From a736cdffb6fedd19301b47ee01062f129c683911 Mon Sep 17 00:00:00 2001 From: Weston Steimel Date: Tue, 21 May 2024 10:27:23 +0100 Subject: [PATCH] conversion for jenkins records Signed-off-by: Weston Steimel --- data/anchore/2024/CVE-2024-28149.json | 34 +++++++++++++++++++++++ data/anchore/2024/CVE-2024-28150.json | 34 +++++++++++++++++++++++ data/anchore/2024/CVE-2024-28151.json | 34 +++++++++++++++++++++++ data/anchore/2024/CVE-2024-28152.json | 40 +++++++++++++++++++++++++++ data/anchore/2024/CVE-2024-28153.json | 34 +++++++++++++++++++++++ data/anchore/2024/CVE-2024-28155.json | 34 +++++++++++++++++++++++ data/anchore/2024/CVE-2024-28158.json | 34 +++++++++++++++++++++++ data/anchore/2024/CVE-2024-28159.json | 34 +++++++++++++++++++++++ data/anchore/2024/CVE-2024-28160.json | 34 +++++++++++++++++++++++ data/anchore/2024/CVE-2024-28161.json | 34 +++++++++++++++++++++++ data/anchore/2024/CVE-2024-28162.json | 34 +++++++++++++++++++++++ data/anchore/2024/CVE-2024-34144.json | 34 +++++++++++++++++++++++ data/anchore/2024/CVE-2024-34145.json | 34 +++++++++++++++++++++++ data/anchore/2024/CVE-2024-34146.json | 34 +++++++++++++++++++++++ data/anchore/2024/CVE-2024-34148.json | 34 +++++++++++++++++++++++ 15 files changed, 516 insertions(+) create mode 100644 data/anchore/2024/CVE-2024-28149.json create mode 100644 data/anchore/2024/CVE-2024-28150.json create mode 100644 data/anchore/2024/CVE-2024-28151.json create mode 100644 data/anchore/2024/CVE-2024-28152.json create mode 100644 data/anchore/2024/CVE-2024-28153.json create mode 100644 data/anchore/2024/CVE-2024-28155.json create mode 100644 data/anchore/2024/CVE-2024-28158.json create mode 100644 data/anchore/2024/CVE-2024-28159.json create mode 100644 data/anchore/2024/CVE-2024-28160.json create mode 100644 data/anchore/2024/CVE-2024-28161.json create mode 100644 data/anchore/2024/CVE-2024-28162.json create mode 100644 data/anchore/2024/CVE-2024-34144.json create mode 100644 data/anchore/2024/CVE-2024-34145.json create mode 100644 data/anchore/2024/CVE-2024-34146.json create mode 100644 data/anchore/2024/CVE-2024-34148.json diff --git a/data/anchore/2024/CVE-2024-28149.json b/data/anchore/2024/CVE-2024-28149.json new file mode 100644 index 00000000..8d4d6e9b --- /dev/null +++ b/data/anchore/2024/CVE-2024-28149.json @@ -0,0 +1,34 @@ +{ + "additionalMetadata": { + "cna": "jenkins", + "cveId": "CVE-2024-28149", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "http://www.openwall.com/lists/oss-security/2024/03/06/3", + "https://www.jenkins.io/security/advisory/2024-03-06/#SECURITY-3301" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:jenkins:html_publisher:*:*:*:*:*:jenkins:*:*" + ], + "product": "Jenkins HTML Publisher Plugin", + "vendor": "Jenkins Project", + "versions": [ + { + "lessThan": "1.32.1", + "status": "affected", + "version": "1.16", + "versionType": "maven" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-28150.json b/data/anchore/2024/CVE-2024-28150.json new file mode 100644 index 00000000..79de743d --- /dev/null +++ b/data/anchore/2024/CVE-2024-28150.json @@ -0,0 +1,34 @@ +{ + "additionalMetadata": { + "cna": "jenkins", + "cveId": "CVE-2024-28150", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "http://www.openwall.com/lists/oss-security/2024/03/06/3", + "https://www.jenkins.io/security/advisory/2024-03-06/#SECURITY-3302" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:jenkins:html_publisher:*:*:*:*:*:jenkins:*:*" + ], + "product": "Jenkins HTML Publisher Plugin", + "vendor": "Jenkins Project", + "versions": [ + { + "lessThan": "1.32.1", + "status": "affected", + "version": "0", + "versionType": "maven" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-28151.json b/data/anchore/2024/CVE-2024-28151.json new file mode 100644 index 00000000..3e2bd178 --- /dev/null +++ b/data/anchore/2024/CVE-2024-28151.json @@ -0,0 +1,34 @@ +{ + "additionalMetadata": { + "cna": "jenkins", + "cveId": "CVE-2024-28151", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "http://www.openwall.com/lists/oss-security/2024/03/06/3", + "https://www.jenkins.io/security/advisory/2024-03-06/#SECURITY-3303" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:jenkins:html_publisher:*:*:*:*:*:jenkins:*:*" + ], + "product": "Jenkins HTML Publisher Plugin", + "vendor": "Jenkins Project", + "versions": [ + { + "lessThan": "1.32.1", + "status": "affected", + "version": "0", + "versionType": "maven" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-28152.json b/data/anchore/2024/CVE-2024-28152.json new file mode 100644 index 00000000..9d6233b9 --- /dev/null +++ b/data/anchore/2024/CVE-2024-28152.json @@ -0,0 +1,40 @@ +{ + "additionalMetadata": { + "cna": "jenkins", + "cveId": "CVE-2024-28152", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "http://www.openwall.com/lists/oss-security/2024/03/06/3", + "https://www.jenkins.io/security/advisory/2024-03-06/#SECURITY-3300" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:jenkins:bitbucket_branch_source:*:*:*:*:*:jenkins:*:*" + ], + "product": "Jenkins Bitbucket Branch Source Plugin", + "vendor": "Jenkins Project", + "versions": [ + { + "lessThan": "871.v28d74e8b_4226", + "status": "affected", + "version": "856.v04c46c86f911", + "versionType": "maven" + }, + { + "lessThan": "848.850.v6a_a_2a_234a_c81", + "status": "unaffected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-28153.json b/data/anchore/2024/CVE-2024-28153.json new file mode 100644 index 00000000..f17efb1f --- /dev/null +++ b/data/anchore/2024/CVE-2024-28153.json @@ -0,0 +1,34 @@ +{ + "additionalMetadata": { + "cna": "jenkins", + "cveId": "CVE-2024-28153", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "http://www.openwall.com/lists/oss-security/2024/03/06/3", + "https://www.jenkins.io/security/advisory/2024-03-06/#SECURITY-3344" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:jenkins:owasp_dependency-check:*:*:*:*:*:jenkins:*:*" + ], + "product": "Jenkins OWASP Dependency-Check Plugin", + "vendor": "Jenkins Project", + "versions": [ + { + "lessThan": "5.4.6", + "status": "affected", + "version": "0", + "versionType": "maven" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-28155.json b/data/anchore/2024/CVE-2024-28155.json new file mode 100644 index 00000000..0083e8e0 --- /dev/null +++ b/data/anchore/2024/CVE-2024-28155.json @@ -0,0 +1,34 @@ +{ + "additionalMetadata": { + "cna": "jenkins", + "cveId": "CVE-2024-28155", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "http://www.openwall.com/lists/oss-security/2024/03/06/3", + "https://www.jenkins.io/security/advisory/2024-03-06/#SECURITY-3144" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:jenkins:appspider:*:*:*:*:*:jenkins:*:*" + ], + "product": "Jenkins AppSpider Plugin", + "vendor": "Jenkins Project", + "versions": [ + { + "lessThan": "1.0.17", + "status": "affected", + "version": "0", + "versionType": "maven" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-28158.json b/data/anchore/2024/CVE-2024-28158.json new file mode 100644 index 00000000..bc37861c --- /dev/null +++ b/data/anchore/2024/CVE-2024-28158.json @@ -0,0 +1,34 @@ +{ + "additionalMetadata": { + "cna": "jenkins", + "cveId": "CVE-2024-28158", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "http://www.openwall.com/lists/oss-security/2024/03/06/3", + "https://www.jenkins.io/security/advisory/2024-03-06/#SECURITY-3325" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:jenkins:subversion_partial_release_manager:*:*:*:*:*:jenkins:*:*" + ], + "product": "Jenkins Subversion Partial Release Manager Plugin", + "vendor": "Jenkins Project", + "versions": [ + { + "lessThanOrEqual": "1.0.1", + "status": "affected", + "version": "0", + "versionType": "maven" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-28159.json b/data/anchore/2024/CVE-2024-28159.json new file mode 100644 index 00000000..aaeb0e10 --- /dev/null +++ b/data/anchore/2024/CVE-2024-28159.json @@ -0,0 +1,34 @@ +{ + "additionalMetadata": { + "cna": "jenkins", + "cveId": "CVE-2024-28159", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "http://www.openwall.com/lists/oss-security/2024/03/06/3", + "https://www.jenkins.io/security/advisory/2024-03-06/#SECURITY-3325" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:jenkins:subversion_partial_release_manager:*:*:*:*:*:jenkins:*:*" + ], + "product": "Jenkins Subversion Partial Release Manager Plugin", + "vendor": "Jenkins Project", + "versions": [ + { + "lessThanOrEqual": "1.0.1", + "status": "affected", + "version": "0", + "versionType": "maven" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-28160.json b/data/anchore/2024/CVE-2024-28160.json new file mode 100644 index 00000000..dd0e304e --- /dev/null +++ b/data/anchore/2024/CVE-2024-28160.json @@ -0,0 +1,34 @@ +{ + "additionalMetadata": { + "cna": "jenkins", + "cveId": "CVE-2024-28160", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "http://www.openwall.com/lists/oss-security/2024/03/06/3", + "https://www.jenkins.io/security/advisory/2024-03-06/#SECURITY-3248" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:jenkins:icescrum:*:*:*:*:*:jenkins:*:*" + ], + "product": "Jenkins iceScrum Plugin", + "vendor": "Jenkins Project", + "versions": [ + { + "lessThanOrEqual": "1.1.6", + "status": "affected", + "version": "0", + "versionType": "maven" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-28161.json b/data/anchore/2024/CVE-2024-28161.json new file mode 100644 index 00000000..a154af50 --- /dev/null +++ b/data/anchore/2024/CVE-2024-28161.json @@ -0,0 +1,34 @@ +{ + "additionalMetadata": { + "cna": "jenkins", + "cveId": "CVE-2024-28161", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "http://www.openwall.com/lists/oss-security/2024/03/06/3", + "https://www.jenkins.io/security/advisory/2024-03-06/#SECURITY-3215" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:jenkins:delphix:*:*:*:*:*:jenkins:*:*" + ], + "product": "Jenkins Delphix Plugin", + "vendor": "Jenkins Project", + "versions": [ + { + "lessThan": "3.0.2", + "status": "affected", + "version": "3.0.1", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-28162.json b/data/anchore/2024/CVE-2024-28162.json new file mode 100644 index 00000000..15e24d65 --- /dev/null +++ b/data/anchore/2024/CVE-2024-28162.json @@ -0,0 +1,34 @@ +{ + "additionalMetadata": { + "cna": "jenkins", + "cveId": "CVE-2024-28162", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://www.jenkins.io/security/advisory/2024-03-06/#SECURITY-3330", + "http://www.openwall.com/lists/oss-security/2024/03/06/3" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:jenkins:delphix:*:*:*:*:*:jenkins:*:*" + ], + "product": "Jenkins Delphix Plugin", + "vendor": "Jenkins Project", + "versions": [ + { + "lessThan": "3.1.1", + "status": "affected", + "version": "3.0.1", + "versionType": "maven" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-34144.json b/data/anchore/2024/CVE-2024-34144.json new file mode 100644 index 00000000..99faa9a6 --- /dev/null +++ b/data/anchore/2024/CVE-2024-34144.json @@ -0,0 +1,34 @@ +{ + "additionalMetadata": { + "cna": "jenkins", + "cveId": "CVE-2024-34144", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "http://www.openwall.com/lists/oss-security/2024/05/02/3", + "https://www.jenkins.io/security/advisory/2024-05-02/#SECURITY-3341" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:jenkins:script_security:*:*:*:*:*:jenkins:*:*" + ], + "product": "Jenkins Script Security Plugin", + "vendor": "Jenkins Project", + "versions": [ + { + "lessThan": "1336.vf33a_a_9863911", + "status": "affected", + "version": "0", + "versionType": "maven" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-34145.json b/data/anchore/2024/CVE-2024-34145.json new file mode 100644 index 00000000..4066138a --- /dev/null +++ b/data/anchore/2024/CVE-2024-34145.json @@ -0,0 +1,34 @@ +{ + "additionalMetadata": { + "cna": "jenkins", + "cveId": "CVE-2024-34145", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "http://www.openwall.com/lists/oss-security/2024/05/02/3", + "https://www.jenkins.io/security/advisory/2024-05-02/#SECURITY-3341" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:jenkins:script_security:*:*:*:*:*:jenkins:*:*" + ], + "product": "Jenkins Script Security Plugin", + "vendor": "Jenkins Project", + "versions": [ + { + "lessThan": "1336.vf33a_a_986391", + "status": "affected", + "version": "0", + "versionType": "maven" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-34146.json b/data/anchore/2024/CVE-2024-34146.json new file mode 100644 index 00000000..e85becd2 --- /dev/null +++ b/data/anchore/2024/CVE-2024-34146.json @@ -0,0 +1,34 @@ +{ + "additionalMetadata": { + "cna": "jenkins", + "cveId": "CVE-2024-34146", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://www.jenkins.io/security/advisory/2024-05-02/#SECURITY-3342", + "http://www.openwall.com/lists/oss-security/2024/05/02/3" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:jenkins:git_server:*:*:*:*:*:jenkins:*:*" + ], + "product": "Jenkins Git server Plugin", + "vendor": "Jenkins Project", + "versions": [ + { + "lessThan": "117.veb_68868fa_027", + "status": "affected", + "version": "0", + "versionType": "maven" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-34148.json b/data/anchore/2024/CVE-2024-34148.json new file mode 100644 index 00000000..e3791abe --- /dev/null +++ b/data/anchore/2024/CVE-2024-34148.json @@ -0,0 +1,34 @@ +{ + "additionalMetadata": { + "cna": "jenkins", + "cveId": "CVE-2024-34148", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "http://www.openwall.com/lists/oss-security/2024/05/02/3", + "https://www.jenkins.io/security/advisory/2024-05-02/#SECURITY-3331" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:jenkins:subversion_partial_release_manager:*:*:*:*:*:jenkins:*:*" + ], + "product": "Jenkins Subversion Partial Release Manager Plugin", + "vendor": "Jenkins Project", + "versions": [ + { + "lessThanOrEqual": "1.0.1", + "status": "affected", + "version": "0", + "versionType": "maven" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file