Skip to content

Commit

Permalink
Update CVE and NVD data
Browse files Browse the repository at this point in the history
  • Loading branch information
GSD-automation committed Apr 25, 2024
1 parent 0fe7cbb commit f04ac4a
Show file tree
Hide file tree
Showing 331 changed files with 31,632 additions and 2,085 deletions.
1,433 changes: 717 additions & 716 deletions 2017/18xxx/GSD-2017-18017.json
View file

Large diffs are not rendered by default.

45 changes: 0 additions & 45 deletions 2020/27xxx/GSD-2020-27792.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -35,31 +35,6 @@
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ghostscript",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "unaffected",
"version": "9.27"
}
]
}
}
]
}
}
]
},
"vendor_name": "n/a"
},
{
"product": {
"product_data": [
Expand Down Expand Up @@ -118,26 +93,6 @@
]
},
"vendor_name": "Red Hat"
},
{
"product": {
"product_data": [
{
"product_name": "Fedora",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
}
]
},
"vendor_name": "Fedora"
}
]
}
Expand Down
63 changes: 5 additions & 58 deletions 2022/2xxx/GSD-2022-2127.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,39 +30,6 @@
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "samba",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"status": "unaffected",
"version": "4.16.11"
},
{
"status": "unaffected",
"version": "4.17.10"
},
{
"status": "unaffected",
"version": "4.18.5"
}
]
}
}
]
}
}
]
},
"vendor_name": "n/a"
},
{
"product": {
"product_data": [
Expand Down Expand Up @@ -247,26 +214,6 @@
]
},
"vendor_name": "Red Hat"
},
{
"product": {
"product_data": [
{
"product_name": "Fedora",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
}
}
]
}
}
]
},
"vendor_name": "Fedora"
}
]
}
Expand Down Expand Up @@ -345,6 +292,11 @@
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2222791"
},
{
"name": "https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html",
"refsource": "MISC",
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html"
},
{
"name": "https://lists.fedoraproject.org/archives/list/[email protected]/message/BPCSGND7LO467AJGR5DYBGZLTCGTOBCC/",
"refsource": "MISC",
Expand All @@ -369,11 +321,6 @@
"name": "https://www.samba.org/samba/security/CVE-2022-2127.html",
"refsource": "MISC",
"url": "https://www.samba.org/samba/security/CVE-2022-2127.html"
},
{
"name": "https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html",
"refsource": "MISC",
"url": "https://lists.debian.org/debian-lts-announce/2024/04/msg00015.html"
}
]
}
Expand Down
169 changes: 166 additions & 3 deletions 2022/45xxx/GSD-2022-45852.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,7 @@
"aliases": [
"CVE-2022-45852"
],
"details": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in FormAssembly / Drew Buschhorn WP-FormAssembly allows Path Traversal.This issue affects WP-FormAssembly: from n/a through 2.0.5.\n\n",
"id": "GSD-2022-45852",
"modified": "2023-12-13T01:19:24.662467Z",
"schema_version": "1.4.0"
Expand All @@ -22,18 +23,180 @@
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "[email protected]",
"ASSIGNER": "[email protected]",
"ID": "CVE-2022-45852",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WP-FormAssembly",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected",
"versions": [
{
"changes": [
{
"at": "2.0.6",
"status": "unaffected"
}
],
"lessThanOrEqual": "2.0.5",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
}
]
}
}
]
},
"vendor_name": "FormAssembly / Drew Buschhorn"
}
]
}
},
"credits": [
{
"lang": "en",
"value": "Tien Nguyen Anh (Patchstack Alliance)"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in FormAssembly / Drew Buschhorn WP-FormAssembly allows Path Traversal.This issue affects WP-FormAssembly: from n/a through 2.0.5.\n\n"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-22",
"lang": "eng",
"value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://patchstack.com/database/vulnerability/formassembly-web-forms/wordpress-wp-formassembly-plugin-2-0-5-auth-arbitrary-file-read-vulnerability?_s_id=cve",
"refsource": "MISC",
"url": "https://patchstack.com/database/vulnerability/formassembly-web-forms/wordpress-wp-formassembly-plugin-2-0-5-auth-arbitrary-file-read-vulnerability?_s_id=cve"
}
]
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to 2.0.6 or a higher version."
}
],
"value": "Update to 2.0.6 or a higher version."
}
],
"source": {
"discovery": "EXTERNAL"
}
},
"nvd.nist.gov": {
"cve": {
"descriptions": [
{
"lang": "en",
"value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in FormAssembly / Drew Buschhorn WP-FormAssembly allows Path Traversal.This issue affects WP-FormAssembly: from n/a through 2.0.5.\n\n"
}
],
"id": "CVE-2022-45852",
"lastModified": "2024-04-24T13:39:42.883",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 3.6,
"source": "[email protected]",
"type": "Secondary"
}
]
},
"published": "2024-04-24T11:15:46.483",
"references": [
{
"source": "[email protected]",
"url": "https://patchstack.com/database/vulnerability/formassembly-web-forms/wordpress-wp-formassembly-plugin-2-0-5-auth-arbitrary-file-read-vulnerability?_s_id=cve"
}
],
"sourceIdentifier": "[email protected]",
"vulnStatus": "Awaiting Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "[email protected]",
"type": "Primary"
}
]
}
Expand Down
Loading

0 comments on commit f04ac4a

Please sign in to comment.