From 5a17ca3e885f58cbc7b6f2fa90937d8c4070cc14 Mon Sep 17 00:00:00 2001 From: Weston Steimel Date: Fri, 17 May 2024 10:30:12 +0100 Subject: [PATCH] convert GitLab records Signed-off-by: Weston Steimel --- data/anchore/2023/CVE-2023-6175.json | 43 +++++++++++++++++++++++ data/anchore/2023/CVE-2023-6371.json | 51 +++++++++++++++++++++++++++ data/anchore/2023/CVE-2023-6489.json | 51 +++++++++++++++++++++++++++ data/anchore/2023/CVE-2023-6678.json | 51 +++++++++++++++++++++++++++ data/anchore/2023/CVE-2023-6682.json | 51 +++++++++++++++++++++++++++ data/anchore/2023/CVE-2023-6688.json | 39 +++++++++++++++++++++ data/anchore/2024/CVE-2024-0199.json | 52 ++++++++++++++++++++++++++++ data/anchore/2024/CVE-2024-1299.json | 46 ++++++++++++++++++++++++ data/anchore/2024/CVE-2024-1347.json | 51 +++++++++++++++++++++++++++ data/anchore/2024/CVE-2024-2279.json | 51 +++++++++++++++++++++++++++ data/anchore/2024/CVE-2024-2434.json | 51 +++++++++++++++++++++++++++ data/anchore/2024/CVE-2024-2454.json | 51 +++++++++++++++++++++++++++ data/anchore/2024/CVE-2024-2466.json | 1 - data/anchore/2024/CVE-2024-2651.json | 51 +++++++++++++++++++++++++++ data/anchore/2024/CVE-2024-2818.json | 50 ++++++++++++++++++++++++++ data/anchore/2024/CVE-2024-2829.json | 51 +++++++++++++++++++++++++++ data/anchore/2024/CVE-2024-2955.json | 45 ++++++++++++++++++++++++ data/anchore/2024/CVE-2024-3092.json | 45 ++++++++++++++++++++++++ data/anchore/2024/CVE-2024-4006.json | 50 ++++++++++++++++++++++++++ data/anchore/2024/CVE-2024-4024.json | 50 ++++++++++++++++++++++++++ data/anchore/2024/CVE-2024-4539.json | 50 ++++++++++++++++++++++++++ data/anchore/2024/CVE-2024-4597.json | 50 ++++++++++++++++++++++++++ data/anchore/2024/CVE-2024-4854.json | 51 +++++++++++++++++++++++++++ 23 files changed, 1081 insertions(+), 1 deletion(-) create mode 100644 data/anchore/2023/CVE-2023-6175.json create mode 100644 data/anchore/2023/CVE-2023-6371.json create mode 100644 data/anchore/2023/CVE-2023-6489.json create mode 100644 data/anchore/2023/CVE-2023-6678.json create mode 100644 data/anchore/2023/CVE-2023-6682.json create mode 100644 data/anchore/2023/CVE-2023-6688.json create mode 100644 data/anchore/2024/CVE-2024-0199.json create mode 100644 data/anchore/2024/CVE-2024-1299.json create mode 100644 data/anchore/2024/CVE-2024-1347.json create mode 100644 data/anchore/2024/CVE-2024-2279.json create mode 100644 data/anchore/2024/CVE-2024-2434.json create mode 100644 data/anchore/2024/CVE-2024-2454.json create mode 100644 data/anchore/2024/CVE-2024-2651.json create mode 100644 data/anchore/2024/CVE-2024-2818.json create mode 100644 data/anchore/2024/CVE-2024-2829.json create mode 100644 data/anchore/2024/CVE-2024-2955.json create mode 100644 data/anchore/2024/CVE-2024-3092.json create mode 100644 data/anchore/2024/CVE-2024-4006.json create mode 100644 data/anchore/2024/CVE-2024-4024.json create mode 100644 data/anchore/2024/CVE-2024-4539.json create mode 100644 data/anchore/2024/CVE-2024-4597.json create mode 100644 data/anchore/2024/CVE-2024-4854.json diff --git a/data/anchore/2023/CVE-2023-6175.json b/data/anchore/2023/CVE-2023-6175.json new file mode 100644 index 00000000..c58a8149 --- /dev/null +++ b/data/anchore/2023/CVE-2023-6175.json @@ -0,0 +1,43 @@ +{ + "additionalMetadata": { + "cna": "gitlab", + "cveId": "CVE-2023-6175", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://gitlab.com/wireshark/wireshark/-/issues/19404", + "https://www.wireshark.org/security/wnpa-sec-2023-29.html" + ], + "solutions": [ + "Upgrade to versions 4.0.11, 3.6.19 or above." + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*" + ], + "product": "Wireshark", + "vendor": "Wireshark Foundation", + "versions": [ + { + "lessThan": "4.0.11", + "status": "affected", + "version": "4.0.0", + "versionType": "semver" + }, + { + "lessThan": "3.6.19", + "status": "affected", + "version": "3.6.0", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-6371.json b/data/anchore/2023/CVE-2023-6371.json new file mode 100644 index 00000000..82e0c0e4 --- /dev/null +++ b/data/anchore/2023/CVE-2023-6371.json @@ -0,0 +1,51 @@ +{ + "additionalMetadata": { + "cna": "gitlab", + "cveId": "CVE-2023-6371", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://gitlab.com/gitlab-org/gitlab/-/issues/433021", + "https://hackerone.com/reports/2257080" + ], + "solutions": [ + "Upgrade to versions 16.10.1, 16.9.3, 16.8.5 or above." + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:community:*:*", + "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:enterprise:*:*" + ], + "product": "GitLab", + "repo": "git://git@gitlab.com:gitlab-org/gitlab.git", + "vendor": "GitLab", + "versions": [ + { + "lessThan": "16.8.5", + "status": "affected", + "version": "0", + "versionType": "semver" + }, + { + "lessThan": "16.9.3", + "status": "affected", + "version": "16.9", + "versionType": "semver" + }, + { + "lessThan": "16.10.1", + "status": "affected", + "version": "16.10", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-6489.json b/data/anchore/2023/CVE-2023-6489.json new file mode 100644 index 00000000..f700931b --- /dev/null +++ b/data/anchore/2023/CVE-2023-6489.json @@ -0,0 +1,51 @@ +{ + "additionalMetadata": { + "cna": "gitlab", + "cveId": "CVE-2023-6489", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://hackerone.com/reports/2262450", + "https://gitlab.com/gitlab-org/gitlab/-/issues/433520" + ], + "solutions": [ + "Upgrade to versions 16.8.6, 16.9.4, 16.10.2 or above." + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:community:*:*", + "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:enterprise:*:*" + ], + "product": "GitLab", + "repo": "git://git@gitlab.com:gitlab-org/gitlab.git", + "vendor": "GitLab", + "versions": [ + { + "lessThan": "16.8.6", + "status": "affected", + "version": "16.7.7", + "versionType": "semver" + }, + { + "lessThan": "16.9.4", + "status": "affected", + "version": "16.9", + "versionType": "semver" + }, + { + "lessThan": "16.10.2", + "status": "affected", + "version": "16.10", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-6678.json b/data/anchore/2023/CVE-2023-6678.json new file mode 100644 index 00000000..535eef2e --- /dev/null +++ b/data/anchore/2023/CVE-2023-6678.json @@ -0,0 +1,51 @@ +{ + "additionalMetadata": { + "cna": "gitlab", + "cveId": "CVE-2023-6678", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://gitlab.com/gitlab-org/gitlab/-/issues/434689", + "https://hackerone.com/reports/2268037" + ], + "solutions": [ + "Upgrade to versions 16.10.2, 16.9.4, 16.8.6 or above." + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:community:*:*", + "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:enterprise:*:*" + ], + "product": "GitLab", + "repo": "git://git@gitlab.com:gitlab-org/gitlab.git", + "vendor": "GitLab", + "versions": [ + { + "lessThan": "16.8.6", + "status": "affected", + "version": "0", + "versionType": "semver" + }, + { + "lessThan": "16.9.4", + "status": "affected", + "version": "16.9", + "versionType": "semver" + }, + { + "lessThan": "16.10.2", + "status": "affected", + "version": "16.10", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-6682.json b/data/anchore/2023/CVE-2023-6682.json new file mode 100644 index 00000000..178bf3b0 --- /dev/null +++ b/data/anchore/2023/CVE-2023-6682.json @@ -0,0 +1,51 @@ +{ + "additionalMetadata": { + "cna": "gitlab", + "cveId": "CVE-2023-6682", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://hackerone.com/reports/2269012", + "https://gitlab.com/gitlab-org/gitlab/-/issues/434821" + ], + "solutions": [ + "Upgrade to versions 16.9.7, 16.10.5, 16.11.2 or above." + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:community:*:*", + "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:enterprise:*:*" + ], + "product": "GitLab", + "repo": "git://git@gitlab.com:gitlab-org/gitlab.git", + "vendor": "GitLab", + "versions": [ + { + "lessThan": "16.9.7", + "status": "affected", + "version": "16.9", + "versionType": "semver" + }, + { + "lessThan": "16.10.5", + "status": "affected", + "version": "16.10", + "versionType": "semver" + }, + { + "lessThan": "16.11.2", + "status": "affected", + "version": "16.11", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2023/CVE-2023-6688.json b/data/anchore/2023/CVE-2023-6688.json new file mode 100644 index 00000000..cf08fbd8 --- /dev/null +++ b/data/anchore/2023/CVE-2023-6688.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "gitlab", + "cveId": "CVE-2023-6688", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://hackerone.com/reports/2270362", + "https://gitlab.com/gitlab-org/gitlab/-/issues/434854" + ], + "solutions": [ + "Upgrade to versions 16.11.2 or above." + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:community:*:*", + "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:enterprise:*:*" + ], + "product": "GitLab", + "repo": "git://git@gitlab.com:gitlab-org/gitlab.git", + "vendor": "GitLab", + "versions": [ + { + "lessThan": "16.11.2", + "status": "affected", + "version": "16.11", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-0199.json b/data/anchore/2024/CVE-2024-0199.json new file mode 100644 index 00000000..bda383d7 --- /dev/null +++ b/data/anchore/2024/CVE-2024-0199.json @@ -0,0 +1,52 @@ +{ + "additionalMetadata": { + "cna": "gitlab", + "cveId": "CVE-2024-0199", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://gitlab.com/gitlab-org/gitlab/-/issues/436977", + "https://about.gitlab.com/releases/2024/03/06/security-release-gitlab-16-9-2-released/", + "https://hackerone.com/reports/2295423" + ], + "solutions": [ + "Upgrade to versions 16.7.7, 16.8.4, 16.9.2 or above." + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:community:*:*", + "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:enterprise:*:*" + ], + "product": "GitLab", + "repo": "git://git@gitlab.com:gitlab-org/gitlab.git", + "vendor": "GitLab", + "versions": [ + { + "lessThan": "16.7.7", + "status": "affected", + "version": "11.3", + "versionType": "semver" + }, + { + "lessThan": "16.8.4", + "status": "affected", + "version": "16.8", + "versionType": "semver" + }, + { + "lessThan": "16.9.2", + "status": "affected", + "version": "16.9", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-1299.json b/data/anchore/2024/CVE-2024-1299.json new file mode 100644 index 00000000..0e773d5b --- /dev/null +++ b/data/anchore/2024/CVE-2024-1299.json @@ -0,0 +1,46 @@ +{ + "additionalMetadata": { + "cna": "gitlab", + "cveId": "CVE-2024-1299", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://about.gitlab.com/releases/2024/03/06/security-release-gitlab-16-9-2-released/", + "https://hackerone.com/reports/2356976", + "https://gitlab.com/gitlab-org/gitlab/-/issues/440745" + ], + "solutions": [ + "Upgrade to versions 16.8.4, 16.9.2 or above." + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:community:*:*", + "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:enterprise:*:*" + ], + "product": "GitLab", + "repo": "git://git@gitlab.com:gitlab-org/gitlab.git", + "vendor": "GitLab", + "versions": [ + { + "lessThan": "16.8.4", + "status": "affected", + "version": "16.8", + "versionType": "semver" + }, + { + "lessThan": "16.9.2", + "status": "affected", + "version": "16.9", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-1347.json b/data/anchore/2024/CVE-2024-1347.json new file mode 100644 index 00000000..a5766e56 --- /dev/null +++ b/data/anchore/2024/CVE-2024-1347.json @@ -0,0 +1,51 @@ +{ + "additionalMetadata": { + "cna": "gitlab", + "cveId": "CVE-2024-1347", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://gitlab.com/gitlab-org/gitlab/-/issues/441093", + "https://hackerone.com/reports/2355565" + ], + "solutions": [ + "Upgrade to versions 16.9.6, 16.10.4, 16.11.1 or above." + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:community:*:*", + "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:enterprise:*:*" + ], + "product": "GitLab", + "repo": "git://git@gitlab.com:gitlab-org/gitlab.git", + "vendor": "GitLab", + "versions": [ + { + "lessThan": "16.9.6", + "status": "affected", + "version": "0", + "versionType": "semver" + }, + { + "lessThan": "16.10.4", + "status": "affected", + "version": "16.10", + "versionType": "semver" + }, + { + "lessThan": "16.11.1", + "status": "affected", + "version": "16.11", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-2279.json b/data/anchore/2024/CVE-2024-2279.json new file mode 100644 index 00000000..bab416c0 --- /dev/null +++ b/data/anchore/2024/CVE-2024-2279.json @@ -0,0 +1,51 @@ +{ + "additionalMetadata": { + "cna": "gitlab", + "cveId": "CVE-2024-2279", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://hackerone.com/reports/2404710", + "https://gitlab.com/gitlab-org/gitlab/-/issues/448469" + ], + "solutions": [ + "Upgrade to versions 16.8.6, 16.9.4, 16.10.2 or above." + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:community:*:*", + "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:enterprise:*:*" + ], + "product": "GitLab", + "repo": "git://git@gitlab.com:gitlab-org/gitlab.git", + "vendor": "GitLab", + "versions": [ + { + "lessThan": "16.8.6", + "status": "affected", + "version": "16.7", + "versionType": "semver" + }, + { + "lessThan": "16.9.4", + "status": "affected", + "version": "16.9", + "versionType": "semver" + }, + { + "lessThan": "16.10.2", + "status": "affected", + "version": "16.10", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-2434.json b/data/anchore/2024/CVE-2024-2434.json new file mode 100644 index 00000000..5a9da9e6 --- /dev/null +++ b/data/anchore/2024/CVE-2024-2434.json @@ -0,0 +1,51 @@ +{ + "additionalMetadata": { + "cna": "gitlab", + "cveId": "CVE-2024-2434", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://gitlab.com/gitlab-org/gitlab/-/issues/450303", + "https://hackerone.com/reports/2401952" + ], + "solutions": [ + "Upgrade to versions 16.9.6, 16.10.4, 16.11.1 or above." + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:community:*:*", + "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:enterprise:*:*" + ], + "product": "GitLab", + "repo": "git://git@gitlab.com:gitlab-org/gitlab.git", + "vendor": "GitLab", + "versions": [ + { + "lessThan": "16.9.6", + "status": "affected", + "version": "16.9", + "versionType": "semver" + }, + { + "lessThan": "16.10.4", + "status": "affected", + "version": "16.10", + "versionType": "semver" + }, + { + "lessThan": "16.11.1", + "status": "affected", + "version": "16.11", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-2454.json b/data/anchore/2024/CVE-2024-2454.json new file mode 100644 index 00000000..c4972696 --- /dev/null +++ b/data/anchore/2024/CVE-2024-2454.json @@ -0,0 +1,51 @@ +{ + "additionalMetadata": { + "cna": "gitlab", + "cveId": "CVE-2024-2454", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://hackerone.com/reports/2408226", + "https://gitlab.com/gitlab-org/gitlab/-/issues/450405" + ], + "solutions": [ + "Upgrade to versions 16.9.7, 16.10.5, 16.11.2 or above." + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:community:*:*", + "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:enterprise:*:*" + ], + "product": "GitLab", + "repo": "git://git@gitlab.com:gitlab-org/gitlab.git", + "vendor": "GitLab", + "versions": [ + { + "lessThan": "16.9.7", + "status": "affected", + "version": "15.11", + "versionType": "semver" + }, + { + "lessThan": "16.10.5", + "status": "affected", + "version": "16.10", + "versionType": "semver" + }, + { + "lessThan": "16.11.2", + "status": "affected", + "version": "16.11", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-2466.json b/data/anchore/2024/CVE-2024-2466.json index 04b39847..913a48d7 100644 --- a/data/anchore/2024/CVE-2024-2466.json +++ b/data/anchore/2024/CVE-2024-2466.json @@ -2,7 +2,6 @@ "additionalMetadata": { "cna": "curl", "cveId": "CVE-2024-2466", - "needsReview": true, "reason": "Added CPE configurations because not yet analyzed by NVD.", "references": [ "https://hackerone.com/reports/2416725", diff --git a/data/anchore/2024/CVE-2024-2651.json b/data/anchore/2024/CVE-2024-2651.json new file mode 100644 index 00000000..cb7cc64a --- /dev/null +++ b/data/anchore/2024/CVE-2024-2651.json @@ -0,0 +1,51 @@ +{ + "additionalMetadata": { + "cna": "gitlab", + "cveId": "CVE-2024-2651", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://gitlab.com/gitlab-org/gitlab/-/issues/450830", + "https://hackerone.com/reports/2408619" + ], + "solutions": [ + "Upgrade to versions 16.9.7, 16.10.5, 16.11.2 or above." + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:community:*:*", + "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:enterprise:*:*" + ], + "product": "GitLab", + "repo": "git://git@gitlab.com:gitlab-org/gitlab.git", + "vendor": "GitLab", + "versions": [ + { + "lessThan": "16.9.7", + "status": "affected", + "version": "0", + "versionType": "semver" + }, + { + "lessThan": "16.10.5", + "status": "affected", + "version": "16.10", + "versionType": "semver" + }, + { + "lessThan": "16.11.2", + "status": "affected", + "version": "16.11", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-2818.json b/data/anchore/2024/CVE-2024-2818.json new file mode 100644 index 00000000..47d7d3fb --- /dev/null +++ b/data/anchore/2024/CVE-2024-2818.json @@ -0,0 +1,50 @@ +{ + "additionalMetadata": { + "cna": "gitlab", + "cveId": "CVE-2024-2818", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://gitlab.com/gitlab-org/gitlab/-/issues/434803" + ], + "solutions": [ + "Upgrade to versions 16.8.5, 16.9.3, 16.10.1 or above." + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:community:*:*", + "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:enterprise:*:*" + ], + "product": "GitLab", + "repo": "git://git@gitlab.com:gitlab-org/gitlab.git", + "vendor": "GitLab", + "versions": [ + { + "lessThan": "16.8.5", + "status": "affected", + "version": "0", + "versionType": "semver" + }, + { + "lessThan": "16.9.3", + "status": "affected", + "version": "16.9", + "versionType": "semver" + }, + { + "lessThan": "16.10.1", + "status": "affected", + "version": "16.10", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-2829.json b/data/anchore/2024/CVE-2024-2829.json new file mode 100644 index 00000000..ac1f2350 --- /dev/null +++ b/data/anchore/2024/CVE-2024-2829.json @@ -0,0 +1,51 @@ +{ + "additionalMetadata": { + "cna": "gitlab", + "cveId": "CVE-2024-2829", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://hackerone.com/reports/2416728", + "https://gitlab.com/gitlab-org/gitlab/-/issues/451456" + ], + "solutions": [ + "Upgrade to versions 16.9.6, 16.10.4, 16.11.1 or above." + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:community:*:*", + "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:enterprise:*:*" + ], + "product": "GitLab", + "repo": "git://git@gitlab.com:gitlab-org/gitlab.git", + "vendor": "GitLab", + "versions": [ + { + "lessThan": "16.9.6", + "status": "affected", + "version": "12.5", + "versionType": "semver" + }, + { + "lessThan": "16.10.4", + "status": "affected", + "version": "16.10", + "versionType": "semver" + }, + { + "lessThan": "16.11.1", + "status": "affected", + "version": "16.11", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-2955.json b/data/anchore/2024/CVE-2024-2955.json new file mode 100644 index 00000000..bb97ec7f --- /dev/null +++ b/data/anchore/2024/CVE-2024-2955.json @@ -0,0 +1,45 @@ +{ + "additionalMetadata": { + "cna": "gitlab", + "cveId": "CVE-2024-2955", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://www.wireshark.org/security/wnpa-sec-2024-06.html", + "https://gitlab.com/wireshark/wireshark/-/issues/19695", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Q7TWJQKXOV4HYI5C4TWRKTN7B5YL7GTU/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZD2MNS6EW2K2SSMN4YBGPZCC47KBDNEE/" + ], + "solutions": [ + "Upgrade to versions 4.2.4 or above." + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*" + ], + "product": "Wireshark", + "vendor": "Wireshark Foundation", + "versions": [ + { + "lessThan": "4.2.4", + "status": "affected", + "version": "4.2.0", + "versionType": "semver" + }, + { + "lessThan": "4.0.14", + "status": "affected", + "version": "4.0.0", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-3092.json b/data/anchore/2024/CVE-2024-3092.json new file mode 100644 index 00000000..308d19b8 --- /dev/null +++ b/data/anchore/2024/CVE-2024-3092.json @@ -0,0 +1,45 @@ +{ + "additionalMetadata": { + "cna": "gitlab", + "cveId": "CVE-2024-3092", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://hackerone.com/reports/2441257", + "https://gitlab.com/gitlab-org/gitlab/-/issues/452510" + ], + "solutions": [ + "Upgrade to versions 16.9.4, 16.10.2 or above." + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:community:*:*", + "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:enterprise:*:*" + ], + "product": "GitLab", + "repo": "git://git@gitlab.com:gitlab-org/gitlab.git", + "vendor": "GitLab", + "versions": [ + { + "lessThan": "16.9.4", + "status": "affected", + "version": "16.9", + "versionType": "semver" + }, + { + "lessThan": "16.10.2", + "status": "affected", + "version": "16.10", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-4006.json b/data/anchore/2024/CVE-2024-4006.json new file mode 100644 index 00000000..eb6f62f4 --- /dev/null +++ b/data/anchore/2024/CVE-2024-4006.json @@ -0,0 +1,50 @@ +{ + "additionalMetadata": { + "cna": "gitlab", + "cveId": "CVE-2024-4006", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://gitlab.com/gitlab-org/gitlab/-/issues/455805" + ], + "solutions": [ + "Upgrade to GitLab version 16.9.6, 16.10.4, 16.11.1 or above." + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:community:*:*", + "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:enterprise:*:*" + ], + "product": "GitLab", + "repo": "git://git@gitlab.com:gitlab-org/gitlab.git", + "vendor": "GitLab", + "versions": [ + { + "lessThan": "16.9.6", + "status": "affected", + "version": "16.7", + "versionType": "semver" + }, + { + "lessThan": "16.10.4", + "status": "affected", + "version": "16.10", + "versionType": "semver" + }, + { + "lessThan": "16.11.1", + "status": "affected", + "version": "16.11", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-4024.json b/data/anchore/2024/CVE-2024-4024.json new file mode 100644 index 00000000..d3fe85a3 --- /dev/null +++ b/data/anchore/2024/CVE-2024-4024.json @@ -0,0 +1,50 @@ +{ + "additionalMetadata": { + "cna": "gitlab", + "cveId": "CVE-2024-4024", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://gitlab.com/gitlab-org/gitlab/-/issues/452426" + ], + "solutions": [ + "Upgrade to versions 16.9.6, 16.10.4 or 16.11.1 or above" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:community:*:*", + "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:enterprise:*:*" + ], + "product": "GitLab", + "repo": "git://git@gitlab.com:gitlab-org/gitlab.git", + "vendor": "GitLab", + "versions": [ + { + "lessThan": "16.9.6", + "status": "affected", + "version": "7.8", + "versionType": "semver" + }, + { + "lessThan": "16.10.4", + "status": "affected", + "version": "16.10", + "versionType": "semver" + }, + { + "lessThan": "16.11.1", + "status": "affected", + "version": "16.11", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-4539.json b/data/anchore/2024/CVE-2024-4539.json new file mode 100644 index 00000000..a523ca0f --- /dev/null +++ b/data/anchore/2024/CVE-2024-4539.json @@ -0,0 +1,50 @@ +{ + "additionalMetadata": { + "cna": "gitlab", + "cveId": "CVE-2024-4539", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://gitlab.com/gitlab-org/gitlab/-/issues/454815" + ], + "solutions": [ + "Upgrade to versions 16.9.7, 16.10.5, 16.11.2 or above." + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:community:*:*", + "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:enterprise:*:*" + ], + "product": "GitLab", + "repo": "git://git@gitlab.com:gitlab-org/gitlab.git", + "vendor": "GitLab", + "versions": [ + { + "lessThan": "16.9.7", + "status": "affected", + "version": "15.4", + "versionType": "semver" + }, + { + "lessThan": "16.10.5", + "status": "affected", + "version": "16.10", + "versionType": "semver" + }, + { + "lessThan": "16.11.2", + "status": "affected", + "version": "16.11", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-4597.json b/data/anchore/2024/CVE-2024-4597.json new file mode 100644 index 00000000..cd7d0a1e --- /dev/null +++ b/data/anchore/2024/CVE-2024-4597.json @@ -0,0 +1,50 @@ +{ + "additionalMetadata": { + "cna": "gitlab", + "cveId": "CVE-2024-4597", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://gitlab.com/gitlab-org/gitlab/-/issues/438686" + ], + "solutions": [ + "Upgrade to versions 16.9.7, 16.10.5, 16.11.2 or above." + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:community:*:*", + "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:enterprise:*:*" + ], + "product": "GitLab", + "repo": "git://git@gitlab.com:gitlab-org/gitlab.git", + "vendor": "GitLab", + "versions": [ + { + "lessThan": "16.9.7", + "status": "affected", + "version": "16.7", + "versionType": "semver" + }, + { + "lessThan": "16.10.5", + "status": "affected", + "version": "16.10", + "versionType": "semver" + }, + { + "lessThan": "16.11.2", + "status": "affected", + "version": "16.11", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-4854.json b/data/anchore/2024/CVE-2024-4854.json new file mode 100644 index 00000000..968fe84d --- /dev/null +++ b/data/anchore/2024/CVE-2024-4854.json @@ -0,0 +1,51 @@ +{ + "additionalMetadata": { + "cna": "gitlab", + "cveId": "CVE-2024-4854", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://gitlab.com/wireshark/wireshark/-/issues/19726", + "https://www.wireshark.org/security/wnpa-sec-2024-07.html", + "https://gitlab.com/wireshark/wireshark/-/merge_requests/15047", + "https://gitlab.com/wireshark/wireshark/-/merge_requests/15499" + ], + "solutions": [ + "Upgrade to versions 4.2.5 or above." + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:wireshark:wireshark:*:*:*:*:*:*:*:*" + ], + "product": "Wireshark", + "vendor": "Wireshark Foundation", + "versions": [ + { + "lessThan": "4.2.5", + "status": "affected", + "version": "4.2.0", + "versionType": "semver" + }, + { + "lessThan": "4.0.15", + "status": "affected", + "version": "4.0.0", + "versionType": "semver" + }, + { + "lessThan": "3.6.23", + "status": "affected", + "version": "3.6.0", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file