39edb45281ec0b4", + "https://github.com/apostrophecms/sanitize-html/pull/650", + "https://security.snyk.io/vuln/SNYK-JAVA-ORGWEBJARSNPM-6276557", + "https://github.com/apostrophecms/apostrophe/discussions/4436" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:apostrophecms:sanitize-html:*:*:*:*:*:node.js:*:*" + ], + "product": "sanitize-html", + "vendor": "apostrophecms", + "versions": [ + { + "lessThan": "2.12.1", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-21502.json b/data/anchore/2024/CVE-2024-21502.json new file mode 100644 index 00000000..22f78cd5 --- /dev/null +++ b/data/anchore/2024/CVE-2024-21502.json @@ -0,0 +1,36 @@ +{ + "additionalMetadata": { + "cna": "snyk", + "cveId": "CVE-2024-21502", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://security.snyk.io/vuln/SNYK-PYTHON-FASTECDSA-6262045", + "https://github.com/AntonKueltz/fastecdsa/commit/57fc5689c95d649dab7ef60cc99ac64589f01e36", + "https://gist.github.com/keltecc/49da037072276f21b005a8337c15db26", + "https://github.com/AntonKueltz/fastecdsa/blob/v2.3.1/src/curveMath.c%23L210" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:fastecdsa_project:fastecdsa:*:*:*:*:*:*:*:*" + ], + "product": "fastecdsa", + "vendor": "AntonKueltz", + "versions": [ + { + "lessThan": "2.3.2", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-21503.json b/data/anchore/2024/CVE-2024-21503.json new file mode 100644 index 00000000..2efca2c4 --- /dev/null +++ b/data/anchore/2024/CVE-2024-21503.json @@ -0,0 +1,38 @@ +{ + "additionalMetadata": { + "cna": "snyk", + "cveId": "CVE-2024-21503", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://github.com/psf/black/commit/f00093672628d212b8965a8993cee8bedf5fe9b8", + "https://github.com/psf/black/releases/tag/24.3.0", + "https://security.snyk.io/vuln/SNYK-PYTHON-BLACK-6256273" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://pypi.org", + "packageName": "black", + "repo": "https://github.com/psf/black", + "cpes": [ + "cpe:2.3:a:psf:black:*:*:*:*:*:*:*:*" + ], + "product": "black", + "vendor": "Python Software Foundation", + "versions": [ + { + "lessThan": "24.3.0", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file