From ddd47a5c570ac7231364e6b7b32d394e51a82212 Mon Sep 17 00:00:00 2001 From: Weston Steimel Date: Mon, 20 May 2024 18:01:38 +0100 Subject: [PATCH] conversion for grafana records Signed-off-by: Weston Steimel --- data/anchore/2023/CVE-2023-6152.json | 97 ++++++++++++++++++++++++++++ data/anchore/2024/CVE-2024-1313.json | 63 ++++++++++++++++++ data/anchore/2024/CVE-2024-1442.json | 57 ++++++++++++++++ 3 files changed, 217 insertions(+) create mode 100644 data/anchore/2023/CVE-2023-6152.json create mode 100644 data/anchore/2024/CVE-2024-1313.json create mode 100644 data/anchore/2024/CVE-2024-1442.json diff --git a/data/anchore/2023/CVE-2023-6152.json b/data/anchore/2023/CVE-2023-6152.json new file mode 100644 index 00000000..38cf3d48 --- /dev/null +++ b/data/anchore/2023/CVE-2023-6152.json @@ -0,0 +1,97 @@ +{ + "additionalMetadata": { + "cna": "grafana", + "cveId": "CVE-2023-6152", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://github.com/grafana/bugbounty/security/advisories/GHSA-3hv4-r2fm-h27f", + "https://grafana.com/security/security-advisories/cve-2023-6152/" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*" + ], + "product": "Grafana", + "vendor": "Grafana", + "versions": [ + { + "lessThan": "9.5.16", + "status": "affected", + "version": "2.5.0", + "versionType": "semver" + }, + { + "lessThan": "10.0.11", + "status": "affected", + "version": "10.0.0", + "versionType": "semver" + }, + { + "lessThan": "10.1.7", + "status": "affected", + "version": "10.1.0", + "versionType": "semver" + }, + { + "lessThan": "10.2.4", + "status": "affected", + "version": "10.2.0", + "versionType": "semver" + }, + { + "lessThan": "10.3.3", + "status": "affected", + "version": "10.3.0", + "versionType": "semver" + } + ] + }, + { + "cpes": [ + "cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*" + ], + "product": "Grafana Enterprise", + "vendor": "Grafana", + "versions": [ + { + "lessThan": "9.5.16", + "status": "affected", + "version": "2.5.0", + "versionType": "semver" + }, + { + "lessThan": "10.0.11", + "status": "affected", + "version": "10.0.0", + "versionType": "semver" + }, + { + "lessThan": "10.1.7", + "status": "affected", + "version": "10.1.0", + "versionType": "semver" + }, + { + "lessThan": "10.2.4", + "status": "affected", + "version": "10.2.0", + "versionType": "semver" + }, + { + "lessThan": "10.3.3", + "status": "affected", + "version": "10.3.0", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-1313.json b/data/anchore/2024/CVE-2024-1313.json new file mode 100644 index 00000000..89067477 --- /dev/null +++ b/data/anchore/2024/CVE-2024-1313.json @@ -0,0 +1,63 @@ +{ + "additionalMetadata": { + "cna": "grafana", + "cveId": "CVE-2024-1313", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://grafana.com/security/security-advisories/cve-2024-1313/" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*" + ], + "product": "Grafana", + "repo": "https://github.com/grafana/grafana", + "vendor": "Grafana", + "versions": [ + { + "lessThan": "9.5.18", + "status": "affected", + "version": "9.5.0", + "versionType": "semver" + }, + { + "lessThan": "10.0.13", + "status": "affected", + "version": "10.0.0", + "versionType": "semver" + }, + { + "lessThan": "10.1.9", + "status": "affected", + "version": "10.1.0", + "versionType": "semver" + }, + { + "lessThan": "10.2.6", + "status": "affected", + "version": "10.2.0", + "versionType": "semver" + }, + { + "lessThan": "10.3.5", + "status": "affected", + "version": "10.3.0", + "versionType": "semver" + }, + { + "status": "unaffected", + "version": "10.4.0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-1442.json b/data/anchore/2024/CVE-2024-1442.json new file mode 100644 index 00000000..5311403c --- /dev/null +++ b/data/anchore/2024/CVE-2024-1442.json @@ -0,0 +1,57 @@ +{ + "additionalMetadata": { + "cna": "grafana", + "cveId": "CVE-2024-1442", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://grafana.com/security/security-advisories/cve-2024-1442/" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*" + ], + "product": "Grafana", + "vendor": "Grafana", + "versions": [ + { + "lessThan": "9.5.7", + "status": "affected", + "version": "8.5.0", + "versionType": "semver" + }, + { + "lessThan": "10.0.12", + "status": "affected", + "version": "10.0.0", + "versionType": "semver" + }, + { + "lessThan": "10.1.8", + "status": "affected", + "version": "10.1.0", + "versionType": "semver" + }, + { + "lessThan": "10.2.5", + "status": "affected", + "version": "10.2.0", + "versionType": "semver" + }, + { + "lessThan": "10.3.4", + "status": "affected", + "version": "10.3.0", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file