From 8485910e0c27dfeb4f75e482316fab80dd04b79d Mon Sep 17 00:00:00 2001 From: Weston Steimel Date: Wed, 11 Dec 2024 10:18:33 +0000 Subject: [PATCH] updates 2024-12-11 Signed-off-by: Weston Steimel --- data/anchore/2023/CVE-2023-6947.json | 45 +++++++++++ data/anchore/2024/CVE-2024-10708.json | 44 +++++++++++ data/anchore/2024/CVE-2024-10959.json | 47 ++++++++++++ data/anchore/2024/CVE-2024-11107.json | 44 +++++++++++ data/anchore/2024/CVE-2024-11868.json | 45 +++++++++++ data/anchore/2024/CVE-2024-12026.json | 2 +- data/anchore/2024/CVE-2024-12027.json | 2 +- data/anchore/2024/CVE-2024-41128.json | 44 ++++++++++- data/anchore/2024/CVE-2024-47887.json | 44 ++++++++++- data/anchore/2024/CVE-2024-52419.json | 2 +- data/anchore/2024/CVE-2024-53866.json | 45 +++++++++++ data/anchore/2024/CVE-2024-54133.json | 105 ++++++++++++++++++++++++++ data/anchore/2024/CVE-2024-54152.json | 45 +++++++++++ data/anchore/2024/CVE-2024-55602.json | 47 ++++++++++++ data/anchore/2024/CVE-2024-55653.json | 43 +++++++++++ data/anchore/2024/CVE-2024-8793.json | 3 +- 16 files changed, 597 insertions(+), 10 deletions(-) create mode 100644 data/anchore/2023/CVE-2023-6947.json create mode 100644 data/anchore/2024/CVE-2024-10708.json create mode 100644 data/anchore/2024/CVE-2024-10959.json create mode 100644 data/anchore/2024/CVE-2024-11107.json create mode 100644 data/anchore/2024/CVE-2024-11868.json create mode 100644 data/anchore/2024/CVE-2024-53866.json create mode 100644 data/anchore/2024/CVE-2024-54133.json create mode 100644 data/anchore/2024/CVE-2024-54152.json create mode 100644 data/anchore/2024/CVE-2024-55602.json create mode 100644 data/anchore/2024/CVE-2024-55653.json diff --git a/data/anchore/2023/CVE-2023-6947.json b/data/anchore/2023/CVE-2023-6947.json new file mode 100644 index 00000000..43e17050 --- /dev/null +++ b/data/anchore/2023/CVE-2023-6947.json @@ -0,0 +1,45 @@ +{ + "additionalMetadata": { + "cna": "wordfence", + "cveId": "CVE-2023-6947", + "description": "The Best WordPress Gallery Plugin – FooGallery plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.4.26. This makes it possible for authenticated attackers, with contributor level or higher to read the contents of arbitrary folders on the server, which can contain sensitive information such as folder structure.", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://github.com/fooplugins/foogallery/pull/263/commits/9989f6f4f4d478ec04cb634d09b18c87a5b31c4d", + "https://www.wordfence.com/threat-intel/vulnerabilities/id/68420c5a-4add-4597-bd2a-20dc831e81bd?source=cve" + ], + "upstream": { + "datePublished": "2024-12-10T05:24:41.940Z", + "dateReserved": "2023-12-19T15:10:40.265Z", + "dateUpdated": "2024-12-10T20:54:03.539Z", + "digest": "1a3a80d85fdf295f8f8c5a0ee42c67bf2442eaa278c871ce3849a9174d2348eb" + } + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:fooplugins:foogallery:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "foogallery-premium", + "packageType": "wordpress-plugin", + "product": "FooGallery Premium", + "repo": "https://plugins.svn.wordpress.org/foogallery", + "vendor": "https://fooplugins.com", + "versions": [ + { + "lessThan": "2.4.27", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-10708.json b/data/anchore/2024/CVE-2024-10708.json new file mode 100644 index 00000000..bb4be984 --- /dev/null +++ b/data/anchore/2024/CVE-2024-10708.json @@ -0,0 +1,44 @@ +{ + "additionalMetadata": { + "cna": "wpscan", + "cveId": "CVE-2024-10708", + "description": "The System Dashboard WordPress plugin before 2.8.15 does not validate user input used in a path, which could allow high privilege users such as admin to perform path traversal attacks an read arbitrary files on the server", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://wpscan.com/vulnerability/61d750a5-8c2c-4c94-a1a9-6a254c2a0d03/" + ], + "upstream": { + "datePublished": "2024-12-10T06:00:01.931Z", + "dateReserved": "2024-11-01T19:02:01.104Z", + "dateUpdated": "2024-12-10T15:27:29.260Z", + "digest": "4a572e1287ac1622ca3e1e4a56b182b3a073e455eccf3c57a990fd0e14bc50ec" + } + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:bowo:system_dashboard:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "system-dashboard", + "packageType": "wordpress-plugin", + "product": "System Dashboard", + "repo": "https://plugins.svn.wordpress.org/system-dashboard", + "vendor": "bowo", + "versions": [ + { + "lessThan": "2.8.15", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-10959.json b/data/anchore/2024/CVE-2024-10959.json new file mode 100644 index 00000000..09d83b18 --- /dev/null +++ b/data/anchore/2024/CVE-2024-10959.json @@ -0,0 +1,47 @@ +{ + "additionalMetadata": { + "cna": "wordfence", + "cveId": "CVE-2024-10959", + "description": "The The Active Products Tables for WooCommerce. Use constructor to create tables plugin for WordPress is vulnerable to arbitrary shortcode execution via woot_get_smth AJAX action in all versions up to, and including, 1.0.6.5. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://plugins.trac.wordpress.org/browser/profit-products-tables-for-woocommerce/trunk/index.php#L1666", + "https://plugins.trac.wordpress.org/changeset/3199368/", + "https://wordpress.org/plugins/profit-products-tables-for-woocommerce/#developers", + "https://www.wordfence.com/threat-intel/vulnerabilities/id/ecf803cf-1b9c-4d2e-863f-d1f51b08f833?source=cve" + ], + "upstream": { + "datePublished": "2024-12-10T11:09:12.310Z", + "dateReserved": "2024-11-07T00:02:14.604Z", + "dateUpdated": "2024-12-10T15:00:50.546Z", + "digest": "2cad64b4445f72eb4f78ce0e30566db603cd408b860db7b8742f14814efa11ae" + } + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:pluginus:woot:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "profit-products-tables-for-woocommerce", + "packageType": "wordpress-plugin", + "product": "Active Products Tables for WooCommerce. Use constructor to create tables", + "repo": "https://plugins.svn.wordpress.org/profit-products-tables-for-woocommerce", + "vendor": "realmag777", + "versions": [ + { + "lessThan": "1.0.6.6", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-11107.json b/data/anchore/2024/CVE-2024-11107.json new file mode 100644 index 00000000..8d55ccc2 --- /dev/null +++ b/data/anchore/2024/CVE-2024-11107.json @@ -0,0 +1,44 @@ +{ + "additionalMetadata": { + "cna": "wpscan", + "cveId": "CVE-2024-11107", + "description": "The System Dashboard WordPress plugin before 2.8.15 does not sanitise and escape some parameters when outputting them in the page, which could allow unauthenticated users to perform Cross-Site Scripting attacks.", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://wpscan.com/vulnerability/a89f1117-8df3-417b-b54f-6587545833ee/" + ], + "upstream": { + "datePublished": "2024-12-10T06:00:02.187Z", + "dateReserved": "2024-11-11T21:26:58.732Z", + "dateUpdated": "2024-12-10T15:15:07.287Z", + "digest": "4a572e1287ac1622ca3e1e4a56b182b3a073e455eccf3c57a990fd0e14bc50ec" + } + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:bowo:system_dashboard:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "system-dashboard", + "packageType": "wordpress-plugin", + "product": "System Dashboard", + "repo": "https://plugins.svn.wordpress.org/system-dashboard", + "vendor": "bowo", + "versions": [ + { + "lessThan": "2.8.15", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-11868.json b/data/anchore/2024/CVE-2024-11868.json new file mode 100644 index 00000000..d6d1e6a2 --- /dev/null +++ b/data/anchore/2024/CVE-2024-11868.json @@ -0,0 +1,45 @@ +{ + "additionalMetadata": { + "cna": "wordfence", + "cveId": "CVE-2024-11868", + "description": "The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.2.7.3 via class-lp-rest-material-controller.php. This makes it possible for unauthenticated attackers to extract potentially sensitive paid course material.", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://plugins.trac.wordpress.org/changeset/3200780/learnpress", + "https://www.wordfence.com/threat-intel/vulnerabilities/id/7bd43980-9193-4a63-adba-720dd1b11699?source=cve" + ], + "upstream": { + "datePublished": "2024-12-10T12:24:59.516Z", + "dateReserved": "2024-11-27T15:10:11.982Z", + "dateUpdated": "2024-12-10T14:56:15.813Z", + "digest": "841ff76a272d640ca3807f65e31257873b3a372e8d7ccf92d87abf1e1a121eb2" + } + }, + "adp": { + "affected": [ + { + "collectionURL": "https://wordpress.org/plugins", + "cpes": [ + "cpe:2.3:a:thimpress:learnpress:*:*:*:*:*:wordpress:*:*" + ], + "packageName": "learnpress", + "packageType": "wordpress-plugin", + "product": "LearnPress – WordPress LMS Plugin", + "repo": "https://plugins.svn.wordpress.org/learnpress", + "vendor": "thimpress", + "versions": [ + { + "lessThan": "4.2.7.4", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-12026.json b/data/anchore/2024/CVE-2024-12026.json index 57a7b2e2..476ded7e 100644 --- a/data/anchore/2024/CVE-2024-12026.json +++ b/data/anchore/2024/CVE-2024-12026.json @@ -23,7 +23,7 @@ "vendor": "kofimokome", "versions": [ { - "lessThanOrEqual": "1.6.3", + "lessThan": "1.6.3.1", "status": "affected", "version": "0", "versionType": "semver" diff --git a/data/anchore/2024/CVE-2024-12027.json b/data/anchore/2024/CVE-2024-12027.json index 84c1b92e..b20ec344 100644 --- a/data/anchore/2024/CVE-2024-12027.json +++ b/data/anchore/2024/CVE-2024-12027.json @@ -23,7 +23,7 @@ "vendor": "kofimokome", "versions": [ { - "lessThanOrEqual": "1.6.3", + "lessThan": "1.6.3.1", "status": "affected", "version": "0", "versionType": "semver" diff --git a/data/anchore/2024/CVE-2024-41128.json b/data/anchore/2024/CVE-2024-41128.json index e0249108..91205d22 100644 --- a/data/anchore/2024/CVE-2024-41128.json +++ b/data/anchore/2024/CVE-2024-41128.json @@ -19,10 +19,10 @@ { "collectionURL": "https://rubygems.org", "cpes": [ - "cpe:2.3:a:activerecord_project:activerecord:*:*:*:*:*:ruby:*:*", - "cpe:2.3:a:rubyonrails:rails:*:*:*:*:*:ruby:*:*" + "cpe:2.3:a:rubyonrails:rails:*:*:*:*:*:ruby:*:*", + "cpe:2.3:a:rubyonrails:ruby_on_rails:*:*:*:*:*:ruby:*:*" ], - "packageName": "actionpack", + "packageName": "rails", "packageType": "gem", "product": "rails", "repo": "https://github.com/rails/rails", @@ -53,6 +53,44 @@ "versionType": "custom" } ] + }, + { + "collectionURL": "https://rubygems.org", + "cpes": [ + "cpe:2.3:a:actionpack_project:actionpack:*:*:*:*:*:ruby:*:*", + "cpe:2.3:a:rubyonrails:actionpack:*:*:*:*:*:ruby:*:*" + ], + "packageName": "actionpack", + "packageType": "gem", + "product": "actionpack", + "repo": "https://github.com/rails/rails", + "vendor": "rails", + "versions": [ + { + "lessThan": "6.1.7.9", + "status": "affected", + "version": "3.1.0", + "versionType": "custom" + }, + { + "lessThan": "7.0.8.5", + "status": "affected", + "version": "7.0.0", + "versionType": "custom" + }, + { + "lessThan": "7.1.4.1", + "status": "affected", + "version": "7.1.0", + "versionType": "custom" + }, + { + "lessThan": "7.2.1.1", + "status": "affected", + "version": "7.2.0", + "versionType": "custom" + } + ] } ], "providerMetadata": { diff --git a/data/anchore/2024/CVE-2024-47887.json b/data/anchore/2024/CVE-2024-47887.json index cbc6899d..9578d87a 100644 --- a/data/anchore/2024/CVE-2024-47887.json +++ b/data/anchore/2024/CVE-2024-47887.json @@ -17,10 +17,10 @@ { "collectionURL": "https://rubygems.org", "cpes": [ - "cpe:2.3:a:activerecord_project:activerecord:*:*:*:*:*:ruby:*:*", - "cpe:2.3:a:rubyonrails:rails:*:*:*:*:*:ruby:*:*" + "cpe:2.3:a:rubyonrails:rails:*:*:*:*:*:ruby:*:*", + "cpe:2.3:a:rubyonrails:ruby_on_rails:*:*:*:*:*:ruby:*:*" ], - "packageName": "actionpack", + "packageName": "rails", "packageType": "gem", "product": "rails", "repo": "https://github.com/rails/rails", @@ -51,6 +51,44 @@ "versionType": "custom" } ] + }, + { + "collectionURL": "https://rubygems.org", + "cpes": [ + "cpe:2.3:a:actionpack_project:actionpack:*:*:*:*:*:ruby:*:*", + "cpe:2.3:a:rubyonrails:actionpack:*:*:*:*:*:ruby:*:*" + ], + "packageName": "actionpack", + "packageType": "gem", + "product": "actionpack", + "repo": "https://github.com/rails/rails", + "vendor": "rails", + "versions": [ + { + "lessThan": "6.1.7.9", + "status": "affected", + "version": "4.0.0", + "versionType": "custom" + }, + { + "lessThan": "7.0.8.5", + "status": "affected", + "version": "7.0.0", + "versionType": "custom" + }, + { + "lessThan": "7.1.4.1", + "status": "affected", + "version": "7.1.0", + "versionType": "custom" + }, + { + "lessThan": "7.2.1.1", + "status": "affected", + "version": "7.2.0", + "versionType": "custom" + } + ] } ], "providerMetadata": { diff --git a/data/anchore/2024/CVE-2024-52419.json b/data/anchore/2024/CVE-2024-52419.json index b5240fc0..949a66a8 100644 --- a/data/anchore/2024/CVE-2024-52419.json +++ b/data/anchore/2024/CVE-2024-52419.json @@ -22,7 +22,7 @@ "vendor": "Clipboard Team", "versions": [ { - "lessThanOrEqual": "4.0.3", + "lessThan": "4.0.4", "status": "affected", "version": "0", "versionType": "custom" diff --git a/data/anchore/2024/CVE-2024-53866.json b/data/anchore/2024/CVE-2024-53866.json new file mode 100644 index 00000000..cee33581 --- /dev/null +++ b/data/anchore/2024/CVE-2024-53866.json @@ -0,0 +1,45 @@ +{ + "additionalMetadata": { + "cna": "github_m", + "cveId": "CVE-2024-53866", + "description": "The package manager pnpm prior to version 9.15.0 seems to mishandle overrides and global cache: Overrides from one workspace leak into npm metadata saved in global cache; npm metadata from global cache affects other workspaces; and installs by default don't revalidate the data (including on first lockfile generation). This can make workspace A (even running with `ignore-scripts=true`) posion global cache and execute scripts in workspace B. Users generally expect `ignore-scripts` to be sufficient to prevent immediate code execution on install (e.g. when the tree is just repacked/bundled without executing it). Here, that expectation is broken. Global state integrity is lost via operations that one would expect to be secure, enabling subsequently running arbitrary code execution on installs. Version 9.15.0 fixes the issue. As a work-around, use separate cache and store dirs in each workspace.", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://github.com/pnpm/pnpm/commit/11afcddea48f25ed5117a87dc1780a55222b9743", + "https://github.com/pnpm/pnpm/security/advisories/GHSA-vm32-9rqf-rh3r" + ], + "upstream": { + "datePublished": "2024-12-10T17:12:44.629Z", + "dateReserved": "2024-11-22T17:30:02.145Z", + "dateUpdated": "2024-12-10T17:12:44.629Z", + "digest": "ae1da5635434e504cb92e1a8d28bd960ba56b27b874d1c320db3059a24237cca" + } + }, + "adp": { + "affected": [ + { + "collectionURL": "https://registry.npmjs.org", + "cpes": [ + "cpe:2.3:a:pnpm:pnpm:*:*:*:*:*:node.js:*:*" + ], + "packageName": "pnpm", + "packageType": "npm", + "product": "pnpm", + "repo": "https://github.com/pnpm/pnpm", + "vendor": "pnpm", + "versions": [ + { + "lessThan": "9.15.0", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-54133.json b/data/anchore/2024/CVE-2024-54133.json new file mode 100644 index 00000000..5e78c4c7 --- /dev/null +++ b/data/anchore/2024/CVE-2024-54133.json @@ -0,0 +1,105 @@ +{ + "additionalMetadata": { + "cna": "github_m", + "cveId": "CVE-2024-54133", + "description": "Action Pack is a framework for handling and responding to web requests. There is a possible Cross Site Scripting (XSS) vulnerability in the `content_security_policy` helper starting in version 5.2.0 of Action Pack and prior to versions 7.0.8.7, 7.1.5.1, 7.2.2.1, and 8.0.0.1. Applications which set Content-Security-Policy (CSP) headers dynamically from untrusted user input may be vulnerable to carefully crafted inputs being able to inject new directives into the CSP. This could lead to a bypass of the CSP and its protection against XSS and other attacks. Versions 7.0.8.7, 7.1.5.1, 7.2.2.1, and 8.0.0.1 contain a fix. As a workaround, applications can avoid setting CSP headers dynamically from untrusted input, or can validate/sanitize that input.", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://github.com/rails/rails/commit/2e3f41e4538b9ca1044357f6644f037bbb7c6c49", + "https://github.com/rails/rails/commit/3da2479cfe1e00177114b17e496213c40d286b3a", + "https://github.com/rails/rails/commit/5558e72f22fc69c1c407b31ac5fb3b4ce087b542", + "https://github.com/rails/rails/commit/cb16a3bb515b5d769f73926d9757270ace691f1d", + "https://github.com/rails/rails/security/advisories/GHSA-vfm5-rmrh-j26v" + ], + "upstream": { + "datePublished": "2024-12-10T22:52:04.633Z", + "dateReserved": "2024-11-29T18:02:16.754Z", + "dateUpdated": "2024-12-10T22:52:04.633Z", + "digest": "c465eab645da9e3221b489e674f5e160f174063895900682bbff605496da8cf6" + } + }, + "adp": { + "affected": [ + { + "collectionURL": "https://rubygems.org", + "cpes": [ + "cpe:2.3:a:rubyonrails:rails:*:*:*:*:*:ruby:*:*", + "cpe:2.3:a:rubyonrails:ruby_on_rails:*:*:*:*:*:ruby:*:*" + ], + "packageName": "rails", + "packageType": "gem", + "product": "rails", + "repo": "https://github.com/rails/rails", + "vendor": "rails", + "versions": [ + { + "lessThan": "7.0.8.7", + "status": "affected", + "version": "5.2.0", + "versionType": "custom" + }, + { + "lessThan": "7.1.5.1", + "status": "affected", + "version": "7.1.0", + "versionType": "custom" + }, + { + "lessThan": "7.2.2.1", + "status": "affected", + "version": "7.2.0", + "versionType": "custom" + }, + { + "lessThan": "8.0.0.1", + "status": "affected", + "version": "8.0.0", + "versionType": "custom" + } + ] + }, + { + "collectionURL": "https://rubygems.org", + "cpes": [ + "cpe:2.3:a:actionpack_project:actionpack:*:*:*:*:*:ruby:*:*", + "cpe:2.3:a:rubyonrails:actionpack:*:*:*:*:*:ruby:*:*" + ], + "packageName": "actionpack", + "packageType": "gem", + "product": "actionpack", + "repo": "https://github.com/rails/rails", + "vendor": "rails", + "versions": [ + { + "lessThan": "7.0.8.7", + "status": "affected", + "version": "5.2.0", + "versionType": "custom" + }, + { + "lessThan": "7.1.5.1", + "status": "affected", + "version": "7.1.0", + "versionType": "custom" + }, + { + "lessThan": "7.2.2.1", + "status": "affected", + "version": "7.2.0", + "versionType": "custom" + }, + { + "lessThan": "8.0.0.1", + "status": "affected", + "version": "8.0.0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-54152.json b/data/anchore/2024/CVE-2024-54152.json new file mode 100644 index 00000000..626e0e52 --- /dev/null +++ b/data/anchore/2024/CVE-2024-54152.json @@ -0,0 +1,45 @@ +{ + "additionalMetadata": { + "cna": "github_m", + "cveId": "CVE-2024-54152", + "description": "Angular Expressions provides expressions for the Angular.JS web framework as a standalone module. Prior to version 1.4.3, an attacker can write a malicious expression that escapes the sandbox to execute arbitrary code on the system. With a more complex (undisclosed) payload, one can get full access to Arbitrary code execution on the system. The problem has been patched in version 1.4.3 of Angular Expressions. Two possible workarounds are available. One may either disable access to `__proto__` globally or make sure that one uses the function with just one argument.", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://github.com/peerigon/angular-expressions/commit/97f7ad94006156eeb97fc942332578b6cfbf8eef", + "https://github.com/peerigon/angular-expressions/security/advisories/GHSA-5462-4vcx-jh7j" + ], + "upstream": { + "datePublished": "2024-12-10T15:37:51.480Z", + "dateReserved": "2024-11-29T18:02:16.756Z", + "dateUpdated": "2024-12-10T16:34:57.533Z", + "digest": "d4ae7a4e7b281ee9fd79005c44ad2bf233031b6b8296b4cb9091dc91fba92991" + } + }, + "adp": { + "affected": [ + { + "collectionURL": "https://registry.npmjs.org", + "cpes": [ + "cpe:2.3:a:peerigon:angular-expressions:*:*:*:*:*:node.js:*:*" + ], + "packageName": "angular-expressions", + "packageType": "npm", + "product": "angular-expressions", + "repo": "https://github.com/peerigon/angular-expressions", + "vendor": "peerigon", + "versions": [ + { + "lessThan": "1.4.3", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-55602.json b/data/anchore/2024/CVE-2024-55602.json new file mode 100644 index 00000000..eb5ca36d --- /dev/null +++ b/data/anchore/2024/CVE-2024-55602.json @@ -0,0 +1,47 @@ +{ + "additionalMetadata": { + "cna": "github_m", + "cveId": "CVE-2024-55602", + "description": "PwnDoc is a penetration test report generator. Prior to commit 1d4219c596f4f518798492e48386a20c6e9a2fe6, an authenticated user who is able to update and download templates can inject path traversal (`../`) sequences into the file extension property to read arbitrary files on the system. Commit 1d4219c596f4f518798492e48386a20c6e9a2fe6 contains a patch for the issue.", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://gist.github.com/JorianWoltjer/8a42e25c6dfa7604020d2a226e193407", + "https://github.com/pwndoc/pwndoc/blob/2e7f5747d5688b1368e549c786ce7266fe5ab2b5/backend/src/routes/template.js#L103", + "https://github.com/pwndoc/pwndoc/blob/2e7f5747d5688b1368e549c786ce7266fe5ab2b5/backend/src/routes/template.js#L43-L47", + "https://github.com/pwndoc/pwndoc/commit/1d4219c596f4f518798492e48386a20c6e9a2fe6", + "https://github.com/pwndoc/pwndoc/security/advisories/GHSA-2mqc-gg7h-76p6" + ], + "upstream": { + "datePublished": "2024-12-10T16:58:12.982Z", + "dateReserved": "2024-12-09T14:22:52.524Z", + "dateUpdated": "2024-12-10T17:22:00.349Z", + "digest": "7a7d03d807a1e02ae628efa7daf71db70372089584a7bae068e148f0c55c27d6" + } + }, + "adp": { + "affected": [ + { + "collectionURL": "https://github.com", + "cpes": [ + "cpe:2.3:a:pwndoc_project:pwndoc:*:*:*:*:*:*:*:*" + ], + "packageName": "pwndoc/pwndoc", + "product": "pwndoc", + "repo": "https://github.com/pwndoc/pwndoc", + "vendor": "pwndoc", + "versions": [ + { + "lessThan": "1d4219c596f4f518798492e48386a20c6e9a2fe6", + "status": "affected", + "version": "0", + "versionType": "git" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-55653.json b/data/anchore/2024/CVE-2024-55653.json new file mode 100644 index 00000000..81a2163d --- /dev/null +++ b/data/anchore/2024/CVE-2024-55653.json @@ -0,0 +1,43 @@ +{ + "additionalMetadata": { + "cna": "github_m", + "cveId": "CVE-2024-55653", + "description": "PwnDoc is a penetration test report generator. In versions up to and including 0.5.3, an authenticated user is able to crash the backend by raising a `UnhandledPromiseRejection` on audits which exits the backend. The user doesn't need to know the audit id, since a bad audit id will also raise the rejection. With the backend being unresponsive, the whole application becomes unusable for all users of the application. As of time of publication, no known patches are available.", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://github.com/pwndoc/pwndoc/security/advisories/GHSA-ggqg-3f7v-c8rc" + ], + "upstream": { + "datePublished": "2024-12-10T22:56:07.488Z", + "dateReserved": "2024-12-10T14:47:08.666Z", + "dateUpdated": "2024-12-10T22:56:07.488Z", + "digest": "8a6de59fa1087ff386b98d434b1df8895f664ddbb4d1e85e5183d96805e6a889" + } + }, + "adp": { + "affected": [ + { + "collectionURL": "https://github.com", + "cpes": [ + "cpe:2.3:a:pwndoc_project:pwndoc:*:*:*:*:*:*:*:*" + ], + "packageName": "pwndoc/pwndoc", + "product": "pwndoc", + "repo": "https://github.com/pwndoc/pwndoc", + "vendor": "pwndoc", + "versions": [ + { + "lessThanOrEqual": "0.5.3", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-8793.json b/data/anchore/2024/CVE-2024-8793.json index 150994be..810f7061 100644 --- a/data/anchore/2024/CVE-2024-8793.json +++ b/data/anchore/2024/CVE-2024-8793.json @@ -19,10 +19,11 @@ "packageName": "woocommerce-exporter", "packageType": "wordpress-plugin", "product": "Store Exporter for WooCommerce – Export Products, Export Orders, Export Subscriptions, and More", + "repo": "https://plugins.svn.wordpress.org/woocommerce-exporter", "vendor": "jkohlbach", "versions": [ { - "lessThanOrEqual": "2.7.2.1", + "lessThan": "2.7.3", "status": "affected", "version": "0", "versionType": "semver"