enrich CVE-2024-35196 for sentry

Signed-off-by: Weston Steimel <[email protected]>
anchore · Jun 3, 2024 · 92a5ff7 · 92a5ff7
1 parent d6a4562
commit 92a5ff7
Showing 1 changed file with 42 additions and 0 deletions.
diff --git a/data/anchore/2024/CVE-2024-35196.json b/data/anchore/2024/CVE-2024-35196.json
@@ -0,0 +1,42 @@
+{
+  "additionalMetadata": {
+    "cna": "github_m",
+    "cveId": "CVE-2024-35196",
+    "reason": "Added CPE configurations because not yet analyzed by NVD.",
+    "references": [
+      "https://api.slack.com/authentication/verifying-requests-from-slack#app-management-updates",
+      "https://api.slack.com/authentication/verifying-requests-from-slack#deprecation",
+      "https://api.slack.com/authentication/verifying-requests-from-slack#regenerating",
+      "https://develop.sentry.dev/integrations/slack",
+      "https://github.com/getsentry/sentry/blob/17d2b87e39ccd57e11da4deed62971ff306253d1/src/sentry/conf/server.py#L1307",
+      "https://github.com/getsentry/sentry/pull/70508",
+      "https://github.com/getsentry/sentry/security/advisories/GHSA-c2g2-gx4j-rj3j"
+    ]
+  },
+  "adp": {
+    "affected": [
+      {
+        "collectionURL": "https://github.com",
+        "cpes": [
+          "cpe:2.3:a:sentry:sentry:*:*:*:*:*:*:*:*"
+        ],
+        "packageName": "getsentry/sentry",
+        "product": "sentry",
+        "repo": "https://github.com/getsentry/sentry",
+        "vendor": "getsentry",
+        "versions": [
+          {
+            "lessThan": "24.5.0",
+            "status": "affected",
+            "version": "24.3.0",
+            "versionType": "custom"
+          }
+        ]
+      }
+    ],
+    "providerMetadata": {
+      "orgId": "00000000-0000-4000-8000-000000000000",
+      "shortName": "anchoreadp"
+    }
+  }
+}