From f9e87eb83404751befefd27ccff3dd7f06a0a251 Mon Sep 17 00:00:00 2001 From: Weston Steimel Date: Tue, 21 May 2024 13:45:30 +0100 Subject: [PATCH] conversion for redhat records Signed-off-by: Weston Steimel --- data/anchore/2024/CVE-2024-0229.json | 77 +++++++++++++++ data/anchore/2024/CVE-2024-1139.json | 53 ++++++++++ data/anchore/2024/CVE-2024-1441.json | 38 ++++++++ data/anchore/2024/CVE-2024-1481.json | 35 +++++++ data/anchore/2024/CVE-2024-1725.json | 44 +++++++++ data/anchore/2024/CVE-2024-1753.json | 134 ++++++++++++++++++++++++++ data/anchore/2024/CVE-2024-2182.json | 73 ++++++++++++++ data/anchore/2024/CVE-2024-21885.json | 72 ++++++++++++++ data/anchore/2024/CVE-2024-21886.json | 74 ++++++++++++++ data/anchore/2024/CVE-2024-2496.json | 36 +++++++ data/anchore/2024/CVE-2024-28834.json | 44 +++++++++ data/anchore/2024/CVE-2024-28835.json | 39 ++++++++ data/anchore/2024/CVE-2024-31080.json | 75 ++++++++++++++ data/anchore/2024/CVE-2024-31081.json | 75 ++++++++++++++ data/anchore/2024/CVE-2024-31082.json | 44 +++++++++ data/anchore/2024/CVE-2024-31083.json | 75 ++++++++++++++ data/anchore/2024/CVE-2024-3154.json | 54 +++++++++++ 17 files changed, 1042 insertions(+) create mode 100644 data/anchore/2024/CVE-2024-0229.json create mode 100644 data/anchore/2024/CVE-2024-1139.json create mode 100644 data/anchore/2024/CVE-2024-1441.json create mode 100644 data/anchore/2024/CVE-2024-1481.json create mode 100644 data/anchore/2024/CVE-2024-1725.json create mode 100644 data/anchore/2024/CVE-2024-1753.json create mode 100644 data/anchore/2024/CVE-2024-2182.json create mode 100644 data/anchore/2024/CVE-2024-21885.json create mode 100644 data/anchore/2024/CVE-2024-21886.json create mode 100644 data/anchore/2024/CVE-2024-2496.json create mode 100644 data/anchore/2024/CVE-2024-28834.json create mode 100644 data/anchore/2024/CVE-2024-28835.json create mode 100644 data/anchore/2024/CVE-2024-31080.json create mode 100644 data/anchore/2024/CVE-2024-31081.json create mode 100644 data/anchore/2024/CVE-2024-31082.json create mode 100644 data/anchore/2024/CVE-2024-31083.json create mode 100644 data/anchore/2024/CVE-2024-3154.json diff --git a/data/anchore/2024/CVE-2024-0229.json b/data/anchore/2024/CVE-2024-0229.json new file mode 100644 index 00000000..421abc88 --- /dev/null +++ b/data/anchore/2024/CVE-2024-0229.json @@ -0,0 +1,77 @@ +{ + "additionalMetadata": { + "cna": "redhat", + "cveId": "CVE-2024-0229", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://access.redhat.com/errata/RHSA-2024:2170", + "https://access.redhat.com/errata/RHSA-2024:0614", + "https://access.redhat.com/errata/RHSA-2024:0607", + "https://access.redhat.com/errata/RHSA-2024:0629", + "https://access.redhat.com/errata/RHSA-2024:0597", + "https://access.redhat.com/errata/RHSA-2024:0558", + "https://access.redhat.com/errata/RHSA-2024:2169", + "https://access.redhat.com/errata/RHSA-2024:0557", + "https://access.redhat.com/errata/RHSA-2024:0626", + "https://access.redhat.com/security/cve/CVE-2024-0229", + "https://access.redhat.com/errata/RHSA-2024:0621", + "https://access.redhat.com/errata/RHSA-2024:0617", + "https://bugzilla.redhat.com/show_bug.cgi?id=2256690", + "https://access.redhat.com/errata/RHSA-2024:0320" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://gitlab.freedesktop.org/xorg/xserver", + "cpes": [ + "cpe:2.3:a:x.org:xorg-server:*:*:*:*:*:*:*:*" + ], + "repo": "https://gitlab.freedesktop.org/xorg/xserver", + "packageName": "xorg-server", + "versions": [ + { + "lessThan": "21.1.11", + "status": "affected", + "version": "1.1.1", + "versionType": "semver" + } + ] + }, + { + "collectionURL": "https://gitlab.freedesktop.org/xorg/xserver", + "cpes": [ + "cpe:2.3:a:x.org:xwayland:*:*:*:*:*:*:*:*" + ], + "repo": "https://gitlab.freedesktop.org/xorg/xserver", + "packageName": "xwayland", + "versions": [ + { + "lessThan": "23.2.4", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ] + } + ], + "references": [ + { + "url": "https://lists.x.org/archives/xorg/2024-January/061525.html" + }, + { + "url": "https://gitlab.freedesktop.org/xorg/xserver/-/commit/ece23be888a93b741aa1209d1dbf64636109d6a5" + }, + { + "url": "https://gitlab.freedesktop.org/xorg/xserver/-/commit/219c54b8a3337456ce5270ded6a67bcde53553d5" + }, + { + "url": "https://gitlab.freedesktop.org/xorg/xserver/-/commit/df3c65706eb169d5938df0052059f3e0d5981b74" + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-1139.json b/data/anchore/2024/CVE-2024-1139.json new file mode 100644 index 00000000..556deecc --- /dev/null +++ b/data/anchore/2024/CVE-2024-1139.json @@ -0,0 +1,53 @@ +{ + "additionalMetadata": { + "cna": "redhat", + "cveId": "CVE-2024-1139", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://access.redhat.com/security/cve/CVE-2024-1139", + "https://access.redhat.com/errata/RHSA-2024:1887", + "https://bugzilla.redhat.com/show_bug.cgi?id=2262158", + "https://access.redhat.com/errata/RHSA-2024:1891", + "https://access.redhat.com/errata/RHSA-2024:2047" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:redhat:openshift_container_platform:*:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openshift:*:*:*:*:*:*:*:*" + ], + "product": "OpenShift Container Platform", + "vendor": "Red Hat", + "versions": [ + { + "lessThan": "4.13.41", + "status": "affected", + "version": "4.12", + "versionType": "semver" + } + ] + }, + { + "cpes": [ + "cpe:2.3:a:kubernetes:kube-apiserver:*:*:*:*:*:*:*:*" + ], + "product": "kube-apiserver", + "vendor": "Kubernetes", + "versions": [ + { + "lessThan": "4.15.10", + "status": "affected", + "version": "4.14", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-1441.json b/data/anchore/2024/CVE-2024-1441.json new file mode 100644 index 00000000..da04bc59 --- /dev/null +++ b/data/anchore/2024/CVE-2024-1441.json @@ -0,0 +1,38 @@ +{ + "additionalMetadata": { + "cna": "redhat", + "cveId": "CVE-2024-1441", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html", + "https://access.redhat.com/errata/RHSA-2024:2560", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/E6MVZO5GXDB7RHY6MS3ZXES3HPK34P3A/", + "https://bugzilla.redhat.com/show_bug.cgi?id=2263841", + "https://access.redhat.com/security/cve/CVE-2024-1441", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/45FFKU3LODT345LAB5T4XZA5WKYMXJYU/" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:redhat:libvirt:*:*:*:*:*:*:*:*" + ], + "product": "libvirt", + "vendor": "Red Hat", + "versions": [ + { + "lessThan": "10.1.0", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-1481.json b/data/anchore/2024/CVE-2024-1481.json new file mode 100644 index 00000000..a8c1c564 --- /dev/null +++ b/data/anchore/2024/CVE-2024-1481.json @@ -0,0 +1,35 @@ +{ + "additionalMetadata": { + "cna": "redhat", + "cveId": "CVE-2024-1481", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://access.redhat.com/errata/RHSA-2024:2147", + "https://bugzilla.redhat.com/show_bug.cgi?id=2262169", + "https://access.redhat.com/security/cve/CVE-2024-1481" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:freeipa:freeipa:*:*:*:*:*:*:*:*" + ], + "product": "freeipa", + "vendor": "freeipa", + "versions": [ + { + "lessThan": "4.11.1", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-1725.json b/data/anchore/2024/CVE-2024-1725.json new file mode 100644 index 00000000..77f79557 --- /dev/null +++ b/data/anchore/2024/CVE-2024-1725.json @@ -0,0 +1,44 @@ +{ + "additionalMetadata": { + "cna": "redhat", + "cveId": "CVE-2024-1725", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://access.redhat.com/errata/RHSA-2024:1559", + "https://bugzilla.redhat.com/show_bug.cgi?id=2265398", + "https://access.redhat.com/errata/RHSA-2024:1891", + "https://access.redhat.com/errata/RHSA-2024:2047", + "https://access.redhat.com/security/cve/CVE-2024-1725" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:redhat:openshift_container_platform:*:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:openshift:*:*:*:*:*:*:*:*" + ], + "product": "OpenShift Container Platform", + "vendor": "Red Hat", + "versions": [ + { + "lessThan": "4.14.22", + "status": "affected", + "version": "0", + "versionType": "semver" + }, + { + "lessThan": "4.15.6", + "status": "affected", + "version": "4.15", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-1753.json b/data/anchore/2024/CVE-2024-1753.json new file mode 100644 index 00000000..ef904549 --- /dev/null +++ b/data/anchore/2024/CVE-2024-1753.json @@ -0,0 +1,134 @@ +{ + "additionalMetadata": { + "cna": "redhat", + "cveId": "CVE-2024-1753", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://access.redhat.com/errata/RHSA-2024:2098", + "https://bugzilla.redhat.com/show_bug.cgi?id=2265513", + "https://github.com/containers/podman/security/advisories/GHSA-874v-pj72-92f3", + "https://access.redhat.com/errata/RHSA-2024:2645", + "https://github.com/containers/buildah/security/advisories/GHSA-pmf3-c36m-g5cf", + "https://access.redhat.com/errata/RHSA-2024:2077", + "https://access.redhat.com/errata/RHSA-2024:2089", + "https://access.redhat.com/errata/RHSA-2024:2064", + "https://access.redhat.com/errata/RHSA-2024:2090", + "https://access.redhat.com/errata/RHSA-2024:2097", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FCRZVUDOFM5CPREQKBEU2VK2QK62PSBP/", + "https://access.redhat.com/errata/RHSA-2024:2049", + "https://access.redhat.com/security/cve/CVE-2024-1753", + "https://access.redhat.com/errata/RHSA-2024:2066", + "https://access.redhat.com/errata/RHSA-2024:2548", + "https://access.redhat.com/errata/RHSA-2024:2084", + "https://access.redhat.com/errata/RHSA-2024:2055", + "https://access.redhat.com/errata/RHSA-2024:2672", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZVBSVZGVABPYIHK5HZM472NPGWMI7WXH/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KOYMVMQ7RWMDTSKQTBO734BE3WQPI2AJ/", + "https://access.redhat.com/errata/RHSA-2024:2669" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://pkg.go.dev", + "packageName": "github.com/containers/buildah", + "repo": "https://github.com/containers/buildah", + "cpes": [ + "cpe:2.3:a:buildah_project:buildah:*:*:*:*:*:*:*:*" + ], + "product": "buildah", + "vendor": "Red Hat", + "versions": [ + { + "lessThan": "1.35.1", + "status": "affected", + "version": "1.35", + "versionType": "semver" + }, + { + "lessThan": "1.34.3", + "status": "affected", + "version": "1.34", + "versionType": "semver" + }, + { + "lessThan": "1.33.7", + "status": "affected", + "version": "1.33", + "versionType": "semver" + }, + { + "lessThan": "1.32.3", + "status": "affected", + "version": "1.32", + "versionType": "semver" + }, + { + "lessThan": "1.31.5", + "status": "affected", + "version": "1.30", + "versionType": "semver" + }, + { + "lessThan": "1.29.3", + "status": "affected", + "version": "1.28", + "versionType": "semver" + }, + { + "lessThan": "1.27.4", + "status": "affected", + "version": "1.25", + "versionType": "semver" + }, + { + "lessThan": "1.24.7", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ] + }, + { + "collectionURL": "https://pkg.go.dev", + "packageName": "github.com/containers/podman/v4", + "repo": "https://github.com/containers/podman", + "cpes": [ + "cpe:2.3:a:podman_project:podman:*:*:*:*:*:*:*:*" + ], + "product": "podman", + "vendor": "Red Hat", + "versions": [ + { + "lessThan": "4.9.4", + "status": "affected", + "version": "4", + "versionType": "semver" + } + ] + }, + { + "collectionURL": "https://pkg.go.dev", + "packageName": "github.com/containers/podman/v5", + "repo": "https://github.com/containers/podman", + "cpes": [ + "cpe:2.3:a:podman_project:podman:*:*:*:*:*:*:*:*" + ], + "product": "podman", + "vendor": "Red Hat", + "versions": [ + { + "lessThan": "5.0.1", + "status": "affected", + "version": "5", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-2182.json b/data/anchore/2024/CVE-2024-2182.json new file mode 100644 index 00000000..5f139773 --- /dev/null +++ b/data/anchore/2024/CVE-2024-2182.json @@ -0,0 +1,73 @@ +{ + "additionalMetadata": { + "cna": "redhat", + "cveId": "CVE-2024-2182", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://access.redhat.com/errata/RHSA-2024:1391", + "https://access.redhat.com/errata/RHSA-2024:1387", + "https://access.redhat.com/errata/RHSA-2024:1394", + "https://access.redhat.com/errata/RHSA-2024:1386", + "https://bugzilla.redhat.com/show_bug.cgi?id=2267840", + "https://mail.openvswitch.org/pipermail/ovs-announce/2024-March/000346.html", + "https://www.openwall.com/lists/oss-security/2024/03/12/5", + "https://access.redhat.com/errata/RHSA-2024:1390", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XRKXOOOKD56TY3JQVB45N3GCTX3EG4BV/", + "https://access.redhat.com/errata/RHSA-2024:1392", + "https://access.redhat.com/errata/RHSA-2024:1388", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CB4N522FCS4XWAPUKRWZF6QZ657FCIDF/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APR4GCVCMQD3DQUKXDNGIXCCYGE5V7IT/", + "https://access.redhat.com/security/cve/CVE-2024-2182", + "https://access.redhat.com/errata/RHSA-2024:1385", + "https://access.redhat.com/errata/RHSA-2024:1393", + "http://www.openwall.com/lists/oss-security/2024/03/12/5" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:ovn:open_virtual_network:*:*:*:*:*:*:*:*" + ], + "product": "Open Virtual Network", + "vendor": "ovn", + "versions": [ + { + "lessThan": "22.03.7", + "status": "affected", + "version": "0", + "versionType": "custom" + }, + { + "lessThan": "23.03.3", + "status": "affected", + "version": "23", + "versionType": "custom" + }, + { + "lessThan": "23.06.3", + "status": "affected", + "version": "23.04", + "versionType": "custom" + }, + { + "lessThan": "23.09.3", + "status": "affected", + "version": "23.07", + "versionType": "custom" + }, + { + "lessThan": "24.03.1", + "status": "affected", + "version": "24", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-21885.json b/data/anchore/2024/CVE-2024-21885.json new file mode 100644 index 00000000..84600413 --- /dev/null +++ b/data/anchore/2024/CVE-2024-21885.json @@ -0,0 +1,72 @@ +{ + "additionalMetadata": { + "cna": "redhat", + "cveId": "CVE-2024-21885", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://access.redhat.com/errata/RHSA-2024:2170", + "https://access.redhat.com/errata/RHSA-2024:0614", + "https://access.redhat.com/errata/RHSA-2024:0607", + "https://access.redhat.com/errata/RHSA-2024:0629", + "https://access.redhat.com/errata/RHSA-2024:0597", + "https://access.redhat.com/errata/RHSA-2024:0558", + "https://access.redhat.com/errata/RHSA-2024:2169", + "https://access.redhat.com/errata/RHSA-2024:0557", + "https://access.redhat.com/errata/RHSA-2024:0626", + "https://security.netapp.com/advisory/ntap-20240503-0004/", + "https://access.redhat.com/security/cve/CVE-2024-21885", + "https://bugzilla.redhat.com/show_bug.cgi?id=2256540", + "https://access.redhat.com/errata/RHSA-2024:0621", + "https://access.redhat.com/errata/RHSA-2024:0617", + "https://access.redhat.com/errata/RHSA-2024:0320" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://gitlab.freedesktop.org/xorg/xserver", + "cpes": [ + "cpe:2.3:a:x.org:xorg-server:*:*:*:*:*:*:*:*" + ], + "repo": "https://gitlab.freedesktop.org/xorg/xserver", + "packageName": "xorg-server", + "versions": [ + { + "lessThan": "21.1.11", + "status": "affected", + "version": "1.10.0", + "versionType": "semver" + } + ] + }, + { + "collectionURL": "https://gitlab.freedesktop.org/xorg/xserver", + "cpes": [ + "cpe:2.3:a:x.org:xwayland:*:*:*:*:*:*:*:*" + ], + "repo": "https://gitlab.freedesktop.org/xorg/xserver", + "packageName": "xwayland", + "versions": [ + { + "lessThan": "23.2.4", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ] + } + ], + "references": [ + { + "url": "https://lists.x.org/archives/xorg/2024-January/061525.html" + }, + { + "url": "https://gitlab.freedesktop.org/xorg/xserver/-/commit/4a5e9b1895627d40d26045bd0b7ef3dce503cbd1" + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-21886.json b/data/anchore/2024/CVE-2024-21886.json new file mode 100644 index 00000000..b91518e5 --- /dev/null +++ b/data/anchore/2024/CVE-2024-21886.json @@ -0,0 +1,74 @@ +{ + "additionalMetadata": { + "cna": "redhat", + "cveId": "CVE-2024-21886", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://access.redhat.com/errata/RHSA-2024:2170", + "https://access.redhat.com/errata/RHSA-2024:0614", + "https://access.redhat.com/errata/RHSA-2024:0607", + "https://access.redhat.com/errata/RHSA-2024:0629", + "https://access.redhat.com/errata/RHSA-2024:0597", + "https://access.redhat.com/security/cve/CVE-2024-21886", + "https://bugzilla.redhat.com/show_bug.cgi?id=2256542", + "https://access.redhat.com/errata/RHSA-2024:0558", + "https://access.redhat.com/errata/RHSA-2024:2169", + "https://access.redhat.com/errata/RHSA-2024:0557", + "https://access.redhat.com/errata/RHSA-2024:0626", + "https://access.redhat.com/errata/RHSA-2024:0621", + "https://access.redhat.com/errata/RHSA-2024:0617", + "https://access.redhat.com/errata/RHSA-2024:0320" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://gitlab.freedesktop.org/xorg/xserver", + "cpes": [ + "cpe:2.3:a:x.org:xorg-server:*:*:*:*:*:*:*:*" + ], + "repo": "https://gitlab.freedesktop.org/xorg/xserver", + "packageName": "xorg-server", + "versions": [ + { + "lessThan": "21.1.11", + "status": "affected", + "version": "1.13.0", + "versionType": "semver" + } + ] + }, + { + "collectionURL": "https://gitlab.freedesktop.org/xorg/xserver", + "cpes": [ + "cpe:2.3:a:x.org:xwayland:*:*:*:*:*:*:*:*" + ], + "repo": "https://gitlab.freedesktop.org/xorg/xserver", + "packageName": "xwayland", + "versions": [ + { + "lessThan": "23.2.4", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ] + } + ], + "references": [ + { + "url": "https://lists.x.org/archives/xorg/2024-January/061525.html" + }, + { + "url": "https://gitlab.freedesktop.org/xorg/xserver/-/commit/bc1fdbe46559dd947674375946bbef54dd0ce36b" + }, + { + "url": "https://gitlab.freedesktop.org/xorg/xserver/-/commit/26769aa71fcbe0a8403b7fb13b7c9010cc07c3a8" + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-2496.json b/data/anchore/2024/CVE-2024-2496.json new file mode 100644 index 00000000..7b8dc16b --- /dev/null +++ b/data/anchore/2024/CVE-2024-2496.json @@ -0,0 +1,36 @@ +{ + "additionalMetadata": { + "cna": "redhat", + "cveId": "CVE-2024-2496", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://bugzilla.redhat.com/show_bug.cgi?id=2269672", + "https://access.redhat.com/security/cve/CVE-2024-2496", + "https://access.redhat.com/errata/RHSA-2024:2236", + "https://lists.debian.org/debian-lts-announce/2024/04/msg00000.html" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:redhat:libvirt:*:*:*:*:*:*:*:*" + ], + "product": "libvirt", + "vendor": "Red Hat", + "versions": [ + { + "lessThan": "9.8.0", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-28834.json b/data/anchore/2024/CVE-2024-28834.json new file mode 100644 index 00000000..29bbab23 --- /dev/null +++ b/data/anchore/2024/CVE-2024-28834.json @@ -0,0 +1,44 @@ +{ + "additionalMetadata": { + "cna": "redhat", + "cveId": "CVE-2024-28834", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "http://www.openwall.com/lists/oss-security/2024/03/22/2", + "https://access.redhat.com/security/cve/CVE-2024-28834", + "https://access.redhat.com/errata/RHSA-2024:1997", + "https://lists.gnupg.org/pipermail/gnutls-help/2024-March/004845.html", + "http://www.openwall.com/lists/oss-security/2024/03/22/1", + "https://minerva.crocs.fi.muni.cz/", + "https://bugzilla.redhat.com/show_bug.cgi?id=2269228", + "https://access.redhat.com/errata/RHSA-2024:2044", + "https://access.redhat.com/errata/RHSA-2024:1784", + "https://access.redhat.com/errata/RHSA-2024:1879", + "https://access.redhat.com/errata/RHSA-2024:2570", + "https://people.redhat.com/~hkario/marvin/" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:gnu:gnutls:*:*:*:*:*:*:*:*" + ], + "product": "gnutls", + "vendor": "gnu", + "versions": [ + { + "lessThan": "3.8.4", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-28835.json b/data/anchore/2024/CVE-2024-28835.json new file mode 100644 index 00000000..bc4b8735 --- /dev/null +++ b/data/anchore/2024/CVE-2024-28835.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "redhat", + "cveId": "CVE-2024-28835", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "http://www.openwall.com/lists/oss-security/2024/03/22/2", + "https://access.redhat.com/security/cve/CVE-2024-28835", + "https://lists.gnupg.org/pipermail/gnutls-help/2024-March/004845.html", + "http://www.openwall.com/lists/oss-security/2024/03/22/1", + "https://bugzilla.redhat.com/show_bug.cgi?id=2269084", + "https://access.redhat.com/errata/RHSA-2024:1879", + "https://access.redhat.com/errata/RHSA-2024:2570" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:gnu:gnutls:*:*:*:*:*:*:*:*" + ], + "product": "gnutls", + "vendor": "gnu", + "versions": [ + { + "lessThan": "3.8.4", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-31080.json b/data/anchore/2024/CVE-2024-31080.json new file mode 100644 index 00000000..eb28d3b5 --- /dev/null +++ b/data/anchore/2024/CVE-2024-31080.json @@ -0,0 +1,75 @@ +{ + "additionalMetadata": { + "cna": "redhat", + "cveId": "CVE-2024-31080", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://access.redhat.com/errata/RHSA-2024:2037", + "https://access.redhat.com/errata/RHSA-2024:2036", + "https://access.redhat.com/errata/RHSA-2024:2080", + "https://access.redhat.com/errata/RHSA-2024:1785", + "https://lists.debian.org/debian-lts-announce/2024/04/msg00009.html", + "https://access.redhat.com/errata/RHSA-2024:2041", + "https://access.redhat.com/errata/RHSA-2024:2616", + "https://access.redhat.com/errata/RHSA-2024:2039", + "http://www.openwall.com/lists/oss-security/2024/04/03/13", + "https://access.redhat.com/errata/RHSA-2024:2040", + "https://access.redhat.com/security/cve/CVE-2024-31080", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P73U4DAAWLFZAPD75GLXTGMSTTQWW5AP/", + "https://bugzilla.redhat.com/show_bug.cgi?id=2271997", + "https://access.redhat.com/errata/RHSA-2024:2042", + "https://access.redhat.com/errata/RHSA-2024:2038", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EBLQJIAXEDMEGRGZMSH7CWUJHSVKUWLV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6TF7FZXOKHIKPZXYIMSQXKVH7WITKV3V/", + "http://www.openwall.com/lists/oss-security/2024/04/12/10" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://gitlab.freedesktop.org/xorg/xserver", + "cpes": [ + "cpe:2.3:a:x.org:xorg-server:*:*:*:*:*:*:*:*" + ], + "repo": "https://gitlab.freedesktop.org/xorg/xserver", + "packageName": "xorg-server", + "versions": [ + { + "lessThan": "21.1.12", + "status": "affected", + "version": "1.7.0", + "versionType": "semver" + } + ] + }, + { + "collectionURL": "https://gitlab.freedesktop.org/xorg/xserver", + "cpes": [ + "cpe:2.3:a:x.org:xwayland:*:*:*:*:*:*:*:*" + ], + "repo": "https://gitlab.freedesktop.org/xorg/xserver", + "packageName": "xwayland", + "versions": [ + { + "lessThan": "23.2.5", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ] + } + ], + "references": [ + { + "url": "https://lists.x.org/archives/xorg-announce/2024-April/003497.html" + }, + { + "url": "https://gitlab.freedesktop.org/xorg/xserver/-/commit/96798fc1967491c80a4d0c8d9e0a80586cb2152b" + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-31081.json b/data/anchore/2024/CVE-2024-31081.json new file mode 100644 index 00000000..6111fbb5 --- /dev/null +++ b/data/anchore/2024/CVE-2024-31081.json @@ -0,0 +1,75 @@ +{ + "additionalMetadata": { + "cna": "redhat", + "cveId": "CVE-2024-31081", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://access.redhat.com/errata/RHSA-2024:2037", + "https://access.redhat.com/errata/RHSA-2024:2036", + "https://access.redhat.com/errata/RHSA-2024:2080", + "https://access.redhat.com/errata/RHSA-2024:1785", + "https://lists.debian.org/debian-lts-announce/2024/04/msg00009.html", + "https://access.redhat.com/errata/RHSA-2024:2041", + "https://access.redhat.com/errata/RHSA-2024:2616", + "https://access.redhat.com/errata/RHSA-2024:2039", + "http://www.openwall.com/lists/oss-security/2024/04/03/13", + "https://access.redhat.com/errata/RHSA-2024:2040", + "https://bugzilla.redhat.com/show_bug.cgi?id=2271998", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P73U4DAAWLFZAPD75GLXTGMSTTQWW5AP/", + "https://access.redhat.com/security/cve/CVE-2024-31081", + "https://access.redhat.com/errata/RHSA-2024:2042", + "https://access.redhat.com/errata/RHSA-2024:2038", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EBLQJIAXEDMEGRGZMSH7CWUJHSVKUWLV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6TF7FZXOKHIKPZXYIMSQXKVH7WITKV3V/", + "http://www.openwall.com/lists/oss-security/2024/04/12/10" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://gitlab.freedesktop.org/xorg/xserver", + "cpes": [ + "cpe:2.3:a:x.org:xorg-server:*:*:*:*:*:*:*:*" + ], + "repo": "https://gitlab.freedesktop.org/xorg/xserver", + "packageName": "xorg-server", + "versions": [ + { + "lessThan": "21.1.12", + "status": "affected", + "version": "1.7.0", + "versionType": "semver" + } + ] + }, + { + "collectionURL": "https://gitlab.freedesktop.org/xorg/xserver", + "cpes": [ + "cpe:2.3:a:x.org:xwayland:*:*:*:*:*:*:*:*" + ], + "repo": "https://gitlab.freedesktop.org/xorg/xserver", + "packageName": "xwayland", + "versions": [ + { + "lessThan": "23.2.5", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ] + } + ], + "references": [ + { + "url": "https://lists.x.org/archives/xorg-announce/2024-April/003497.html" + }, + { + "url": "https://gitlab.freedesktop.org/xorg/xserver/-/commit/3e77295f888c67fc7645db5d0c00926a29ffecee" + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-31082.json b/data/anchore/2024/CVE-2024-31082.json new file mode 100644 index 00000000..5cc6e06b --- /dev/null +++ b/data/anchore/2024/CVE-2024-31082.json @@ -0,0 +1,44 @@ +{ + "additionalMetadata": { + "cna": "redhat", + "cveId": "CVE-2024-31082", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://bugzilla.redhat.com/show_bug.cgi?id=2271999", + "https://access.redhat.com/security/cve/CVE-2024-31082", + "http://www.openwall.com/lists/oss-security/2024/04/12/10", + "http://www.openwall.com/lists/oss-security/2024/04/03/13" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:x.org:xorg-server:*:*:*:*:*:*:*:*" + ], + "product": "xorg-server", + "vendor": "n/a", + "versions": [ + { + "lessThan": "21.1.12", + "status": "affected", + "version": "1.12.0", + "versionType": "semver" + } + ] + } + ], + "references": [ + { + "url": "https://lists.x.org/archives/xorg-announce/2024-April/003497.html" + }, + { + "url": "https://gitlab.freedesktop.org/xorg/xserver/-/commit/6c684d035c06fd41c727f" + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-31083.json b/data/anchore/2024/CVE-2024-31083.json new file mode 100644 index 00000000..87353d5a --- /dev/null +++ b/data/anchore/2024/CVE-2024-31083.json @@ -0,0 +1,75 @@ +{ + "additionalMetadata": { + "cna": "redhat", + "cveId": "CVE-2024-31083", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://access.redhat.com/errata/RHSA-2024:2037", + "https://access.redhat.com/errata/RHSA-2024:2036", + "https://access.redhat.com/errata/RHSA-2024:2080", + "https://access.redhat.com/errata/RHSA-2024:1785", + "https://lists.debian.org/debian-lts-announce/2024/04/msg00009.html", + "https://access.redhat.com/errata/RHSA-2024:2041", + "https://access.redhat.com/errata/RHSA-2024:2616", + "https://access.redhat.com/errata/RHSA-2024:2039", + "http://www.openwall.com/lists/oss-security/2024/04/03/13", + "https://access.redhat.com/errata/RHSA-2024:2040", + "https://access.redhat.com/security/cve/CVE-2024-31083", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/P73U4DAAWLFZAPD75GLXTGMSTTQWW5AP/", + "https://bugzilla.redhat.com/show_bug.cgi?id=2272000", + "https://access.redhat.com/errata/RHSA-2024:2042", + "https://access.redhat.com/errata/RHSA-2024:2038", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EBLQJIAXEDMEGRGZMSH7CWUJHSVKUWLV/", + "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6TF7FZXOKHIKPZXYIMSQXKVH7WITKV3V/", + "http://www.openwall.com/lists/oss-security/2024/04/12/10" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://gitlab.freedesktop.org/xorg/xserver", + "cpes": [ + "cpe:2.3:a:x.org:xorg-server:*:*:*:*:*:*:*:*" + ], + "repo": "https://gitlab.freedesktop.org/xorg/xserver", + "packageName": "xorg-server", + "versions": [ + { + "lessThan": "21.1.12", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ] + }, + { + "collectionURL": "https://gitlab.freedesktop.org/xorg/xserver", + "cpes": [ + "cpe:2.3:a:x.org:xwayland:*:*:*:*:*:*:*:*" + ], + "repo": "https://gitlab.freedesktop.org/xorg/xserver", + "packageName": "xwayland", + "versions": [ + { + "lessThan": "23.2.5", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ] + } + ], + "references": [ + { + "url": "https://lists.x.org/archives/xorg-announce/2024-April/003497.html" + }, + { + "url": "https://gitlab.freedesktop.org/xorg/xserver/-/commit/bdca6c3d1f5057eeb31609b1280fc93237b00c77" + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-3154.json b/data/anchore/2024/CVE-2024-3154.json new file mode 100644 index 00000000..3249309f --- /dev/null +++ b/data/anchore/2024/CVE-2024-3154.json @@ -0,0 +1,54 @@ +{ + "additionalMetadata": { + "cna": "redhat", + "cveId": "CVE-2024-3154", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://github.com/cri-o/cri-o/security/advisories/GHSA-2cgq-h8xw-2v5j", + "https://github.com/opencontainers/runc/pull/4217", + "https://access.redhat.com/security/cve/CVE-2024-3154", + "https://access.redhat.com/errata/RHSA-2024:2672", + "https://github.com/opencontainers/runtime-spec/blob/main/features.md#unsafe-annotations-in-configjson", + "https://access.redhat.com/errata/RHSA-2024:2669", + "https://bugzilla.redhat.com/show_bug.cgi?id=2272532" + ] + }, + "adp": { + "affected": [ + { + "collectionURL": "https://pkg.go.dev", + "packageName": "github.com/cri-o/cri-o", + "repo": "https://github.com/cri-o/cri-o", + "cpes": [ + "cpe:2.3:a:kubernetes:cri-o:*:*:*:*:*:*:*:*" + ], + "product": "cri-o", + "vendor": "Kubernetes", + "versions": [ + { + "lessThan": "1.29.4", + "status": "affected", + "version": "1.29", + "versionType": "semver" + }, + { + "lessThan": "1.28.6", + "status": "affected", + "version": "1.28", + "versionType": "semver" + }, + { + "lessThan": "1.27.6", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file