diff --git a/data/anchore/2014/CVE-2014-125111.json b/data/anchore/2014/CVE-2014-125111.json new file mode 100644 index 00000000..ae6431f6 --- /dev/null +++ b/data/anchore/2014/CVE-2014-125111.json @@ -0,0 +1,35 @@ +{ + "additionalMetadata": { + "cna": "vuldb", + "cveId": "CVE-2014-125111", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://vuldb.com/?ctiid.259628", + "https://github.com/wp-plugins/wp-insert/commit/a07b7b08084b9b85859f3968ce7fde0fd1fcbba3", + "https://vuldb.com/?id.259628" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:smartlogix:wp-insert:*:*:*:*:*:wordpress:*:*" + ], + "product": "Wp-Insert", + "vendor": "namithjawahar", + "versions": [ + { + "lessThan": "2.0.9", + "status": "affected", + "version": "2.0.0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2022/CVE-2022-28224.json b/data/anchore/2022/CVE-2022-28224.json new file mode 100644 index 00000000..a0510e96 --- /dev/null +++ b/data/anchore/2022/CVE-2022-28224.json @@ -0,0 +1,67 @@ +{ + "additionalMetadata": { + "cna": "tigera", + "cveId": "CVE-2022-28224", + "reason": "Correcting CPE configurations for the Calico open source product to be application type rather than os. It seems the NVD folks got confused by the name calico_os and though it was an operating system. Also adds in the `projectcalico:calico` version of the CPE as that also has been used to refer to the Calico OSS product", + "references": [ + "https://www.tigera.io/security-bulletins-tta-2022-001/" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:tigera:calico_enterprise:*:*:*:*:*:*:*:*" + ], + "product": "Calico Enterprise", + "vendor": "Tigera", + "versions": [ + { + "lessThan": "3.12.1", + "status": "affected", + "version": "3.12", + "versionType": "custom" + }, + { + "lessThan": "3.11.4", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + }, + { + "cpes": [ + "cpe:2.3:a:projectcalico:calico:*:*:*:*:*:*:*:*", + "cpe:2.3:a:tigera:calico_os:*:*:*:*:*:*:*:*" + ], + "product": "Calico", + "vendor": "Project Calico", + "versions": [ + { + "lessThan": "3.22.2", + "status": "affected", + "version": "3.22", + "versionType": "semver" + }, + { + "lessThan": "3.21.5", + "status": "affected", + "version": "3.21", + "versionType": "semver" + }, + { + "lessThan": "3.20.5", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2022/CVE-2022-32257.json b/data/anchore/2022/CVE-2022-32257.json new file mode 100644 index 00000000..421d528a --- /dev/null +++ b/data/anchore/2022/CVE-2022-32257.json @@ -0,0 +1,33 @@ +{ + "additionalMetadata": { + "cna": "siemens", + "cveId": "CVE-2022-32257", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://cert-portal.siemens.com/productcert/html/ssa-576771.html" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:siemens:sinema_remote_connect_server:*:*:*:*:*:*:*:*" + ], + "product": "SINEMA Remote Connect Server", + "vendor": "Siemens", + "versions": [ + { + "lessThan": "3.2", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-2016.json b/data/anchore/2024/CVE-2024-2016.json new file mode 100644 index 00000000..8752fa98 --- /dev/null +++ b/data/anchore/2024/CVE-2024-2016.json @@ -0,0 +1,34 @@ +{ + "additionalMetadata": { + "cna": "vuldb", + "cveId": "CVE-2024-2016", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://gist.github.com/L1nyz-tel/e3ee6f3401a9d1c580be1a9b4a8afab5", + "https://vuldb.com/?ctiid.255270", + "https://vuldb.com/?id.255270" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:zhicms:zhicms:*:*:*:*:*:*:*:*" + ], + "product": "ZhiCms", + "vendor": "n/a", + "versions": [ + { + "status": "affected", + "version": "4.0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-2021.json b/data/anchore/2024/CVE-2024-2021.json new file mode 100644 index 00000000..c31b4fec --- /dev/null +++ b/data/anchore/2024/CVE-2024-2021.json @@ -0,0 +1,34 @@ +{ + "additionalMetadata": { + "cna": "vuldb", + "cveId": "CVE-2024-2021", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://vuldb.com/?ctiid.255300", + "https://github.com/dtxharry/cve/blob/main/cve.md", + "https://vuldb.com/?id.255300" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:netentsec:application_security_gateway:*:*:*:*:*:*:*:*" + ], + "product": "NS-ASG Application Security Gateway", + "vendor": "Netentsec", + "versions": [ + { + "status": "affected", + "version": "6.3", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-2074.json b/data/anchore/2024/CVE-2024-2074.json new file mode 100644 index 00000000..6f4e789c --- /dev/null +++ b/data/anchore/2024/CVE-2024-2074.json @@ -0,0 +1,34 @@ +{ + "additionalMetadata": { + "cna": "vuldb", + "cveId": "CVE-2024-2074", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://github.com/yuziiiiiiiiii/CVE-SQL/blob/main/cve.md", + "https://vuldb.com/?ctiid.255389", + "https://vuldb.com/?id.255389" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:mini:mini-tmall:*:*:*:*:*:*:*:*" + ], + "product": "Mini-Tmall", + "vendor": "n/a", + "versions": [ + { + "status": "affected", + "version": "20231017", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-21011.json b/data/anchore/2024/CVE-2024-21011.json new file mode 100644 index 00000000..f4e12956 --- /dev/null +++ b/data/anchore/2024/CVE-2024-21011.json @@ -0,0 +1,165 @@ +{ + "additionalMetadata": { + "cna": "oracle", + "cveId": "CVE-2024-21011", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://security.netapp.com/advisory/ntap-20240426-0004/", + "https://lists.debian.org/debian-lts-announce/2024/04/msg00014.html", + "https://www.oracle.com/security-alerts/cpuapr2024.html" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:oracle:graalvm_enterprise:*:*:*:*:*:*:*:*" + ], + "product": "GraalVM Enterprise", + "vendor": "Oracle Corporation", + "versions": [ + { + "lessThanOrEqual": "20.3.13", + "status": "affected", + "version": "0", + "versionType": "custom" + }, + { + "lessThanOrEqual": "21.3.9", + "status": "affected", + "version": "21-ea", + "versionType": "custom" + } + ] + }, + { + "cpes": [ + "cpe:2.3:a:oracle:graalvm_for_jdk:*:*:*:*:*:*:*:*" + ], + "product": "GraalVM for JDK", + "vendor": "Oracle Corporation", + "versions": [ + { + "lessThanOrEqual": "17.0.10", + "status": "affected", + "version": "0", + "versionType": "custom" + }, + { + "lessThanOrEqual": "21.0.2", + "status": "affected", + "version": "18-ea", + "versionType": "custom" + }, + { + "lessThanOrEqual": "22", + "status": "affected", + "version": "22-ea", + "versionType": "custom" + } + ] + }, + { + "cpes": [ + "cpe:2.3:a:oracle:java_se:*:*:*:*:*:*:*:*", + "cpe:2.3:a:oracle:jdk:*:*:*:*:*:*:*:*", + "cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*" + ], + "product": "Java SE", + "vendor": "Oracle Corporation", + "versions": [ + { + "lessThanOrEqual": "1.8.0_401", + "status": "affected", + "version": "0", + "versionType": "custom" + }, + { + "lessThanOrEqual": "8.0.401", + "status": "affected", + "version": "1.9-ea", + "versionType": "custom" + }, + { + "lessThanOrEqual": "11.0.22", + "status": "affected", + "version": "9-ea", + "versionType": "custom" + }, + { + "lessThanOrEqual": "17.0.10", + "status": "affected", + "version": "12-ea", + "versionType": "custom" + }, + { + "lessThanOrEqual": "21.0.2", + "status": "affected", + "version": "18-ea", + "versionType": "custom" + }, + { + "lessThanOrEqual": "22", + "status": "affected", + "version": "22-ea", + "versionType": "custom" + } + ] + }, + { + "cpes": [ + "cpe:2.3:a:oracle:openjdk:*:*:*:*:*:*:*:*" + ], + "product": "OpenJDK", + "vendor": "Oracle Corporation", + "versions": [ + { + "lessThanOrEqual": "1.8.0_402", + "status": "affected", + "version": "0", + "versionType": "custom" + }, + { + "lessThanOrEqual": "8.0.402", + "status": "affected", + "version": "1.9-ea", + "versionType": "custom" + }, + { + "lessThanOrEqual": "11.0.22", + "status": "affected", + "version": "9-ea", + "versionType": "custom" + }, + { + "lessThanOrEqual": "17.0.10", + "status": "affected", + "version": "12-ea", + "versionType": "custom" + }, + { + "lessThanOrEqual": "21.0.2", + "status": "affected", + "version": "18-ea", + "versionType": "custom" + }, + { + "lessThanOrEqual": "22", + "status": "affected", + "version": "22-ea", + "versionType": "custom" + } + ] + } + ], + "references": [ + { + "url": "https://openjdk.org/groups/vulnerability/advisories/2024-04-16" + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-21026.json b/data/anchore/2024/CVE-2024-21026.json new file mode 100644 index 00000000..5b9430a5 --- /dev/null +++ b/data/anchore/2024/CVE-2024-21026.json @@ -0,0 +1,34 @@ +{ + "additionalMetadata": { + "cna": "oracle", + "cveId": "CVE-2024-21026", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://www.oracle.com/security-alerts/cpuapr2024.html" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:oracle:complex_maintenance\\,_repair\\,_and_overhaul:*:*:*:*:*:*:*:*", + "cpe:2.3:a:oracle:complex_maintenance_repair_and_overhaul:*:*:*:*:*:*:*:*" + ], + "product": "Complex Maintenance, Repair, and Overhaul", + "vendor": "Oracle Corporation", + "versions": [ + { + "lessThanOrEqual": "12.2.13", + "status": "affected", + "version": "12.2.3", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-21027.json b/data/anchore/2024/CVE-2024-21027.json new file mode 100644 index 00000000..002806ad --- /dev/null +++ b/data/anchore/2024/CVE-2024-21027.json @@ -0,0 +1,34 @@ +{ + "additionalMetadata": { + "cna": "oracle", + "cveId": "CVE-2024-21027", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://www.oracle.com/security-alerts/cpuapr2024.html" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:oracle:complex_maintenance\\,_repair\\,_and_overhaul:*:*:*:*:*:*:*:*", + "cpe:2.3:a:oracle:complex_maintenance_repair_and_overhaul:*:*:*:*:*:*:*:*" + ], + "product": "Complex Maintenance, Repair, and Overhaul", + "vendor": "Oracle Corporation", + "versions": [ + { + "lessThanOrEqual": "12.2.13", + "status": "affected", + "version": "12.2.3", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-21030.json b/data/anchore/2024/CVE-2024-21030.json new file mode 100644 index 00000000..e2e36467 --- /dev/null +++ b/data/anchore/2024/CVE-2024-21030.json @@ -0,0 +1,34 @@ +{ + "additionalMetadata": { + "cna": "oracle", + "cveId": "CVE-2024-21030", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://www.oracle.com/security-alerts/cpuapr2024.html" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:oracle:complex_maintenance\\,_repair\\,_and_overhaul:*:*:*:*:*:*:*:*", + "cpe:2.3:a:oracle:complex_maintenance_repair_and_overhaul:*:*:*:*:*:*:*:*" + ], + "product": "Complex Maintenance, Repair, and Overhaul", + "vendor": "Oracle Corporation", + "versions": [ + { + "lessThanOrEqual": "12.2.13", + "status": "affected", + "version": "12.2.3", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-21031.json b/data/anchore/2024/CVE-2024-21031.json new file mode 100644 index 00000000..15092fef --- /dev/null +++ b/data/anchore/2024/CVE-2024-21031.json @@ -0,0 +1,34 @@ +{ + "additionalMetadata": { + "cna": "oracle", + "cveId": "CVE-2024-21031", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://www.oracle.com/security-alerts/cpuapr2024.html" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:oracle:complex_maintenance\\,_repair\\,_and_overhaul:*:*:*:*:*:*:*:*", + "cpe:2.3:a:oracle:complex_maintenance_repair_and_overhaul:*:*:*:*:*:*:*:*" + ], + "product": "Complex Maintenance, Repair, and Overhaul", + "vendor": "Oracle Corporation", + "versions": [ + { + "lessThanOrEqual": "12.2.13", + "status": "affected", + "version": "12.2.3", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-21085.json b/data/anchore/2024/CVE-2024-21085.json new file mode 100644 index 00000000..07c7b4f3 --- /dev/null +++ b/data/anchore/2024/CVE-2024-21085.json @@ -0,0 +1,102 @@ +{ + "additionalMetadata": { + "cna": "oracle", + "cveId": "CVE-2024-21085", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://security.netapp.com/advisory/ntap-20240426-0004/", + "https://lists.debian.org/debian-lts-announce/2024/04/msg00014.html", + "https://www.oracle.com/security-alerts/cpuapr2024.html" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:oracle:graalvm_enterprise:*:*:*:*:*:*:*:*" + ], + "product": "GraalVM Enterprise", + "vendor": "Oracle Corporation", + "versions": [ + { + "lessThanOrEqual": "20.3.13", + "status": "affected", + "version": "0", + "versionType": "custom" + }, + { + "lessThanOrEqual": "21.3.9", + "status": "affected", + "version": "21-ea", + "versionType": "custom" + } + ] + }, + { + "cpes": [ + "cpe:2.3:a:oracle:java_se:*:*:*:*:*:*:*:*", + "cpe:2.3:a:oracle:jdk:*:*:*:*:*:*:*:*", + "cpe:2.3:a:oracle:jre:*:*:*:*:*:*:*:*" + ], + "product": "Java SE", + "vendor": "Oracle Corporation", + "versions": [ + { + "lessThanOrEqual": "1.8.0_401", + "status": "affected", + "version": "0", + "versionType": "custom" + }, + { + "lessThanOrEqual": "8.0.401", + "status": "affected", + "version": "1.9-ea", + "versionType": "custom" + }, + { + "lessThanOrEqual": "11.0.22", + "status": "affected", + "version": "9-ea", + "versionType": "custom" + } + ] + }, + { + "cpes": [ + "cpe:2.3:a:oracle:openjdk:*:*:*:*:*:*:*:*" + ], + "product": "OpenJDK", + "vendor": "Oracle Corporation", + "versions": [ + { + "lessThanOrEqual": "1.8.0_402", + "status": "affected", + "version": "0", + "versionType": "custom" + }, + { + "lessThanOrEqual": "8.0.402", + "status": "affected", + "version": "1.9-ea", + "versionType": "custom" + }, + { + "lessThanOrEqual": "11.0.22", + "status": "affected", + "version": "9-ea", + "versionType": "custom" + } + ] + } + ], + "references": [ + { + "url": "https://openjdk.org/groups/vulnerability/advisories/2024-04-16" + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-2155.json b/data/anchore/2024/CVE-2024-2155.json new file mode 100644 index 00000000..5320bc60 --- /dev/null +++ b/data/anchore/2024/CVE-2024-2155.json @@ -0,0 +1,34 @@ +{ + "additionalMetadata": { + "cna": "vuldb", + "cveId": "CVE-2024-2155", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://vuldb.com/?id.255587", + "https://github.com/wkeyi0x1/vul-report/blob/main/Best%20pos%20management%20system%20in%20php/report.md", + "https://vuldb.com/?ctiid.255587" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:best_pos_management_system_project:best_pos_management_system:*:*:*:*:*:*:*:*" + ], + "product": "Best POS Management System", + "vendor": "SourceCodester", + "versions": [ + { + "status": "affected", + "version": "1.0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-2168.json b/data/anchore/2024/CVE-2024-2168.json new file mode 100644 index 00000000..18ce870b --- /dev/null +++ b/data/anchore/2024/CVE-2024-2168.json @@ -0,0 +1,36 @@ +{ + "additionalMetadata": { + "cna": "vuldb", + "cveId": "CVE-2024-2168", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://www.yuque.com/mailemonyeyongjuan/nekc0f/uoobn101h48xv6ih", + "https://vuldb.com/?id.255678", + "https://vuldb.com/?ctiid.255678" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:mayurik:online_tours_\\&_travels_management_system:*:*:*:*:*:*:*:*", + "cpe:2.3:a:mayurik:online_tours_\\&travels_management_system:*:*:*:*:*:*:*:*", + "cpe:2.3:a:online_tours_\\&_travels_management_system_project:online_tours_\\&_travels_management_system:*:*:*:*:*:*:*:*" + ], + "product": "Online Tours & Travels Management System", + "vendor": "SourceCodester", + "versions": [ + { + "status": "affected", + "version": "1.0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-21892.json b/data/anchore/2024/CVE-2024-21892.json new file mode 100644 index 00000000..25758d81 --- /dev/null +++ b/data/anchore/2024/CVE-2024-21892.json @@ -0,0 +1,94 @@ +{ + "additionalMetadata": { + "cna": "hackerone", + "cveId": "CVE-2024-21892", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "http://www.openwall.com/lists/oss-security/2024/03/11/1", + "https://security.netapp.com/advisory/ntap-20240322-0003/", + "https://hackerone.com/reports/2237545" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:*" + ], + "product": "Node.js", + "vendor": "Node.js", + "versions": [ + { + "lessThan": "21.6.2", + "status": "affected", + "version": "21", + "versionType": "semver" + }, + { + "lessThan": "20.11.1", + "status": "affected", + "version": "19", + "versionType": "semver" + }, + { + "lessThan": "18.19.1", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ] + }, + { + "cpes": [ + "cpe:2.3:a:oracle:graalvm_for_jdk:*:*:*:*:*:*:*:*" + ], + "product": "GraalVM for JDK", + "vendor": "Oracle Corporation", + "versions": [ + { + "lessThanOrEqual": "17.0.10", + "status": "affected", + "version": "0", + "versionType": "custom" + }, + { + "lessThanOrEqual": "21.0.2", + "status": "affected", + "version": "18-ea", + "versionType": "custom" + }, + { + "lessThanOrEqual": "22", + "status": "affected", + "version": "22-ea", + "versionType": "custom" + } + ] + } + ], + "references": [ + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2264582" + }, + { + "url": "https://github.com/nodejs/node/commit/e6b4c105e0795fba8afb3f8e910c56ba9e60f4b5" + }, + { + "url": "https://github.com/nodejs/node/commit/10ecf400679e04eddab940721cad3f6c1d603b61" + }, + { + "url": "https://github.com/nodejs/node/commit/b43171c6f669b2223064343e2c8472582586f727" + }, + { + "url": "https://github.com/nodejs/node/commit/2a5a150772c6a41795314340c8697035a1b344b6" + }, + { + "url": "https://www.oracle.com/security-alerts/cpuapr2024.html" + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-2241.json b/data/anchore/2024/CVE-2024-2241.json new file mode 100644 index 00000000..38caf2a7 --- /dev/null +++ b/data/anchore/2024/CVE-2024-2241.json @@ -0,0 +1,33 @@ +{ + "additionalMetadata": { + "cna": "devolutions", + "cveId": "CVE-2024-2241", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://devolutions.net/security/advisories/DEVO-2024-0003" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:devolutions:workspace:*:*:*:*:-:*:*:*" + ], + "product": "Workspace", + "vendor": "Devolutions", + "versions": [ + { + "lessThan": "2024.1.1", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-2329.json b/data/anchore/2024/CVE-2024-2329.json new file mode 100644 index 00000000..4369652f --- /dev/null +++ b/data/anchore/2024/CVE-2024-2329.json @@ -0,0 +1,34 @@ +{ + "additionalMetadata": { + "cna": "vuldb", + "cveId": "CVE-2024-2329", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://github.com/flyyue2001/cve/blob/main/NS-ASG-sql-list_resource_icon.md", + "https://vuldb.com/?id.256280", + "https://vuldb.com/?ctiid.256280" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:netentsec:application_security_gateway:*:*:*:*:*:*:*:*" + ], + "product": "NS-ASG Application Security Gateway", + "vendor": "Netentsec", + "versions": [ + { + "status": "affected", + "version": "6.3", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-2330.json b/data/anchore/2024/CVE-2024-2330.json new file mode 100644 index 00000000..003b934c --- /dev/null +++ b/data/anchore/2024/CVE-2024-2330.json @@ -0,0 +1,34 @@ +{ + "additionalMetadata": { + "cna": "vuldb", + "cveId": "CVE-2024-2330", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://vuldb.com/?id.256281", + "https://github.com/jikedaodao/cve/blob/main/NS-ASG-sql-addmacbind.md", + "https://vuldb.com/?ctiid.256281" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:netentsec:application_security_gateway:*:*:*:*:*:*:*:*" + ], + "product": "NS-ASG Application Security Gateway", + "vendor": "Netentsec", + "versions": [ + { + "status": "affected", + "version": "6.3", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-2354.json b/data/anchore/2024/CVE-2024-2354.json new file mode 100644 index 00000000..8f937418 --- /dev/null +++ b/data/anchore/2024/CVE-2024-2354.json @@ -0,0 +1,35 @@ +{ + "additionalMetadata": { + "cna": "vuldb", + "cveId": "CVE-2024-2354", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://vuldb.com/?id.256314", + "https://github.com/sweatxi/BugHub/blob/main/dreamer_cms_admin_menu_toEdit_csrf.pdf", + "https://vuldb.com/?ctiid.256314" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:dreamer_cms_project:dreamer_cms:*:*:*:*:*:*:*:*", + "cpe:2.3:a:iteachyou:dreamer_cms:*:*:*:*:*:*:*:*" + ], + "product": "CMS", + "vendor": "Dreamer", + "versions": [ + { + "status": "affected", + "version": "4.1.3", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-2554.json b/data/anchore/2024/CVE-2024-2554.json new file mode 100644 index 00000000..5dc65902 --- /dev/null +++ b/data/anchore/2024/CVE-2024-2554.json @@ -0,0 +1,34 @@ +{ + "additionalMetadata": { + "cna": "vuldb", + "cveId": "CVE-2024-2554", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://vuldb.com/?id.257053", + "https://vuldb.com/?ctiid.257053", + "https://github.com/Peanut886/Vulnerability/blob/main/webray.com.cn/2024/Task%20Management%20System%20-%20multiple%20vulnerabilities.md#3sql-injection-vulnerability-in-update-employeephp" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:employee_task_management_system_project:employee_task_management_system:*:*:*:*:*:*:*:*" + ], + "product": "Employee Task Management System", + "vendor": "SourceCodester", + "versions": [ + { + "status": "affected", + "version": "1.0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-2555.json b/data/anchore/2024/CVE-2024-2555.json new file mode 100644 index 00000000..cc242daa --- /dev/null +++ b/data/anchore/2024/CVE-2024-2555.json @@ -0,0 +1,34 @@ +{ + "additionalMetadata": { + "cna": "vuldb", + "cveId": "CVE-2024-2555", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://vuldb.com/?ctiid.257054", + "https://vuldb.com/?id.257054", + "https://github.com/Peanut886/Vulnerability/blob/main/webray.com.cn/2024/Task%20Management%20System%20-%20multiple%20vulnerabilities.md#4sql-injection-vulnerability-in-update-adminphp" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:employee_task_management_system_project:employee_task_management_system:*:*:*:*:*:*:*:*" + ], + "product": "Employee Task Management System", + "vendor": "SourceCodester", + "versions": [ + { + "status": "affected", + "version": "1.0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-25559.json b/data/anchore/2024/CVE-2024-25559.json new file mode 100644 index 00000000..309fc821 --- /dev/null +++ b/data/anchore/2024/CVE-2024-25559.json @@ -0,0 +1,34 @@ +{ + "additionalMetadata": { + "cna": "jpcert", + "cveId": "CVE-2024-25559", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://jvn.jp/en/jp/JVN48966481/", + "https://developer.a-blogcms.jp/blog/news/JVN-48966481.html" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:appleple:a-blog_cms:*:*:*:*:*:*:*:*" + ], + "product": "a-blog cms", + "vendor": "appleple inc.", + "versions": [ + { + "lessThan": "3.1.9", + "status": "affected", + "version": "3.1.0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-2569.json b/data/anchore/2024/CVE-2024-2569.json new file mode 100644 index 00000000..277376a7 --- /dev/null +++ b/data/anchore/2024/CVE-2024-2569.json @@ -0,0 +1,34 @@ +{ + "additionalMetadata": { + "cna": "vuldb", + "cveId": "CVE-2024-2569", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20Employee%20Task%20Management%20System/Execution%20After%20Redirect%20-%20admin-manage-user.php.md", + "https://vuldb.com/?ctiid.257072", + "https://vuldb.com/?id.257072" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:employee_task_management_system_project:employee_task_management_system:*:*:*:*:*:*:*:*" + ], + "product": "Employee Task Management System", + "vendor": "SourceCodester", + "versions": [ + { + "status": "affected", + "version": "1.0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-2572.json b/data/anchore/2024/CVE-2024-2572.json new file mode 100644 index 00000000..9e34d037 --- /dev/null +++ b/data/anchore/2024/CVE-2024-2572.json @@ -0,0 +1,34 @@ +{ + "additionalMetadata": { + "cna": "vuldb", + "cveId": "CVE-2024-2572", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://vuldb.com/?id.257075", + "https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20Employee%20Task%20Management%20System/Execution%20After%20Redirect%20-%20task-details.php.md", + "https://vuldb.com/?ctiid.257075" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:employee_task_management_system_project:employee_task_management_system:*:*:*:*:*:*:*:*" + ], + "product": "Employee Task Management System", + "vendor": "SourceCodester", + "versions": [ + { + "status": "affected", + "version": "1.0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-2573.json b/data/anchore/2024/CVE-2024-2573.json new file mode 100644 index 00000000..4924c9a9 --- /dev/null +++ b/data/anchore/2024/CVE-2024-2573.json @@ -0,0 +1,34 @@ +{ + "additionalMetadata": { + "cna": "vuldb", + "cveId": "CVE-2024-2573", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20Employee%20Task%20Management%20System/Execution%20After%20Redirect%20-%20task-info.php.md", + "https://vuldb.com/?ctiid.257076", + "https://vuldb.com/?id.257076" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:employee_task_management_system_project:employee_task_management_system:*:*:*:*:*:*:*:*" + ], + "product": "Employee Task Management System", + "vendor": "SourceCodester", + "versions": [ + { + "status": "affected", + "version": "1.0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-2574.json b/data/anchore/2024/CVE-2024-2574.json new file mode 100644 index 00000000..29fa1f5d --- /dev/null +++ b/data/anchore/2024/CVE-2024-2574.json @@ -0,0 +1,34 @@ +{ + "additionalMetadata": { + "cna": "vuldb", + "cveId": "CVE-2024-2574", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://vuldb.com/?id.257077", + "https://vuldb.com/?ctiid.257077", + "https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20Employee%20Task%20Management%20System/IDOR%20-%20edit-task.php.md" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:employee_task_management_system_project:employee_task_management_system:*:*:*:*:*:*:*:*" + ], + "product": "Employee Task Management System", + "vendor": "SourceCodester", + "versions": [ + { + "status": "affected", + "version": "1.0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-2575.json b/data/anchore/2024/CVE-2024-2575.json new file mode 100644 index 00000000..22ba19ef --- /dev/null +++ b/data/anchore/2024/CVE-2024-2575.json @@ -0,0 +1,34 @@ +{ + "additionalMetadata": { + "cna": "vuldb", + "cveId": "CVE-2024-2575", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20Employee%20Task%20Management%20System/IDOR%20-%20task-details.php.md", + "https://vuldb.com/?id.257078", + "https://vuldb.com/?ctiid.257078" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:employee_task_management_system_project:employee_task_management_system:*:*:*:*:*:*:*:*" + ], + "product": "Employee Task Management System", + "vendor": "SourceCodester", + "versions": [ + { + "status": "affected", + "version": "1.0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-2577.json b/data/anchore/2024/CVE-2024-2577.json new file mode 100644 index 00000000..e2e06a71 --- /dev/null +++ b/data/anchore/2024/CVE-2024-2577.json @@ -0,0 +1,34 @@ +{ + "additionalMetadata": { + "cna": "vuldb", + "cveId": "CVE-2024-2577", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://vuldb.com/?ctiid.257080", + "https://vuldb.com/?id.257080", + "https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20Employee%20Task%20Management%20System/IDOR%20-%20update-employee.php.md" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:employee_task_management_system_project:employee_task_management_system:*:*:*:*:*:*:*:*" + ], + "product": "Employee Task Management System", + "vendor": "SourceCodester", + "versions": [ + { + "status": "affected", + "version": "1.0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-2644.json b/data/anchore/2024/CVE-2024-2644.json new file mode 100644 index 00000000..3d624851 --- /dev/null +++ b/data/anchore/2024/CVE-2024-2644.json @@ -0,0 +1,34 @@ +{ + "additionalMetadata": { + "cna": "vuldb", + "cveId": "CVE-2024-2644", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://github.com/hundanchen69/cve/blob/main/NS-ASG-sql-laddfirewall.md", + "https://vuldb.com/?id.257282", + "https://vuldb.com/?ctiid.257282" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:netentsec:application_security_gateway:*:*:*:*:*:*:*:*" + ], + "product": "NS-ASG Application Security Gateway", + "vendor": "Netentsec", + "versions": [ + { + "status": "affected", + "version": "6.3", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-2646.json b/data/anchore/2024/CVE-2024-2646.json new file mode 100644 index 00000000..0063823f --- /dev/null +++ b/data/anchore/2024/CVE-2024-2646.json @@ -0,0 +1,34 @@ +{ + "additionalMetadata": { + "cna": "vuldb", + "cveId": "CVE-2024-2646", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://github.com/flyyue2001/cve/blob/main/NS-ASG-sql-index.md", + "https://vuldb.com/?id.257284", + "https://vuldb.com/?ctiid.257284" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:netentsec:application_security_gateway:*:*:*:*:*:*:*:*" + ], + "product": "NS-ASG Application Security Gateway", + "vendor": "Netentsec", + "versions": [ + { + "status": "affected", + "version": "6.3", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-2647.json b/data/anchore/2024/CVE-2024-2647.json new file mode 100644 index 00000000..cf8f7cc0 --- /dev/null +++ b/data/anchore/2024/CVE-2024-2647.json @@ -0,0 +1,34 @@ +{ + "additionalMetadata": { + "cna": "vuldb", + "cveId": "CVE-2024-2647", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://github.com/flyyue2001/cve/blob/main/NS-ASG-sql-singlelogin.md", + "https://vuldb.com/?id.257285", + "https://vuldb.com/?ctiid.257285" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:netentsec:application_security_gateway:*:*:*:*:*:*:*:*" + ], + "product": "NS-ASG Application Security Gateway", + "vendor": "Netentsec", + "versions": [ + { + "status": "affected", + "version": "6.3", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-2648.json b/data/anchore/2024/CVE-2024-2648.json new file mode 100644 index 00000000..b4d708a3 --- /dev/null +++ b/data/anchore/2024/CVE-2024-2648.json @@ -0,0 +1,34 @@ +{ + "additionalMetadata": { + "cna": "vuldb", + "cveId": "CVE-2024-2648", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://vuldb.com/?ctiid.257286", + "https://vuldb.com/?id.257286", + "https://github.com/flyyue2001/cve/blob/main/NS-ASG-sql-naccheck.md" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:netentsec:application_security_gateway:*:*:*:*:*:*:*:*" + ], + "product": "NS-ASG Application Security Gateway", + "vendor": "Netentsec", + "versions": [ + { + "status": "affected", + "version": "6.3", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-2820.json b/data/anchore/2024/CVE-2024-2820.json new file mode 100644 index 00000000..b12573d2 --- /dev/null +++ b/data/anchore/2024/CVE-2024-2820.json @@ -0,0 +1,34 @@ +{ + "additionalMetadata": { + "cna": "vuldb", + "cveId": "CVE-2024-2820", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://github.com/E1CHO/demo/blob/main/26.pdf", + "https://vuldb.com/?id.257707", + "https://vuldb.com/?ctiid.257707" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:dedecms:dedecms:*:*:*:*:*:*:*:*" + ], + "product": "DedeCMS", + "vendor": "n/a", + "versions": [ + { + "status": "affected", + "version": "5.7", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-2821.json b/data/anchore/2024/CVE-2024-2821.json new file mode 100644 index 00000000..1a3a1864 --- /dev/null +++ b/data/anchore/2024/CVE-2024-2821.json @@ -0,0 +1,34 @@ +{ + "additionalMetadata": { + "cna": "vuldb", + "cveId": "CVE-2024-2821", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://vuldb.com/?id.257708", + "https://github.com/E1CHO/demo/blob/main/27.pdf", + "https://vuldb.com/?ctiid.257708" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:dedecms:dedecms:*:*:*:*:*:*:*:*" + ], + "product": "DedeCMS", + "vendor": "n/a", + "versions": [ + { + "status": "affected", + "version": "5.7", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-2824.json b/data/anchore/2024/CVE-2024-2824.json new file mode 100644 index 00000000..bc9e04fd --- /dev/null +++ b/data/anchore/2024/CVE-2024-2824.json @@ -0,0 +1,35 @@ +{ + "additionalMetadata": { + "cna": "vuldb", + "cveId": "CVE-2024-2824", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://vuldb.com/?ctiid.257711", + "https://github.com/Matthias-Wandel/jhead/files/14613084/poc.zip", + "https://github.com/Matthias-Wandel/jhead/issues/84", + "https://vuldb.com/?id.257711" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:jhead_project:jhead:*:*:*:*:*:*:*:*" + ], + "product": "jhead", + "vendor": "Matthias-Wandel", + "versions": [ + { + "status": "affected", + "version": "3.08", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-2873.json b/data/anchore/2024/CVE-2024-2873.json new file mode 100644 index 00000000..0bda9ca6 --- /dev/null +++ b/data/anchore/2024/CVE-2024-2873.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "wolfssl", + "cveId": "CVE-2024-2873", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://github.com/wolfSSL/wolfssh/pull/671", + "https://github.com/wolfSSL/wolfssh/pull/670", + "https://www.wolfssl.com/docs/security-vulnerabilities/" + ], + "solutions": [ + "The fix for this issue is located in the following GitHub Pull Requests:\n * https://github.com/wolfSSL/wolfssh/pull/670 \n\n * https://github.com/wolfSSL/wolfssh/pull/671 \n\n" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:wolfssh:wolfssh:*:*:*:*:*:*:*:*" + ], + "product": "wolfSSH", + "repo": "https://github.com/wolfSSL/wolfssh", + "vendor": "wolfSSL Inc.", + "versions": [ + { + "lessThan": "1.4.17", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-3094.json b/data/anchore/2024/CVE-2024-3094.json new file mode 100644 index 00000000..ce85c85d --- /dev/null +++ b/data/anchore/2024/CVE-2024-3094.json @@ -0,0 +1,86 @@ +{ + "additionalMetadata": { + "cna": "redhat", + "cveId": "CVE-2024-3094", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://xeiaso.net/notes/2024/xz-vuln/", + "https://lists.freebsd.org/archives/freebsd-security/2024-March/000248.html", + "https://news.ycombinator.com/item?id=39895344", + "https://security.archlinux.org/CVE-2024-3094", + "http://www.openwall.com/lists/oss-security/2024/04/16/5", + "http://www.openwall.com/lists/oss-security/2024/03/29/4", + "https://www.openwall.com/lists/oss-security/2024/03/29/4", + "https://news.ycombinator.com/item?id=39865810", + "http://www.openwall.com/lists/oss-security/2024/03/30/36", + "https://www.cisa.gov/news-events/alerts/2024/03/29/reported-supply-chain-compromise-affecting-xz-utils-data-compression-library-cve-2024-3094", + "https://openssf.org/blog/2024/03/30/xz-backdoor-cve-2024-3094/", + "https://twitter.com/LetsDefendIO/status/1774804387417751958", + "https://security-tracker.debian.org/tracker/CVE-2024-3094", + "http://www.openwall.com/lists/oss-security/2024/03/29/10", + "https://tukaani.org/xz-backdoor/", + "https://gynvael.coldwind.pl/?lang=en&id=782", + "https://discourse.nixos.org/t/cve-2024-3094-malicious-code-in-xz-5-6-0-and-5-6-1-tarballs/42405", + "https://twitter.com/infosecb/status/1774595540233167206", + "https://www.tenable.com/blog/frequently-asked-questions-cve-2024-3094-supply-chain-backdoor-in-xz-utils", + "https://www.darkreading.com/vulnerabilities-threats/are-you-affected-by-the-backdoor-in-xz-utils", + "http://www.openwall.com/lists/oss-security/2024/03/30/12", + "http://www.openwall.com/lists/oss-security/2024/03/30/5", + "https://github.com/advisories/GHSA-rxwq-x6h5-x525", + "https://ubuntu.com/security/CVE-2024-3094", + "https://lwn.net/Articles/967180/", + "https://www.vicarius.io/vsociety/vulnerabilities/cve-2024-3094", + "https://gist.github.com/thesamesam/223949d5a074ebc3dce9ee78baad9e27", + "http://www.openwall.com/lists/oss-security/2024/03/29/8", + "http://www.openwall.com/lists/oss-security/2024/03/29/5", + "https://research.swtch.com/xz-script", + "https://arstechnica.com/security/2024/03/backdoor-found-in-widely-used-linux-utility-breaks-encrypted-ssh-connections/", + "https://www.theregister.com/2024/03/29/malicious_backdoor_xz/", + "https://lists.debian.org/debian-security-announce/2024/msg00057.html", + "https://bugzilla.suse.com/show_bug.cgi?id=1222124", + "http://www.openwall.com/lists/oss-security/2024/03/30/27", + "https://twitter.com/debian/status/1774219194638409898", + "https://ariadne.space/2024/04/02/the-xz-utils-backdoor-is-a-symptom-of-a-larger-problem/", + "https://github.com/amlweems/xzbot", + "https://github.com/karcherm/xz-malware", + "https://twitter.com/infosecb/status/1774597228864139400", + "https://security.netapp.com/advisory/ntap-20240402-0001/", + "https://news.ycombinator.com/item?id=39877267", + "https://boehs.org/node/everything-i-know-about-the-xz-backdoor", + "https://access.redhat.com/security/cve/CVE-2024-3094", + "https://bugs.gentoo.org/928134", + "https://bugzilla.redhat.com/show_bug.cgi?id=2272210", + "https://blog.netbsd.org/tnf/entry/statement_on_backdoor_in_xz", + "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1068024", + "https://www.redhat.com/en/blog/urgent-security-alert-fedora-41-and-rawhide-users", + "http://www.openwall.com/lists/oss-security/2024/03/29/12", + "https://research.swtch.com/xz-timeline", + "https://security.alpinelinux.org/vuln/CVE-2024-3094", + "https://aws.amazon.com/security/security-bulletins/AWS-2024-002/", + "https://www.kali.org/blog/about-the-xz-backdoor/" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://github.com/tukaani-project", + "cpes": [ + "cpe:2.3:a:tukaani:xz:*:*:*:*:*:*:*:*" + ], + "packageName": "xz", + "versions": [ + { + "lessThanOrEqual": "5.6.1", + "status": "affected", + "version": "5.6.0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-31135.json b/data/anchore/2024/CVE-2024-31135.json new file mode 100644 index 00000000..df7a4c96 --- /dev/null +++ b/data/anchore/2024/CVE-2024-31135.json @@ -0,0 +1,33 @@ +{ + "additionalMetadata": { + "cna": "jetbrains", + "cveId": "CVE-2024-31135", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://www.jetbrains.com/privacy-security/issues-fixed/" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:jetbrains:teamcity:*:*:*:*:*:*:*:*" + ], + "product": "TeamCity", + "vendor": "JetBrains", + "versions": [ + { + "lessThan": "2024.03", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-31137.json b/data/anchore/2024/CVE-2024-31137.json new file mode 100644 index 00000000..b54f8cca --- /dev/null +++ b/data/anchore/2024/CVE-2024-31137.json @@ -0,0 +1,33 @@ +{ + "additionalMetadata": { + "cna": "jetbrains", + "cveId": "CVE-2024-31137", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://www.jetbrains.com/privacy-security/issues-fixed/" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:jetbrains:teamcity:*:*:*:*:*:*:*:*" + ], + "product": "TeamCity", + "vendor": "JetBrains", + "versions": [ + { + "lessThan": "2024.03", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-31138.json b/data/anchore/2024/CVE-2024-31138.json new file mode 100644 index 00000000..9445da82 --- /dev/null +++ b/data/anchore/2024/CVE-2024-31138.json @@ -0,0 +1,33 @@ +{ + "additionalMetadata": { + "cna": "jetbrains", + "cveId": "CVE-2024-31138", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://www.jetbrains.com/privacy-security/issues-fixed/" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:jetbrains:teamcity:*:*:*:*:*:*:*:*" + ], + "product": "TeamCity", + "vendor": "JetBrains", + "versions": [ + { + "lessThan": "2024.03", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file