From ddf10df9ddde23163b53ea6536f006d868cd8872 Mon Sep 17 00:00:00 2001 From: Weston Steimel Date: Tue, 28 May 2024 15:11:03 +0100 Subject: [PATCH] label latest github submitted vulns Signed-off-by: Weston Steimel --- data/anchore/2024/CVE-2024-31216.json | 35 ++++++++++++++ data/anchore/2024/CVE-2024-31989.json | 66 +++++++++++++++++++++++++++ data/anchore/2024/CVE-2024-32969.json | 34 ++++++++++++++ data/anchore/2024/CVE-2024-32978.json | 33 ++++++++++++++ data/anchore/2024/CVE-2024-34071.json | 55 ++++++++++++++++++++++ data/anchore/2024/CVE-2024-34082.json | 34 ++++++++++++++ data/anchore/2024/CVE-2024-34710.json | 34 ++++++++++++++ data/anchore/2024/CVE-2024-35176.json | 35 ++++++++++++++ data/anchore/2024/CVE-2024-35180.json | 37 +++++++++++++++ data/anchore/2024/CVE-2024-35190.json | 52 +++++++++++++++++++++ data/anchore/2024/CVE-2024-35195.json | 37 +++++++++++++++ data/anchore/2024/CVE-2024-35218.json | 55 ++++++++++++++++++++++ data/anchore/2024/CVE-2024-35219.json | 35 ++++++++++++++ data/anchore/2024/CVE-2024-35220.json | 37 +++++++++++++++ data/anchore/2024/CVE-2024-35222.json | 40 ++++++++++++++++ data/anchore/2024/CVE-2024-35223.json | 37 +++++++++++++++ data/anchore/2024/CVE-2024-35224.json | 46 +++++++++++++++++++ data/anchore/2024/CVE-2024-35236.json | 37 +++++++++++++++ 18 files changed, 739 insertions(+) create mode 100644 data/anchore/2024/CVE-2024-31216.json create mode 100644 data/anchore/2024/CVE-2024-31989.json create mode 100644 data/anchore/2024/CVE-2024-32969.json create mode 100644 data/anchore/2024/CVE-2024-32978.json create mode 100644 data/anchore/2024/CVE-2024-34071.json create mode 100644 data/anchore/2024/CVE-2024-34082.json create mode 100644 data/anchore/2024/CVE-2024-34710.json create mode 100644 data/anchore/2024/CVE-2024-35176.json create mode 100644 data/anchore/2024/CVE-2024-35180.json create mode 100644 data/anchore/2024/CVE-2024-35190.json create mode 100644 data/anchore/2024/CVE-2024-35195.json create mode 100644 data/anchore/2024/CVE-2024-35218.json create mode 100644 data/anchore/2024/CVE-2024-35219.json create mode 100644 data/anchore/2024/CVE-2024-35220.json create mode 100644 data/anchore/2024/CVE-2024-35222.json create mode 100644 data/anchore/2024/CVE-2024-35223.json create mode 100644 data/anchore/2024/CVE-2024-35224.json create mode 100644 data/anchore/2024/CVE-2024-35236.json diff --git a/data/anchore/2024/CVE-2024-31216.json b/data/anchore/2024/CVE-2024-31216.json new file mode 100644 index 00000000..e9d9c3fc --- /dev/null +++ b/data/anchore/2024/CVE-2024-31216.json @@ -0,0 +1,35 @@ +{ + "additionalMetadata": { + "cna": "github_m", + "cveId": "CVE-2024-31216", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://github.com/fluxcd/source-controller/commit/915d1a072a4f37dd460ba33079dc094aa6e72fa9", + "https://github.com/fluxcd/source-controller/pull/1430", + "https://github.com/fluxcd/source-controller/security/advisories/GHSA-v554-xwgw-hc3w" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:fluxcd:source-controller:*:*:*:*:*:*:*:*" + ], + "product": "source-controller", + "vendor": "fluxcd", + "versions": [ + { + "lessThan": "1.2.5", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-31989.json b/data/anchore/2024/CVE-2024-31989.json new file mode 100644 index 00000000..78782005 --- /dev/null +++ b/data/anchore/2024/CVE-2024-31989.json @@ -0,0 +1,66 @@ +{ + "additionalMetadata": { + "cna": "github_m", + "cveId": "CVE-2024-31989", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://github.com/argoproj/argo-cd/commit/2de0ceade243039c120c28374016c04ff9590d1d", + "https://github.com/argoproj/argo-cd/commit/35a7d6c7fa1534aceba763d6a68697f36c12e678", + "https://github.com/argoproj/argo-cd/commit/4e2fe302c3352a0012ecbe7f03476b0e07f7fc6c", + "https://github.com/argoproj/argo-cd/commit/53570cbd143bced49d4376d6e31bd9c7bd2659ff", + "https://github.com/argoproj/argo-cd/commit/6ef7b62a0f67e74b4aac2aee31c98ae49dd95d12", + "https://github.com/argoproj/argo-cd/commit/9552034a80070a93a161bfa330359585f3b85f07", + "https://github.com/argoproj/argo-cd/commit/bdd889d43969ba738ddd15e1f674d27964048994", + "https://github.com/argoproj/argo-cd/commit/f1a449e83ee73f8f14d441563b6a31b504f8d8b0", + "https://github.com/argoproj/argo-cd/security/advisories/GHSA-9766-5277-j5hr" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:linuxfoundation:argo-cd:*:*:*:*:*:*:*:*", + "cpe:2.3:a:linuxfoundation:argo_continuous_delivery:*:*:*:*:*:kubernetes:*:*" + ], + "product": "argo-cd", + "vendor": "argoproj", + "versions": [ + { + "lessThan": "2.8.19", + "status": "affected", + "version": "0", + "versionType": "custom" + }, + { + "lessThan": "2.9.15", + "status": "affected", + "version": "2.9.0-rc1", + "versionType": "custom" + }, + { + "lessThan": "2.10.10", + "status": "affected", + "version": "2.10.0-rc1", + "versionType": "custom" + }, + { + "lessThan": "2.11.1", + "status": "affected", + "version": "2.11.0-rc1", + "versionType": "custom" + }, + { + "lessThanOrEqual": "1.8.7", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-32969.json b/data/anchore/2024/CVE-2024-32969.json new file mode 100644 index 00000000..fdcc3f12 --- /dev/null +++ b/data/anchore/2024/CVE-2024-32969.json @@ -0,0 +1,34 @@ +{ + "additionalMetadata": { + "cna": "github_m", + "cveId": "CVE-2024-32969", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://github.com/vantage6/vantage6/commit/27f4ee3fade5f4cbcf3e60899c9a2a91145e0b56", + "https://github.com/vantage6/vantage6/security/advisories/GHSA-99r4-cjp4-3hmx" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:vantage6:vantage6:*:*:*:*:*:*:*:*" + ], + "product": "vantage6", + "vendor": "vantage6", + "versions": [ + { + "lessThan": "4.5.0rc3", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-32978.json b/data/anchore/2024/CVE-2024-32978.json new file mode 100644 index 00000000..607ae05e --- /dev/null +++ b/data/anchore/2024/CVE-2024-32978.json @@ -0,0 +1,33 @@ +{ + "additionalMetadata": { + "cna": "github_m", + "cveId": "CVE-2024-32978", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://github.com/kaminari/kaminari/security/advisories/GHSA-7r3j-qmr4-jfpj" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:kaminari_project:kaminari:*:*:*:*:*:*:*:*" + ], + "product": "kaminari", + "vendor": "kaminari", + "versions": [ + { + "lessThan": "0.16.2", + "status": "affected", + "version": "0.15.0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-34071.json b/data/anchore/2024/CVE-2024-34071.json new file mode 100644 index 00000000..53149240 --- /dev/null +++ b/data/anchore/2024/CVE-2024-34071.json @@ -0,0 +1,55 @@ +{ + "additionalMetadata": { + "cna": "github_m", + "cveId": "CVE-2024-34071", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://github.com/umbraco/Umbraco-CMS/commit/5f24de308584b9771240a6db1a34630a5114c450", + "https://github.com/umbraco/Umbraco-CMS/commit/c17d4e1a600098ec524e4126f4395255476bc33f", + "https://github.com/umbraco/Umbraco-CMS/commit/c8f71af646171074c13e5c34f74312def4512031", + "https://github.com/umbraco/Umbraco-CMS/commit/d8df405db4ea884bb4b96f088d10d9a2070cf024", + "https://github.com/umbraco/Umbraco-CMS/security/advisories/GHSA-j74q-mv2c-rxmp" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:umbraco:umbraco_cms:*:*:*:*:*:*:*:*" + ], + "product": "Umbraco-CMS", + "vendor": "umbraco", + "versions": [ + { + "lessThan": "8.18.14", + "status": "affected", + "version": "8.18.5", + "versionType": "custom" + }, + { + "lessThan": "10.8.6", + "status": "affected", + "version": "10.5.0", + "versionType": "custom" + }, + { + "lessThan": "12.3.10", + "status": "affected", + "version": "12.0.0", + "versionType": "custom" + }, + { + "lessThan": "13.3.1", + "status": "affected", + "version": "13.0.0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-34082.json b/data/anchore/2024/CVE-2024-34082.json new file mode 100644 index 00000000..286ea91c --- /dev/null +++ b/data/anchore/2024/CVE-2024-34082.json @@ -0,0 +1,34 @@ +{ + "additionalMetadata": { + "cna": "github_m", + "cveId": "CVE-2024-34082", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://github.com/getgrav/grav/commit/b6bba9eb99bf8cb55b8fa8d23f18873ca594e348", + "https://github.com/getgrav/grav/security/advisories/GHSA-f8v5-jmfh-pr69" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:getgrav:grav:*:*:*:*:*:*:*:*" + ], + "product": "grav", + "vendor": "getgrav", + "versions": [ + { + "lessThan": "1.7.46", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-34710.json b/data/anchore/2024/CVE-2024-34710.json new file mode 100644 index 00000000..54701c49 --- /dev/null +++ b/data/anchore/2024/CVE-2024-34710.json @@ -0,0 +1,34 @@ +{ + "additionalMetadata": { + "cna": "github_m", + "cveId": "CVE-2024-34710", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://github.com/requarks/wiki/commit/1238d614e1599fefadd4614ee4b5797a087f50ac", + "https://github.com/requarks/wiki/security/advisories/GHSA-xjcj-p2qv-q3rf" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:requarks:wiki.js:*:*:*:*:*:*:*:*" + ], + "product": "wiki", + "vendor": "requarks", + "versions": [ + { + "lessThan": "2.5.303", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-35176.json b/data/anchore/2024/CVE-2024-35176.json new file mode 100644 index 00000000..1384c718 --- /dev/null +++ b/data/anchore/2024/CVE-2024-35176.json @@ -0,0 +1,35 @@ +{ + "additionalMetadata": { + "cna": "github_m", + "cveId": "CVE-2024-35176", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://github.com/ruby/rexml/commit/4325835f92f3f142ebd91a3fdba4e1f1ab7f1cfb", + "https://github.com/ruby/rexml/security/advisories/GHSA-vg3r-rm7w-2xgh", + "https://www.ruby-lang.org/en/news/2024/05/16/dos-rexml-cve-2024-35176" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:ruby-lang:rexml:*:*:*:*:*:ruby:*:*" + ], + "product": "rexml", + "vendor": "ruby", + "versions": [ + { + "lessThan": "3.2.7", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-35180.json b/data/anchore/2024/CVE-2024-35180.json new file mode 100644 index 00000000..6634d457 --- /dev/null +++ b/data/anchore/2024/CVE-2024-35180.json @@ -0,0 +1,37 @@ +{ + "additionalMetadata": { + "cna": "github_m", + "cveId": "CVE-2024-35180", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://github.com/ome/omero-web/commit/d41207cbb82afc56ea79e84db532608aa24ab4aa", + "https://github.com/ome/omero-web/security/advisories/GHSA-vr85-5pwx-c6gq" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://pypi.org", + "packageName": "omero-web", + "cpes": [ + "cpe:2.3:a:openmicroscopy:omero-web:*:*:*:*:*:*:*:*", + "cpe:2.3:a:openmicroscopy:omero.web:*:*:*:*:*:*:*:*" + ], + "product": "omero-web", + "vendor": "ome", + "versions": [ + { + "lessThan": "5.26.0", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-35190.json b/data/anchore/2024/CVE-2024-35190.json new file mode 100644 index 00000000..0dcab0b7 --- /dev/null +++ b/data/anchore/2024/CVE-2024-35190.json @@ -0,0 +1,52 @@ +{ + "additionalMetadata": { + "cna": "github_m", + "cveId": "CVE-2024-35190", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://github.com/asterisk/asterisk/commit/85241bd22936cc15760fd1f65d16c98be7aeaf6d", + "https://github.com/asterisk/asterisk/pull/600", + "https://github.com/asterisk/asterisk/pull/602", + "https://github.com/asterisk/asterisk/security/advisories/GHSA-qqxj-v78h-hrf9" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:asterisk:asterisk:*:*:*:*:*:*:*:*", + "cpe:2.3:a:asterisk:asterisk:*:*:business:*:*:*:*:*", + "cpe:2.3:a:asterisk:open_source:*:*:*:*:*:*:*:*", + "cpe:2.3:a:digium:asterisk:*:*:*:*:*:*:*:*", + "cpe:2.3:a:sangoma:certified_asterisk:*:*:*:*:*:*:*:*" + ], + "product": "asterisk", + "vendor": "asterisk", + "versions": [ + { + "lessThan": "21.3.1", + "status": "affected", + "version": "21.3.0", + "versionType": "custom" + }, + { + "lessThan": "20.8.1", + "status": "affected", + "version": "20.8.0", + "versionType": "custom" + }, + { + "lessThan": "18.23.1", + "status": "affected", + "version": "18.23.0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-35195.json b/data/anchore/2024/CVE-2024-35195.json new file mode 100644 index 00000000..e38a6a31 --- /dev/null +++ b/data/anchore/2024/CVE-2024-35195.json @@ -0,0 +1,37 @@ +{ + "additionalMetadata": { + "cna": "github_m", + "cveId": "CVE-2024-35195", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://github.com/psf/requests/commit/a58d7f2ffb4d00b46dca2d70a3932a0b37e22fac", + "https://github.com/psf/requests/pull/6655", + "https://github.com/psf/requests/security/advisories/GHSA-9wx4-h78v-vm56" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://pypi.org", + "packageName": "requests", + "cpes": [ + "cpe:2.3:a:python:requests:*:*:*:*:*:*:*:*" + ], + "product": "requests", + "vendor": "psf", + "versions": [ + { + "lessThan": "2.32.0", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-35218.json b/data/anchore/2024/CVE-2024-35218.json new file mode 100644 index 00000000..76bbfee1 --- /dev/null +++ b/data/anchore/2024/CVE-2024-35218.json @@ -0,0 +1,55 @@ +{ + "additionalMetadata": { + "cna": "github_m", + "cveId": "CVE-2024-35218", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://github.com/umbraco/Umbraco-CMS/commit/1b712fe6ec52aa4e71b3acf63e393c8e6ab85385", + "https://github.com/umbraco/Umbraco-CMS/commit/a2684069b1e9976444f60b4b37a80be05b87f6b6", + "https://github.com/umbraco/Umbraco-CMS/commit/cbf9f9bcd199d7ca0412be3071d275556f10b7ba", + "https://github.com/umbraco/Umbraco-CMS/commit/d090176272d07500dac0daee7c598aa8bb321050", + "https://github.com/umbraco/Umbraco-CMS/security/advisories/GHSA-gvpc-3pj6-4m9w" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:umbraco:umbraco_cms:*:*:*:*:*:*:*:*" + ], + "product": "Umbraco-CMS", + "vendor": "umbraco", + "versions": [ + { + "lessThan": "8.18.13", + "status": "affected", + "version": "8.0.0", + "versionType": "custom" + }, + { + "lessThan": "10.8.4", + "status": "affected", + "version": "10.0.0", + "versionType": "custom" + }, + { + "lessThan": "12.3.7", + "status": "affected", + "version": "12.0.0", + "versionType": "custom" + }, + { + "lessThan": "13.1.1", + "status": "affected", + "version": "13.0.0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-35219.json b/data/anchore/2024/CVE-2024-35219.json new file mode 100644 index 00000000..c74502dd --- /dev/null +++ b/data/anchore/2024/CVE-2024-35219.json @@ -0,0 +1,35 @@ +{ + "additionalMetadata": { + "cna": "github_m", + "cveId": "CVE-2024-35219", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://github.com/OpenAPITools/openapi-generator/commit/edbb021aadae47dcfe690313ce5119faf77f800d", + "https://github.com/OpenAPITools/openapi-generator/pull/18652", + "https://github.com/OpenAPITools/openapi-generator/security/advisories/GHSA-g3hr-p86p-593h" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:openapi-generator:openapi_generator:*:*:*:*:*:*:*:*" + ], + "product": "openapi-generator", + "vendor": "OpenAPITools", + "versions": [ + { + "lessThan": "7.6.0", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-35220.json b/data/anchore/2024/CVE-2024-35220.json new file mode 100644 index 00000000..54e2e41e --- /dev/null +++ b/data/anchore/2024/CVE-2024-35220.json @@ -0,0 +1,37 @@ +{ + "additionalMetadata": { + "cna": "github_m", + "cveId": "CVE-2024-35220", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://github.com/fastify/session/commit/0495ce5b534c4550f25228821db8098293439f2f", + "https://github.com/fastify/session/issues/251", + "https://github.com/fastify/session/security/advisories/GHSA-pj27-2xvp-4qxg" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://www.npmjs.com", + "packageName": "@fastify/session", + "cpes": [ + "cpe:2.3:a:fastify:session:*:*:*:*:*:*:*:*" + ], + "product": "session", + "vendor": "fastify", + "versions": [ + { + "lessThan": "10.9.0", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-35222.json b/data/anchore/2024/CVE-2024-35222.json new file mode 100644 index 00000000..3840ad0d --- /dev/null +++ b/data/anchore/2024/CVE-2024-35222.json @@ -0,0 +1,40 @@ +{ + "additionalMetadata": { + "cna": "github_m", + "cveId": "CVE-2024-35222", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://github.com/tauri-apps/tauri/issues/8316", + "https://github.com/tauri-apps/tauri/security/advisories/GHSA-57fm-592m-34r7" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:tauri:tauri:*:*:*:*:*:*:*:*" + ], + "product": "tauri", + "vendor": "tauri-apps", + "versions": [ + { + "lessThan": "1.6.7", + "status": "affected", + "version": "0", + "versionType": "custom" + }, + { + "lessThan": "2.0.0-beta.20", + "status": "affected", + "version": "2.0.0-beta.0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-35223.json b/data/anchore/2024/CVE-2024-35223.json new file mode 100644 index 00000000..710d543b --- /dev/null +++ b/data/anchore/2024/CVE-2024-35223.json @@ -0,0 +1,37 @@ +{ + "additionalMetadata": { + "cna": "github_m", + "cveId": "CVE-2024-35223", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://github.com/dapr/dapr/commit/e0591e43d0cdfd30a2f2960dce5d9892dc98bc2c", + "https://github.com/dapr/dapr/issues/7344", + "https://github.com/dapr/dapr/pull/7404", + "https://github.com/dapr/dapr/releases/tag/v1.13.3", + "https://github.com/dapr/dapr/security/advisories/GHSA-284c-x8m7-9w5h" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:linuxfoundation:dapr:*:*:*:*:*:*:*:*" + ], + "product": "dapr", + "vendor": "dapr", + "versions": [ + { + "lessThan": "1.13.3", + "status": "affected", + "version": "1.13.0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-35224.json b/data/anchore/2024/CVE-2024-35224.json new file mode 100644 index 00000000..4fe41542 --- /dev/null +++ b/data/anchore/2024/CVE-2024-35224.json @@ -0,0 +1,46 @@ +{ + "additionalMetadata": { + "cna": "github_m", + "cveId": "CVE-2024-35224", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://community.openproject.org/projects/openproject/work_packages/55198/relations", + "https://github.com/opf/openproject/security/advisories/GHSA-h26c-j8wg-frjc" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:openproject:openproject:*:*:*:*:*:*:*:*" + ], + "product": "openproject", + "vendor": "opf", + "versions": [ + { + "lessThan": "13.4.2", + "status": "affected", + "version": "0", + "versionType": "custom" + }, + { + "lessThan": "14.1.0", + "status": "affected", + "version": "14.1.0-alpha", + "versionType": "custom" + }, + { + "lessThan": "14.0.2", + "status": "affected", + "version": "14.0.0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-35236.json b/data/anchore/2024/CVE-2024-35236.json new file mode 100644 index 00000000..ad55c6e1 --- /dev/null +++ b/data/anchore/2024/CVE-2024-35236.json @@ -0,0 +1,37 @@ +{ + "additionalMetadata": { + "cna": "github_m", + "cveId": "CVE-2024-35236", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://github.com/advplyr/audiobookshelf/assets/36849099/46f6dfe0-9860-4ec0-a987-b3a553f7e45d", + "https://github.com/advplyr/audiobookshelf/blob/04ed4810fdfcafc2e82db536edc5870e3f937d00/client/components/readers/EpubReader.vue#L319", + "https://github.com/advplyr/audiobookshelf/commit/ce7f891b9b2cb57c6644aaf96f89a8bda6307664", + "https://github.com/advplyr/audiobookshelf/releases/tag/v2.10.0", + "https://github.com/advplyr/audiobookshelf/security/advisories/GHSA-7j99-76cj-q9pg" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:audiobookshelf:audiobookshelf:*:*:*:*:*:*:*:*" + ], + "product": "audiobookshelf", + "vendor": "advplyr", + "versions": [ + { + "lessThan": "2.10.0", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file