diff --git a/vulnfeeds/cmd/combine-to-osv/main.go b/vulnfeeds/cmd/combine-to-osv/main.go
index 23646420f5d..c0f0b38b56f 100644
--- a/vulnfeeds/cmd/combine-to-osv/main.go
+++ b/vulnfeeds/cmd/combine-to-osv/main.go
@@ -320,9 +320,7 @@ func pickAffectedInformation(cve5Affected []*osvschema.Affected, nvdAffected []*
}
if c5Intro != "" || c5Fixed != "" {
- newRange := conversion.BuildVersionRange(c5Intro, "", c5Fixed)
- newRange.Repo = repo
- newRange.Type = osvschema.Range_GIT // Preserve the repo
+ newRange := conversion.BuildGitVersionRange(c5Intro, "", c5Fixed, repo)
newAffectedRanges = append(newAffectedRanges, newRange)
} else {
newAffectedRanges = cveRanges
diff --git a/vulnfeeds/cmd/converters/cve/nvd-cve-osv/main.go b/vulnfeeds/cmd/converters/cve/nvd-cve-osv/main.go
index b1bfdf4c46e..1f0a9867e38 100644
--- a/vulnfeeds/cmd/converters/cve/nvd-cve-osv/main.go
+++ b/vulnfeeds/cmd/converters/cve/nvd-cve-osv/main.go
@@ -32,21 +32,6 @@ var (
cpuProfile = flag.String("cpuprofile", "", "Path to write cpu profile to file (default = no output)")
)
-func loadCPEDictionary(productToRepo *c.VPRepoCache, f string) error {
- data, err := os.ReadFile(f)
- if err != nil {
- return err
- }
-
- var tempMap c.VendorProductToRepoMap
- if err := json.Unmarshal(data, &tempMap); err != nil {
- return err
- }
- productToRepo.Initialize(tempMap)
-
- return nil
-}
-
func main() {
flag.Parse()
if !slices.Contains([]string{"OSV", "PackageInfo"}, *outFormat) {
@@ -82,7 +67,7 @@ func main() {
vpRepoCache := c.NewVPRepoCache()
if *parsedCPEDictionary != "" {
- err = loadCPEDictionary(vpRepoCache, *parsedCPEDictionary)
+ err = c.LoadCPEDictionary(vpRepoCache, *parsedCPEDictionary)
if err != nil {
logger.Fatal("Failed to load parsed CPE dictionary", slog.Any("err", err))
}
diff --git a/vulnfeeds/conversion/common.go b/vulnfeeds/conversion/common.go
index 8609fee8a63..0396e4ecbf6 100644
--- a/vulnfeeds/conversion/common.go
+++ b/vulnfeeds/conversion/common.go
@@ -9,6 +9,7 @@ import (
"fmt"
"io/fs"
"log/slog"
+ "net/http"
"os"
"path/filepath"
"slices"
@@ -21,6 +22,7 @@ import (
"github.com/google/osv/vulnfeeds/utility/logger"
"github.com/google/osv/vulnfeeds/vulns"
"github.com/ossf/osv-schema/bindings/go/osvschema"
+ "google.golang.org/protobuf/types/known/structpb"
)
// AddAffected adds an osvschema.Affected to a vulnerability, ensuring that no duplicate ranges are added.
@@ -64,6 +66,7 @@ func AddAffected(v *vulns.Vulnerability, aff *osvschema.Affected, metrics *model
}
func DeduplicateRefs(refs []models.Reference) []models.Reference {
+ refs = slices.Clone(refs)
// Deduplicate references by URL.
refs = slices.Clone(refs)
slices.SortStableFunc(refs, func(a, b models.Reference) int {
@@ -175,8 +178,8 @@ func WriteMetricsFile(metrics *models.ConversionMetrics, metricsFile *os.File) e
// GitVersionsToCommits examines repos and tries to convert versions to commits by treating them as Git tags.
// Returns the resolved ranges, unresolved ranges, and successful repos involved.
-func GitVersionsToCommits(versionRanges []*osvschema.Range, repos []string, metrics *models.ConversionMetrics, cache *git.RepoTagsCache) ([]*osvschema.Range, []*osvschema.Range, []string) {
- var newVersionRanges []*osvschema.Range
+func GitVersionsToCommits(versionRanges []models.RangeWithMetadata, repos []string, metrics *models.ConversionMetrics, cache *git.RepoTagsCache) ([]models.RangeWithMetadata, []models.RangeWithMetadata, []string) {
+ var newVersionRanges []models.RangeWithMetadata
unresolvedRanges := versionRanges
var successfulRepos []string
@@ -187,6 +190,18 @@ func GitVersionsToCommits(versionRanges []*osvschema.Range, repos []string, metr
if cache.IsInvalid(repo) {
continue
}
+
+ repo, err := git.FindCanonicalLink(repo, http.DefaultClient, cache)
+ if err != nil {
+ metrics.AddNote("Failed to find canonical link - %s %v", repo, err)
+ if errors.Is(err, git.ErrRateLimit) || strings.Contains(err.Error(), "429") {
+ metrics.Outcome = models.Error
+ return nil, nil, nil
+ }
+
+ continue
+ }
+
normalizedTags, err := git.NormalizeRepoTags(repo, cache)
if err != nil {
if errors.Is(err, git.ErrRateLimit) || strings.Contains(err.Error(), "429") {
@@ -198,10 +213,10 @@ func GitVersionsToCommits(versionRanges []*osvschema.Range, repos []string, metr
continue
}
- var stillUnresolvedRanges []*osvschema.Range
+ var stillUnresolvedRanges []models.RangeWithMetadata
for _, vr := range unresolvedRanges {
var introduced, fixed, lastAffected string
- for _, e := range vr.GetEvents() {
+ for _, e := range vr.Range.GetEvents() {
if e.GetIntroduced() != "" {
introduced = e.GetIntroduced()
}
@@ -235,15 +250,22 @@ func GitVersionsToCommits(versionRanges []*osvschema.Range, repos []string, metr
var newVR *osvschema.Range
if fixedCommit != "" {
- newVR = BuildVersionRange(introducedCommit, "", fixedCommit)
+ newVR = BuildGitVersionRange(introducedCommit, "", fixedCommit, repo)
} else {
- newVR = BuildVersionRange(introducedCommit, lastAffectedCommit, "")
+ newVR = BuildGitVersionRange(introducedCommit, lastAffectedCommit, "", repo)
}
successfulRepos = append(successfulRepos, repo)
- newVR.Repo = repo
- newVR.Type = osvschema.Range_GIT
- if len(vr.GetEvents()) > 0 {
- databaseSpecific, err := utility.NewStructpbFromMap(map[string]any{"versions": vr.GetEvents()})
+ if len(vr.Range.GetEvents()) > 0 {
+ dbSpecificMap := map[string]any{
+ "versions": vr.Range.GetEvents(),
+ }
+ if vr.Metadata.CPE != "" {
+ dbSpecificMap["cpe"] = vr.Metadata.CPE
+ }
+ if string(vr.Metadata.Source) != "" {
+ dbSpecificMap["source"] = string(vr.Metadata.Source)
+ }
+ databaseSpecific, err := utility.NewStructpbFromMap(dbSpecificMap)
if err != nil {
metrics.AddNote("failed to make database specific: %v", err)
} else {
@@ -251,7 +273,10 @@ func GitVersionsToCommits(versionRanges []*osvschema.Range, repos []string, metr
}
}
- newVersionRanges = append(newVersionRanges, newVR)
+ newVersionRanges = append(newVersionRanges, models.RangeWithMetadata{
+ Range: newVR,
+ Metadata: vr.Metadata,
+ })
} else {
stillUnresolvedRanges = append(stillUnresolvedRanges, vr)
}
@@ -287,6 +312,14 @@ func BuildVersionRange(intro string, lastAff string, fixed string) *osvschema.Ra
return &versionRange
}
+func BuildGitVersionRange(intro string, lastAff string, fixed string, repo string) *osvschema.Range {
+ versionRange := BuildVersionRange(intro, lastAff, fixed)
+ versionRange.Repo = repo
+ versionRange.Type = osvschema.Range_GIT
+
+ return versionRange
+}
+
// MergeTwoRanges combines two osvschema.Range objects into a single range.
// It merges the events and the DatabaseSpecific fields. If the ranges are
// not for the same repository or are of different types, it returns an error.
@@ -324,7 +357,7 @@ func MergeTwoRanges(range1, range2 *osvschema.Range) (*osvschema.Range, error) {
for k, v := range db2.GetFields() {
val2 := v.AsInterface()
if existing, ok := mergedMap[k]; ok {
- mergedVal, err := mergeDatabaseSpecificValues(existing, val2)
+ mergedVal, err := MergeDatabaseSpecificValues(existing, val2)
if err != nil {
logger.Info("Failed to merge database specific key", "key", k, "err", err)
}
@@ -346,18 +379,26 @@ func MergeTwoRanges(range1, range2 *osvschema.Range) (*osvschema.Range, error) {
return mergedRange, nil
}
-// mergeDatabaseSpecificValues is a helper function that recursively merges two
+// MergeDatabaseSpecificValues is a helper function that recursively merges two
// values from a DatabaseSpecific field. It handles lists (by appending), maps
// (by recursively merging keys), and simple strings (by creating a list if they
// differ). It returns an error if the types of the two values do not match.
-func mergeDatabaseSpecificValues(val1, val2 any) (any, error) {
+func MergeDatabaseSpecificValues(val1, val2 any) (any, error) {
switch v1 := val1.(type) {
case []any:
if v2, ok := val2.([]any); ok {
- return append(v1, v2...), nil
+ return deduplicateList(append(v1, v2...)), nil
}
- return nil, fmt.Errorf("mismatching types: %T and %T", val1, val2)
+ // Check if the list contains elements of the same type as val2
+ if len(v1) > 0 {
+ if fmt.Sprintf("%T", v1[0]) != fmt.Sprintf("%T", val2) {
+ return nil, fmt.Errorf("mismatching types: list of %T and %T", v1[0], val2)
+ }
+ }
+
+ // Append single value to list
+ return deduplicateList(append(v1, val2)), nil
case map[string]any:
if v2, ok := val2.(map[string]any); ok {
merged := make(map[string]any)
@@ -366,7 +407,7 @@ func mergeDatabaseSpecificValues(val1, val2 any) (any, error) {
}
for k, v := range v2 {
if existing, ok := merged[k]; ok {
- mergedVal, err := mergeDatabaseSpecificValues(existing, v)
+ mergedVal, err := MergeDatabaseSpecificValues(existing, v)
if err != nil {
return nil, err
}
@@ -386,11 +427,29 @@ func mergeDatabaseSpecificValues(val1, val2 any) (any, error) {
return v1, nil
}
- return []any{v1, v2}, nil
+ return deduplicateList([]any{v1, v2}), nil
+ }
+ if v2, ok := val2.([]any); ok {
+ if len(v2) > 0 {
+ if _, isString := v2[0].(string); !isString {
+ return nil, fmt.Errorf("mismatching types: string and list of %T", v2[0])
+ }
+ }
+
+ return deduplicateList(append([]any{v1}, v2...)), nil
}
return nil, fmt.Errorf("mismatching types: %T and %T", val1, val2)
default:
+ if v2, ok := val2.([]any); ok {
+ if len(v2) > 0 {
+ if fmt.Sprintf("%T", val1) != fmt.Sprintf("%T", v2[0]) {
+ return nil, fmt.Errorf("mismatching types: %T and list of %T", val1, v2[0])
+ }
+ }
+
+ return deduplicateList(append([]any{val1}, v2...)), nil
+ }
if fmt.Sprintf("%T", val1) != fmt.Sprintf("%T", val2) {
return nil, fmt.Errorf("mismatching types: %T and %T", val1, val2)
}
@@ -398,6 +457,188 @@ func mergeDatabaseSpecificValues(val1, val2 any) (any, error) {
return val1, nil
}
- return []any{val1, val2}, nil
+ return deduplicateList([]any{val1, val2}), nil
+ }
+}
+
+// deduplicateList removes duplicate comparable elements (like strings) from a list.
+func deduplicateList(list []any) []any {
+ var unique []any
+ seen := make(map[any]bool)
+ for _, item := range list {
+ switch item.(type) {
+ case string, int, int32, int64, float32, float64, bool:
+ if !seen[item] {
+ seen[item] = true
+ unique = append(unique, item)
+ }
+ default:
+ unique = append(unique, item)
+ }
+ }
+
+ return unique
+}
+
+func ToRangeWithMetadata(r []*osvschema.Range, s models.VersionSource) []models.RangeWithMetadata {
+ nr := make([]models.RangeWithMetadata, 0, len(r))
+ for _, rng := range r {
+ nr = append(nr, models.RangeWithMetadata{
+ Range: rng,
+ Metadata: models.Metadata{
+ Source: s,
+ },
+ })
+ }
+
+ return nr
+}
+
+func CreateUnresolvedRanges(unresolvedRanges []models.RangeWithMetadata) *structpb.ListValue {
+ if len(unresolvedRanges) == 0 {
+ return nil
+ }
+
+ type key struct {
+ Source string
+ CPE string
+ }
+
+ rangesByKey := make(map[key][]models.RangeWithMetadata)
+ var keys []key
+
+ for _, ur := range unresolvedRanges {
+ k := key{Source: string(ur.Metadata.Source), CPE: ur.Metadata.CPE}
+ if _, ok := rangesByKey[k]; !ok {
+ keys = append(keys, k)
+ }
+ rangesByKey[k] = append(rangesByKey[k], ur)
+ }
+
+ slices.SortFunc(keys, func(a, b key) int {
+ if a.Source != b.Source {
+ return strings.Compare(a.Source, b.Source)
+ }
+
+ return strings.Compare(a.CPE, b.CPE)
+ })
+
+ listElements := make([]any, 0, len(keys))
+
+ for _, k := range keys {
+ ranges := rangesByKey[k]
+ unresolvedRangesMap := make(map[string]any)
+ var events []*osvschema.Event
+
+ for _, ur := range ranges {
+ urEvents := ur.Range.GetEvents()
+
+ for _, e := range urEvents {
+ if e.GetIntroduced() != "0" && e.GetIntroduced() != "" {
+ events = append(events, e)
+ continue
+ }
+ if e.GetLastAffected() != "" {
+ events = append(events, e)
+ continue
+ }
+ if e.GetFixed() != "" {
+ events = append(events, e)
+ }
+ }
+ }
+
+ metadata := make(map[string]any)
+ if k.CPE != "" {
+ metadata["cpe"] = k.CPE
+ }
+ if k.Source != "" {
+ metadata["source"] = k.Source
+ }
+
+ if len(metadata) > 0 {
+ unresolvedRangesMap["metadata"] = metadata
+ }
+
+ unresolvedRangesMap["versions"] = events
+ listElements = append(listElements, unresolvedRangesMap)
+ }
+
+ ds, err := utility.NewStructpbFromMap(map[string]any{
+ "list": listElements,
+ })
+ if err != nil {
+ logger.Warn("failed to convert unresolved ranges to structpb", "err", err)
+ return nil
+ }
+
+ return ds.GetFields()["list"].GetListValue()
+}
+
+func AddFieldToDatabaseSpecific(ds *structpb.Struct, field string, value any) error {
+ if ds == nil {
+ return errors.New("database specific is nil")
+ }
+ if ds.Fields == nil {
+ return errors.New("database specific fields is nil")
}
+ if ds.GetFields()[field] != nil {
+ return fmt.Errorf("field %s already exists", field)
+ }
+
+ switch v := value.(type) {
+ case *structpb.Value:
+ ds.Fields[field] = v
+ case *structpb.Struct:
+ ds.Fields[field] = structpb.NewStructValue(v)
+ case *structpb.ListValue:
+ ds.Fields[field] = structpb.NewListValue(v)
+ default:
+ val, err := structpb.NewValue(v)
+ if err != nil {
+ return fmt.Errorf("failed to create structpb value: %w", err)
+ }
+ ds.Fields[field] = val
+ }
+
+ return nil
+}
+
+// ProcessRanges attempts to resolve the given ranges to commits and updates the metrics accordingly.
+func ProcessRanges(ranges []models.RangeWithMetadata, repos []string, metrics *models.ConversionMetrics, cache *git.RepoTagsCache, source models.VersionSource) ([]models.RangeWithMetadata, []models.RangeWithMetadata, []string) {
+ if len(ranges) == 0 {
+ return nil, nil, nil
+ }
+
+ r, un, sR := GitVersionsToCommits(ranges, repos, metrics, cache)
+ if len(r) > 0 {
+ metrics.ResolvedRangesCount += len(r)
+ metrics.SetOutcome(models.Successful)
+ }
+
+ if len(un) > 0 {
+ metrics.UnresolvedRangesCount += len(un)
+ if len(r) == 0 {
+ metrics.SetOutcome(models.NoCommitRanges)
+ }
+ }
+
+ metrics.VersionSources = append(metrics.VersionSources, source)
+
+ return r, un, sR
+}
+
+func LoadCPEDictionary(productToRepo *VPRepoCache, f string) error {
+ data, err := os.ReadFile(f)
+ if err != nil {
+ return err
+ }
+
+ var tempMap VendorProductToRepoMap
+ if err := json.Unmarshal(data, &tempMap); err != nil {
+ return err
+ }
+ productToRepo.Initialize(tempMap)
+
+ return nil
}
diff --git a/vulnfeeds/conversion/common_test.go b/vulnfeeds/conversion/common_test.go
index 84ca6444c61..1c3e2e901c3 100644
--- a/vulnfeeds/conversion/common_test.go
+++ b/vulnfeeds/conversion/common_test.go
@@ -228,10 +228,16 @@ func TestMergeDatabaseSpecificValues(t *testing.T) {
want: []any{"a", "b", "c", "d"},
},
{
- name: "List and string mismatch",
- val1: []any{"a", "b"},
- val2: "c",
- wantErr: true,
+ name: "List and string",
+ val1: []any{"a", "b"},
+ val2: "c",
+ want: []any{"a", "b", "c"},
+ },
+ {
+ name: "String and list",
+ val1: "a",
+ val2: []any{"b", "c"},
+ want: []any{"a", "b", "c"},
},
{
name: "Merge maps",
@@ -304,13 +310,13 @@ func TestMergeDatabaseSpecificValues(t *testing.T) {
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
- got, err := mergeDatabaseSpecificValues(tt.val1, tt.val2)
+ got, err := MergeDatabaseSpecificValues(tt.val1, tt.val2)
if (err != nil) != tt.wantErr {
- t.Errorf("mergeDatabaseSpecificValues() error = %v, wantErr %v", err, tt.wantErr)
+ t.Errorf("MergeDatabaseSpecificValues() error = %v, wantErr %v", err, tt.wantErr)
return
}
if !tt.wantErr && !cmp.Equal(got, tt.want) {
- t.Errorf("mergeDatabaseSpecificValues() mismatch (-want +got):\n%s", cmp.Diff(tt.want, got))
+ t.Errorf("MergeDatabaseSpecificValues() mismatch (-want +got):\n%s", cmp.Diff(tt.want, got))
}
})
}
diff --git a/vulnfeeds/conversion/cve5/__snapshots__/converter_test.snap b/vulnfeeds/conversion/cve5/__snapshots__/converter_test.snap
index 079da532b0f..0a51baf1dcb 100755
--- a/vulnfeeds/conversion/cve5/__snapshots__/converter_test.snap
+++ b/vulnfeeds/conversion/cve5/__snapshots__/converter_test.snap
@@ -1,6 +1,9 @@
[TestConvertAndExportCVEToOSV/disputed_record - 1]
{
+ "affected": [
+ {}
+ ],
"database_specific": {
"cna_assigner": "unknown",
"isDisputed": true,
@@ -27,6 +30,7 @@
"ranges": [
{
"database_specific": {
+ "source": "AFFECTED_FIELD",
"versions": [
{
"introduced": "18.0"
@@ -97,6 +101,7 @@
"ranges": [
{
"database_specific": {
+ "source": "AFFECTED_FIELD",
"versions": [
{
"introduced": "0"
@@ -335,3 +340,1373 @@
"summary": "partitions: mac: fix handling of bogus partition table"
}
---
+
+[TestCVE5Snapshot - 1]
+{
+ "affected": [
+ {
+ "ranges": [
+ {
+ "database_specific": {
+ "source": "AFFECTED_FIELD",
+ "versions": [
+ {
+ "introduced": "0"
+ },
+ {
+ "fixed": "2.0.0-next.193"
+ }
+ ]
+ },
+ "events": [
+ {
+ "introduced": "0"
+ },
+ {
+ "fixed": "eeda4f90af57368584fa97250cbb0d5bf0a5e16e"
+ }
+ ],
+ "repo": "https://github.com/lobehub/lobehub",
+ "type": "GIT"
+ }
+ ]
+ }
+ ],
+ "aliases": [
+ "GHSA-j7xp-4mg9-x28r"
+ ],
+ "database_specific": {
+ "cna_assigner": "GitHub_M",
+ "cwe_ids": [
+ "CWE-284",
+ "CWE-639",
+ "CWE-862",
+ "CWE-915"
+ ],
+ "osv_generated_from": "unknown"
+ },
+ "details": "LobeChat is an open source chat application platform. Prior to version 2.0.0-next.193, `knowledgeBase.removeFilesFromKnowledgeBase` tRPC ep allows authenticated users to delete files from any knowledge base without verifying ownership. `userId` filter in the database query is commented out, so it's enabling attackers to delete other users' KB files if they know the knowledge base ID and file ID. While the vulnerability is confirmed, practical exploitation requires knowing target's KB ID and target's file ID. These IDs are random and not easily enumerable. However, IDs may leak through shared links, logs, referrer headers and so on. Missing authorization check is a critical security flaw regardless. Users should upgrade to version 2.0.0-next.193 to receive a patch.",
+ "id": "CVE-2026-23522",
+ "modified": "2026-01-20T21:35:39.441Z",
+ "published": "2026-01-19T16:53:32.371Z",
+ "references": [
+ {
+ "type": "FIX",
+ "url": "https://github.com/lobehub/lobe-chat/commit/2c1762b85acb84467ed5e799afe1499cd2f912e6"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://github.com/lobehub/lobe-chat/security/advisories/GHSA-j7xp-4mg9-x28r"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23522"
+ }
+ ],
+ "schema_version": "1.7.3",
+ "severity": [
+ {
+ "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
+ "type": "CVSS_V3"
+ }
+ ],
+ "summary": "Lobe Chat has IDOR in Knowledge Base File Removal that Allows Cross User File Deletion"
+}
+{
+ "affected": [
+ {
+ "ranges": [
+ {
+ "database_specific": {
+ "source": "AFFECTED_FIELD",
+ "versions": [
+ {
+ "introduced": "0"
+ },
+ {
+ "fixed": "4.25.8"
+ },
+ {
+ "fixed": "5.29.5"
+ },
+ {
+ "fixed": "6.31.1"
+ }
+ ]
+ },
+ "events": [
+ {
+ "introduced": "0"
+ },
+ {
+ "fixed": "a4cbdd3ed0042e8f9b9c30e8b0634096d9532809"
+ },
+ {
+ "fixed": "f5de0a0495faa63b4186fc767324f8b9a7bf4fc4"
+ },
+ {
+ "fixed": "74211c0dfc2777318ab53c2cd2c317a2ef9012de"
+ }
+ ],
+ "repo": "https://github.com/protocolbuffers/protobuf",
+ "type": "GIT"
+ }
+ ]
+ }
+ ],
+ "database_specific": {
+ "cna_assigner": "Google",
+ "cwe_ids": [
+ "CWE-674"
+ ],
+ "osv_generated_from": "unknown"
+ },
+ "details": "Any project that uses Protobuf Pure-Python backend to parse untrusted Protocol Buffers data containing an arbitrary number of recursive groups, recursive messages or a series of SGROUP tags can be corrupted by exceeding the Python recursion limit. This can result in a Denial of service by crashing the application with a RecursionError. We recommend upgrading to version =\u003e6.31.1 or beyond commit 17838beda2943d08b8a9d4df5b68f5f04f26d901",
+ "id": "CVE-2025-4565",
+ "modified": "2025-06-16T15:39:18.263Z",
+ "published": "2025-06-16T14:50:40.906Z",
+ "references": [
+ {
+ "type": "WEB",
+ "url": "https://github.com/protocolbuffers/protobuf/"
+ },
+ {
+ "type": "FIX",
+ "url": "https://github.com/protocolbuffers/protobuf/commit/17838beda2943d08b8a9d4df5b68f5f04f26d901"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4565"
+ },
+ {
+ "type": "PACKAGE",
+ "url": "https://pypi.org/project/protobuf/"
+ }
+ ],
+ "schema_version": "1.7.3",
+ "severity": [
+ {
+ "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
+ "type": "CVSS_V4"
+ }
+ ],
+ "summary": "Unbounded recursion in Python Protobuf"
+}
+{
+ "affected": [
+ {
+ "ranges": [
+ {
+ "database_specific": {
+ "source": "AFFECTED_FIELD",
+ "versions": [
+ {
+ "introduced": "0"
+ },
+ {
+ "last_affected": "1.25.3"
+ }
+ ]
+ },
+ "events": [
+ {
+ "introduced": "0"
+ },
+ {
+ "last_affected": "9a7cfd8620989d9de6dc4ca0c95d9fd42c1768ed"
+ }
+ ],
+ "repo": "https://github.com/go-gitea/gitea",
+ "type": "GIT"
+ }
+ ]
+ }
+ ],
+ "aliases": [
+ "GHSA-vfmv-f93v-37mw"
+ ],
+ "database_specific": {
+ "cna_assigner": "Gitea",
+ "cwe_ids": [
+ "CWE-284",
+ "CWE-639"
+ ],
+ "osv_generated_from": "unknown"
+ },
+ "details": "Gitea does not properly validate repository ownership when linking attachments to releases. An attachment uploaded to a private repository could potentially be linked to a release in a different public repository, making it accessible to unauthorized users.",
+ "id": "CVE-2026-20912",
+ "modified": "2026-01-23T21:53:41.649Z",
+ "published": "2026-01-22T22:01:52.026Z",
+ "references": [
+ {
+ "type": "ADVISORY",
+ "url": "https://blog.gitea.com/release-of-1.25.4/"
+ },
+ {
+ "type": "FIX",
+ "url": "https://github.com/go-gitea/gitea/pull/36320"
+ },
+ {
+ "type": "FIX",
+ "url": "https://github.com/go-gitea/gitea/pull/36355"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://github.com/go-gitea/gitea/releases/tag/v1.25.4"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://github.com/go-gitea/gitea/security/advisories/GHSA-vfmv-f93v-37mw"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-20912"
+ }
+ ],
+ "schema_version": "1.7.3",
+ "severity": [
+ {
+ "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
+ "type": "CVSS_V3"
+ }
+ ],
+ "summary": "Gitea: Cross-Repository Authorization Bypass via Release Attachment Linking Leads to Private Attachment Disclosure"
+}
+{
+ "affected": [
+ {
+ "ranges": [
+ {
+ "database_specific": {
+ "source": "AFFECTED_FIELD",
+ "versions": [
+ {
+ "introduced": "0"
+ },
+ {
+ "last_affected": "4.x"
+ }
+ ]
+ },
+ "events": [
+ {
+ "introduced": "0"
+ },
+ {
+ "last_affected": "85c43e41805cde051a7a29aefcac2cd6aee8c69d"
+ }
+ ],
+ "repo": "https://github.com/forcedotcom/salesforcemobilesdk-windows",
+ "type": "GIT"
+ }
+ ]
+ }
+ ],
+ "database_specific": {
+ "cna_assigner": "VulDB",
+ "cwe_ids": [
+ "CWE-89"
+ ],
+ "osv_generated_from": "unknown"
+ },
+ "details": "** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in forcedotcom SalesforceMobileSDK-Windows up to 4.x. It has been rated as critical. This issue affects the function ComputeCountSql of the file SalesforceSDK/SmartStore/Store/QuerySpec.cs. The manipulation leads to sql injection. Upgrading to version 5.0.0 is able to address this issue. The patch is named 83b3e91e0c1e84873a6d3ca3c5887eb5b4f5a3d8. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-217619. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.",
+ "id": "CVE-2016-15012",
+ "modified": "2025-04-08T20:30:50.208Z",
+ "published": "2023-01-07T12:59:27.772Z",
+ "references": [
+ {
+ "type": "FIX",
+ "url": "https://github.com/forcedotcom/SalesforceMobileSDK-Windows/commit/83b3e91e0c1e84873a6d3ca3c5887eb5b4f5a3d8"
+ },
+ {
+ "type": "FIX",
+ "url": "https://github.com/forcedotcom/SalesforceMobileSDK-Windows/releases/tag/v5.0.0"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-15012"
+ },
+ {
+ "type": "REPORT",
+ "url": "https://vuldb.com/?ctiid.217619"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://vuldb.com/?id.217619"
+ }
+ ],
+ "schema_version": "1.7.3",
+ "severity": [
+ {
+ "score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
+ "type": "CVSS_V3"
+ }
+ ],
+ "summary": "forcedotcom SalesforceMobileSDK-Windows QuerySpec.cs ComputeCountSql sql injection"
+}
+{
+ "affected": [
+ {
+ "ranges": [
+ {
+ "database_specific": {
+ "source": "AFFECTED_FIELD",
+ "versions": [
+ {
+ "introduced": "0"
+ },
+ {
+ "last_affected": "8.9.0"
+ },
+ {
+ "last_affected": "8.8.0"
+ },
+ {
+ "last_affected": "8.7.1"
+ },
+ {
+ "last_affected": "8.7.0"
+ },
+ {
+ "last_affected": "8.6.0"
+ },
+ {
+ "last_affected": "8.5.0"
+ },
+ {
+ "last_affected": "8.4.0"
+ },
+ {
+ "last_affected": "8.3.0"
+ },
+ {
+ "last_affected": "8.2.1"
+ },
+ {
+ "last_affected": "8.2.0"
+ },
+ {
+ "last_affected": "8.1.2"
+ },
+ {
+ "last_affected": "8.1.1"
+ },
+ {
+ "last_affected": "8.1.0"
+ },
+ {
+ "last_affected": "8.0.1"
+ },
+ {
+ "last_affected": "8.0.0"
+ },
+ {
+ "last_affected": "7.88.1"
+ },
+ {
+ "last_affected": "7.88.0"
+ },
+ {
+ "last_affected": "7.87.0"
+ },
+ {
+ "last_affected": "7.86.0"
+ },
+ {
+ "last_affected": "7.85.0"
+ },
+ {
+ "last_affected": "7.84.0"
+ },
+ {
+ "last_affected": "7.83.1"
+ },
+ {
+ "last_affected": "7.83.0"
+ },
+ {
+ "last_affected": "7.82.0"
+ },
+ {
+ "last_affected": "7.81.0"
+ },
+ {
+ "last_affected": "7.80.0"
+ },
+ {
+ "last_affected": "7.79.1"
+ },
+ {
+ "last_affected": "7.79.0"
+ },
+ {
+ "last_affected": "7.78.0"
+ },
+ {
+ "last_affected": "7.77.0"
+ },
+ {
+ "last_affected": "7.76.1"
+ },
+ {
+ "last_affected": "7.76.0"
+ },
+ {
+ "last_affected": "7.75.0"
+ },
+ {
+ "last_affected": "7.74.0"
+ },
+ {
+ "last_affected": "7.73.0"
+ },
+ {
+ "last_affected": "7.72.0"
+ },
+ {
+ "last_affected": "7.71.1"
+ },
+ {
+ "last_affected": "7.71.0"
+ },
+ {
+ "last_affected": "7.70.0"
+ },
+ {
+ "last_affected": "7.69.1"
+ },
+ {
+ "last_affected": "7.69.0"
+ },
+ {
+ "last_affected": "7.68.0"
+ },
+ {
+ "last_affected": "7.67.0"
+ },
+ {
+ "last_affected": "7.66.0"
+ },
+ {
+ "last_affected": "7.65.3"
+ },
+ {
+ "last_affected": "7.65.2"
+ },
+ {
+ "last_affected": "7.65.1"
+ },
+ {
+ "last_affected": "7.65.0"
+ },
+ {
+ "last_affected": "7.64.1"
+ },
+ {
+ "last_affected": "7.64.0"
+ },
+ {
+ "last_affected": "7.63.0"
+ },
+ {
+ "last_affected": "7.62.0"
+ },
+ {
+ "last_affected": "7.61.1"
+ },
+ {
+ "last_affected": "7.61.0"
+ },
+ {
+ "last_affected": "7.60.0"
+ },
+ {
+ "last_affected": "7.59.0"
+ },
+ {
+ "last_affected": "7.58.0"
+ },
+ {
+ "last_affected": "7.57.0"
+ },
+ {
+ "last_affected": "7.56.1"
+ },
+ {
+ "last_affected": "7.56.0"
+ },
+ {
+ "last_affected": "7.55.1"
+ },
+ {
+ "last_affected": "7.55.0"
+ },
+ {
+ "last_affected": "7.54.1"
+ },
+ {
+ "last_affected": "7.54.0"
+ },
+ {
+ "last_affected": "7.53.1"
+ },
+ {
+ "last_affected": "7.53.0"
+ },
+ {
+ "last_affected": "7.52.1"
+ },
+ {
+ "last_affected": "7.52.0"
+ },
+ {
+ "last_affected": "7.51.0"
+ },
+ {
+ "last_affected": "7.50.3"
+ },
+ {
+ "last_affected": "7.50.2"
+ },
+ {
+ "last_affected": "7.50.1"
+ },
+ {
+ "last_affected": "7.50.0"
+ },
+ {
+ "last_affected": "7.49.1"
+ },
+ {
+ "last_affected": "7.49.0"
+ },
+ {
+ "last_affected": "7.48.0"
+ },
+ {
+ "last_affected": "7.47.1"
+ },
+ {
+ "last_affected": "7.47.0"
+ },
+ {
+ "last_affected": "7.46.0"
+ },
+ {
+ "last_affected": "7.45.0"
+ },
+ {
+ "last_affected": "7.44.0"
+ },
+ {
+ "last_affected": "7.43.0"
+ },
+ {
+ "last_affected": "7.42.1"
+ },
+ {
+ "last_affected": "7.42.0"
+ },
+ {
+ "last_affected": "7.41.0"
+ },
+ {
+ "last_affected": "7.40.0"
+ },
+ {
+ "last_affected": "7.39.0"
+ },
+ {
+ "last_affected": "7.38.0"
+ },
+ {
+ "last_affected": "7.37.1"
+ },
+ {
+ "last_affected": "7.37.0"
+ },
+ {
+ "last_affected": "7.36.0"
+ },
+ {
+ "last_affected": "7.35.0"
+ },
+ {
+ "last_affected": "7.34.0"
+ },
+ {
+ "last_affected": "7.33.0"
+ },
+ {
+ "last_affected": "7.32.0"
+ }
+ ]
+ },
+ "events": [
+ {
+ "introduced": "0"
+ },
+ {
+ "last_affected": "5040f7e94cd01decbe7ba8fdacbf489182d503dc"
+ },
+ {
+ "last_affected": "fd567d4f06857f4fc8e2f64ea727b1318f76ad33"
+ },
+ {
+ "last_affected": "de7b3e89218467159a7af72d58cea8425946e97d"
+ },
+ {
+ "last_affected": "72cf468d459d29e5366e416c014faaaf281dfa2d"
+ },
+ {
+ "last_affected": "5ce164e0e9290c96eb7d502173426c0a135ec008"
+ },
+ {
+ "last_affected": "7161cb17c01dcff1dc5bf89a18437d9d729f1ecd"
+ },
+ {
+ "last_affected": "172e54cda18412da73fd8eb4e444e8a5b371ca59"
+ },
+ {
+ "last_affected": "6fa1d817e5b1a00d7d0c8168091877476b499317"
+ },
+ {
+ "last_affected": "50490c0679fcd0e50bb3a8fbf2d9244845652cf0"
+ },
+ {
+ "last_affected": "98044e81705dc24a56daaf3544f30c13f0fc3a31"
+ },
+ {
+ "last_affected": "7ab9d43720bc34d9aa351c7ca683c1668ebf8335"
+ },
+ {
+ "last_affected": "1561d0675208854b39066877b140780a965702fa"
+ },
+ {
+ "last_affected": "a9f8fe28481fef7c28d85b4a12a3a35521408eaf"
+ },
+ {
+ "last_affected": "b16d1fa8ee567b52c09a0f89940b07d8491b881d"
+ },
+ {
+ "last_affected": "47ccaa4218c408e70671a2fa9caaa3caf8c1a877"
+ },
+ {
+ "last_affected": "046209e561b7e9b5aab1aef7daebf29ee6e6e8c7"
+ },
+ {
+ "last_affected": "3027611ca6d4cc5510d2d0fccc3e5a074e09a2fb"
+ },
+ {
+ "last_affected": "c12fb3ddaf48e709a7a4deaa55ec485e4df163ee"
+ },
+ {
+ "last_affected": "cd95ee9f771361acf241629d2fe5507e308082a2"
+ },
+ {
+ "last_affected": "93d092867f0f2c78571983040ef75e078ee1a4c4"
+ },
+ {
+ "last_affected": "45ac4d019475df03562fe0ac54eb67e1d1de0ca7"
+ },
+ {
+ "last_affected": "462196e6b4a47f924293a0e26b8e9c23d37ac26f"
+ },
+ {
+ "last_affected": "1669b17d3a1a1fd824308544ca0ec02a2a4f50ea"
+ },
+ {
+ "last_affected": "64db5c575d9c5536bd273a890f50777ad1ca7c13"
+ },
+ {
+ "last_affected": "801bd5138ce31aa0d906fa4e2eabfc599d74e793"
+ },
+ {
+ "last_affected": "9e560d11aad028de74addc0d1edfefa5667884f4"
+ },
+ {
+ "last_affected": "c7aef0a945f9b6fb6d3f91716a21dfe2f4ea635f"
+ },
+ {
+ "last_affected": "8e82f2a04a238c54ba91e553e9a8452e6d405965"
+ },
+ {
+ "last_affected": "bfbde883af33397943df68a3ae01847a634d33bf"
+ },
+ {
+ "last_affected": "6b951a6928811507d493303b2878e848c077b471"
+ },
+ {
+ "last_affected": "566b74a0e19b9aa610f4931e5bfd339bcf8e9147"
+ },
+ {
+ "last_affected": "3266b35bbe21c68dea0dc7ccd991eb028e6d360c"
+ },
+ {
+ "last_affected": "2f33be817cbce6ad7a36f27dd7ada9219f13584c"
+ },
+ {
+ "last_affected": "e052859759b34d0e05ce0f17244873e5cd7b457b"
+ },
+ {
+ "last_affected": "315ee3fe75dade912b48a21ceec9ccda0230d937"
+ },
+ {
+ "last_affected": "0c9211798fc80d5c9cc9bcdc8e11eb485c9c1c5b"
+ },
+ {
+ "last_affected": "5a1fc8d33808d7b22f57bdf9403cda7ff07b0670"
+ },
+ {
+ "last_affected": "e9db32a09af03f27e86d1251a9e68e9b7486d371"
+ },
+ {
+ "last_affected": "53cdc2c963e33bc0cc1a51ad2df79396202e07f8"
+ },
+ {
+ "last_affected": "b81e0b07784dc4c1e8d0a86194b9d28776d071c0"
+ },
+ {
+ "last_affected": "b8d1366852fd0034374c5de1e4968c7a224f77cc"
+ },
+ {
+ "last_affected": "2cfac302fbeec68f1727cba3d1705e16f02220ad"
+ },
+ {
+ "last_affected": "2e9b725f67d49a9d7a1f053fe52dd4920c9ab1ad"
+ },
+ {
+ "last_affected": "9cd755e1d768bbf228e7c9faf223b7459f7e0105"
+ },
+ {
+ "last_affected": "aa73eb47bc8583070734696b25b34ad54c2c1f5e"
+ },
+ {
+ "last_affected": "72c2cac8f0ac3a89c21d00b6c6e36fe6c6a8e62b"
+ },
+ {
+ "last_affected": "69248b58f649e35b09a126c12781353e3471f5c6"
+ },
+ {
+ "last_affected": "885ce31401b6789c959131754b1e5ae518964072"
+ },
+ {
+ "last_affected": "521bbbe29928f9bc1c61306df612e856d45cbe5a"
+ },
+ {
+ "last_affected": "f3294d9d86e6a7915a967efff2842089b8b0d071"
+ },
+ {
+ "last_affected": "4258dc02d86e7e4de9f795a1af3a0bc6732d4ab5"
+ },
+ {
+ "last_affected": "196677150f711a96c38ed123e621f1d4e995b2e5"
+ },
+ {
+ "last_affected": "432eb5f5c254ee8383b2522ce597c9219877923e"
+ },
+ {
+ "last_affected": "eb8138405a3f747f2c236464932f72e918946f68"
+ },
+ {
+ "last_affected": "cb013830383f1ccc9757aba36bc32df5ec281c02"
+ },
+ {
+ "last_affected": "4d6bd91ab33328c6d27eddc32e064defc02dc4fd"
+ },
+ {
+ "last_affected": "d6c21c8eec597a925d2b647cff3d58ac69de01a0"
+ },
+ {
+ "last_affected": "62c07b5743490ce373910f469abc8cdc759bec2b"
+ },
+ {
+ "last_affected": "c514af5a4f5ac3ce724065cc6a8e009373436f78"
+ },
+ {
+ "last_affected": "3ea76790571c1f7cf1bed34fabffd3cc20ad3dd3"
+ },
+ {
+ "last_affected": "8839c05fba1f8415eec17eff8ac60cc3a50eb51e"
+ },
+ {
+ "last_affected": "2679562dc7685674998f2841811d361400ae0d19"
+ },
+ {
+ "last_affected": "54b636f14546d3fde9f9c67c3b32701d78563161"
+ },
+ {
+ "last_affected": "d957e2189fdc73cef0ff3d1fb58043d354754449"
+ },
+ {
+ "last_affected": "25df50aa3392ecdbf2b8256b93b30558e8b3a810"
+ },
+ {
+ "last_affected": "a7135ac3c3d825ec9f4919ee0212434e01e76b4c"
+ },
+ {
+ "last_affected": "44b9b4d4f56d6f6de92c89636994c03984e9cd01"
+ },
+ {
+ "last_affected": "95c717bbd9c327c38b4efcc37d5cda29b8ee2a36"
+ },
+ {
+ "last_affected": "3c561c657c2f0e553b19115a506592a8bbd744bc"
+ },
+ {
+ "last_affected": "8986c86e1ef297e95518ae4695339f2d64d913cf"
+ },
+ {
+ "last_affected": "9ce6d0d52821c6e33506cb173f0e27c68014e60e"
+ },
+ {
+ "last_affected": "f2cb3a01192d36395d16acec6cdb93446ca6fd45"
+ },
+ {
+ "last_affected": "79e63a53bb9598af863b0afe49ad662795faeef4"
+ },
+ {
+ "last_affected": "cf93a7b364a70b56150cf6ea77492b799ec02a45"
+ },
+ {
+ "last_affected": "67fe54d918a3b42a24cb7f5db81514c10e239735"
+ },
+ {
+ "last_affected": "9819cec61b00cc872136ea5faf469627b3b87e69"
+ },
+ {
+ "last_affected": "8f995e2e0022292374fc99a2277069b08ad98b5c"
+ },
+ {
+ "last_affected": "06bf874bbca0a5c600b210b5db920eff9f95f0d0"
+ },
+ {
+ "last_affected": "e2ae32ff5f3ab6f0819590f61f248f17df12987f"
+ },
+ {
+ "last_affected": "2c000d91f3c423cee0af44e8afc79b9d25a9e714"
+ },
+ {
+ "last_affected": "1a7f66a3de2625d10f65415e6eb3e56067dc0555"
+ },
+ {
+ "last_affected": "38e07886ed2792988217a2ffa482ce3a69ca92c2"
+ },
+ {
+ "last_affected": "4feb6e6d035d5d66984957c8ca22bc9a05df527f"
+ },
+ {
+ "last_affected": "22691f849ac959ffaa821a3ca7f746ee54bd5e52"
+ },
+ {
+ "last_affected": "ff837422ee4ec7d6aea7750a40e30cba29db93e8"
+ },
+ {
+ "last_affected": "9ce2d7001939b795b45a8ce7700d1a3dcde0475d"
+ },
+ {
+ "last_affected": "303bfc1024d948a5ba134ccfc106f82c0b4fd675"
+ },
+ {
+ "last_affected": "202aa9f7758636730299b86715d924f54468a908"
+ },
+ {
+ "last_affected": "df5169fa35f31ebe10893f2a3416ec8e8d8faa20"
+ },
+ {
+ "last_affected": "3fed9acaef45ac8b99ceecc38afbed3494e2d3ef"
+ },
+ {
+ "last_affected": "4f041c9d6e61829310eb0715d8edb2a232478123"
+ },
+ {
+ "last_affected": "2bf90d071016e279796e789f0ac223d635671a41"
+ },
+ {
+ "last_affected": "0966b324d911423c81351fb12e9219f71cd63be8"
+ },
+ {
+ "last_affected": "f77e89c5d20db09eaebf378ec036a7e796932810"
+ },
+ {
+ "last_affected": "70812c2f32fc5734bcbbe572b9f61c380433ad6a"
+ }
+ ],
+ "repo": "https://github.com/curl/curl",
+ "type": "GIT"
+ }
+ ]
+ }
+ ],
+ "database_specific": {
+ "cna_assigner": "curl",
+ "osv_generated_from": "unknown"
+ },
+ "details": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.",
+ "id": "CVE-2024-7264",
+ "modified": "2025-11-03T22:32:51.400Z",
+ "published": "2024-07-31T08:08:14.585Z",
+ "references": [
+ {
+ "type": "WEB",
+ "url": "http://www.openwall.com/lists/oss-security/2024/07/31/1"
+ },
+ {
+ "type": "WEB",
+ "url": "https://curl.se/docs/CVE-2024-7264.html"
+ },
+ {
+ "type": "WEB",
+ "url": "https://curl.se/docs/CVE-2024-7264.json"
+ },
+ {
+ "type": "FIX",
+ "url": "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519"
+ },
+ {
+ "type": "WEB",
+ "url": "https://hackerone.com/reports/2629968"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://security.netapp.com/advisory/ntap-20240828-0008/"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://security.netapp.com/advisory/ntap-20241025-0006/"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://security.netapp.com/advisory/ntap-20241025-0010/"
+ }
+ ],
+ "schema_version": "1.7.3",
+ "severity": [
+ {
+ "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
+ "type": "CVSS_V3"
+ }
+ ],
+ "summary": "ASN.1 date parser overread"
+}
+{
+ "affected": [
+ {
+ "ranges": [
+ {
+ "database_specific": {
+ "source": "AFFECTED_FIELD",
+ "versions": [
+ {
+ "introduced": "1.7.0"
+ },
+ {
+ "fixed": "1.18.4"
+ },
+ {
+ "introduced": "1.19.0"
+ },
+ {
+ "fixed": "1.20.3"
+ },
+ {
+ "introduced": "1.21.0"
+ },
+ {
+ "fixed": "1.23.1"
+ }
+ ]
+ },
+ "events": [
+ {
+ "introduced": "f64673580dfc649954eb744eb2734f2f118baa47"
+ },
+ {
+ "fixed": "9241c3eddf4a6a218681b088d71f7191513e2376"
+ },
+ {
+ "introduced": "674d77d4ef42bd99238521546b3b2cd60b26e50d"
+ },
+ {
+ "fixed": "ba81945ffc2695b71f2bbcadbfb5e46ec55aaef3"
+ },
+ {
+ "introduced": "50795e652ecb0747c8d048aeaa38a41dddb2da4b"
+ },
+ {
+ "fixed": "1a997ffbd62334af2553775234e75ede2d7d949f"
+ }
+ ],
+ "repo": "https://github.com/tokio-rs/tokio",
+ "type": "GIT"
+ }
+ ]
+ }
+ ],
+ "aliases": [
+ "GHSA-7rrj-xr53-82p7"
+ ],
+ "database_specific": {
+ "cna_assigner": "GitHub_M",
+ "cwe_ids": [
+ "CWE-665"
+ ],
+ "osv_generated_from": "unknown"
+ },
+ "details": "Tokio is a runtime for writing applications with Rust. Starting with version 1.7.0 and prior to versions 1.18.4, 1.20.3, and 1.23.1, when configuring a Windows named pipe server, setting `pipe_mode` will reset `reject_remote_clients` to `false`. If the application has previously configured `reject_remote_clients` to `true`, this effectively undoes the configuration. Remote clients may only access the named pipe if the named pipe's associated path is accessible via a publicly shared folder (SMB). Versions 1.23.1, 1.20.3, and 1.18.4 have been patched. The fix will also be present in all releases starting from version 1.24.0. Named pipes were introduced to Tokio in version 1.7.0, so releases older than 1.7.0 are not affected. As a workaround, ensure that `pipe_mode` is set first after initializing a `ServerOptions`.",
+ "id": "CVE-2023-22466",
+ "modified": "2025-03-10T21:32:32.950Z",
+ "published": "2023-01-04T21:47:09.400Z",
+ "references": [
+ {
+ "type": "FIX",
+ "url": "https://github.com/tokio-rs/tokio/pull/5336"
+ },
+ {
+ "type": "WEB",
+ "url": "https://github.com/tokio-rs/tokio/releases/tag/tokio-1.23.1"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://github.com/tokio-rs/tokio/security/advisories/GHSA-7rrj-xr53-82p7"
+ },
+ {
+ "type": "WEB",
+ "url": "https://learn.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-createnamedpipea#pipe_reject_remote_clients"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-22466"
+ }
+ ],
+ "schema_version": "1.7.3",
+ "severity": [
+ {
+ "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
+ "type": "CVSS_V3"
+ }
+ ],
+ "summary": "Tokio's reject_remote_clients configuration may get dropped when creating a Windows named pipe"
+}
+{
+ "affected": [
+ {}
+ ],
+ "database_specific": {
+ "cna_assigner": "mitre",
+ "osv_generated_from": "unknown"
+ },
+ "details": "An integer overflow in the component hb-ot-shape-fallback.cc of Harfbuzz v4.3.0 allows attackers to cause a Denial of Service (DoS) via unspecified vectors.",
+ "id": "CVE-2022-33068",
+ "modified": "2024-08-03T08:01:19.054Z",
+ "published": "2022-06-22T13:24:42Z",
+ "references": [
+ {
+ "type": "FIX",
+ "url": "https://github.com/harfbuzz/harfbuzz/commit/62e803b36173fd096d7ad460dd1d1db9be542593"
+ },
+ {
+ "type": "REPORT",
+ "url": "https://github.com/harfbuzz/harfbuzz/issues/3557"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FQBJ24W6TXLSAQWCFW7IBGUMX4AJI3S4/"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QQMEXOVDL3T2UXKBCON7JSOCE646G7HG/"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W56WTC5IY4EIUHVUIHMCXA3BSBZLSZCI/"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-33068"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://security.gentoo.org/glsa/202209-11"
+ }
+ ],
+ "schema_version": "1.7.3"
+}
+{
+ "affected": [
+ {}
+ ],
+ "database_specific": {
+ "cna_assigner": "mitre",
+ "osv_generated_from": "unknown"
+ },
+ "details": "FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the concat protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP request in which the URL string contains the first line of a local file.",
+ "id": "CVE-2016-1897",
+ "modified": "2024-08-05T23:10:39.912Z",
+ "published": "2016-01-15T02:00:00Z",
+ "references": [
+ {
+ "type": "ARTICLE",
+ "url": "http://habrahabr.ru/company/mailru/blog/274855"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00034.html"
+ },
+ {
+ "type": "WEB",
+ "url": "http://security.stackexchange.com/questions/110644"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "http://www.debian.org/security/2016/dsa-3506"
+ },
+ {
+ "type": "ARTICLE",
+ "url": "http://www.openwall.com/lists/oss-security/2016/01/14/1"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "http://www.securityfocus.com/bid/80501"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "http://www.securitytracker.com/id/1034932"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.529036"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "http://www.ubuntu.com/usn/USN-2944-1"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1897"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://security.gentoo.org/glsa/201606-09"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://security.gentoo.org/glsa/201705-08"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://www.kb.cert.org/vuls/id/772447"
+ }
+ ],
+ "schema_version": "1.7.3"
+}
+{
+ "affected": [
+ {}
+ ],
+ "database_specific": {
+ "cna_assigner": "redhat",
+ "cwe_ids": [
+ "CWE-122",
+ "CWE-131"
+ ],
+ "osv_generated_from": "unknown",
+ "unresolved_ranges": [
+ {
+ "metadata": {
+ "source": "AFFECTED_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "7.61.1"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "source": "DESCRIPTION"
+ },
+ "versions": [
+ {
+ "fixed": "7.61.1"
+ }
+ ]
+ }
+ ]
+ },
+ "details": "curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently used to iterate over the password and generate output into the allocated storage buffer. On systems with a 32 bit size_t, the math to calculate SUM triggers an integer overflow when the password length exceeds 2GB (2^31 bytes). This integer overflow usually causes a very small buffer to actually get allocated instead of the intended very huge one, making the use of that buffer end up in a heap buffer overflow. (This bug is almost identical to CVE-2017-8816.)",
+ "id": "CVE-2018-14618",
+ "modified": "2024-08-05T09:29:51.906Z",
+ "published": "2018-09-05T19:00:00Z",
+ "references": [
+ {
+ "type": "ADVISORY",
+ "url": "http://www.securitytracker.com/id/1041605"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://access.redhat.com/errata/RHSA-2018:3558"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://access.redhat.com/errata/RHSA-2019:1880"
+ },
+ {
+ "type": "REPORT",
+ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14618"
+ },
+ {
+ "type": "WEB",
+ "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf"
+ },
+ {
+ "type": "WEB",
+ "url": "https://curl.haxx.se/docs/CVE-2018-14618.html"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14618"
+ },
+ {
+ "type": "WEB",
+ "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0014"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://security.gentoo.org/glsa/201903-03"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://usn.ubuntu.com/3765-1/"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://usn.ubuntu.com/3765-2/"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://www.debian.org/security/2018/dsa-4286"
+ }
+ ],
+ "schema_version": "1.7.3",
+ "severity": [
+ {
+ "score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
+ "type": "CVSS_V3"
+ }
+ ]
+}
+{
+ "affected": [
+ {}
+ ],
+ "database_specific": {
+ "cna_assigner": "redhat",
+ "cwe_ids": [
+ "CWE-200"
+ ],
+ "osv_generated_from": "unknown",
+ "unresolved_ranges": [
+ {
+ "metadata": {
+ "source": "AFFECTED_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "11 and 12"
+ }
+ ]
+ }
+ ]
+ },
+ "details": "A flaw was found in RHDS 11 and RHDS 12. While browsing entries LDAP tries to decode the userPassword attribute instead of the userCertificate attribute which could lead into sensitive information leaked. An attacker with a local account where the cockpit-389-ds is running can list the processes and display the hashed passwords. The highest threat from this vulnerability is to data confidentiality.",
+ "id": "CVE-2023-1055",
+ "modified": "2025-03-11T14:02:59.854Z",
+ "published": "2023-02-27T00:00:00Z",
+ "references": [
+ {
+ "type": "REPORT",
+ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2173517#c0"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZOYQ5TCV6ZEPMDV4CSLK3KINAAO4SRI/"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1055"
+ }
+ ],
+ "schema_version": "1.7.3"
+}
+{
+ "affected": [
+ {}
+ ],
+ "database_specific": {
+ "cna_assigner": "redhat",
+ "cwe_ids": [
+ "CWE-415"
+ ],
+ "osv_generated_from": "unknown",
+ "unresolved_ranges": [
+ {
+ "metadata": {
+ "source": "AFFECTED_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "0.1.0"
+ }
+ ]
+ }
+ ]
+ },
+ "details": "A double-free vulnerability was found in libdwarf. In a multiply-corrupted DWARF object, libdwarf may try to dealloc(free) an allocation twice, potentially causing unpredictable and various results.",
+ "id": "CVE-2024-2002",
+ "modified": "2025-11-20T18:21:28.745Z",
+ "published": "2024-03-18T12:26:31.386Z",
+ "references": [
+ {
+ "type": "WEB",
+ "url": "https://access.redhat.com/downloads/content/package-browser/"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://access.redhat.com/security/cve/CVE-2024-2002"
+ },
+ {
+ "type": "REPORT",
+ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267700"
+ },
+ {
+ "type": "WEB",
+ "url": "https://github.com/davea42/libdwarf-code/"
+ },
+ {
+ "type": "WEB",
+ "url": "https://github.com/davea42/libdwarf-code/blob/main/bugxml/data.txt"
+ },
+ {
+ "type": "WEB",
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGPVLSPIXR32J6FOAFTTIMYTUUXJICGW/"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2002"
+ }
+ ],
+ "schema_version": "1.7.3",
+ "severity": [
+ {
+ "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+ "type": "CVSS_V3"
+ }
+ ],
+ "summary": "Libdwarf: crashes randomly on fuzzed object"
+}
+---
diff --git a/vulnfeeds/conversion/cve5/common.go b/vulnfeeds/conversion/cve5/common.go
index efdd522c4cc..1d00bc12fae 100644
--- a/vulnfeeds/conversion/cve5/common.go
+++ b/vulnfeeds/conversion/cve5/common.go
@@ -6,7 +6,7 @@ import (
"strconv"
"strings"
- "github.com/google/osv/vulnfeeds/conversion"
+ c "github.com/google/osv/vulnfeeds/conversion"
"github.com/google/osv/vulnfeeds/models"
"github.com/google/osv/vulnfeeds/vulns"
"github.com/ossf/osv-schema/bindings/go/osvschema"
@@ -53,10 +53,10 @@ func toVersionRangeType(s string) VersionRangeType {
// findCPEVersionRanges extracts version ranges and CPE strings from the CNA's
// CPE applicability statements in a CVE record.
-func findCPEVersionRanges(cve models.CVE5) (versionRanges []*osvschema.Range, cpes []string, err error) {
+func findCPEVersionRanges(cve models.CVE5) (versionRanges []models.RangeWithMetadata, cpes []string, err error) {
// TODO(jesslowe): Add logic to also extract CPEs from the 'affected' field (e.g., CVE-2025-1110).
- for _, c := range cve.Containers.CNA.CPEApplicability {
- for _, node := range c.Nodes {
+ for _, cpe := range cve.Containers.CNA.CPEApplicability {
+ for _, node := range cpe.Nodes {
if node.Operator != "OR" {
continue
}
@@ -70,11 +70,14 @@ func findCPEVersionRanges(cve models.CVE5) (versionRanges []*osvschema.Range, cp
if match.VersionStartIncluding == "" {
match.VersionStartIncluding = "0"
}
-
+ var nr []*osvschema.Range
if match.VersionEndExcluding != "" {
- versionRanges = append(versionRanges, conversion.BuildVersionRange(match.VersionStartIncluding, "", match.VersionEndExcluding))
+ nr = append(nr, c.BuildVersionRange(match.VersionStartIncluding, "", match.VersionEndExcluding))
} else if match.VersionEndIncluding != "" {
- versionRanges = append(versionRanges, conversion.BuildVersionRange(match.VersionStartIncluding, match.VersionEndIncluding, ""))
+ nr = append(nr, c.BuildVersionRange(match.VersionStartIncluding, match.VersionEndIncluding, ""))
+ }
+ if nr != nil {
+ versionRanges = append(versionRanges, c.ToRangeWithMetadata(nr, models.VersionSourceCPE)...)
}
}
}
@@ -98,8 +101,8 @@ func compareSemverLike(a, b string) int {
// We ignore the error, so non-numeric parts default to 0.
numA, _ := strconv.Atoi(partsA[i])
numB, _ := strconv.Atoi(partsB[i])
- if c := cmp.Compare(numA, numB); c != 0 {
- return c
+ if v := cmp.Compare(numA, numB); v != 0 {
+ return v
}
}
// If lengths are the same, they're equal.
diff --git a/vulnfeeds/conversion/cve5/converter_test.go b/vulnfeeds/conversion/cve5/converter_test.go
index 672489b0bd4..a6ae340e580 100644
--- a/vulnfeeds/conversion/cve5/converter_test.go
+++ b/vulnfeeds/conversion/cve5/converter_test.go
@@ -589,6 +589,52 @@ func TestConvertAndExportCVEToOSV(t *testing.T) {
}
}
+func TestCVE5Snapshot(t *testing.T) {
+ testDir := "../../test_data/cve5"
+ files, err := os.ReadDir(testDir)
+ if err != nil {
+ t.Fatalf("Failed to read test directory %s: %v", testDir, err)
+ }
+
+ results := make([]string, 0, len(files))
+ for _, file := range files {
+ if file.IsDir() || filepath.Ext(file.Name()) != ".json" {
+ continue
+ }
+
+ path := filepath.Join(testDir, file.Name())
+ content, err := os.ReadFile(path)
+ if err != nil {
+ t.Fatalf("Failed to read %s: %v", path, err)
+ }
+
+ var cve models.CVE5
+ err = json.Unmarshal(content, &cve)
+ if err != nil {
+ t.Fatalf("Failed to unmarshal %s: %v", path, err)
+ }
+
+ vWriter := bytes.NewBuffer(nil)
+ mWriter := bytes.NewBuffer(nil)
+ _, err = ConvertAndExportCVEToOSV(cve, vWriter, mWriter, "")
+ if err != nil {
+ t.Fatalf("Failed to convert %s: %v", path, err)
+ }
+
+ results = append(results, vWriter.String())
+ }
+
+ // Sort results for deterministic snapshot
+ sort.Strings(results)
+
+ keys := make([]any, 0, len(results))
+ for _, r := range results {
+ keys = append(keys, r)
+ }
+
+ snaps.MatchSnapshot(t, keys...)
+}
+
func TestFromCVE5_ReferencesDeterminism(t *testing.T) {
cve := models.CVE5{}
metrics := &models.ConversionMetrics{}
diff --git a/vulnfeeds/conversion/cve5/default_extractor.go b/vulnfeeds/conversion/cve5/default_extractor.go
index 78ee2f6586c..30503fa9776 100644
--- a/vulnfeeds/conversion/cve5/default_extractor.go
+++ b/vulnfeeds/conversion/cve5/default_extractor.go
@@ -1,10 +1,12 @@
package cve5
import (
+ "maps"
+ "slices"
+
c "github.com/google/osv/vulnfeeds/conversion"
"github.com/google/osv/vulnfeeds/git"
"github.com/google/osv/vulnfeeds/models"
- "github.com/google/osv/vulnfeeds/utility"
"github.com/google/osv/vulnfeeds/utility/logger"
"github.com/google/osv/vulnfeeds/vulns"
"github.com/ossf/osv-schema/bindings/go/osvschema"
@@ -13,8 +15,8 @@ import (
// DefaultVersionExtractor provides the default version extraction logic.
type DefaultVersionExtractor struct{}
-func (d *DefaultVersionExtractor) handleAffected(affected []models.Affected, metrics *models.ConversionMetrics) []*osvschema.Range {
- var ranges []*osvschema.Range
+func (d *DefaultVersionExtractor) handleAffected(affected []models.Affected, metrics *models.ConversionMetrics) []models.RangeWithMetadata {
+ var ranges []models.RangeWithMetadata
for _, cveAff := range affected {
versionRanges, _ := d.FindNormalAffectedRanges(cveAff, metrics)
@@ -35,15 +37,30 @@ func (d *DefaultVersionExtractor) ExtractVersions(cve models.CVE5, v *vulns.Vuln
repoTagsCache := &git.RepoTagsCache{}
ranges := d.handleAffected(cve.Containers.CNA.Affected, metrics)
+ successfulRepos := make(map[string]bool)
+ var resolvedRanges []models.RangeWithMetadata
+ var unresolvedRanges []models.RangeWithMetadata
+
+ processRanges := func(nr []models.RangeWithMetadata) bool {
+ r, un, sR := c.ProcessRanges(nr, repos, metrics, repoTagsCache, models.VersionSourceAffected)
+ resolvedRanges = append(resolvedRanges, r...)
+ unresolvedRanges = append(unresolvedRanges, un...)
+ for _, s := range sR {
+ successfulRepos[s] = true
+ }
+ if len(r) == 0 {
+ metrics.AddNote("Failed to convert git versions to commits")
+ return false
+ }
+
+ return true
+ }
if len(ranges) != 0 {
- resolvedRanges, unresolvedRanges, _ := c.GitVersionsToCommits(ranges, repos, metrics, repoTagsCache)
- if len(resolvedRanges) == 0 {
- metrics.AddNote("Failed to convert git versions to commits")
- } else {
+ if processRanges(ranges) {
gotVersions = true
+ metrics.SetOutcome(models.Successful)
}
- addRangesToAffected(resolvedRanges, unresolvedRanges, v, metrics)
}
if !gotVersions {
@@ -51,37 +68,43 @@ func (d *DefaultVersionExtractor) ExtractVersions(cve models.CVE5, v *vulns.Vuln
versionRanges, _ := cpeVersionExtraction(cve, metrics)
if len(versionRanges) != 0 {
- resolvedRanges, unresolvedRanges, _ := c.GitVersionsToCommits(versionRanges, repos, metrics, repoTagsCache)
- if len(resolvedRanges) == 0 {
- metrics.AddNote("Failed to convert git versions to commits")
- } else {
+ if processRanges(versionRanges) {
gotVersions = true
}
- addRangesToAffected(resolvedRanges, unresolvedRanges, v, metrics)
}
}
if !gotVersions {
metrics.AddNote("No versions in CPEs so attempting extraction from description")
- versionRanges := textVersionExtraction(cve, metrics)
- if len(versionRanges) != 0 {
- resolvedRanges, unresolvedRanges, _ := c.GitVersionsToCommits(versionRanges, repos, metrics, repoTagsCache)
- if len(resolvedRanges) == 0 {
- metrics.AddNote("Failed to convert git versions to commits")
- }
+ textRanges := c.ExtractVersionsFromText(nil, models.EnglishDescription(cve.Containers.CNA.Descriptions), metrics, models.VersionSourceDescription)
+ if len(textRanges) > 0 {
+ metrics.AddNote("Extracted versions from description: %v", textRanges)
+ }
+ if len(textRanges) != 0 {
+ processRanges(textRanges)
+ }
+ }
+
+ keys := slices.Collect(maps.Keys(successfulRepos))
+ groupedRanges := c.GroupRanges(resolvedRanges)
+ affected := c.MergeRangesAndCreateAffected(groupedRanges, nil, keys, metrics)
+ v.Affected = append(v.Affected, affected)
- addRangesToAffected(resolvedRanges, unresolvedRanges, v, metrics)
+ if len(unresolvedRanges) > 0 {
+ unresolvedRangesList := c.CreateUnresolvedRanges(unresolvedRanges)
+ if err := c.AddFieldToDatabaseSpecific(v.DatabaseSpecific, "unresolved_ranges", unresolvedRangesList); err != nil {
+ logger.Warn("failed to make database specific: %v", err)
}
}
}
-func (d *DefaultVersionExtractor) FindNormalAffectedRanges(affected models.Affected, metrics *models.ConversionMetrics) ([]*osvschema.Range, VersionRangeType) {
+func (d *DefaultVersionExtractor) FindNormalAffectedRanges(affected models.Affected, metrics *models.ConversionMetrics) ([]models.RangeWithMetadata, VersionRangeType) {
versionTypesCount := make(map[VersionRangeType]int)
- var versionRanges []*osvschema.Range
+ var versionRanges []models.RangeWithMetadata
for _, vers := range affected.Versions {
ranges, _, shouldContinue := initialNormalExtraction(vers, metrics, versionTypesCount)
if len(ranges) > 0 {
- versionRanges = append(versionRanges, ranges...)
+ versionRanges = append(versionRanges, c.ToRangeWithMetadata(ranges, models.VersionSourceAffected)...)
}
if shouldContinue {
@@ -97,17 +120,22 @@ func (d *DefaultVersionExtractor) FindNormalAffectedRanges(affected models.Affec
if av.Introduced == "" {
continue
}
+
if av.Fixed != "" {
- versionRanges = append(versionRanges, c.BuildVersionRange(av.Introduced, "", av.Fixed))
+ vr := []*osvschema.Range{c.BuildVersionRange(av.Introduced, "", av.Fixed)}
+ versionRanges = append(versionRanges, c.ToRangeWithMetadata(vr, models.VersionSourceAffected)...)
+
continue
} else if av.LastAffected != "" {
- versionRanges = append(versionRanges, c.BuildVersionRange(av.Introduced, av.LastAffected, ""))
+ vr := []*osvschema.Range{c.BuildVersionRange(av.Introduced, av.LastAffected, "")}
+ versionRanges = append(versionRanges, c.ToRangeWithMetadata(vr, models.VersionSourceAffected)...)
+
continue
}
}
// Try to extract versions from text like "before 1.4.7".
- possibleVersions := c.ExtractVersionsFromText(nil, vers.Version, metrics)
+ possibleVersions := c.ExtractVersionsFromText(nil, vers.Version, metrics, models.VersionSourceAffected)
if possibleVersions != nil {
metrics.AddNote("Versions retrieved from text but not used CURRENTLY")
@@ -116,7 +144,8 @@ func (d *DefaultVersionExtractor) FindNormalAffectedRanges(affected models.Affec
// As a fallback, assume a single version means it's the last affected version.
if vulns.CheckQuality(vers.Version).AtLeast(acceptableQuality) {
- versionRanges = append(versionRanges, c.BuildVersionRange("0", vers.Version, ""))
+ vr := []*osvschema.Range{c.BuildVersionRange("0", vers.Version, "")}
+ versionRanges = append(versionRanges, c.ToRangeWithMetadata(vr, models.VersionSourceAffected)...)
metrics.AddNote("Single version found %v - Assuming introduced = 0 and last affected = %v", vers.Version, vers.Version)
}
}
@@ -133,20 +162,3 @@ func (d *DefaultVersionExtractor) FindNormalAffectedRanges(affected models.Affec
return versionRanges, mostFrequentVersionType
}
-
-func addRangesToAffected(resolvedRanges []*osvschema.Range, unresolvedRanges []*osvschema.Range, v *vulns.Vulnerability, metrics *models.ConversionMetrics) {
- if len(resolvedRanges) > 0 {
- aff := &osvschema.Affected{
- Ranges: resolvedRanges,
- }
- if len(unresolvedRanges) > 0 {
- databaseSpecific, err := utility.NewStructpbFromMap(map[string]any{"unresolved_ranges": unresolvedRanges})
- if err != nil {
- logger.Warn("failed to make database specific: %v", err)
- } else {
- aff.DatabaseSpecific = databaseSpecific
- }
- }
- c.AddAffected(v, aff, metrics)
- }
-}
diff --git a/vulnfeeds/conversion/cve5/extraction.go b/vulnfeeds/conversion/cve5/extraction.go
index ab83f049c52..ebd3491f483 100644
--- a/vulnfeeds/conversion/cve5/extraction.go
+++ b/vulnfeeds/conversion/cve5/extraction.go
@@ -3,13 +3,12 @@ package cve5
import (
"github.com/google/osv/vulnfeeds/models"
"github.com/google/osv/vulnfeeds/vulns"
- "github.com/ossf/osv-schema/bindings/go/osvschema"
)
// VersionExtractor defines the interface for different version extraction strategies.
type VersionExtractor interface {
ExtractVersions(cve models.CVE5, v *vulns.Vulnerability, metrics *models.ConversionMetrics, repos []string)
- FindNormalAffectedRanges(affected models.Affected, metrics *models.ConversionMetrics) ([]*osvschema.Range, VersionRangeType)
+ FindNormalAffectedRanges(affected models.Affected, metrics *models.ConversionMetrics) ([]models.RangeWithMetadata, VersionRangeType)
}
// GetVersionExtractor returns the appropriate VersionExtractor for a given CNA.
diff --git a/vulnfeeds/conversion/cve5/linux_extractor.go b/vulnfeeds/conversion/cve5/linux_extractor.go
index 677fd20e616..92c40b5f60a 100644
--- a/vulnfeeds/conversion/cve5/linux_extractor.go
+++ b/vulnfeeds/conversion/cve5/linux_extractor.go
@@ -6,8 +6,9 @@ import (
"strconv"
"strings"
- "github.com/google/osv/vulnfeeds/conversion"
+ c "github.com/google/osv/vulnfeeds/conversion"
"github.com/google/osv/vulnfeeds/models"
+ "github.com/google/osv/vulnfeeds/utility/logger"
"github.com/google/osv/vulnfeeds/vulns"
"github.com/ossf/osv-schema/bindings/go/osvconstants"
"github.com/ossf/osv-schema/bindings/go/osvschema"
@@ -30,7 +31,11 @@ func (l *LinuxVersionExtractor) handleAffected(v *vulns.Vulnerability, affected
if cveAff.DefaultStatus == "affected" {
versionRanges, versionType = findInverseAffectedRanges(cveAff, metrics)
} else {
- versionRanges, versionType = l.FindNormalAffectedRanges(cveAff, metrics)
+ var versionRangesWithMetadata []models.RangeWithMetadata
+ versionRangesWithMetadata, versionType = l.FindNormalAffectedRanges(cveAff, metrics)
+ for _, r := range versionRangesWithMetadata {
+ versionRanges = append(versionRanges, r.Range)
+ }
}
if (versionType == VersionRangeTypeGit && hasGit) || len(versionRanges) == 0 {
continue
@@ -43,7 +48,7 @@ func (l *LinuxVersionExtractor) handleAffected(v *vulns.Vulnerability, affected
}
aff := createLinuxAffected(versionRanges, versionType, cveAff.Repo)
metrics.AddSource(models.VersionSourceAffected)
- conversion.AddAffected(v, aff, metrics)
+ c.AddAffected(v, aff, metrics)
}
return gotVersions
@@ -55,10 +60,16 @@ func (l *LinuxVersionExtractor) ExtractVersions(cve models.CVE5, v *vulns.Vulner
if !gotVersions {
metrics.AddNote("No versions in affected, attempting to extract from CPE")
- versionRanges, _ := cpeVersionExtraction(cve, metrics)
-
+ versionRanges, err := cpeVersionExtraction(cve, metrics)
+ if err != nil {
+ logger.Warn("Error when extracting CPE versions")
+ }
if len(versionRanges) != 0 {
- aff := createLinuxAffected(versionRanges, VersionRangeTypeEcosystem, "")
+ var ranges []*osvschema.Range
+ for _, r := range versionRanges {
+ ranges = append(ranges, r.Range)
+ }
+ aff := createLinuxAffected(ranges, VersionRangeTypeEcosystem, "")
v.Affected = append(v.Affected, aff)
}
}
@@ -136,7 +147,7 @@ func findInverseAffectedRanges(cveAff models.Affected, metrics *models.Conversio
// Create ranges by pairing sorted introduced and fixed versions.
for index, f := range fixed {
if index < len(introduced) {
- ranges = append(ranges, conversion.BuildVersionRange(introduced[index], "", f))
+ ranges = append(ranges, c.BuildVersionRange(introduced[index], "", f))
metrics.AddNote("Introduced from version value - %s", introduced[index])
metrics.AddNote("Fixed from version value - %s", f)
}
@@ -150,12 +161,12 @@ func findInverseAffectedRanges(cveAff models.Affected, metrics *models.Conversio
return nil, VersionRangeTypeUnknown
}
-func (l *LinuxVersionExtractor) FindNormalAffectedRanges(affected models.Affected, metrics *models.ConversionMetrics) ([]*osvschema.Range, VersionRangeType) {
+func (l *LinuxVersionExtractor) FindNormalAffectedRanges(affected models.Affected, metrics *models.ConversionMetrics) ([]models.RangeWithMetadata, VersionRangeType) {
versionTypesCount := make(map[VersionRangeType]int)
- var versionRanges []*osvschema.Range
+ var versionRanges []models.RangeWithMetadata
for _, vers := range affected.Versions {
ranges, currentVersionType, shouldContinue := initialNormalExtraction(vers, metrics, versionTypesCount)
- versionRanges = append(versionRanges, ranges...)
+ versionRanges = append(versionRanges, c.ToRangeWithMetadata(ranges, models.VersionSourceAffected)...)
if shouldContinue {
continue
}
@@ -165,13 +176,16 @@ func (l *LinuxVersionExtractor) FindNormalAffectedRanges(affected models.Affecte
metrics.AddNote("Only version exists")
if currentVersionType == VersionRangeTypeGit {
- versionRanges = append(versionRanges, conversion.BuildVersionRange(vers.Version, "", ""))
+ vr := []*osvschema.Range{c.BuildVersionRange(vers.Version, "", "")}
+ versionRanges = append(versionRanges, c.ToRangeWithMetadata(vr, models.VersionSourceGit)...)
+
continue
}
// As a fallback, assume a single version means it's the last affected version.
if vulns.CheckQuality(vers.Version).AtLeast(acceptableQuality) {
- versionRanges = append(versionRanges, conversion.BuildVersionRange("0", vers.Version, ""))
+ vr := []*osvschema.Range{c.BuildVersionRange("0", vers.Version, "")}
+ versionRanges = append(versionRanges, c.ToRangeWithMetadata(vr, models.VersionSourceAffected)...)
metrics.AddNote("Single version found %v - Assuming introduced = 0 and last affected = %v", vers.Version, vers.Version)
}
}
diff --git a/vulnfeeds/conversion/cve5/strategies.go b/vulnfeeds/conversion/cve5/strategies.go
index 602ae467915..95b5babd448 100644
--- a/vulnfeeds/conversion/cve5/strategies.go
+++ b/vulnfeeds/conversion/cve5/strategies.go
@@ -7,7 +7,7 @@ import (
"github.com/ossf/osv-schema/bindings/go/osvschema"
)
-func cpeVersionExtraction(cve models.CVE5, metrics *models.ConversionMetrics) ([]*osvschema.Range, error) {
+func cpeVersionExtraction(cve models.CVE5, metrics *models.ConversionMetrics) ([]models.RangeWithMetadata, error) {
cpeRanges, cpeStrings, err := findCPEVersionRanges(cve)
if err == nil && len(cpeRanges) > 0 {
metrics.VersionSources = append(metrics.VersionSources, models.VersionSourceCPE)
@@ -21,19 +21,6 @@ func cpeVersionExtraction(cve models.CVE5, metrics *models.ConversionMetrics) ([
return nil, err
}
-// textVersionExtraction is a helper function for CPE and description extraction.
-func textVersionExtraction(cve models.CVE5, metrics *models.ConversionMetrics) []*osvschema.Range {
- // As a last resort, try extracting versions from the description text.
- versions := c.ExtractVersionsFromText(nil, models.EnglishDescription(cve.Containers.CNA.Descriptions), metrics)
- if len(versions) > 0 {
- // NOTE: These versions are not currently saved due to the need for better validation.
- metrics.VersionSources = append(metrics.VersionSources, models.VersionSourceDescription)
- metrics.AddNote("Extracted versions from description but did not save them: %+v", versions)
- }
-
- return []*osvschema.Range{}
-}
-
// initialNormalExtraction handles an expected case of version ranges in the affected field of CVE5
func initialNormalExtraction(vers models.Versions, metrics *models.ConversionMetrics, versionTypesCount map[VersionRangeType]int) ([]*osvschema.Range, VersionRangeType, bool) {
if vers.Status != "affected" {
@@ -54,13 +41,18 @@ func initialNormalExtraction(vers models.Versions, metrics *models.ConversionMet
vLTOEQual := vulns.CheckQuality(vers.LessThanOrEqual)
hasRange := vLessThanQual.AtLeast(acceptableQuality) || vLTOEQual.AtLeast(acceptableQuality)
- metrics.AddNote("Range detected: %v", hasRange)
+
// Handle cases where 'lessThan' is mistakenly the same as 'version'.
if vers.LessThan != "" && vers.LessThan == vers.Version {
metrics.AddNote("Warning: lessThan (%s) is the same as introduced (%s)\n", vers.LessThan, vers.Version)
hasRange = false
}
+ if vers.LessThanOrEqual != "" && vers.LessThanOrEqual == vers.Version {
+ metrics.AddNote("Warning: lessThanOrEqual (%s) is the same as introduced (%s)\n", vers.LessThanOrEqual, vers.Version)
+ hasRange = false
+ }
+ metrics.AddNote("Range detected: %v", hasRange)
if hasRange {
if vQuality.AtLeast(acceptableQuality) {
introduced = vers.Version
diff --git a/vulnfeeds/conversion/cve5/version_extraction_test.go b/vulnfeeds/conversion/cve5/version_extraction_test.go
index f4ad81610be..58b288009a4 100644
--- a/vulnfeeds/conversion/cve5/version_extraction_test.go
+++ b/vulnfeeds/conversion/cve5/version_extraction_test.go
@@ -114,7 +114,11 @@ func TestFindNormalAffectedRanges(t *testing.T) {
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
versionExtractor := &DefaultVersionExtractor{}
- gotRanges, gotRangeType := versionExtractor.FindNormalAffectedRanges(tt.affected, &models.ConversionMetrics{})
+ gotRangesWithMeta, gotRangeType := versionExtractor.FindNormalAffectedRanges(tt.affected, &models.ConversionMetrics{})
+ var gotRanges []*osvschema.Range
+ for _, r := range gotRangesWithMeta {
+ gotRanges = append(gotRanges, r.Range)
+ }
if diff := cmp.Diff(tt.wantRanges, gotRanges, protocmp.Transform()); diff != "" {
t.Errorf("findNormalAffectedRanges() ranges mismatch (-want +got):\n%s", diff)
}
@@ -385,6 +389,7 @@ func TestExtractVersions(t *testing.T) {
},
DatabaseSpecific: &structpb.Struct{
Fields: map[string]*structpb.Value{
+ "source": structpb.NewStringValue("AFFECTED_FIELD"),
"versions": {
Kind: &structpb.Value_ListValue{
ListValue: &structpb.ListValue{
@@ -430,6 +435,7 @@ func TestExtractVersions(t *testing.T) {
},
DatabaseSpecific: &structpb.Struct{
Fields: map[string]*structpb.Value{
+ "source": structpb.NewStringValue("AFFECTED_FIELD"),
"versions": {
Kind: &structpb.Value_ListValue{
ListValue: &structpb.ListValue{
diff --git a/vulnfeeds/conversion/grouping.go b/vulnfeeds/conversion/grouping.go
index 48f0b4546c9..1b5bfdf5672 100644
--- a/vulnfeeds/conversion/grouping.go
+++ b/vulnfeeds/conversion/grouping.go
@@ -5,6 +5,7 @@ import (
"log/slog"
"slices"
+ "github.com/google/osv/vulnfeeds/models"
"github.com/google/osv/vulnfeeds/utility/logger"
"github.com/ossf/osv-schema/bindings/go/osvschema"
"google.golang.org/protobuf/encoding/protojson"
@@ -21,67 +22,130 @@ func GroupAffectedRanges(affected []*osvschema.Affected) {
continue
}
- // Key for grouping: Type + Repo + Introduced Value
- type groupKey struct {
- RangeType osvschema.Range_Type
- Repo string
- Introduced string
+ var rwms []models.RangeWithMetadata
+ for _, r := range aff.GetRanges() {
+ rwms = append(rwms, models.RangeWithMetadata{Range: r})
+ }
+ grouped := GroupRanges(rwms)
+ var out []*osvschema.Range
+ for _, rwm := range grouped {
+ out = append(out, rwm.Range)
}
+ aff.Ranges = out
+ }
+}
- groups := make(map[groupKey]*osvschema.Range)
- var order []groupKey // To maintain deterministic order of first appearance
+func GroupRanges(ranges []models.RangeWithMetadata) []models.RangeWithMetadata {
+ // Key for grouping: Type + Repo + Introduced Value
+ type groupKey struct {
+ RangeType osvschema.Range_Type
+ Repo string
+ Introduced string
+ }
- for _, r := range aff.GetRanges() {
- // Find the introduced event
- var introduced string
- var introducedCount int
- for _, e := range r.GetEvents() {
- if e.GetIntroduced() != "" {
- introduced = e.GetIntroduced()
- introducedCount++
- }
- }
+ groups := make(map[groupKey]models.RangeWithMetadata)
+ var order []groupKey // To maintain deterministic order of first appearance
- if introducedCount > 1 {
- logger.Error("Multiple 'introduced' events found in a single range", slog.Any("range", r))
+ for _, rwm := range ranges {
+ r := rwm.Range
+ // Find the introduced event
+ var introduced string
+ var introducedCount int
+ for _, e := range r.GetEvents() {
+ if e.GetIntroduced() != "" {
+ introduced = e.GetIntroduced()
+ introducedCount++
}
+ }
- // If no introduced event is found, we use an empty string as the introduced value.
- key := groupKey{
- RangeType: r.GetType(),
- Repo: r.GetRepo(),
- Introduced: introduced,
- }
+ if introducedCount > 1 {
+ logger.Error("Multiple 'introduced' events found in a single range", slog.Any("range", r))
+ }
+
+ // If no introduced event is found, we use an empty string as the introduced value.
+ key := groupKey{
+ RangeType: r.GetType(),
+ Repo: r.GetRepo(),
+ Introduced: introduced,
+ }
- if _, exists := groups[key]; !exists {
- // Initialize with a deep copy of the first range found for this group
- // We need to be careful about DatabaseSpecific.
- // We want to keep the "versions" from this first range.
- groups[key] = &osvschema.Range{
+ if _, exists := groups[key]; !exists {
+ // Initialize with a deep copy of the first range found for this group
+ // We need to be careful about DatabaseSpecific.
+ // We want to keep the "versions" from this first range.
+ groups[key] = models.RangeWithMetadata{
+ Range: &osvschema.Range{
Type: r.GetType(),
Repo: r.GetRepo(),
Events: []*osvschema.Event{},
DatabaseSpecific: r.GetDatabaseSpecific(), // Start with this one's DS
- }
- order = append(order, key)
- } else {
- // Merge DatabaseSpecific "versions"
- mergeDatabaseSpecificVersions(groups[key], r.GetDatabaseSpecific())
+ },
+ Metadata: rwm.Metadata,
}
+ order = append(order, key)
+ } else {
+ // Merge DatabaseSpecific
+ mergeDatabaseSpecific(groups[key].Range, r.GetDatabaseSpecific())
+ }
- // Add all events to the group. Deduplication happens later in cleanEvents.
- groups[key].Events = append(groups[key].Events, r.GetEvents()...)
+ // Add all events to the group. Deduplication happens later in cleanEvents.
+ groups[key].Range.Events = append(groups[key].Range.Events, r.GetEvents()...)
+ }
+
+ // Reconstruct ranges from groups
+ newRanges := make([]models.RangeWithMetadata, 0, len(order))
+ for _, key := range order {
+ rwm := groups[key]
+ rwm.Range.Events = cleanEvents(rwm.Range.GetEvents())
+ newRanges = append(newRanges, rwm)
+ }
+
+ return newRanges
+}
+
+// mergeDatabaseSpecific merges the source DatabaseSpecific into the target DatabaseSpecific.
+// It uses MergeDatabaseSpecificValues for all fields except "versions", which is handled
+// by mergeDatabaseSpecificVersions for deduplication.
+func mergeDatabaseSpecific(target *osvschema.Range, source *structpb.Struct) {
+ if source == nil {
+ return
+ }
+
+ if target.GetDatabaseSpecific() == nil {
+ var err error
+ target.DatabaseSpecific, err = structpb.NewStruct(nil)
+ if err != nil {
+ logger.Fatal("Failed to create DatabaseSpecific", slog.Any("error", err))
}
+ }
+
+ targetFields := target.GetDatabaseSpecific().GetFields()
+ if targetFields == nil {
+ targetFields = make(map[string]*structpb.Value)
+ target.DatabaseSpecific.Fields = targetFields
+ }
- // Reconstruct ranges from groups
- var newRanges []*osvschema.Range
- for _, key := range order {
- r := groups[key]
- r.Events = cleanEvents(r.GetEvents())
- newRanges = append(newRanges, r)
+ for k, v := range source.GetFields() {
+ if k == "versions" {
+ continue // Handled separately
+ }
+ val2 := v.AsInterface()
+ if existing, ok := targetFields[k]; ok {
+ mergedVal, err := MergeDatabaseSpecificValues(existing.AsInterface(), val2)
+ if err != nil {
+ logger.Info("Failed to merge database specific key", "key", k, "err", err)
+ }
+ if newVal, err := structpb.NewValue(mergedVal); err == nil {
+ targetFields[k] = newVal
+ } else {
+ logger.Warn("Failed to create structpb.Value for merged key", "key", k, "err", err)
+ }
+ } else {
+ targetFields[k] = v
}
- aff.Ranges = newRanges
}
+
+ mergeDatabaseSpecificVersions(target, source)
}
// mergeDatabaseSpecificVersions merges the "versions" field from the source DatabaseSpecific
@@ -199,3 +263,141 @@ func cleanEvents(events []*osvschema.Event) []*osvschema.Event {
return finalEvents
}
+
+// MergeRangesAndCreateAffected combines resolved and unresolved ranges with commits to create an OSV Affected object.
+// It merges ranges for the same repository and adds commit events to the appropriate ranges at the end.
+//
+// Arguments:
+// - resolvedRanges: A slice of resolved OSV ranges to be merged.
+// - commits: A slice of affected commits to be converted into events and added to ranges.
+// - successfulRepos: A slice of repository URLs that were successfully processed.
+// - metrics: A pointer to ConversionMetrics to track the outcome and notes.
+func MergeRangesAndCreateAffected(
+ resolvedRanges []models.RangeWithMetadata,
+ commits []models.AffectedCommit,
+ successfulRepos []string,
+ metrics *models.ConversionMetrics,
+) *osvschema.Affected {
+ var newResolvedRanges []*osvschema.Range
+ // Combine the ranges appropriately
+ if len(resolvedRanges) > 0 {
+ slices.Sort(successfulRepos)
+ successfulRepos = slices.Compact(successfulRepos)
+ for _, repo := range successfulRepos {
+ var mergedRange *osvschema.Range
+ for _, vrwm := range resolvedRanges {
+ vr := vrwm.Range
+ if vr.GetRepo() == repo {
+ if mergedRange == nil {
+ mergedRange = vr
+ } else {
+ var err error
+ mergedRange, err = MergeTwoRanges(mergedRange, vr)
+ if err != nil {
+ metrics.AddNote("Failed to merge ranges: %v", err)
+ }
+ }
+ }
+ }
+ if len(commits) > 0 {
+ for _, commit := range commits {
+ if commit.Repo == repo {
+ if mergedRange == nil {
+ mergedRange = BuildGitVersionRange(commit.Introduced, commit.LastAffected, commit.Fixed, repo)
+ } else {
+ event := convertCommitToEvent(commit)
+ if event != nil {
+ addEventToRange(mergedRange, event)
+ }
+ }
+
+ if mergedRange.GetDatabaseSpecific() == nil {
+ mergedRange.DatabaseSpecific = &structpb.Struct{
+ Fields: make(map[string]*structpb.Value),
+ }
+ }
+ mergeDatabaseSpecific(mergedRange, &structpb.Struct{
+ Fields: map[string]*structpb.Value{
+ "source": structpb.NewStringValue(string(models.VersionSourceRefs)),
+ },
+ })
+ }
+ }
+ }
+ if mergedRange != nil {
+ newResolvedRanges = append(newResolvedRanges, mergedRange)
+ }
+ }
+ }
+
+ // if there are no resolved version but there are commits, we should create a range for each commit
+ if len(resolvedRanges) == 0 && len(commits) > 0 {
+ for _, commit := range commits {
+ vr := BuildGitVersionRange(commit.Introduced, commit.LastAffected, commit.Fixed, commit.Repo)
+ vr.DatabaseSpecific = &structpb.Struct{
+ Fields: map[string]*structpb.Value{
+ "source": structpb.NewStringValue(string(models.VersionSourceRefs)),
+ },
+ }
+ newResolvedRanges = append(newResolvedRanges, vr)
+ metrics.ResolvedRangesCount++
+ }
+ }
+
+ newAffected := &osvschema.Affected{
+ Ranges: newResolvedRanges,
+ }
+
+ return newAffected
+}
+
+// addEventToRange adds an event to a version range, avoiding duplicates.
+// Introduced events are prepended to the events list, while others are appended.
+//
+// Arguments:
+// - versionRange: The OSV range to which the event will be added.
+// - event: The OSV event (Introduced, Fixed, or LastAffected) to add.
+func addEventToRange(versionRange *osvschema.Range, event *osvschema.Event) {
+ // Handle duplicate events being added
+ for _, e := range versionRange.GetEvents() {
+ if e.GetIntroduced() != "" && e.GetIntroduced() == event.GetIntroduced() {
+ return
+ }
+ if e.GetFixed() != "" && e.GetFixed() == event.GetFixed() {
+ return
+ }
+ if e.GetLastAffected() != "" && e.GetLastAffected() == event.GetLastAffected() {
+ return
+ }
+ }
+ //TODO: maybe handle if the fixed event appears as an introduced event or similar.
+
+ if event.GetIntroduced() != "" {
+ versionRange.Events = append([]*osvschema.Event{{
+ Introduced: event.GetIntroduced()}}, versionRange.GetEvents()...)
+ } else {
+ versionRange.Events = append(versionRange.Events, event)
+ }
+}
+
+// convertCommitToEvent creates an OSV Event from an AffectedCommit.
+// It returns an event with the Introduced, Fixed, or LastAffected value from the commit.
+func convertCommitToEvent(commit models.AffectedCommit) *osvschema.Event {
+ if commit.Introduced != "" {
+ return &osvschema.Event{
+ Introduced: commit.Introduced,
+ }
+ }
+ if commit.Fixed != "" {
+ return &osvschema.Event{
+ Fixed: commit.Fixed,
+ }
+ }
+ if commit.LastAffected != "" {
+ return &osvschema.Event{
+ LastAffected: commit.LastAffected,
+ }
+ }
+
+ return nil
+}
diff --git a/vulnfeeds/conversion/grouping_test.go b/vulnfeeds/conversion/grouping_test.go
index 62d057dcc94..a798abad410 100644
--- a/vulnfeeds/conversion/grouping_test.go
+++ b/vulnfeeds/conversion/grouping_test.go
@@ -4,6 +4,7 @@ import (
"testing"
"github.com/google/go-cmp/cmp"
+ "github.com/google/osv/vulnfeeds/models"
"github.com/ossf/osv-schema/bindings/go/osvschema"
"google.golang.org/protobuf/testing/protocmp"
"google.golang.org/protobuf/types/known/structpb"
@@ -237,7 +238,7 @@ func TestGroupAffectedRanges(t *testing.T) {
},
},
{
- name: "Different DatabaseSpecific (non-versions) - merge, second gets overwritten",
+ name: "Different DatabaseSpecific (non-versions) - merge properly",
affected: []*osvschema.Affected{
{
Ranges: []*osvschema.Range{
@@ -280,7 +281,12 @@ func TestGroupAffectedRanges(t *testing.T) {
},
DatabaseSpecific: &structpb.Struct{
Fields: map[string]*structpb.Value{
- "foo": structpb.NewStringValue("bar"),
+ "foo": structpb.NewListValue(&structpb.ListValue{
+ Values: []*structpb.Value{
+ structpb.NewStringValue("bar"),
+ structpb.NewStringValue("baz"),
+ },
+ }),
},
},
},
@@ -430,3 +436,226 @@ func TestGroupAffectedRanges(t *testing.T) {
})
}
}
+
+func TestMergeRangesAndCreateAffected(t *testing.T) {
+ tests := []struct {
+ name string
+ resolvedRanges []*osvschema.Range
+ commits []models.AffectedCommit
+ successfulRepos []string
+ want *osvschema.Affected
+ }{
+ {
+ name: "Merge existing ranges with commits for the same repo",
+ resolvedRanges: []*osvschema.Range{
+ {
+ Type: osvschema.Range_GIT,
+ Repo: "repo1",
+ Events: []*osvschema.Event{
+ {Introduced: "0"},
+ {Fixed: "1.0"},
+ },
+ },
+ },
+ commits: []models.AffectedCommit{
+ {
+ Repo: "repo1",
+ Introduced: "1.1",
+ },
+ {
+ Repo: "repo1",
+ Fixed: "1.2",
+ },
+ },
+ successfulRepos: []string{"repo1"},
+ want: &osvschema.Affected{
+ Ranges: []*osvschema.Range{
+ {
+ Type: osvschema.Range_GIT,
+ Repo: "repo1",
+ Events: []*osvschema.Event{
+ {Introduced: "1.1"},
+ {Introduced: "0"},
+ {Fixed: "1.0"},
+ {Fixed: "1.2"},
+ },
+ DatabaseSpecific: &structpb.Struct{
+ Fields: map[string]*structpb.Value{
+ "source": structpb.NewStringValue("REFERENCES"),
+ },
+ },
+ },
+ },
+ },
+ },
+ {
+ name: "No resolved ranges, only commits",
+ resolvedRanges: nil,
+ commits: []models.AffectedCommit{
+ {
+ Repo: "repo2",
+ Introduced: "0",
+ Fixed: "1.0",
+ },
+ },
+ successfulRepos: []string{"repo2"},
+ want: &osvschema.Affected{
+ Ranges: []*osvschema.Range{
+ {
+ Events: []*osvschema.Event{
+ {Introduced: "0"},
+ {Fixed: "1.0"},
+ },
+ Repo: "repo2",
+ Type: osvschema.Range_GIT,
+ DatabaseSpecific: &structpb.Struct{
+ Fields: map[string]*structpb.Value{
+ "source": structpb.NewStringValue("REFERENCES"),
+ },
+ },
+ },
+ },
+ },
+ },
+ {
+ name: "Duplicate events are deduplicated",
+ resolvedRanges: []*osvschema.Range{
+ {
+ Type: osvschema.Range_GIT,
+ Repo: "repo3",
+ Events: []*osvschema.Event{
+ {Introduced: "0"},
+ {Fixed: "1.0"},
+ },
+ },
+ },
+ commits: []models.AffectedCommit{
+ // duplicate fixed
+ {
+ Repo: "repo3",
+ Fixed: "1.0",
+ },
+ // duplicate introduced
+ {
+ Repo: "repo3",
+ Introduced: "0",
+ },
+ // new last affected
+ {
+ Repo: "repo3",
+ LastAffected: "0.5",
+ },
+ },
+ successfulRepos: []string{"repo3"},
+ want: &osvschema.Affected{
+ Ranges: []*osvschema.Range{
+ {
+ Type: osvschema.Range_GIT,
+ Repo: "repo3",
+ Events: []*osvschema.Event{
+ {Introduced: "0"},
+ {Fixed: "1.0"},
+ {LastAffected: "0.5"},
+ },
+ DatabaseSpecific: &structpb.Struct{
+ Fields: map[string]*structpb.Value{
+ "source": structpb.NewStringValue("REFERENCES"),
+ },
+ },
+ },
+ },
+ },
+ },
+ {
+ name: "Commits for repos not in successfulRepos are ignored when resolvedRanges exist",
+ resolvedRanges: []*osvschema.Range{
+ {
+ Type: osvschema.Range_GIT,
+ Repo: "repo4",
+ Events: []*osvschema.Event{
+ {Introduced: "0"},
+ },
+ },
+ },
+ commits: []models.AffectedCommit{
+ {
+ Repo: "repo_ignored",
+ Introduced: "1.1",
+ },
+ },
+ successfulRepos: []string{"repo4"}, // repo_ignored is absent
+ want: &osvschema.Affected{
+ Ranges: []*osvschema.Range{
+ {
+ Type: osvschema.Range_GIT,
+ Repo: "repo4",
+ Events: []*osvschema.Event{
+ {Introduced: "0"},
+ },
+ },
+ },
+ },
+ },
+ {
+ name: "Multiple resolved ranges for same repo are merged and commits appended",
+ resolvedRanges: []*osvschema.Range{
+ {
+ Type: osvschema.Range_GIT,
+ Repo: "repo5",
+ Events: []*osvschema.Event{
+ {Introduced: "0"},
+ {Fixed: "1.0"},
+ },
+ },
+ {
+ Type: osvschema.Range_GIT,
+ Repo: "repo5",
+ Events: []*osvschema.Event{
+ {Introduced: "2.0"},
+ {Fixed: "3.0"},
+ },
+ },
+ },
+ commits: []models.AffectedCommit{
+ {
+ Repo: "repo5",
+ Fixed: "4.0",
+ },
+ },
+ successfulRepos: []string{"repo5"},
+ want: &osvschema.Affected{
+ Ranges: []*osvschema.Range{
+ {
+ Type: osvschema.Range_GIT,
+ Repo: "repo5",
+ Events: []*osvschema.Event{
+ {Introduced: "0"},
+ {Fixed: "1.0"},
+ {Introduced: "2.0"},
+ {Fixed: "3.0"},
+ {Fixed: "4.0"},
+ },
+ DatabaseSpecific: &structpb.Struct{
+ Fields: map[string]*structpb.Value{
+ "source": structpb.NewStringValue("REFERENCES"),
+ },
+ },
+ },
+ },
+ },
+ },
+ }
+
+ for _, tt := range tests {
+ t.Run(tt.name, func(t *testing.T) {
+ var rwms []models.RangeWithMetadata
+ for _, r := range tt.resolvedRanges {
+ rwms = append(rwms, models.RangeWithMetadata{Range: r})
+ }
+ got := MergeRangesAndCreateAffected(rwms, tt.commits, tt.successfulRepos, &models.ConversionMetrics{})
+ if diff := cmp.Diff(tt.want, got, protocmp.Transform()); diff != "" {
+ t.Errorf("MergeRangesAndCreateAffected() mismatch (-want +got):\n%s", diff)
+ }
+ })
+ }
+}
diff --git a/vulnfeeds/conversion/nvd/__snapshots__/converter_test.snap b/vulnfeeds/conversion/nvd/__snapshots__/converter_test.snap
new file mode 100755
index 00000000000..a29f9d4e706
--- /dev/null
+++ b/vulnfeeds/conversion/nvd/__snapshots__/converter_test.snap
@@ -0,0 +1,1970 @@
+
+[TestNVDSnapshot - 1]
+{
+ "aliases": [
+ "GHSA-j7xp-4mg9-x28r"
+ ],
+ "database_specific": {},
+ "details": "LobeChat is an open source chat application platform. Prior to version 2.0.0-next.193, `knowledgeBase.removeFilesFromKnowledgeBase` tRPC ep allows authenticated users to delete files from any knowledge base without verifying ownership. `userId` filter in the database query is commented out, so it's enabling attackers to delete other users' KB files if they know the knowledge base ID and file ID. While the vulnerability is confirmed, practical exploitation requires knowing target's KB ID and target's file ID. These IDs are random and not easily enumerable. However, IDs may leak through shared links, logs, referrer headers and so on. Missing authorization check is a critical security flaw regardless. Users should upgrade to version 2.0.0-next.193 to receive a patch.",
+ "id": "CVE-2026-23522",
+ "modified": "2026-01-26T15:05:39.840Z",
+ "published": "2026-01-19T17:15:50.590Z",
+ "references": [
+ {
+ "type": "ADVISORY",
+ "url": "https://github.com/lobehub/lobe-chat/security/advisories/GHSA-j7xp-4mg9-x28r"
+ },
+ {
+ "type": "FIX",
+ "url": "https://github.com/lobehub/lobe-chat/commit/2c1762b85acb84467ed5e799afe1499cd2f912e6"
+ }
+ ],
+ "severity": [
+ {
+ "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
+ "type": "CVSS_V3"
+ }
+ ]
+}
+{
+ "aliases": [
+ "GHSA-vfmv-f93v-37mw"
+ ],
+ "database_specific": {
+ "unresolved_ranges": [
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:gitea:gitea:*:*:*:*:*:-:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "fixed": "1.25.4"
+ }
+ ]
+ }
+ ]
+ },
+ "details": "Gitea does not properly validate repository ownership when linking attachments to releases. An attachment uploaded to a private repository could potentially be linked to a release in a different public repository, making it accessible to unauthorized users.",
+ "id": "CVE-2026-20912",
+ "modified": "2026-01-29T22:03:58.330Z",
+ "published": "2026-01-22T22:16:19.297Z",
+ "references": [
+ {
+ "type": "ADVISORY",
+ "url": "https://blog.gitea.com/release-of-1.25.4/"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://github.com/go-gitea/gitea/releases/tag/v1.25.4"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://github.com/go-gitea/gitea/security/advisories/GHSA-vfmv-f93v-37mw"
+ },
+ {
+ "type": "FIX",
+ "url": "https://github.com/go-gitea/gitea/pull/36320"
+ },
+ {
+ "type": "FIX",
+ "url": "https://github.com/go-gitea/gitea/pull/36355"
+ }
+ ],
+ "severity": [
+ {
+ "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
+ "type": "CVSS_V3"
+ }
+ ]
+}
+{
+ "database_specific": {
+ "unresolved_ranges": [
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.0.1:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.0.1"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.0.2:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.0.2"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.0.3:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.0.3"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.0.4:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.0.4"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.0.5:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.0.5"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.0.6:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.0.6"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.0.7:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.0.7"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.0:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.0"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.1.1:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.1.1"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.1.2:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.1.2"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.1.3:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.1.3"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.1.4:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.1.4"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.1.5:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.1.5"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.1.6:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.1.6"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.1.7:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.1.7"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.1.8:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.1.8"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.1:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.1"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.10:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.2.10"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.11:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.2.11"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.12:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.2.12"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.13:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.2.13"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.14:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.2.14"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.15:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.2.15"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.16:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.2.16"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.1:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.2.1"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.2:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.2.2"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.3:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.2.3"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.4:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.2.4"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.5:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.2.5"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.6:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.2.6"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.7:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.2.7"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.8:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.2.8"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.9:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.2.9"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.2:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.2"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.3.1:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.3.1"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.3.2:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.3.2"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.3.3:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.3.3"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.3.4:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.3.4"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.3.5:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.3.5"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.3.6:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.3.6"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.3:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.3"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.4.10:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.4.10"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.4.11:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.4.11"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.4.12:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.4.12"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.4.1:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.4.1"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.4.2:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.4.2"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.4.3:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.4.3"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.4.4:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.4.4"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.4.5:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.4.5"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.4.6:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.4.6"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.4.7:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.4.7"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.4.8:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.4.8"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.4.9:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.4.9"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.4:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.4"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.5.1:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.5.1"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.5.2:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.5.2"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.5.3:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.5.3"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.5.4:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.5.4"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.5.5:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.5.5"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.5.6:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.5.6"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.5.7:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.5.7"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.5.8:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.5.8"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.5.9:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.5.9"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.5:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.5"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.6.1:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.6.1"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.6.2:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.6.2"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.6.3:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.6.3"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.6.4:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.6.4"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.6.5:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.6.5"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.6.6:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.6.6"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.6:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.6"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.7.1:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.7.1"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.7.2:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.7.2"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.7.3:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.7.3"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.7.4:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.7.4"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.7:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.7"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.8.1:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.8.1"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.8.2:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.8.2"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.8.3:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.8.3"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.8.4:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.8.4"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.8:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.8"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.8:dev:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "2.8-dev"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "12.04"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "42.1"
+ }
+ ]
+ }
+ ]
+ },
+ "details": "FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the concat protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP request in which the URL string contains the first line of a local file.",
+ "id": "CVE-2016-1897",
+ "modified": "2025-04-12T10:46:40.837Z",
+ "published": "2016-01-15T03:59:23.063Z",
+ "references": [
+ {
+ "type": "WEB",
+ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00034.html"
+ },
+ {
+ "type": "WEB",
+ "url": "http://www.openwall.com/lists/oss-security/2016/01/14/1"
+ },
+ {
+ "type": "WEB",
+ "url": "http://www.securityfocus.com/bid/80501"
+ },
+ {
+ "type": "WEB",
+ "url": "http://www.securitytracker.com/id/1034932"
+ },
+ {
+ "type": "WEB",
+ "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.529036"
+ },
+ {
+ "type": "WEB",
+ "url": "https://www.kb.cert.org/vuls/id/772447"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "http://www.debian.org/security/2016/dsa-3506"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "http://www.ubuntu.com/usn/USN-2944-1"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://security.gentoo.org/glsa/201606-09"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://security.gentoo.org/glsa/201705-08"
+ },
+ {
+ "type": "EVIDENCE",
+ "url": "http://habrahabr.ru/company/mailru/blog/274855"
+ },
+ {
+ "type": "EVIDENCE",
+ "url": "http://security.stackexchange.com/questions/110644"
+ }
+ ],
+ "severity": [
+ {
+ "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
+ "type": "CVSS_V3"
+ }
+ ]
+}
+{
+ "database_specific": {
+ "unresolved_ranges": [
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:filezilla-project:filezilla_client:*:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "fixed": "3.67.0"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "introduced": "0.68"
+ },
+ {
+ "fixed": "0.81"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:tigris:tortoisesvn:*:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "fixed": "1.14.6"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:tortoisegit:tortoisegit:*:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "fixed": "2.15.0.1"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:winscp:winscp:*:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "fixed": "6.3.3"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "38"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "39"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "40"
+ }
+ ]
+ }
+ ]
+ },
+ "details": "In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user's NIST P-521 secret key via a quick attack in approximately 60 signatures. This is especially important in a scenario where an adversary is able to read messages signed by PuTTY or Pageant. The required set of signed messages may be publicly readable because they are stored in a public Git service that supports use of SSH for commit signing, and the signatures were made by Pageant through an agent-forwarding mechanism. In other words, an adversary may already have enough signature information to compromise a victim's private key, even if there is no further use of vulnerable PuTTY versions. After a key compromise, an adversary may be able to conduct supply-chain attacks on software maintained in Git. A second, independent scenario is that the adversary is an operator of an SSH server to which the victim authenticates (for remote login or file copy), even though this server is not fully trusted by the victim, and the victim uses the same private key for SSH connections to other services operated by other entities. Here, the rogue server operator (who would otherwise have no way to determine the victim's private key) can derive the victim's private key, and then use it for unauthorized access to those other services. If the other services include Git services, then again it may be possible to conduct supply-chain attacks on software maintained in Git. This also affects, for example, FileZilla before 3.67.0, WinSCP before 6.3.3, TortoiseGit before 2.15.0.1, and TortoiseSVN through 1.14.6.",
+ "id": "CVE-2024-31497",
+ "modified": "2025-11-04T22:16:00.673Z",
+ "published": "2024-04-15T20:15:11.077Z",
+ "references": [
+ {
+ "type": "WEB",
+ "url": "https://docs.ccv.brown.edu/oscar/connecting-to-oscar/ssh/ssh-agent-forwarding/key-generation-and-agent-forwarding-with-putty"
+ },
+ {
+ "type": "WEB",
+ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00014.html"
+ },
+ {
+ "type": "WEB",
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZS3B37GNGWOOV7QU7B7JFK76U4TOP4V/"
+ },
+ {
+ "type": "WEB",
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MMHILY2K7HQGQRHOC375KRRG2M6625RD/"
+ },
+ {
+ "type": "WEB",
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PUOTQVGC4DISVHQGSPUYGXO6TLDK65LA/"
+ },
+ {
+ "type": "WEB",
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WMJH7M663BVO3SY6MFAW2FAZWLLXAPRQ/"
+ },
+ {
+ "type": "WEB",
+ "url": "https://securityonline.info/cve-2024-31497-critical-putty-vulnerability-exposes-private-keys-immediate-action-required/"
+ },
+ {
+ "type": "WEB",
+ "url": "https://tartarus.org/~simon/putty-snapshots/htmldoc/Chapter9.html#pageant-forward"
+ },
+ {
+ "type": "WEB",
+ "url": "https://twitter.com/CCBalert/status/1780229237569470549"
+ },
+ {
+ "type": "WEB",
+ "url": "https://twitter.com/lambdafu/status/1779969509522133272"
+ },
+ {
+ "type": "WEB",
+ "url": "https://www.bleepingcomputer.com/news/security/putty-ssh-client-flaw-allows-recovery-of-cryptographic-private-keys/"
+ },
+ {
+ "type": "WEB",
+ "url": "https://www.reddit.com/r/sysadmin/comments/1c4wmoj/putty_vulnerability_affecting_v068_to_v08/"
+ },
+ {
+ "type": "WEB",
+ "url": "https://www.vicarius.io/vsociety/posts/understanding-a-critical-vulnerability-in-putty-biased-ecdsa-nonce-generation-revealing-nist-p-521-private-keys-cve-2024-31497"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "http://www.openwall.com/lists/oss-security/2024/04/15/6"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://filezilla-project.org/versions.php"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://github.com/advisories/GHSA-6p4c-r453-8743"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://github.com/daedalus/BreakingECDSAwithLLL"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZS3B37GNGWOOV7QU7B7JFK76U4TOP4V/"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MMHILY2K7HQGQRHOC375KRRG2M6625RD/"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PUOTQVGC4DISVHQGSPUYGXO6TLDK65LA/"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WFDZBV7ZCAZ6AH3VCQ34SSY7L3J7VZXZ/"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WMJH7M663BVO3SY6MFAW2FAZWLLXAPRQ/"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://security-tracker.debian.org/tracker/CVE-2024-31497"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://tortoisegit.org"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://winscp.net/eng/news.php"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://www.openwall.com/lists/oss-security/2024/04/15/6"
+ },
+ {
+ "type": "REPORT",
+ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275183"
+ },
+ {
+ "type": "REPORT",
+ "url": "https://bugzilla.suse.com/show_bug.cgi?id=1222864"
+ },
+ {
+ "type": "REPORT",
+ "url": "https://news.ycombinator.com/item?id=40044665"
+ },
+ {
+ "type": "FIX",
+ "url": "https://git.tartarus.org/?h=c193fe9848f50a88a4089aac647fecc31ae96d27\u0026p=simon/putty.git"
+ }
+ ],
+ "related": [
+ "GHSA-6p4c-r453-8743"
+ ],
+ "severity": [
+ {
+ "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
+ "type": "CVSS_V3"
+ }
+ ]
+}
+{
+ "database_specific": {
+ "unresolved_ranges": [
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:google:protobuf-python:*:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "fixed": "4.25.8"
+ },
+ {
+ "introduced": "5.26.0"
+ },
+ {
+ "fixed": "5.29.5"
+ },
+ {
+ "introduced": "6.30.0"
+ },
+ {
+ "fixed": "6.31.1"
+ }
+ ]
+ }
+ ]
+ },
+ "details": "Any project that uses Protobuf Pure-Python backend to parse untrusted Protocol Buffers data containing an arbitrary number of recursive groups, recursive messages or a series of SGROUP tags can be corrupted by exceeding the Python recursion limit. This can result in a Denial of service by crashing the application with a RecursionError. We recommend upgrading to version =\u003e6.31.1 or beyond commit 17838beda2943d08b8a9d4df5b68f5f04f26d901",
+ "id": "CVE-2025-4565",
+ "modified": "2025-08-14T17:05:37.770Z",
+ "published": "2025-06-16T15:15:24.990Z",
+ "references": [
+ {
+ "type": "FIX",
+ "url": "https://github.com/protocolbuffers/protobuf/commit/17838beda2943d08b8a9d4df5b68f5f04f26d901"
+ }
+ ],
+ "severity": [
+ {
+ "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
+ "type": "CVSS_V3"
+ }
+ ]
+}
+{
+ "database_specific": {
+ "unresolved_ranges": [
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:harfbuzz_project:harfbuzz:4.3.0:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "4.3.0"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "35"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "36"
+ }
+ ]
+ }
+ ]
+ },
+ "details": "An integer overflow in the component hb-ot-shape-fallback.cc of Harfbuzz v4.3.0 allows attackers to cause a Denial of Service (DoS) via unspecified vectors.",
+ "id": "CVE-2022-33068",
+ "modified": "2024-11-21T07:07:30.140Z",
+ "published": "2022-06-23T17:15:14.350Z",
+ "references": [
+ {
+ "type": "WEB",
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FQBJ24W6TXLSAQWCFW7IBGUMX4AJI3S4/"
+ },
+ {
+ "type": "WEB",
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QQMEXOVDL3T2UXKBCON7JSOCE646G7HG/"
+ },
+ {
+ "type": "WEB",
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W56WTC5IY4EIUHVUIHMCXA3BSBZLSZCI/"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://security.gentoo.org/glsa/202209-11"
+ },
+ {
+ "type": "FIX",
+ "url": "https://github.com/harfbuzz/harfbuzz/commit/62e803b36173fd096d7ad460dd1d1db9be542593"
+ },
+ {
+ "type": "FIX",
+ "url": "https://github.com/harfbuzz/harfbuzz/issues/3557"
+ }
+ ],
+ "severity": [
+ {
+ "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
+ "type": "CVSS_V3"
+ }
+ ]
+}
+{
+ "database_specific": {
+ "unresolved_ranges": [
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "fixed": "7.61.1"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "12.04"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "14.04"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "16.04"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "18.04"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "9.0"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "6.0"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "7.0"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:o:redhat:enterprise_linux:7.4:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "7.4"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "7.5"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:o:redhat:enterprise_linux:7.6:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "7.6"
+ }
+ ]
+ }
+ ]
+ },
+ "details": "curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently used to iterate over the password and generate output into the allocated storage buffer. On systems with a 32 bit size_t, the math to calculate SUM triggers an integer overflow when the password length exceeds 2GB (2^31 bytes). This integer overflow usually causes a very small buffer to actually get allocated instead of the intended very huge one, making the use of that buffer end up in a heap buffer overflow. (This bug is almost identical to CVE-2017-8816.)",
+ "id": "CVE-2018-14618",
+ "modified": "2024-11-21T03:49:26.003Z",
+ "published": "2018-09-05T19:29:00.420Z",
+ "references": [
+ {
+ "type": "WEB",
+ "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "http://www.securitytracker.com/id/1041605"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://access.redhat.com/errata/RHSA-2018:3558"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://access.redhat.com/errata/RHSA-2019:1880"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://curl.haxx.se/docs/CVE-2018-14618.html"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0014"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://security.gentoo.org/glsa/201903-03"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://usn.ubuntu.com/3765-1/"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://usn.ubuntu.com/3765-2/"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://www.debian.org/security/2018/dsa-4286"
+ },
+ {
+ "type": "REPORT",
+ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14618"
+ }
+ ],
+ "severity": [
+ {
+ "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+ "type": "CVSS_V3"
+ }
+ ]
+}
+{
+ "database_specific": {
+ "unresolved_ranges": [
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "introduced": "7.32.0"
+ },
+ {
+ "fixed": "8.9.1"
+ }
+ ]
+ }
+ ]
+ },
+ "details": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.",
+ "id": "CVE-2024-7264",
+ "modified": "2025-11-03T23:17:31.647Z",
+ "published": "2024-07-31T08:15:02.657Z",
+ "references": [
+ {
+ "type": "ADVISORY",
+ "url": "https://curl.se/docs/CVE-2024-7264.html"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://curl.se/docs/CVE-2024-7264.json"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://security.netapp.com/advisory/ntap-20240828-0008/"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://security.netapp.com/advisory/ntap-20241025-0006/"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://security.netapp.com/advisory/ntap-20241025-0010/"
+ },
+ {
+ "type": "REPORT",
+ "url": "https://hackerone.com/reports/2629968"
+ },
+ {
+ "type": "FIX",
+ "url": "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519"
+ },
+ {
+ "type": "ARTICLE",
+ "url": "http://www.openwall.com/lists/oss-security/2024/07/31/1"
+ }
+ ],
+ "severity": [
+ {
+ "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
+ "type": "CVSS_V3"
+ }
+ ]
+}
+{
+ "database_specific": {
+ "unresolved_ranges": [
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:libdwarf_project:libdwarf:*:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "introduced": "0.1.0"
+ },
+ {
+ "fixed": "0.9.2"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "40"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "7.0"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "8.0"
+ }
+ ]
+ }
+ ]
+ },
+ "details": "A double-free vulnerability was found in libdwarf. In a multiply-corrupted DWARF object, libdwarf may try to dealloc(free) an allocation twice, potentially causing unpredictable and various results.",
+ "id": "CVE-2024-2002",
+ "modified": "2025-04-09T15:36:37.840Z",
+ "published": "2024-03-18T13:15:07.657Z",
+ "references": [
+ {
+ "type": "ADVISORY",
+ "url": "https://access.redhat.com/security/cve/CVE-2024-2002"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://github.com/davea42/libdwarf-code/blob/main/bugxml/data.txt"
+ },
+ {
+ "type": "REPORT",
+ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267700"
+ },
+ {
+ "type": "ARTICLE",
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGPVLSPIXR32J6FOAFTTIMYTUUXJICGW/"
+ }
+ ],
+ "severity": [
+ {
+ "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+ "type": "CVSS_V3"
+ }
+ ]
+}
+{
+ "database_specific": {
+ "unresolved_ranges": [
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:redhat:directory_server:11.5:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "11.5"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:redhat:directory_server:11.6:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "11.6"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:redhat:directory_server:12.0:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "12.0"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:redhat:directory_server:12.1:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "12.1"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "36"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "37"
+ }
+ ]
+ },
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "last_affected": "38"
+ }
+ ]
+ }
+ ]
+ },
+ "details": "A flaw was found in RHDS 11 and RHDS 12. While browsing entries LDAP tries to decode the userPassword attribute instead of the userCertificate attribute which could lead into sensitive information leaked. An attacker with a local account where the cockpit-389-ds is running can list the processes and display the hashed passwords. The highest threat from this vulnerability is to data confidentiality.",
+ "id": "CVE-2023-1055",
+ "modified": "2024-11-21T07:38:22.297Z",
+ "published": "2023-02-27T22:15:09.990Z",
+ "references": [
+ {
+ "type": "WEB",
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZOYQ5TCV6ZEPMDV4CSLK3KINAAO4SRI/"
+ },
+ {
+ "type": "REPORT",
+ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2173517#c0"
+ }
+ ],
+ "severity": [
+ {
+ "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
+ "type": "CVSS_V3"
+ }
+ ]
+}
+{
+ "database_specific": {
+ "unresolved_ranges": [
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:salesforce:mobile_software_development_kit:*:*:*:*:*:windows:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "fixed": "5.0.0"
+ }
+ ]
+ }
+ ]
+ },
+ "details": "** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in forcedotcom SalesforceMobileSDK-Windows up to 4.x. It has been rated as critical. This issue affects the function ComputeCountSql of the file SalesforceSDK/SmartStore/Store/QuerySpec.cs. The manipulation leads to sql injection. Upgrading to version 5.0.0 is able to address this issue. The patch is named 83b3e91e0c1e84873a6d3ca3c5887eb5b4f5a3d8. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-217619. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.",
+ "id": "CVE-2016-15012",
+ "modified": "2024-11-21T02:45:29.557Z",
+ "published": "2023-01-07T13:15:09.530Z",
+ "references": [
+ {
+ "type": "ADVISORY",
+ "url": "https://github.com/forcedotcom/SalesforceMobileSDK-Windows/releases/tag/v5.0.0"
+ },
+ {
+ "type": "REPORT",
+ "url": "https://vuldb.com/?ctiid.217619"
+ },
+ {
+ "type": "REPORT",
+ "url": "https://vuldb.com/?id.217619"
+ },
+ {
+ "type": "FIX",
+ "url": "https://github.com/forcedotcom/SalesforceMobileSDK-Windows/commit/83b3e91e0c1e84873a6d3ca3c5887eb5b4f5a3d8"
+ }
+ ],
+ "severity": [
+ {
+ "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+ "type": "CVSS_V3"
+ }
+ ]
+}
+{
+ "database_specific": {
+ "unresolved_ranges": [
+ {
+ "metadata": {
+ "cpe": "cpe:2.3:a:tokio:tokio:*:*:*:*:*:rust:*:*",
+ "source": "CPE_FIELD"
+ },
+ "versions": [
+ {
+ "introduced": "1.7.0"
+ },
+ {
+ "fixed": "1.18.4"
+ },
+ {
+ "introduced": "1.19.0"
+ },
+ {
+ "fixed": "1.20.3"
+ },
+ {
+ "introduced": "1.21.0"
+ },
+ {
+ "fixed": "1.23.1"
+ }
+ ]
+ }
+ ]
+ },
+ "details": "Tokio is a runtime for writing applications with Rust. Starting with version 1.7.0 and prior to versions 1.18.4, 1.20.3, and 1.23.1, when configuring a Windows named pipe server, setting `pipe_mode` will reset `reject_remote_clients` to `false`. If the application has previously configured `reject_remote_clients` to `true`, this effectively undoes the configuration. Remote clients may only access the named pipe if the named pipe's associated path is accessible via a publicly shared folder (SMB). Versions 1.23.1, 1.20.3, and 1.18.4 have been patched. The fix will also be present in all releases starting from version 1.24.0. Named pipes were introduced to Tokio in version 1.7.0, so releases older than 1.7.0 are not affected. As a workaround, ensure that `pipe_mode` is set first after initializing a `ServerOptions`.",
+ "id": "CVE-2023-22466",
+ "modified": "2024-11-21T07:44:51.683Z",
+ "published": "2023-01-04T22:15:09.267Z",
+ "references": [
+ {
+ "type": "ADVISORY",
+ "url": "https://github.com/tokio-rs/tokio/releases/tag/tokio-1.23.1"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://github.com/tokio-rs/tokio/security/advisories/GHSA-7rrj-xr53-82p7"
+ },
+ {
+ "type": "ADVISORY",
+ "url": "https://learn.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-createnamedpipea#pipe_reject_remote_clients"
+ },
+ {
+ "type": "FIX",
+ "url": "https://github.com/tokio-rs/tokio/pull/5336"
+ }
+ ],
+ "related": [
+ "GHSA-7rrj-xr53-82p7"
+ ],
+ "severity": [
+ {
+ "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
+ "type": "CVSS_V3"
+ }
+ ]
+}
+---
diff --git a/vulnfeeds/conversion/nvd/converter.go b/vulnfeeds/conversion/nvd/converter.go
index 5fd0aa63d3d..95f31a4a2d6 100644
--- a/vulnfeeds/conversion/nvd/converter.go
+++ b/vulnfeeds/conversion/nvd/converter.go
@@ -17,7 +17,6 @@ import (
"github.com/google/osv/vulnfeeds/utility"
"github.com/google/osv/vulnfeeds/utility/logger"
"github.com/google/osv/vulnfeeds/vulns"
- "github.com/ossf/osv-schema/bindings/go/osvschema"
)
var ErrNoRanges = errors.New("no ranges")
@@ -28,6 +27,7 @@ var ErrUnresolvedFix = errors.New("fixes not resolved to commits")
func CVEToOSV(cve models.NVDCVE, repos []string, cache *git.RepoTagsCache, directory string, metrics *models.ConversionMetrics, rejectFailed bool, outputMetrics bool) models.ConversionOutcome {
CPEs := c.CPEs(cve)
metrics.CPEs = CPEs
+ refs := c.DeduplicateRefs(cve.References)
// The vendor name and product name are used to construct the output `vulnDir` below, so need to be set to *something* to keep the output tidy.
maybeVendorName := "ENOCPE"
maybeProductName := "ENOCPE"
@@ -44,6 +44,12 @@ func CVEToOSV(cve models.NVDCVE, repos []string, cache *git.RepoTagsCache, direc
// Create basic OSV record
v := vulns.FromNVDCVE(cve.ID, cve)
+ databaseSpecific, err := utility.NewStructpbFromMap(make(map[string]any))
+ if err != nil {
+ metrics.AddNote("Failed to convert database specific: %v", err)
+ } else {
+ v.DatabaseSpecific = databaseSpecific
+ }
// At the bare minimum, we want to attempt to extract the raw version information
// from CPEs, whether or not they can resolve to commits.
@@ -58,14 +64,21 @@ func CVEToOSV(cve models.NVDCVE, repos []string, cache *git.RepoTagsCache, direc
}
successfulRepos := make(map[string]bool)
- var resolvedRanges, unresolvedRanges []*osvschema.Range
+ var resolvedRanges []models.RangeWithMetadata
+ var unresolvedRanges []models.RangeWithMetadata
// Exit early if there are no repositories
if len(repos) == 0 {
metrics.SetOutcome(models.NoRepos)
metrics.UnresolvedRangesCount += len(cpeRanges)
- affected := MergeRangesAndCreateAffected(resolvedRanges, cpeRanges, nil, nil, metrics)
- v.Affected = append(v.Affected, affected)
+
+ unresolvedRangesList := c.CreateUnresolvedRanges(cpeRanges)
+ if unresolvedRangesList != nil {
+ if err := c.AddFieldToDatabaseSpecific(v.DatabaseSpecific, "unresolved_ranges", unresolvedRangesList); err != nil {
+ logger.Warn("failed to add unresolved ranges to database specific: %v", err)
+ }
+ }
+
// Exit early
outputFiles(v, directory, maybeVendorName, maybeProductName, metrics, rejectFailed, outputMetrics)
@@ -73,7 +86,7 @@ func CVEToOSV(cve models.NVDCVE, repos []string, cache *git.RepoTagsCache, direc
}
// If we have ranges, try to resolve them
- r, un, sR := processRanges(cpeRanges, repos, metrics, cache, models.VersionSourceCPE)
+ r, un, sR := c.ProcessRanges(cpeRanges, repos, metrics, cache, models.VersionSourceCPE)
if metrics.Outcome == models.Error {
return models.Error
}
@@ -84,7 +97,7 @@ func CVEToOSV(cve models.NVDCVE, repos []string, cache *git.RepoTagsCache, direc
}
// Extract Commits
- commits, err := c.ExtractCommitsFromRefs(cve.References, http.DefaultClient)
+ commits, err := c.ExtractCommitsFromRefs(refs, http.DefaultClient)
if err != nil {
metrics.AddNote("Failed to extract commits from refs: %#v", err)
}
@@ -99,11 +112,11 @@ func CVEToOSV(cve models.NVDCVE, repos []string, cache *git.RepoTagsCache, direc
// Extract Versions From Text if no CPE versions found
if len(resolvedRanges) == 0 {
- textRanges := c.ExtractVersionsFromText(nil, models.EnglishDescription(cve.Descriptions), metrics)
+ textRanges := c.ExtractVersionsFromText(nil, models.EnglishDescription(cve.Descriptions), metrics, models.VersionSourceDescription)
if len(textRanges) > 0 {
metrics.AddNote("Extracted versions from description: %v", textRanges)
}
- r, un, sR := processRanges(textRanges, repos, metrics, cache, models.VersionSourceDescription)
+ r, un, sR := c.ProcessRanges(textRanges, repos, metrics, cache, models.VersionSourceDescription)
if metrics.Outcome == models.Error {
return models.Error
}
@@ -121,11 +134,15 @@ func CVEToOSV(cve models.NVDCVE, repos []string, cache *git.RepoTagsCache, direc
// Use the successful repos for more efficient merging.
keys := slices.Collect(maps.Keys(successfulRepos))
- affected := MergeRangesAndCreateAffected(resolvedRanges, unresolvedRanges, commits, keys, metrics)
+ groupedRanges := c.GroupRanges(resolvedRanges)
+ affected := c.MergeRangesAndCreateAffected(groupedRanges, commits, keys, metrics)
v.Affected = append(v.Affected, affected)
- if metrics.Outcome == models.Error || (!outputMetrics && rejectFailed && metrics.Outcome != models.Successful) {
- return metrics.Outcome
+ unresolvedRangesList := c.CreateUnresolvedRanges(unresolvedRanges)
+ if unresolvedRangesList != nil {
+ if err := c.AddFieldToDatabaseSpecific(v.DatabaseSpecific, "unresolved_ranges", unresolvedRangesList); err != nil {
+ logger.Warn("failed to add unresolved ranges to database specific: %v", err)
+ }
}
outputFiles(v, directory, maybeVendorName, maybeProductName, metrics, rejectFailed, outputMetrics)
@@ -198,10 +215,6 @@ func CVEToPackageInfo(cve models.NVDCVE, repos []string, cache *git.RepoTagsCach
slices.SortStableFunc(versions.AffectedCommits, models.AffectedCommitCompare)
- if metrics.Outcome == models.Error {
- return metrics.Outcome
- }
-
var pkgInfos []vulns.PackageInfo
pi := vulns.PackageInfo{VersionInfo: versions}
pkgInfos = append(pkgInfos, pi) // combine-to-osv expects a serialised *array* of PackageInfo
@@ -319,135 +332,6 @@ func FindRepos(cve models.NVDCVE, vpRepoCache *c.VPRepoCache, repoTagsCache *git
return reposForCVE
}
-// MergeRangesAndCreateAffected combines resolved and unresolved ranges with commits to create an OSV Affected object.
-// It merges ranges for the same repository and adds commit events to the appropriate ranges at the end.
-//
-// Arguments:
-// - resolvedRanges: A slice of resolved OSV ranges to be merged.
-// - unresolvedRanges: A slice of unresolved OSV ranges to be included in the database specific field.
-// - commits: A slice of affected commits to be converted into events and added to ranges.
-// - successfulRepos: A slice of repository URLs that were successfully processed.
-// - metrics: A pointer to ConversionMetrics to track the outcome and notes.
-func MergeRangesAndCreateAffected(resolvedRanges []*osvschema.Range, unresolvedRanges []*osvschema.Range, commits []models.AffectedCommit, successfulRepos []string, metrics *models.ConversionMetrics) *osvschema.Affected {
- var newResolvedRanges []*osvschema.Range
- // Combine the ranges appropriately
- if len(resolvedRanges) > 0 {
- slices.Sort(successfulRepos)
- successfulRepos = slices.Compact(successfulRepos)
- for _, repo := range successfulRepos {
- var mergedRange *osvschema.Range
- for _, vr := range resolvedRanges {
- if vr.GetRepo() == repo {
- if mergedRange == nil {
- mergedRange = vr
- } else {
- var err error
- mergedRange, err = c.MergeTwoRanges(mergedRange, vr)
- if err != nil {
- metrics.AddNote("Failed to merge ranges: %v", err)
- }
- }
- }
- }
- if len(commits) > 0 {
- for _, commit := range commits {
- if commit.Repo == repo {
- if mergedRange == nil {
- mergedRange = c.BuildVersionRange(commit.Introduced, commit.LastAffected, commit.Fixed)
- mergedRange.Repo = repo
- mergedRange.Type = osvschema.Range_GIT
- } else {
- event := convertCommitToEvent(commit)
- if event != nil {
- addEventToRange(mergedRange, event)
- }
- }
- }
- }
- }
- if mergedRange != nil {
- newResolvedRanges = append(newResolvedRanges, mergedRange)
- }
- }
- }
-
- // if there are no resolved version but there are commits, we should create a range for each commit
- if len(resolvedRanges) == 0 && len(commits) > 0 {
- for _, commit := range commits {
- newRange := c.BuildVersionRange(commit.Introduced, commit.LastAffected, commit.Fixed)
- newRange.Repo = commit.Repo
- newRange.Type = osvschema.Range_GIT
- newResolvedRanges = append(newResolvedRanges, newRange)
- metrics.ResolvedRangesCount++
- }
- }
-
- newAffected := &osvschema.Affected{
- Ranges: newResolvedRanges,
- }
-
- if len(unresolvedRanges) > 0 {
- databaseSpecific, err := utility.NewStructpbFromMap(map[string]any{"unresolved_ranges": unresolvedRanges})
- if err != nil {
- metrics.AddNote("failed to make database specific: %v", err)
- }
- newAffected.DatabaseSpecific = databaseSpecific
- }
-
- return newAffected
-}
-
-// addEventToRange adds an event to a version range, avoiding duplicates.
-// Introduced events are prepended to the events list, while others are appended.
-//
-// Arguments:
-// - versionRange: The OSV range to which the event will be added.
-// - event: The OSV event (Introduced, Fixed, or LastAffected) to add.
-func addEventToRange(versionRange *osvschema.Range, event *osvschema.Event) {
- // Handle duplicate events being added
- for _, e := range versionRange.GetEvents() {
- if e.GetIntroduced() != "" && e.GetIntroduced() == event.GetIntroduced() {
- return
- }
- if e.GetFixed() != "" && e.GetFixed() == event.GetFixed() {
- return
- }
- if e.GetLastAffected() != "" && e.GetLastAffected() == event.GetLastAffected() {
- return
- }
- }
- //TODO: maybe handle if the fixed event appears as an introduced event or similar.
-
- if event.GetIntroduced() != "" {
- versionRange.Events = append([]*osvschema.Event{{
- Introduced: event.GetIntroduced()}}, versionRange.GetEvents()...)
- } else {
- versionRange.Events = append(versionRange.Events, event)
- }
-}
-
-// convertCommitToEvent creates an OSV Event from an AffectedCommit.
-// It returns an event with the Introduced, Fixed, or LastAffected value from the commit.
-func convertCommitToEvent(commit models.AffectedCommit) *osvschema.Event {
- if commit.Introduced != "" {
- return &osvschema.Event{
- Introduced: commit.Introduced,
- }
- }
- if commit.Fixed != "" {
- return &osvschema.Event{
- Fixed: commit.Fixed,
- }
- }
- if commit.LastAffected != "" {
- return &osvschema.Event{
- LastAffected: commit.LastAffected,
- }
- }
-
- return nil
-}
-
// outputFiles writes the OSV vulnerability record and conversion metrics to files in the specified directory.
// It creates the necessary subdirectories based on the vendor and product names and handles whether or not
// the files should be written based on the rejectFailed and outputMetrics flags.
@@ -468,11 +352,7 @@ func outputFiles(v *vulns.Vulnerability, dir string, vendor string, product stri
logger.Info("Failed to create directory "+vulnDir, slog.String("cve", cveID), slog.String("path", vulnDir), slog.Any("err", err))
}
- if metrics.Outcome == models.Error {
- return
- }
-
- if !rejectFailed || metrics.Outcome == models.Successful {
+ if metrics.Outcome != models.Error && (!rejectFailed || metrics.Outcome == models.Successful) {
osvFile, errCVE := c.CreateOSVFile(models.CVEID(cveID), vulnDir)
if errCVE != nil {
logger.Fatal("File failed to be created for CVE", slog.String("cve", cveID))
@@ -493,27 +373,3 @@ func outputFiles(v *vulns.Vulnerability, dir string, vendor string, product stri
metricsFile.Close()
}
}
-
-// processRanges attempts to resolve the given ranges to commits and updates the metrics accordingly.
-func processRanges(ranges []*osvschema.Range, repos []string, metrics *models.ConversionMetrics, cache *git.RepoTagsCache, source models.VersionSource) ([]*osvschema.Range, []*osvschema.Range, []string) {
- if len(ranges) == 0 {
- return nil, nil, nil
- }
-
- r, un, sR := c.GitVersionsToCommits(ranges, repos, metrics, cache)
- if len(r) > 0 {
- metrics.ResolvedRangesCount += len(r)
- metrics.SetOutcome(models.Successful)
- }
-
- if len(un) > 0 {
- metrics.UnresolvedRangesCount += len(un)
- if len(r) == 0 {
- metrics.SetOutcome(models.NoCommitRanges)
- }
- }
-
- metrics.VersionSources = append(metrics.VersionSources, source)
-
- return r, un, sR
-}
diff --git a/vulnfeeds/conversion/nvd/converter_test.go b/vulnfeeds/conversion/nvd/converter_test.go
index 9410cbe0817..1604f1686ac 100644
--- a/vulnfeeds/conversion/nvd/converter_test.go
+++ b/vulnfeeds/conversion/nvd/converter_test.go
@@ -1,14 +1,18 @@
package nvd
import (
+ "encoding/json"
"net/http"
"os"
"path/filepath"
+ "sort"
"testing"
+ "github.com/gkampitakis/go-snaps/snaps"
"github.com/go-git/go-git/v5/plumbing/transport/client"
githttp "github.com/go-git/go-git/v5/plumbing/transport/http"
"github.com/google/go-cmp/cmp"
+ "github.com/google/osv/vulnfeeds/conversion"
"github.com/google/osv/vulnfeeds/git"
"github.com/google/osv/vulnfeeds/models"
"github.com/ossf/osv-schema/bindings/go/osvschema"
@@ -93,6 +97,66 @@ func TestCVEToOSV_429(t *testing.T) {
}
}
+func TestNVDSnapshot(t *testing.T) {
+ testPath := "test.json"
+ file, err := os.Open(testPath)
+
+ if err != nil {
+ t.Fatalf("Failed to open test data from %s: %v", testPath, err)
+ }
+ defer file.Close()
+
+ var nvd models.CVEAPIJSON20Schema
+ err = json.NewDecoder(file).Decode(&nvd)
+ if err != nil {
+ t.Fatalf("Failed to decode %s: %v", testPath, err)
+ }
+
+ cpeData := "cpe_testdata.json"
+ vpcache := conversion.NewVPRepoCache()
+ err = conversion.LoadCPEDictionary(vpcache, cpeData)
+ if err != nil {
+ t.Fatalf("Failed to decode %s: %v", cpeData, err)
+ }
+
+ outDir := t.TempDir()
+ metrics := &models.ConversionMetrics{}
+ cache := &git.RepoTagsCache{}
+
+ for _, vuln := range nvd.Vulnerabilities {
+ CVEToOSV(vuln.CVE, []string{}, cache, outDir, metrics, false, false)
+ }
+
+ var fileContents []string
+ err = filepath.Walk(outDir, func(path string, info os.FileInfo, err error) error {
+ if err != nil {
+ return err
+ }
+ if !info.IsDir() && filepath.Ext(path) == ".json" {
+ content, err := os.ReadFile(path)
+ if err != nil {
+ return err
+ }
+ fileContents = append(fileContents, string(content))
+ }
+
+ return nil
+ })
+ if err != nil {
+ t.Fatalf("Failed to walk outDir: %v", err)
+ }
+
+ // To make snapshot deterministic
+ sort.Strings(fileContents)
+
+ keys := make([]any, 0, len(fileContents))
+ for _, c := range fileContents {
+ keys = append(keys, c)
+ }
+
+ snaps.MatchSnapshot(t, keys...)
+}
+
func TestCVEToOSV_ReferencesDeterminism(t *testing.T) {
cve := models.NVDCVE{
ID: "CVE-2025-12345",
diff --git a/vulnfeeds/conversion/nvd/cpe_testdata.json b/vulnfeeds/conversion/nvd/cpe_testdata.json
new file mode 100644
index 00000000000..324a7af0f97
--- /dev/null
+++ b/vulnfeeds/conversion/nvd/cpe_testdata.json
@@ -0,0 +1,24 @@
+{
+ "ffmpeg:ffmpeg": [
+ "https://github.com/ffmpeg/ffmpeg"
+ ],
+ "google:protobuf-python": [
+ "https://github.com/protocolbuffers/protobuf"
+ ],
+ "harfbuzz_project:harfbuzz": [
+ "https://github.com/behdad/harfbuzz",
+ "https://github.com/harfbuzz/harfbuzz"
+ ],
+ "haxx:curl": [
+ "https://github.com/curl/curl"
+ ],
+ "haxx:libcurl": [
+ "https://github.com/curl/curl"
+ ],
+ "libdwarf_project:libdwarf": [
+ "https://github.com/davea42/libdwarf-code"
+ ],
+ "tokio:tokio": [
+ "https://github.com/tokio-rs/tokio"
+ ]
+}
\ No newline at end of file
diff --git a/vulnfeeds/conversion/nvd/test.json b/vulnfeeds/conversion/nvd/test.json
new file mode 100644
index 00000000000..f17e721a0dc
--- /dev/null
+++ b/vulnfeeds/conversion/nvd/test.json
@@ -0,0 +1,2964 @@
+{
+ "resultsPerPage": 1,
+ "startIndex": 0,
+ "totalResults": 1,
+ "format": "NVD_CVE",
+ "version": "2.0",
+ "timestamp": "2026-01-29T23:19:29.408",
+ "vulnerabilities": [
+ {
+ "cve": {
+ "id": "CVE-2026-20912",
+ "sourceIdentifier": "88ee5874-cf24-4952-aea0-31affedb7ff2",
+ "published": "2026-01-22T22:16:19.297",
+ "lastModified": "2026-01-29T22:03:58.330",
+ "vulnStatus": "Analyzed",
+ "cveTags": [],
+ "descriptions": [
+ {
+ "lang": "en",
+ "value": "Gitea does not properly validate repository ownership when linking attachments to releases. An attachment uploaded to a private repository could potentially be linked to a release in a different public repository, making it accessible to unauthorized users."
+ }
+ ],
+ "metrics": {
+ "cvssMetricV31": [
+ {
+ "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+ "type": "Secondary",
+ "cvssData": {
+ "version": "3.1",
+ "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
+ "baseScore": 9.1,
+ "baseSeverity": "CRITICAL",
+ "attackVector": "NETWORK",
+ "attackComplexity": "LOW",
+ "privilegesRequired": "NONE",
+ "userInteraction": "NONE",
+ "scope": "UNCHANGED",
+ "confidentialityImpact": "HIGH",
+ "integrityImpact": "HIGH",
+ "availabilityImpact": "NONE"
+ },
+ "exploitabilityScore": 3.9,
+ "impactScore": 5.2
+ }
+ ]
+ },
+ "weaknesses": [
+ {
+ "source": "88ee5874-cf24-4952-aea0-31affedb7ff2",
+ "type": "Secondary",
+ "description": [
+ {
+ "lang": "en",
+ "value": "CWE-284"
+ },
+ {
+ "lang": "en",
+ "value": "CWE-639"
+ }
+ ]
+ }
+ ],
+ "configurations": [
+ {
+ "nodes": [
+ {
+ "operator": "OR",
+ "negate": false,
+ "cpeMatch": [
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:gitea:gitea:*:*:*:*:*:-:*:*",
+ "versionEndExcluding": "1.25.4",
+ "matchCriteriaId": "DFCB7D74-331D-4582-AB41-113A25BE8FAA"
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "references": [
+ {
+ "url": "https://blog.gitea.com/release-of-1.25.4/",
+ "source": "88ee5874-cf24-4952-aea0-31affedb7ff2",
+ "tags": [
+ "Release Notes"
+ ]
+ },
+ {
+ "url": "https://github.com/go-gitea/gitea/pull/36320",
+ "source": "88ee5874-cf24-4952-aea0-31affedb7ff2",
+ "tags": [
+ "Issue Tracking",
+ "Patch"
+ ]
+ },
+ {
+ "url": "https://github.com/go-gitea/gitea/pull/36355",
+ "source": "88ee5874-cf24-4952-aea0-31affedb7ff2",
+ "tags": [
+ "Issue Tracking",
+ "Patch"
+ ]
+ },
+ {
+ "url": "https://github.com/go-gitea/gitea/releases/tag/v1.25.4",
+ "source": "88ee5874-cf24-4952-aea0-31affedb7ff2",
+ "tags": [
+ "Release Notes"
+ ]
+ },
+ {
+ "url": "https://github.com/go-gitea/gitea/security/advisories/GHSA-vfmv-f93v-37mw",
+ "source": "88ee5874-cf24-4952-aea0-31affedb7ff2",
+ "tags": [
+ "Broken Link"
+ ]
+ }
+ ]
+ }
+ },
+ {
+ "cve": {
+ "id": "CVE-2023-22466",
+ "sourceIdentifier": "security-advisories@github.com",
+ "published": "2023-01-04T22:15:09.267",
+ "lastModified": "2024-11-21T07:44:51.683",
+ "vulnStatus": "Modified",
+ "cveTags": [],
+ "descriptions": [
+ {
+ "lang": "en",
+ "value": "Tokio is a runtime for writing applications with Rust. Starting with version 1.7.0 and prior to versions 1.18.4, 1.20.3, and 1.23.1, when configuring a Windows named pipe server, setting `pipe_mode` will reset `reject_remote_clients` to `false`. If the application has previously configured `reject_remote_clients` to `true`, this effectively undoes the configuration. Remote clients may only access the named pipe if the named pipe's associated path is accessible via a publicly shared folder (SMB). Versions 1.23.1, 1.20.3, and 1.18.4 have been patched. The fix will also be present in all releases starting from version 1.24.0. Named pipes were introduced to Tokio in version 1.7.0, so releases older than 1.7.0 are not affected. As a workaround, ensure that `pipe_mode` is set first after initializing a `ServerOptions`."
+ },
+ {
+ "lang": "es",
+ "value": "Tokio es un runtime para escribir aplicaciones con Rust. A partir de la versi\u00f3n 1.7.0 y anteriores a las versiones 1.18.4, 1.20.3 y 1.23.1, al configurar un servidor de canalizaci\u00f3n con nombre de Windows, configurar `pipe_mode` restablecer\u00e1 `reject_remote_clients` a `false`. Si la aplicaci\u00f3n ha configurado previamente `reject_remote_clients` en `true`, esto efectivamente deshace la configuraci\u00f3n. Los clientes remotos solo pueden acceder a la canalizaci\u00f3n con nombre si se puede acceder a la ruta asociada a la canalizaci\u00f3n con nombre a trav\u00e9s de una carpeta compartida p\u00fablicamente (SMB). Se han parcheado las versiones 1.23.1, 1.20.3 y 1.18.4. La soluci\u00f3n tambi\u00e9n estar\u00e1 presente en todas las versiones a partir de la versi\u00f3n 1.24.0. Las canalizaciones con nombre se introdujeron en Tokio en la versi\u00f3n 1.7.0, por lo que las versiones anteriores a 1.7.0 no se ven afectadas. Como workaround, aseg\u00farese de que `pipe_mode` est\u00e9 configurado primero despu\u00e9s de inicializar `ServerOptions`."
+ }
+ ],
+ "metrics": {
+ "cvssMetricV31": [
+ {
+ "source": "security-advisories@github.com",
+ "type": "Secondary",
+ "cvssData": {
+ "version": "3.1",
+ "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
+ "baseScore": 5.4,
+ "baseSeverity": "MEDIUM",
+ "attackVector": "NETWORK",
+ "attackComplexity": "LOW",
+ "privilegesRequired": "LOW",
+ "userInteraction": "NONE",
+ "scope": "UNCHANGED",
+ "confidentialityImpact": "LOW",
+ "integrityImpact": "NONE",
+ "availabilityImpact": "LOW"
+ },
+ "exploitabilityScore": 2.8,
+ "impactScore": 2.5
+ },
+ {
+ "source": "nvd@nist.gov",
+ "type": "Primary",
+ "cvssData": {
+ "version": "3.1",
+ "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
+ "baseScore": 5.4,
+ "baseSeverity": "MEDIUM",
+ "attackVector": "NETWORK",
+ "attackComplexity": "LOW",
+ "privilegesRequired": "LOW",
+ "userInteraction": "NONE",
+ "scope": "UNCHANGED",
+ "confidentialityImpact": "LOW",
+ "integrityImpact": "LOW",
+ "availabilityImpact": "NONE"
+ },
+ "exploitabilityScore": 2.8,
+ "impactScore": 2.5
+ }
+ ]
+ },
+ "weaknesses": [
+ {
+ "source": "security-advisories@github.com",
+ "type": "Secondary",
+ "description": [
+ {
+ "lang": "en",
+ "value": "CWE-665"
+ }
+ ]
+ }
+ ],
+ "configurations": [
+ {
+ "nodes": [
+ {
+ "operator": "OR",
+ "negate": false,
+ "cpeMatch": [
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:tokio:tokio:*:*:*:*:*:rust:*:*",
+ "versionStartIncluding": "1.7.0",
+ "versionEndExcluding": "1.18.4",
+ "matchCriteriaId": "443488FE-C04F-4785-A677-914F87E2C6FD"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:tokio:tokio:*:*:*:*:*:rust:*:*",
+ "versionStartIncluding": "1.19.0",
+ "versionEndExcluding": "1.20.3",
+ "matchCriteriaId": "ECF2500F-3709-4738-BA16-38406FB5BB4F"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:tokio:tokio:*:*:*:*:*:rust:*:*",
+ "versionStartIncluding": "1.21.0",
+ "versionEndExcluding": "1.23.1",
+ "matchCriteriaId": "A4BA373F-B995-4308-9583-2E9B4546B16C"
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "references": [
+ {
+ "url": "https://github.com/tokio-rs/tokio/pull/5336",
+ "source": "security-advisories@github.com",
+ "tags": [
+ "Patch",
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://github.com/tokio-rs/tokio/releases/tag/tokio-1.23.1",
+ "source": "security-advisories@github.com",
+ "tags": [
+ "Release Notes",
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://github.com/tokio-rs/tokio/security/advisories/GHSA-7rrj-xr53-82p7",
+ "source": "security-advisories@github.com",
+ "tags": [
+ "Mitigation",
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://learn.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-createnamedpipea#pipe_reject_remote_clients",
+ "source": "security-advisories@github.com",
+ "tags": [
+ "Technical Description",
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://github.com/tokio-rs/tokio/pull/5336",
+ "source": "af854a3a-2127-422b-91ae-364da2661108",
+ "tags": [
+ "Patch",
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://github.com/tokio-rs/tokio/releases/tag/tokio-1.23.1",
+ "source": "af854a3a-2127-422b-91ae-364da2661108",
+ "tags": [
+ "Release Notes",
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://github.com/tokio-rs/tokio/security/advisories/GHSA-7rrj-xr53-82p7",
+ "source": "af854a3a-2127-422b-91ae-364da2661108",
+ "tags": [
+ "Mitigation",
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://learn.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-createnamedpipea#pipe_reject_remote_clients",
+ "source": "af854a3a-2127-422b-91ae-364da2661108",
+ "tags": [
+ "Technical Description",
+ "Third Party Advisory"
+ ]
+ }
+ ]
+ }
+ },
+ {
+ "cve": {
+ "id": "CVE-2026-23522",
+ "sourceIdentifier": "security-advisories@github.com",
+ "published": "2026-01-19T17:15:50.590",
+ "lastModified": "2026-01-26T15:05:39.840",
+ "vulnStatus": "Awaiting Analysis",
+ "cveTags": [],
+ "descriptions": [
+ {
+ "lang": "en",
+ "value": "LobeChat is an open source chat application platform. Prior to version 2.0.0-next.193, `knowledgeBase.removeFilesFromKnowledgeBase` tRPC ep allows authenticated users to delete files from any knowledge base without verifying ownership. `userId` filter in the database query is commented out, so it's enabling attackers to delete other users' KB files if they know the knowledge base ID and file ID. While the vulnerability is confirmed, practical exploitation requires knowing target's KB ID and target's file ID. These IDs are random and not easily enumerable. However, IDs may leak through shared links, logs, referrer headers and so on. Missing authorization check is a critical security flaw regardless. Users should upgrade to version 2.0.0-next.193 to receive a patch."
+ }
+ ],
+ "metrics": {
+ "cvssMetricV31": [
+ {
+ "source": "security-advisories@github.com",
+ "type": "Secondary",
+ "cvssData": {
+ "version": "3.1",
+ "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
+ "baseScore": 3.7,
+ "baseSeverity": "LOW",
+ "attackVector": "NETWORK",
+ "attackComplexity": "HIGH",
+ "privilegesRequired": "NONE",
+ "userInteraction": "NONE",
+ "scope": "UNCHANGED",
+ "confidentialityImpact": "NONE",
+ "integrityImpact": "LOW",
+ "availabilityImpact": "NONE"
+ },
+ "exploitabilityScore": 2.2,
+ "impactScore": 1.4
+ }
+ ]
+ },
+ "weaknesses": [
+ {
+ "source": "security-advisories@github.com",
+ "type": "Primary",
+ "description": [
+ {
+ "lang": "en",
+ "value": "CWE-284"
+ },
+ {
+ "lang": "en",
+ "value": "CWE-639"
+ },
+ {
+ "lang": "en",
+ "value": "CWE-862"
+ },
+ {
+ "lang": "en",
+ "value": "CWE-915"
+ }
+ ]
+ }
+ ],
+ "references": [
+ {
+ "url": "https://github.com/lobehub/lobe-chat/commit/2c1762b85acb84467ed5e799afe1499cd2f912e6",
+ "source": "security-advisories@github.com"
+ },
+ {
+ "url": "https://github.com/lobehub/lobe-chat/security/advisories/GHSA-j7xp-4mg9-x28r",
+ "source": "security-advisories@github.com"
+ }
+ ]
+ }
+ },
+ {
+ "cve": {
+ "id": "CVE-2025-4565",
+ "sourceIdentifier": "cve-coordination@google.com",
+ "published": "2025-06-16T15:15:24.990",
+ "lastModified": "2025-08-14T17:05:37.770",
+ "vulnStatus": "Analyzed",
+ "cveTags": [],
+ "descriptions": [
+ {
+ "lang": "en",
+ "value": "Any project that uses Protobuf Pure-Python backend to parse untrusted Protocol Buffers data containing an arbitrary number of recursive groups, recursive messages or a series of SGROUP tags can be corrupted by exceeding the Python recursion limit. This can result in a Denial of service by crashing the application with a RecursionError. We recommend upgrading to version =>6.31.1 or beyond commit 17838beda2943d08b8a9d4df5b68f5f04f26d901"
+ },
+ {
+ "lang": "es",
+ "value": "Cualquier proyecto que utilice el backend Protobuf Pure-Python para analizar datos de Protocol Buffers no confiables que contengan un n\u00famero arbitrario de grupos recursivos, mensajes recursivos o una serie de etiquetas SGROUP puede corromperse al exceder el l\u00edmite de recursi\u00f3n de Python. Esto puede provocar una denegaci\u00f3n de servicio (DSP) que bloquea la aplicaci\u00f3n con un RecursionError. Recomendamos actualizar a la versi\u00f3n 6.31.1 o posterior (commit 17838beda2943d08b8a9d4df5b68f5f04f26d901)."
+ }
+ ],
+ "metrics": {
+ "cvssMetricV40": [
+ {
+ "source": "cve-coordination@google.com",
+ "type": "Secondary",
+ "cvssData": {
+ "version": "4.0",
+ "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
+ "baseScore": 8.2,
+ "baseSeverity": "HIGH",
+ "attackVector": "NETWORK",
+ "attackComplexity": "LOW",
+ "attackRequirements": "PRESENT",
+ "privilegesRequired": "NONE",
+ "userInteraction": "NONE",
+ "vulnConfidentialityImpact": "NONE",
+ "vulnIntegrityImpact": "NONE",
+ "vulnAvailabilityImpact": "HIGH",
+ "subConfidentialityImpact": "NONE",
+ "subIntegrityImpact": "NONE",
+ "subAvailabilityImpact": "NONE",
+ "exploitMaturity": "NOT_DEFINED",
+ "confidentialityRequirement": "NOT_DEFINED",
+ "integrityRequirement": "NOT_DEFINED",
+ "availabilityRequirement": "NOT_DEFINED",
+ "modifiedAttackVector": "NOT_DEFINED",
+ "modifiedAttackComplexity": "NOT_DEFINED",
+ "modifiedAttackRequirements": "NOT_DEFINED",
+ "modifiedPrivilegesRequired": "NOT_DEFINED",
+ "modifiedUserInteraction": "NOT_DEFINED",
+ "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
+ "modifiedVulnIntegrityImpact": "NOT_DEFINED",
+ "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
+ "modifiedSubConfidentialityImpact": "NOT_DEFINED",
+ "modifiedSubIntegrityImpact": "NOT_DEFINED",
+ "modifiedSubAvailabilityImpact": "NOT_DEFINED",
+ "Safety": "NOT_DEFINED",
+ "Automatable": "NOT_DEFINED",
+ "Recovery": "NOT_DEFINED",
+ "valueDensity": "NOT_DEFINED",
+ "vulnerabilityResponseEffort": "NOT_DEFINED",
+ "providerUrgency": "NOT_DEFINED"
+ }
+ }
+ ],
+ "cvssMetricV31": [
+ {
+ "source": "nvd@nist.gov",
+ "type": "Primary",
+ "cvssData": {
+ "version": "3.1",
+ "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
+ "baseScore": 5.3,
+ "baseSeverity": "MEDIUM",
+ "attackVector": "NETWORK",
+ "attackComplexity": "LOW",
+ "privilegesRequired": "NONE",
+ "userInteraction": "NONE",
+ "scope": "UNCHANGED",
+ "confidentialityImpact": "NONE",
+ "integrityImpact": "NONE",
+ "availabilityImpact": "LOW"
+ },
+ "exploitabilityScore": 3.9,
+ "impactScore": 1.4
+ }
+ ]
+ },
+ "weaknesses": [
+ {
+ "source": "cve-coordination@google.com",
+ "type": "Secondary",
+ "description": [
+ {
+ "lang": "en",
+ "value": "CWE-674"
+ }
+ ]
+ }
+ ],
+ "configurations": [
+ {
+ "nodes": [
+ {
+ "operator": "OR",
+ "negate": false,
+ "cpeMatch": [
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:google:protobuf-python:*:*:*:*:*:*:*:*",
+ "versionEndExcluding": "4.25.8",
+ "matchCriteriaId": "9CE770F3-A719-45B8-83F5-3AAC15F92BAB"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:google:protobuf-python:*:*:*:*:*:*:*:*",
+ "versionStartIncluding": "5.26.0",
+ "versionEndExcluding": "5.29.5",
+ "matchCriteriaId": "4665132F-1171-4C9B-929C-A17B18C48346"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:google:protobuf-python:*:*:*:*:*:*:*:*",
+ "versionStartIncluding": "6.30.0",
+ "versionEndExcluding": "6.31.1",
+ "matchCriteriaId": "4DE9676C-D5FF-4775-95B6-254BBE420757"
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "references": [
+ {
+ "url": "https://github.com/protocolbuffers/protobuf/commit/17838beda2943d08b8a9d4df5b68f5f04f26d901",
+ "source": "cve-coordination@google.com",
+ "tags": [
+ "Patch"
+ ]
+ }
+ ]
+ }
+ },
+ {
+ "cve": {
+ "id": "CVE-2018-14618",
+ "sourceIdentifier": "secalert@redhat.com",
+ "published": "2018-09-05T19:29:00.420",
+ "lastModified": "2024-11-21T03:49:26.003",
+ "vulnStatus": "Modified",
+ "cveTags": [],
+ "descriptions": [
+ {
+ "lang": "en",
+ "value": "curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently used to iterate over the password and generate output into the allocated storage buffer. On systems with a 32 bit size_t, the math to calculate SUM triggers an integer overflow when the password length exceeds 2GB (2^31 bytes). This integer overflow usually causes a very small buffer to actually get allocated instead of the intended very huge one, making the use of that buffer end up in a heap buffer overflow. (This bug is almost identical to CVE-2017-8816.)"
+ },
+ {
+ "lang": "es",
+ "value": "curl en versiones anteriores a la 7.61.1 es vulnerable a un desbordamiento de b\u00fafer en el c\u00f3digo de autenticaci\u00f3n NTLM. La funci\u00f3n interna Curl_ntlm_core_mk_nt_hash multiplica la longitud de la contrase\u00f1a por dos (SUM) para adivinar qu\u00e9 tama\u00f1o debe tener la zona de almacenamiento temporal que se va a asignar desde la memoria din\u00e1mica (heap). El valor de longitud se emplea a continuaci\u00f3n para iterar sobre la contrase\u00f1a y generar una salida en el b\u00fafer de almacenamiento asignado. En sistemas con un size_t de 32 bits, la matem\u00e1tica para calcular SUM desencadena un desbordamiento de enteros cuando la contrase\u00f1a excede los 2 GB (2^31 bytes). Este desbordamiento de enteros suele provocar que un b\u00fafer muy peque\u00f1o se asigne en lugar del planeado (uno muy grande), por lo que su uso termina con un desbordamiento de b\u00fafer basado en memoria din\u00e1mica (heap). (Este error es casi id\u00e9ntico a CVE-2017-8816)."
+ }
+ ],
+ "metrics": {
+ "cvssMetricV30": [
+ {
+ "source": "secalert@redhat.com",
+ "type": "Secondary",
+ "cvssData": {
+ "version": "3.0",
+ "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
+ "baseScore": 7.5,
+ "baseSeverity": "HIGH",
+ "attackVector": "NETWORK",
+ "attackComplexity": "HIGH",
+ "privilegesRequired": "NONE",
+ "userInteraction": "REQUIRED",
+ "scope": "UNCHANGED",
+ "confidentialityImpact": "HIGH",
+ "integrityImpact": "HIGH",
+ "availabilityImpact": "HIGH"
+ },
+ "exploitabilityScore": 1.6,
+ "impactScore": 5.9
+ },
+ {
+ "source": "nvd@nist.gov",
+ "type": "Primary",
+ "cvssData": {
+ "version": "3.0",
+ "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+ "baseScore": 9.8,
+ "baseSeverity": "CRITICAL",
+ "attackVector": "NETWORK",
+ "attackComplexity": "LOW",
+ "privilegesRequired": "NONE",
+ "userInteraction": "NONE",
+ "scope": "UNCHANGED",
+ "confidentialityImpact": "HIGH",
+ "integrityImpact": "HIGH",
+ "availabilityImpact": "HIGH"
+ },
+ "exploitabilityScore": 3.9,
+ "impactScore": 5.9
+ }
+ ],
+ "cvssMetricV2": [
+ {
+ "source": "nvd@nist.gov",
+ "type": "Primary",
+ "cvssData": {
+ "version": "2.0",
+ "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
+ "baseScore": 10,
+ "accessVector": "NETWORK",
+ "accessComplexity": "LOW",
+ "authentication": "NONE",
+ "confidentialityImpact": "COMPLETE",
+ "integrityImpact": "COMPLETE",
+ "availabilityImpact": "COMPLETE"
+ },
+ "baseSeverity": "HIGH",
+ "exploitabilityScore": 10,
+ "impactScore": 10,
+ "acInsufInfo": false,
+ "obtainAllPrivilege": false,
+ "obtainUserPrivilege": false,
+ "obtainOtherPrivilege": false,
+ "userInteractionRequired": false
+ }
+ ]
+ },
+ "weaknesses": [
+ {
+ "source": "secalert@redhat.com",
+ "type": "Secondary",
+ "description": [
+ {
+ "lang": "en",
+ "value": "CWE-122"
+ },
+ {
+ "lang": "en",
+ "value": "CWE-131"
+ }
+ ]
+ },
+ {
+ "source": "nvd@nist.gov",
+ "type": "Primary",
+ "description": [
+ {
+ "lang": "en",
+ "value": "CWE-190"
+ }
+ ]
+ }
+ ],
+ "configurations": [
+ {
+ "nodes": [
+ {
+ "operator": "OR",
+ "negate": false,
+ "cpeMatch": [
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*",
+ "versionEndExcluding": "7.61.1",
+ "matchCriteriaId": "52ABFC88-7FDA-4850-BAAB-EAEBAA132B1A"
+ }
+ ]
+ }
+ ]
+ },
+ {
+ "nodes": [
+ {
+ "operator": "OR",
+ "negate": false,
+ "cpeMatch": [
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*",
+ "matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*",
+ "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*",
+ "matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
+ "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D"
+ }
+ ]
+ }
+ ]
+ },
+ {
+ "nodes": [
+ {
+ "operator": "OR",
+ "negate": false,
+ "cpeMatch": [
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
+ "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252"
+ }
+ ]
+ }
+ ]
+ },
+ {
+ "nodes": [
+ {
+ "operator": "OR",
+ "negate": false,
+ "cpeMatch": [
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
+ "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
+ "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:redhat:enterprise_linux:7.4:*:*:*:*:*:*:*",
+ "matchCriteriaId": "041F9200-4C01-4187-AE34-240E8277B54D"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*",
+ "matchCriteriaId": "4EB48767-F095-444F-9E05-D9AC345AB803"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:redhat:enterprise_linux:7.6:*:*:*:*:*:*:*",
+ "matchCriteriaId": "5F6FA12B-504C-4DBF-A32E-0548557AA2ED"
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "references": [
+ {
+ "url": "http://www.securitytracker.com/id/1041605",
+ "source": "secalert@redhat.com",
+ "tags": [
+ "Third Party Advisory",
+ "VDB Entry"
+ ]
+ },
+ {
+ "url": "https://access.redhat.com/errata/RHSA-2018:3558",
+ "source": "secalert@redhat.com",
+ "tags": [
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://access.redhat.com/errata/RHSA-2019:1880",
+ "source": "secalert@redhat.com"
+ },
+ {
+ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14618",
+ "source": "secalert@redhat.com",
+ "tags": [
+ "Issue Tracking"
+ ]
+ },
+ {
+ "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf",
+ "source": "secalert@redhat.com"
+ },
+ {
+ "url": "https://curl.haxx.se/docs/CVE-2018-14618.html",
+ "source": "secalert@redhat.com",
+ "tags": [
+ "Vendor Advisory"
+ ]
+ },
+ {
+ "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0014",
+ "source": "secalert@redhat.com",
+ "tags": [
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://security.gentoo.org/glsa/201903-03",
+ "source": "secalert@redhat.com",
+ "tags": [
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://usn.ubuntu.com/3765-1/",
+ "source": "secalert@redhat.com",
+ "tags": [
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://usn.ubuntu.com/3765-2/",
+ "source": "secalert@redhat.com",
+ "tags": [
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://www.debian.org/security/2018/dsa-4286",
+ "source": "secalert@redhat.com",
+ "tags": [
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "http://www.securitytracker.com/id/1041605",
+ "source": "af854a3a-2127-422b-91ae-364da2661108",
+ "tags": [
+ "Third Party Advisory",
+ "VDB Entry"
+ ]
+ },
+ {
+ "url": "https://access.redhat.com/errata/RHSA-2018:3558",
+ "source": "af854a3a-2127-422b-91ae-364da2661108",
+ "tags": [
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://access.redhat.com/errata/RHSA-2019:1880",
+ "source": "af854a3a-2127-422b-91ae-364da2661108"
+ },
+ {
+ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14618",
+ "source": "af854a3a-2127-422b-91ae-364da2661108",
+ "tags": [
+ "Issue Tracking"
+ ]
+ },
+ {
+ "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf",
+ "source": "af854a3a-2127-422b-91ae-364da2661108"
+ },
+ {
+ "url": "https://curl.haxx.se/docs/CVE-2018-14618.html",
+ "source": "af854a3a-2127-422b-91ae-364da2661108",
+ "tags": [
+ "Vendor Advisory"
+ ]
+ },
+ {
+ "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0014",
+ "source": "af854a3a-2127-422b-91ae-364da2661108",
+ "tags": [
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://security.gentoo.org/glsa/201903-03",
+ "source": "af854a3a-2127-422b-91ae-364da2661108",
+ "tags": [
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://usn.ubuntu.com/3765-1/",
+ "source": "af854a3a-2127-422b-91ae-364da2661108",
+ "tags": [
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://usn.ubuntu.com/3765-2/",
+ "source": "af854a3a-2127-422b-91ae-364da2661108",
+ "tags": [
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://www.debian.org/security/2018/dsa-4286",
+ "source": "af854a3a-2127-422b-91ae-364da2661108",
+ "tags": [
+ "Third Party Advisory"
+ ]
+ }
+ ]
+ }
+ },
+ {
+ "cve": {
+ "id": "CVE-2023-1055",
+ "sourceIdentifier": "secalert@redhat.com",
+ "published": "2023-02-27T22:15:09.990",
+ "lastModified": "2024-11-21T07:38:22.297",
+ "vulnStatus": "Modified",
+ "cveTags": [],
+ "descriptions": [
+ {
+ "lang": "en",
+ "value": "A flaw was found in RHDS 11 and RHDS 12. While browsing entries LDAP tries to decode the userPassword attribute instead of the userCertificate attribute which could lead into sensitive information leaked. An attacker with a local account where the cockpit-389-ds is running can list the processes and display the hashed passwords. The highest threat from this vulnerability is to data confidentiality."
+ }
+ ],
+ "metrics": {
+ "cvssMetricV31": [
+ {
+ "source": "nvd@nist.gov",
+ "type": "Primary",
+ "cvssData": {
+ "version": "3.1",
+ "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
+ "baseScore": 5.5,
+ "baseSeverity": "MEDIUM",
+ "attackVector": "LOCAL",
+ "attackComplexity": "LOW",
+ "privilegesRequired": "LOW",
+ "userInteraction": "NONE",
+ "scope": "UNCHANGED",
+ "confidentialityImpact": "HIGH",
+ "integrityImpact": "NONE",
+ "availabilityImpact": "NONE"
+ },
+ "exploitabilityScore": 1.8,
+ "impactScore": 3.6
+ }
+ ]
+ },
+ "weaknesses": [
+ {
+ "source": "secalert@redhat.com",
+ "type": "Secondary",
+ "description": [
+ {
+ "lang": "en",
+ "value": "CWE-200"
+ }
+ ]
+ },
+ {
+ "source": "nvd@nist.gov",
+ "type": "Primary",
+ "description": [
+ {
+ "lang": "en",
+ "value": "CWE-295"
+ }
+ ]
+ }
+ ],
+ "configurations": [
+ {
+ "nodes": [
+ {
+ "operator": "OR",
+ "negate": false,
+ "cpeMatch": [
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:redhat:directory_server:11.5:*:*:*:*:*:*:*",
+ "matchCriteriaId": "5532B7A4-A873-4639-B8D4-B6A65CFCFB3A"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:redhat:directory_server:11.6:*:*:*:*:*:*:*",
+ "matchCriteriaId": "151CA15F-B090-4767-A1B0-03CBE45A7B75"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:redhat:directory_server:12.0:*:*:*:*:*:*:*",
+ "matchCriteriaId": "A3DAF61A-58A9-41A6-A4DC-64148055B0C1"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:redhat:directory_server:12.1:*:*:*:*:*:*:*",
+ "matchCriteriaId": "F8C6D6E7-66A9-4F10-B38D-5D6832CD4D77"
+ }
+ ]
+ }
+ ]
+ },
+ {
+ "nodes": [
+ {
+ "operator": "OR",
+ "negate": false,
+ "cpeMatch": [
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
+ "matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*",
+ "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
+ "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "references": [
+ {
+ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2173517#c0",
+ "source": "secalert@redhat.com",
+ "tags": [
+ "Issue Tracking",
+ "Vendor Advisory"
+ ]
+ },
+ {
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZOYQ5TCV6ZEPMDV4CSLK3KINAAO4SRI/",
+ "source": "secalert@redhat.com"
+ },
+ {
+ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2173517#c0",
+ "source": "af854a3a-2127-422b-91ae-364da2661108",
+ "tags": [
+ "Issue Tracking",
+ "Vendor Advisory"
+ ]
+ },
+ {
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZOYQ5TCV6ZEPMDV4CSLK3KINAAO4SRI/",
+ "source": "af854a3a-2127-422b-91ae-364da2661108"
+ }
+ ]
+ }
+ },
+ {
+ "cve": {
+ "id": "CVE-2024-7264",
+ "sourceIdentifier": "2499f714-1537-4658-8207-48ae4bb9eae9",
+ "published": "2024-07-31T08:15:02.657",
+ "lastModified": "2025-11-03T23:17:31.647",
+ "vulnStatus": "Modified",
+ "cveTags": [],
+ "descriptions": [
+ {
+ "lang": "en",
+ "value": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used."
+ },
+ {
+ "lang": "es",
+ "value": "El c\u00f3digo del analizador ASN1 de libcurl tiene la funci\u00f3n `GTime2str()`, que se utiliza para analizar un campo de tiempo generalizado ASN.1. Si se proporciona un campo sint\u00e1cticamente incorrecto, el analizador puede terminar usando -1 para la longitud de la *time fraction*, lo que lleva a que se ejecute una `strlen()` en un puntero a un \u00e1rea de b\u00fafer de almacenamiento din\u00e1mico que no est\u00e1 (intencionadamente) terminada en nulo. Este fallo probablemente lleve a un bloqueo, pero tambi\u00e9n puede llevar a que se devuelvan contenidos del mont\u00f3n a la aplicaci\u00f3n cuando se utiliza [CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html)."
+ }
+ ],
+ "metrics": {
+ "cvssMetricV31": [
+ {
+ "source": "nvd@nist.gov",
+ "type": "Primary",
+ "cvssData": {
+ "version": "3.1",
+ "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
+ "baseScore": 6.5,
+ "baseSeverity": "MEDIUM",
+ "attackVector": "NETWORK",
+ "attackComplexity": "LOW",
+ "privilegesRequired": "NONE",
+ "userInteraction": "REQUIRED",
+ "scope": "UNCHANGED",
+ "confidentialityImpact": "NONE",
+ "integrityImpact": "NONE",
+ "availabilityImpact": "HIGH"
+ },
+ "exploitabilityScore": 2.8,
+ "impactScore": 3.6
+ },
+ {
+ "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+ "type": "Secondary",
+ "cvssData": {
+ "version": "3.1",
+ "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
+ "baseScore": 6.3,
+ "baseSeverity": "MEDIUM",
+ "attackVector": "NETWORK",
+ "attackComplexity": "LOW",
+ "privilegesRequired": "LOW",
+ "userInteraction": "NONE",
+ "scope": "UNCHANGED",
+ "confidentialityImpact": "LOW",
+ "integrityImpact": "LOW",
+ "availabilityImpact": "LOW"
+ },
+ "exploitabilityScore": 2.8,
+ "impactScore": 3.4
+ }
+ ]
+ },
+ "weaknesses": [
+ {
+ "source": "nvd@nist.gov",
+ "type": "Primary",
+ "description": [
+ {
+ "lang": "en",
+ "value": "CWE-125"
+ }
+ ]
+ }
+ ],
+ "configurations": [
+ {
+ "nodes": [
+ {
+ "operator": "OR",
+ "negate": false,
+ "cpeMatch": [
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*",
+ "versionStartIncluding": "7.32.0",
+ "versionEndExcluding": "8.9.1",
+ "matchCriteriaId": "A578587B-41C6-48AE-B389-54B89C7116A4"
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "references": [
+ {
+ "url": "http://www.openwall.com/lists/oss-security/2024/07/31/1",
+ "source": "2499f714-1537-4658-8207-48ae4bb9eae9",
+ "tags": [
+ "Mailing List"
+ ]
+ },
+ {
+ "url": "https://curl.se/docs/CVE-2024-7264.html",
+ "source": "2499f714-1537-4658-8207-48ae4bb9eae9",
+ "tags": [
+ "Vendor Advisory"
+ ]
+ },
+ {
+ "url": "https://curl.se/docs/CVE-2024-7264.json",
+ "source": "2499f714-1537-4658-8207-48ae4bb9eae9",
+ "tags": [
+ "Vendor Advisory"
+ ]
+ },
+ {
+ "url": "https://hackerone.com/reports/2629968",
+ "source": "2499f714-1537-4658-8207-48ae4bb9eae9",
+ "tags": [
+ "Exploit",
+ "Issue Tracking",
+ "Permissions Required",
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "http://www.openwall.com/lists/oss-security/2024/07/31/1",
+ "source": "af854a3a-2127-422b-91ae-364da2661108",
+ "tags": [
+ "Mailing List"
+ ]
+ },
+ {
+ "url": "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519",
+ "source": "af854a3a-2127-422b-91ae-364da2661108"
+ },
+ {
+ "url": "https://security.netapp.com/advisory/ntap-20240828-0008/",
+ "source": "af854a3a-2127-422b-91ae-364da2661108"
+ },
+ {
+ "url": "https://security.netapp.com/advisory/ntap-20241025-0006/",
+ "source": "af854a3a-2127-422b-91ae-364da2661108"
+ },
+ {
+ "url": "https://security.netapp.com/advisory/ntap-20241025-0010/",
+ "source": "af854a3a-2127-422b-91ae-364da2661108"
+ }
+ ]
+ }
+ },
+ {
+ "cve": {
+ "id": "CVE-2022-33068",
+ "sourceIdentifier": "cve@mitre.org",
+ "published": "2022-06-23T17:15:14.350",
+ "lastModified": "2024-11-21T07:07:30.140",
+ "vulnStatus": "Modified",
+ "cveTags": [],
+ "descriptions": [
+ {
+ "lang": "en",
+ "value": "An integer overflow in the component hb-ot-shape-fallback.cc of Harfbuzz v4.3.0 allows attackers to cause a Denial of Service (DoS) via unspecified vectors."
+ },
+ {
+ "lang": "es",
+ "value": "Un desbordamiento de enteros en el componente hb-ot-shape-fallback.cc de Harfbuzz versi\u00f3n v4.3.0, permite a atacantes causar una Denegaci\u00f3n de Servicio (DoS) por medio de vectores no especificados"
+ }
+ ],
+ "metrics": {
+ "cvssMetricV31": [
+ {
+ "source": "nvd@nist.gov",
+ "type": "Primary",
+ "cvssData": {
+ "version": "3.1",
+ "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
+ "baseScore": 5.5,
+ "baseSeverity": "MEDIUM",
+ "attackVector": "LOCAL",
+ "attackComplexity": "LOW",
+ "privilegesRequired": "NONE",
+ "userInteraction": "REQUIRED",
+ "scope": "UNCHANGED",
+ "confidentialityImpact": "NONE",
+ "integrityImpact": "NONE",
+ "availabilityImpact": "HIGH"
+ },
+ "exploitabilityScore": 1.8,
+ "impactScore": 3.6
+ }
+ ],
+ "cvssMetricV2": [
+ {
+ "source": "nvd@nist.gov",
+ "type": "Primary",
+ "cvssData": {
+ "version": "2.0",
+ "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P",
+ "baseScore": 4.3,
+ "accessVector": "NETWORK",
+ "accessComplexity": "MEDIUM",
+ "authentication": "NONE",
+ "confidentialityImpact": "NONE",
+ "integrityImpact": "NONE",
+ "availabilityImpact": "PARTIAL"
+ },
+ "baseSeverity": "MEDIUM",
+ "exploitabilityScore": 8.6,
+ "impactScore": 2.9,
+ "acInsufInfo": false,
+ "obtainAllPrivilege": false,
+ "obtainUserPrivilege": false,
+ "obtainOtherPrivilege": false,
+ "userInteractionRequired": true
+ }
+ ]
+ },
+ "weaknesses": [
+ {
+ "source": "nvd@nist.gov",
+ "type": "Primary",
+ "description": [
+ {
+ "lang": "en",
+ "value": "CWE-190"
+ }
+ ]
+ }
+ ],
+ "configurations": [
+ {
+ "nodes": [
+ {
+ "operator": "OR",
+ "negate": false,
+ "cpeMatch": [
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:harfbuzz_project:harfbuzz:4.3.0:*:*:*:*:*:*:*",
+ "matchCriteriaId": "4A67E5B9-F189-4A12-9BA2-D9135C21AD24"
+ }
+ ]
+ }
+ ]
+ },
+ {
+ "nodes": [
+ {
+ "operator": "OR",
+ "negate": false,
+ "cpeMatch": [
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*",
+ "matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*",
+ "matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD"
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "references": [
+ {
+ "url": "https://github.com/harfbuzz/harfbuzz/commit/62e803b36173fd096d7ad460dd1d1db9be542593",
+ "source": "cve@mitre.org",
+ "tags": [
+ "Patch",
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://github.com/harfbuzz/harfbuzz/issues/3557",
+ "source": "cve@mitre.org",
+ "tags": [
+ "Exploit",
+ "Issue Tracking",
+ "Patch",
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FQBJ24W6TXLSAQWCFW7IBGUMX4AJI3S4/",
+ "source": "cve@mitre.org"
+ },
+ {
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QQMEXOVDL3T2UXKBCON7JSOCE646G7HG/",
+ "source": "cve@mitre.org"
+ },
+ {
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W56WTC5IY4EIUHVUIHMCXA3BSBZLSZCI/",
+ "source": "cve@mitre.org"
+ },
+ {
+ "url": "https://security.gentoo.org/glsa/202209-11",
+ "source": "cve@mitre.org",
+ "tags": [
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://github.com/harfbuzz/harfbuzz/commit/62e803b36173fd096d7ad460dd1d1db9be542593",
+ "source": "af854a3a-2127-422b-91ae-364da2661108",
+ "tags": [
+ "Patch",
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://github.com/harfbuzz/harfbuzz/issues/3557",
+ "source": "af854a3a-2127-422b-91ae-364da2661108",
+ "tags": [
+ "Exploit",
+ "Issue Tracking",
+ "Patch",
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FQBJ24W6TXLSAQWCFW7IBGUMX4AJI3S4/",
+ "source": "af854a3a-2127-422b-91ae-364da2661108"
+ },
+ {
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QQMEXOVDL3T2UXKBCON7JSOCE646G7HG/",
+ "source": "af854a3a-2127-422b-91ae-364da2661108"
+ },
+ {
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W56WTC5IY4EIUHVUIHMCXA3BSBZLSZCI/",
+ "source": "af854a3a-2127-422b-91ae-364da2661108"
+ },
+ {
+ "url": "https://security.gentoo.org/glsa/202209-11",
+ "source": "af854a3a-2127-422b-91ae-364da2661108",
+ "tags": [
+ "Third Party Advisory"
+ ]
+ }
+ ]
+ }
+ },
+ {
+ "cve": {
+ "id": "CVE-2016-1897",
+ "sourceIdentifier": "cve@mitre.org",
+ "published": "2016-01-15T03:59:23.063",
+ "lastModified": "2025-04-12T10:46:40.837",
+ "vulnStatus": "Deferred",
+ "cveTags": [],
+ "descriptions": [
+ {
+ "lang": "en",
+ "value": "FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the concat protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP request in which the URL string contains the first line of a local file."
+ },
+ {
+ "lang": "es",
+ "value": "FFmpeg 2.x permite a atacantes remotos llevar a cabo ataques de origen cruzado y leer archivos arbitrarios usando el protocolo concat en un archivo HTTP Live Streaming (HLS) M3U8, dando lugar a una petici\u00f3n HTTP externa en la que la cadena URL contiene la primera l\u00ednea de un archivo local."
+ }
+ ],
+ "metrics": {
+ "cvssMetricV30": [
+ {
+ "source": "nvd@nist.gov",
+ "type": "Primary",
+ "cvssData": {
+ "version": "3.0",
+ "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N",
+ "baseScore": 5.5,
+ "baseSeverity": "MEDIUM",
+ "attackVector": "LOCAL",
+ "attackComplexity": "LOW",
+ "privilegesRequired": "NONE",
+ "userInteraction": "REQUIRED",
+ "scope": "UNCHANGED",
+ "confidentialityImpact": "HIGH",
+ "integrityImpact": "NONE",
+ "availabilityImpact": "NONE"
+ },
+ "exploitabilityScore": 1.8,
+ "impactScore": 3.6
+ }
+ ],
+ "cvssMetricV2": [
+ {
+ "source": "nvd@nist.gov",
+ "type": "Primary",
+ "cvssData": {
+ "version": "2.0",
+ "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
+ "baseScore": 4.3,
+ "accessVector": "NETWORK",
+ "accessComplexity": "MEDIUM",
+ "authentication": "NONE",
+ "confidentialityImpact": "PARTIAL",
+ "integrityImpact": "NONE",
+ "availabilityImpact": "NONE"
+ },
+ "baseSeverity": "MEDIUM",
+ "exploitabilityScore": 8.6,
+ "impactScore": 2.9,
+ "acInsufInfo": false,
+ "obtainAllPrivilege": false,
+ "obtainUserPrivilege": false,
+ "obtainOtherPrivilege": false,
+ "userInteractionRequired": true
+ }
+ ]
+ },
+ "weaknesses": [
+ {
+ "source": "nvd@nist.gov",
+ "type": "Primary",
+ "description": [
+ {
+ "lang": "en",
+ "value": "CWE-200"
+ }
+ ]
+ }
+ ],
+ "configurations": [
+ {
+ "nodes": [
+ {
+ "operator": "OR",
+ "negate": false,
+ "cpeMatch": [
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.0:*:*:*:*:*:*:*",
+ "matchCriteriaId": "A1337F5B-E9D9-4335-9E05-50018E59E530"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.0.1:*:*:*:*:*:*:*",
+ "matchCriteriaId": "0B27C609-E4B4-41CD-B228-38267AA3A8AB"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.0.2:*:*:*:*:*:*:*",
+ "matchCriteriaId": "C97DBEE2-AF4E-4C2D-A185-F2A1B965D9DA"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.0.3:*:*:*:*:*:*:*",
+ "matchCriteriaId": "FDEDAA24-D9E0-4384-B193-0C8814E4FDD6"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.0.4:*:*:*:*:*:*:*",
+ "matchCriteriaId": "40B0C71E-341A-434A-90AE-326097AC85E4"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.0.5:*:*:*:*:*:*:*",
+ "matchCriteriaId": "E83D73FF-E6F6-4399-B721-6C6275C52B55"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.0.6:*:*:*:*:*:*:*",
+ "matchCriteriaId": "B07481C8-7CEB-4B81-B8E0-FF45DAA28870"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.0.7:*:*:*:*:*:*:*",
+ "matchCriteriaId": "F9E69881-F5C7-4BB3-8BEB-C3C85CCD4B93"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.1:*:*:*:*:*:*:*",
+ "matchCriteriaId": "B70C00A9-3562-45AB-B494-3BA91B6AFC3E"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.1.1:*:*:*:*:*:*:*",
+ "matchCriteriaId": "A30389D2-2873-4F15-B249-066B6D37AC23"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.1.2:*:*:*:*:*:*:*",
+ "matchCriteriaId": "0487928D-6630-4E23-BBA5-BED0A0F156B1"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.1.3:*:*:*:*:*:*:*",
+ "matchCriteriaId": "C3088131-C48D-463B-8709-78A90EDE1FA4"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.1.4:*:*:*:*:*:*:*",
+ "matchCriteriaId": "DADF01E6-CB58-4593-B444-A59232EE83CB"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.1.5:*:*:*:*:*:*:*",
+ "matchCriteriaId": "06442F70-22B4-49E5-B25B-92E03973B57E"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.1.6:*:*:*:*:*:*:*",
+ "matchCriteriaId": "6E8FDCEA-336D-4BC9-AE93-9A0CCE443AC8"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.1.7:*:*:*:*:*:*:*",
+ "matchCriteriaId": "B5505E58-DF70-4408-A347-FBB74D119566"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.1.8:*:*:*:*:*:*:*",
+ "matchCriteriaId": "5D406D9D-A51A-4EE6-88BF-279422A4DBA4"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.2:*:*:*:*:*:*:*",
+ "matchCriteriaId": "9B08A7BE-7C98-4659-808F-86A8EB4676D2"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.1:*:*:*:*:*:*:*",
+ "matchCriteriaId": "4BF38DD1-2604-41AD-975A-56CC24767799"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.2:*:*:*:*:*:*:*",
+ "matchCriteriaId": "C76392F6-6992-4B67-97BA-607A091DDA6B"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.3:*:*:*:*:*:*:*",
+ "matchCriteriaId": "BB396E84-FE69-4E19-9937-B82A63D347AF"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.4:*:*:*:*:*:*:*",
+ "matchCriteriaId": "CE9CF7C7-3730-43EC-B63E-B004D979E57A"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.5:*:*:*:*:*:*:*",
+ "matchCriteriaId": "889B2130-CB88-487B-92FB-959DB44B8E34"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.6:*:*:*:*:*:*:*",
+ "matchCriteriaId": "F9BE4879-972C-45EA-8253-46E5BE98FFA9"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.7:*:*:*:*:*:*:*",
+ "matchCriteriaId": "653411BA-9F0B-4BFC-8A42-6576E956F96D"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.8:*:*:*:*:*:*:*",
+ "matchCriteriaId": "268DAF2F-4484-4212-AEB0-F9A10596F874"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.9:*:*:*:*:*:*:*",
+ "matchCriteriaId": "BCD7A424-DA4D-4508-B4EB-14A1BA65E596"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.10:*:*:*:*:*:*:*",
+ "matchCriteriaId": "C190A7C8-2DAE-4F72-A620-9D184CBF10B1"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.11:*:*:*:*:*:*:*",
+ "matchCriteriaId": "6E8764DC-1C01-4C3E-A7AC-C8AF69F944E1"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.12:*:*:*:*:*:*:*",
+ "matchCriteriaId": "C7A45FBF-A89E-4F1C-B397-AB2A53DB805C"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.13:*:*:*:*:*:*:*",
+ "matchCriteriaId": "78B3B781-7DEC-475C-A429-11D1B2F69CD2"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.14:*:*:*:*:*:*:*",
+ "matchCriteriaId": "1FDCCDDC-6CDA-4D3B-BB4C-C370C69EB1C9"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.15:*:*:*:*:*:*:*",
+ "matchCriteriaId": "63209CD1-2710-462C-9AEC-A9DE2B41A7B1"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.16:*:*:*:*:*:*:*",
+ "matchCriteriaId": "336CB8D4-EBE0-4E34-9F71-DD0FEA8A99C3"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.3:*:*:*:*:*:*:*",
+ "matchCriteriaId": "207DF654-326E-43A9-A5EC-BC239BF30422"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.3.1:*:*:*:*:*:*:*",
+ "matchCriteriaId": "8794F8C5-A639-4C89-8C51-87787B29833F"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.3.2:*:*:*:*:*:*:*",
+ "matchCriteriaId": "5B50AB2A-FA23-4BB0-AA21-724E770ADEFB"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.3.3:*:*:*:*:*:*:*",
+ "matchCriteriaId": "94BC4C82-371C-4B80-A615-AE0F15F1D6CA"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.3.4:*:*:*:*:*:*:*",
+ "matchCriteriaId": "D0E114D7-1323-4965-9680-8638ACDFF20B"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.3.5:*:*:*:*:*:*:*",
+ "matchCriteriaId": "A7BBF39F-668E-4771-99A0-F008B18B03F5"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.3.6:*:*:*:*:*:*:*",
+ "matchCriteriaId": "8CC929DD-566D-4906-8960-7BCFA7EE0384"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.4:*:*:*:*:*:*:*",
+ "matchCriteriaId": "C3E41754-D2AB-4DE1-9ED9-A88F5E28ABFF"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.4.1:*:*:*:*:*:*:*",
+ "matchCriteriaId": "14D1738D-D85A-4650-9DAB-C626E7F52812"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.4.2:*:*:*:*:*:*:*",
+ "matchCriteriaId": "A91B8DD5-FB80-47E7-8AF3-57D72CD4D034"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.4.3:*:*:*:*:*:*:*",
+ "matchCriteriaId": "A1ADB969-FA62-4238-83DF-D5703603A9FE"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.4.4:*:*:*:*:*:*:*",
+ "matchCriteriaId": "2D51D915-0FAF-449F-825B-1F2B1F9BAF00"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.4.5:*:*:*:*:*:*:*",
+ "matchCriteriaId": "19772D67-FAE5-4178-815D-4F511AE0411E"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.4.6:*:*:*:*:*:*:*",
+ "matchCriteriaId": "2A6097F4-A8D1-4070-A4B2-8479421C15DB"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.4.7:*:*:*:*:*:*:*",
+ "matchCriteriaId": "8BBBBB2E-F454-44F7-8131-BFF852BC6DE0"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.4.8:*:*:*:*:*:*:*",
+ "matchCriteriaId": "BE75C995-BCB6-4F46-AE8C-B86FBF2702E3"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.4.9:*:*:*:*:*:*:*",
+ "matchCriteriaId": "291E07BD-70C0-403B-ACB3-B49D2DED59C8"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.4.10:*:*:*:*:*:*:*",
+ "matchCriteriaId": "3FA5BAC2-C23B-4D4E-8CA1-57780761AC35"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.4.11:*:*:*:*:*:*:*",
+ "matchCriteriaId": "B0AE997C-54E3-4619-A269-E96E79164C0A"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.4.12:*:*:*:*:*:*:*",
+ "matchCriteriaId": "7D13C0AC-8AB4-49E1-8A5C-98DCA6F01D08"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.5:*:*:*:*:*:*:*",
+ "matchCriteriaId": "F19A0139-AF47-434F-AFE9-ECC003675537"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.5.1:*:*:*:*:*:*:*",
+ "matchCriteriaId": "DF38E5B7-AB89-418E-B507-3D660FE753C4"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.5.2:*:*:*:*:*:*:*",
+ "matchCriteriaId": "C5249D4A-D8D9-4B89-96B6-E957A2210750"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.5.3:*:*:*:*:*:*:*",
+ "matchCriteriaId": "29619AAD-6792-4B38-8DFB-706BEACA46F1"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.5.4:*:*:*:*:*:*:*",
+ "matchCriteriaId": "88FEC8E4-6B53-459E-B257-BEE424463592"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.5.5:*:*:*:*:*:*:*",
+ "matchCriteriaId": "8A0A20D5-EAFD-4B79-818A-B834E9A11C2B"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.5.6:*:*:*:*:*:*:*",
+ "matchCriteriaId": "045AD46C-4D1E-42C9-9CFB-7924B58AE55F"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.5.7:*:*:*:*:*:*:*",
+ "matchCriteriaId": "1A56E5B7-2C52-49F0-8EB1-8A090ACBF1FA"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.5.8:*:*:*:*:*:*:*",
+ "matchCriteriaId": "3B412DEE-9257-4588-83F2-F8DAC3F7E1DE"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.5.9:*:*:*:*:*:*:*",
+ "matchCriteriaId": "35121E51-84B8-4725-B027-AE381CA1C9F1"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.6:*:*:*:*:*:*:*",
+ "matchCriteriaId": "DDCDF3E1-280C-4539-80F8-3B131461FDF1"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.6.1:*:*:*:*:*:*:*",
+ "matchCriteriaId": "CBE52F27-7AEC-40AB-9349-4C3E0E4743BF"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.6.2:*:*:*:*:*:*:*",
+ "matchCriteriaId": "01917E14-8DB6-43FE-A7B9-02C87308F09B"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.6.3:*:*:*:*:*:*:*",
+ "matchCriteriaId": "6D3C37FF-6B21-409F-AC19-6C2F2F429109"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.6.4:*:*:*:*:*:*:*",
+ "matchCriteriaId": "3EE84614-E84C-496D-933C-5BEFD385451B"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.6.5:*:*:*:*:*:*:*",
+ "matchCriteriaId": "59F6842E-041C-4076-8A2F-170DB783CC6A"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.6.6:*:*:*:*:*:*:*",
+ "matchCriteriaId": "E3B53136-92CB-45D4-8CA8-589D332AEBDE"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.7:*:*:*:*:*:*:*",
+ "matchCriteriaId": "4876E244-8F7F-4EF2-B7D9-5146BCF02F59"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.7.1:*:*:*:*:*:*:*",
+ "matchCriteriaId": "8D3F7BF7-D609-44B1-9536-4A07DC149824"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.7.2:*:*:*:*:*:*:*",
+ "matchCriteriaId": "CBD5E478-1654-4A75-904D-8453DDC680A0"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.7.3:*:*:*:*:*:*:*",
+ "matchCriteriaId": "AF3C0E7A-533F-4AD7-BD0C-B91C0139790A"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.7.4:*:*:*:*:*:*:*",
+ "matchCriteriaId": "150B1880-BFC3-42C4-B6A3-B96C67CD671D"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.8:*:*:*:*:*:*:*",
+ "matchCriteriaId": "DAA8F265-CE4D-46FE-9871-FDD4D6738DAB"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.8:dev:*:*:*:*:*:*",
+ "matchCriteriaId": "756A3888-E151-4FEA-8D14-F45F3192BCBA"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.8.1:*:*:*:*:*:*:*",
+ "matchCriteriaId": "AA3F5FAA-AD9E-4FC1-B91C-E9A561E95173"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.8.2:*:*:*:*:*:*:*",
+ "matchCriteriaId": "18A269C0-FE0F-4178-8195-955D373D9055"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.8.3:*:*:*:*:*:*:*",
+ "matchCriteriaId": "CCA6A474-DA24-4510-8AAA-5DF2E85B4D88"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.8.4:*:*:*:*:*:*:*",
+ "matchCriteriaId": "0D124F06-CF7E-4549-82EC-D0EC0B73D146"
+ }
+ ]
+ }
+ ]
+ },
+ {
+ "nodes": [
+ {
+ "operator": "OR",
+ "negate": false,
+ "cpeMatch": [
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*",
+ "matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F"
+ }
+ ]
+ }
+ ]
+ },
+ {
+ "nodes": [
+ {
+ "operator": "OR",
+ "negate": false,
+ "cpeMatch": [
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*",
+ "matchCriteriaId": "4863BE36-D16A-4D75-90D9-FD76DB5B48B7"
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "references": [
+ {
+ "url": "http://habrahabr.ru/company/mailru/blog/274855",
+ "source": "cve@mitre.org",
+ "tags": [
+ "Exploit"
+ ]
+ },
+ {
+ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00034.html",
+ "source": "cve@mitre.org"
+ },
+ {
+ "url": "http://security.stackexchange.com/questions/110644",
+ "source": "cve@mitre.org",
+ "tags": [
+ "Exploit"
+ ]
+ },
+ {
+ "url": "http://www.debian.org/security/2016/dsa-3506",
+ "source": "cve@mitre.org"
+ },
+ {
+ "url": "http://www.openwall.com/lists/oss-security/2016/01/14/1",
+ "source": "cve@mitre.org"
+ },
+ {
+ "url": "http://www.securityfocus.com/bid/80501",
+ "source": "cve@mitre.org"
+ },
+ {
+ "url": "http://www.securitytracker.com/id/1034932",
+ "source": "cve@mitre.org"
+ },
+ {
+ "url": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.529036",
+ "source": "cve@mitre.org"
+ },
+ {
+ "url": "http://www.ubuntu.com/usn/USN-2944-1",
+ "source": "cve@mitre.org"
+ },
+ {
+ "url": "https://security.gentoo.org/glsa/201606-09",
+ "source": "cve@mitre.org"
+ },
+ {
+ "url": "https://security.gentoo.org/glsa/201705-08",
+ "source": "cve@mitre.org"
+ },
+ {
+ "url": "https://www.kb.cert.org/vuls/id/772447",
+ "source": "cve@mitre.org"
+ },
+ {
+ "url": "http://habrahabr.ru/company/mailru/blog/274855",
+ "source": "af854a3a-2127-422b-91ae-364da2661108",
+ "tags": [
+ "Exploit"
+ ]
+ },
+ {
+ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00034.html",
+ "source": "af854a3a-2127-422b-91ae-364da2661108"
+ },
+ {
+ "url": "http://security.stackexchange.com/questions/110644",
+ "source": "af854a3a-2127-422b-91ae-364da2661108",
+ "tags": [
+ "Exploit"
+ ]
+ },
+ {
+ "url": "http://www.debian.org/security/2016/dsa-3506",
+ "source": "af854a3a-2127-422b-91ae-364da2661108"
+ },
+ {
+ "url": "http://www.openwall.com/lists/oss-security/2016/01/14/1",
+ "source": "af854a3a-2127-422b-91ae-364da2661108"
+ },
+ {
+ "url": "http://www.securityfocus.com/bid/80501",
+ "source": "af854a3a-2127-422b-91ae-364da2661108"
+ },
+ {
+ "url": "http://www.securitytracker.com/id/1034932",
+ "source": "af854a3a-2127-422b-91ae-364da2661108"
+ },
+ {
+ "url": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.529036",
+ "source": "af854a3a-2127-422b-91ae-364da2661108"
+ },
+ {
+ "url": "http://www.ubuntu.com/usn/USN-2944-1",
+ "source": "af854a3a-2127-422b-91ae-364da2661108"
+ },
+ {
+ "url": "https://security.gentoo.org/glsa/201606-09",
+ "source": "af854a3a-2127-422b-91ae-364da2661108"
+ },
+ {
+ "url": "https://security.gentoo.org/glsa/201705-08",
+ "source": "af854a3a-2127-422b-91ae-364da2661108"
+ },
+ {
+ "url": "https://www.kb.cert.org/vuls/id/772447",
+ "source": "af854a3a-2127-422b-91ae-364da2661108"
+ }
+ ]
+ }
+ },
+ {
+ "cve": {
+ "id": "CVE-2016-15012",
+ "sourceIdentifier": "cna@vuldb.com",
+ "published": "2023-01-07T13:15:09.530",
+ "lastModified": "2024-11-21T02:45:29.557",
+ "vulnStatus": "Modified",
+ "cveTags": [
+ {
+ "sourceIdentifier": "cna@vuldb.com",
+ "tags": [
+ "unsupported-when-assigned"
+ ]
+ }
+ ],
+ "descriptions": [
+ {
+ "lang": "en",
+ "value": "** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in forcedotcom SalesforceMobileSDK-Windows up to 4.x. It has been rated as critical. This issue affects the function ComputeCountSql of the file SalesforceSDK/SmartStore/Store/QuerySpec.cs. The manipulation leads to sql injection. Upgrading to version 5.0.0 is able to address this issue. The patch is named 83b3e91e0c1e84873a6d3ca3c5887eb5b4f5a3d8. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-217619. NOTE: This vulnerability only affects products that are no longer supported by the maintainer."
+ },
+ {
+ "lang": "es",
+ "value": "** NO SOPORTADO CUANDO SE ASIGN\u00d3 ** Se encontr\u00f3 una vulnerabilidad en forceotcom SalesforceMobileSDK-Windows hasta 4.x. Ha sido declarada como cr\u00edtica. Este problema afecta la funci\u00f3n ComputeCountSql del archivo SalesforceSDK/SmartStore/Store/QuerySpec.cs. La manipulaci\u00f3n conduce a la inyecci\u00f3n de SQL. La actualizaci\u00f3n a la versi\u00f3n 5.0.0 puede solucionar este problema. El parche se llama 83b3e91e0c1e84873a6d3ca3c5887eb5b4f5a3d8. Se recomienda actualizar el componente afectado. El identificador asociado de esta vulnerabilidad es VDB-217619. NOTA: Esta vulnerabilidad solo afecta a productos que ya no son compatibles con el fabricante."
+ }
+ ],
+ "metrics": {
+ "cvssMetricV31": [
+ {
+ "source": "cna@vuldb.com",
+ "type": "Secondary",
+ "cvssData": {
+ "version": "3.1",
+ "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
+ "baseScore": 5.5,
+ "baseSeverity": "MEDIUM",
+ "attackVector": "ADJACENT_NETWORK",
+ "attackComplexity": "LOW",
+ "privilegesRequired": "LOW",
+ "userInteraction": "NONE",
+ "scope": "UNCHANGED",
+ "confidentialityImpact": "LOW",
+ "integrityImpact": "LOW",
+ "availabilityImpact": "LOW"
+ },
+ "exploitabilityScore": 2.1,
+ "impactScore": 3.4
+ },
+ {
+ "source": "nvd@nist.gov",
+ "type": "Primary",
+ "cvssData": {
+ "version": "3.1",
+ "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
+ "baseScore": 9.8,
+ "baseSeverity": "CRITICAL",
+ "attackVector": "NETWORK",
+ "attackComplexity": "LOW",
+ "privilegesRequired": "NONE",
+ "userInteraction": "NONE",
+ "scope": "UNCHANGED",
+ "confidentialityImpact": "HIGH",
+ "integrityImpact": "HIGH",
+ "availabilityImpact": "HIGH"
+ },
+ "exploitabilityScore": 3.9,
+ "impactScore": 5.9
+ }
+ ],
+ "cvssMetricV2": [
+ {
+ "source": "cna@vuldb.com",
+ "type": "Secondary",
+ "cvssData": {
+ "version": "2.0",
+ "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
+ "baseScore": 5.2,
+ "accessVector": "ADJACENT_NETWORK",
+ "accessComplexity": "LOW",
+ "authentication": "SINGLE",
+ "confidentialityImpact": "PARTIAL",
+ "integrityImpact": "PARTIAL",
+ "availabilityImpact": "PARTIAL"
+ },
+ "baseSeverity": "MEDIUM",
+ "exploitabilityScore": 5.1,
+ "impactScore": 6.4,
+ "acInsufInfo": false,
+ "obtainAllPrivilege": false,
+ "obtainUserPrivilege": false,
+ "obtainOtherPrivilege": false,
+ "userInteractionRequired": false
+ }
+ ]
+ },
+ "weaknesses": [
+ {
+ "source": "cna@vuldb.com",
+ "type": "Secondary",
+ "description": [
+ {
+ "lang": "en",
+ "value": "CWE-89"
+ }
+ ]
+ }
+ ],
+ "configurations": [
+ {
+ "nodes": [
+ {
+ "operator": "OR",
+ "negate": false,
+ "cpeMatch": [
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:salesforce:mobile_software_development_kit:*:*:*:*:*:windows:*:*",
+ "versionEndExcluding": "5.0.0",
+ "matchCriteriaId": "8E100174-3CB8-4DC3-8592-458066A3927C"
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "references": [
+ {
+ "url": "https://github.com/forcedotcom/SalesforceMobileSDK-Windows/commit/83b3e91e0c1e84873a6d3ca3c5887eb5b4f5a3d8",
+ "source": "cna@vuldb.com",
+ "tags": [
+ "Patch",
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://github.com/forcedotcom/SalesforceMobileSDK-Windows/releases/tag/v5.0.0",
+ "source": "cna@vuldb.com",
+ "tags": [
+ "Release Notes",
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://vuldb.com/?ctiid.217619",
+ "source": "cna@vuldb.com",
+ "tags": [
+ "Permissions Required",
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://vuldb.com/?id.217619",
+ "source": "cna@vuldb.com",
+ "tags": [
+ "Permissions Required",
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://github.com/forcedotcom/SalesforceMobileSDK-Windows/commit/83b3e91e0c1e84873a6d3ca3c5887eb5b4f5a3d8",
+ "source": "af854a3a-2127-422b-91ae-364da2661108",
+ "tags": [
+ "Patch",
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://github.com/forcedotcom/SalesforceMobileSDK-Windows/releases/tag/v5.0.0",
+ "source": "af854a3a-2127-422b-91ae-364da2661108",
+ "tags": [
+ "Release Notes",
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://vuldb.com/?ctiid.217619",
+ "source": "af854a3a-2127-422b-91ae-364da2661108",
+ "tags": [
+ "Permissions Required",
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://vuldb.com/?id.217619",
+ "source": "af854a3a-2127-422b-91ae-364da2661108",
+ "tags": [
+ "Permissions Required",
+ "Third Party Advisory"
+ ]
+ }
+ ]
+ }
+ },
+ {
+ "cve": {
+ "id": "CVE-2024-2002",
+ "sourceIdentifier": "secalert@redhat.com",
+ "published": "2024-03-18T13:15:07.657",
+ "lastModified": "2025-04-09T15:36:37.840",
+ "vulnStatus": "Analyzed",
+ "cveTags": [],
+ "descriptions": [
+ {
+ "lang": "en",
+ "value": "A double-free vulnerability was found in libdwarf. In a multiply-corrupted DWARF object, libdwarf may try to dealloc(free) an allocation twice, potentially causing unpredictable and various results."
+ },
+ {
+ "lang": "es",
+ "value": "Se encontr\u00f3 una vulnerabilidad de doble liberaci\u00f3n en libdwarf. En un objeto DWARF multicorrupto, libdwarf puede intentar desasignar (liberar) una asignaci\u00f3n dos veces, lo que podr\u00eda provocar resultados diversos e impredecibles."
+ }
+ ],
+ "metrics": {
+ "cvssMetricV31": [
+ {
+ "source": "secalert@redhat.com",
+ "type": "Secondary",
+ "cvssData": {
+ "version": "3.1",
+ "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+ "baseScore": 7.5,
+ "baseSeverity": "HIGH",
+ "attackVector": "NETWORK",
+ "attackComplexity": "LOW",
+ "privilegesRequired": "NONE",
+ "userInteraction": "NONE",
+ "scope": "UNCHANGED",
+ "confidentialityImpact": "NONE",
+ "integrityImpact": "NONE",
+ "availabilityImpact": "HIGH"
+ },
+ "exploitabilityScore": 3.9,
+ "impactScore": 3.6
+ }
+ ]
+ },
+ "weaknesses": [
+ {
+ "source": "secalert@redhat.com",
+ "type": "Secondary",
+ "description": [
+ {
+ "lang": "en",
+ "value": "CWE-415"
+ }
+ ]
+ }
+ ],
+ "configurations": [
+ {
+ "nodes": [
+ {
+ "operator": "OR",
+ "negate": false,
+ "cpeMatch": [
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:libdwarf_project:libdwarf:*:*:*:*:*:*:*:*",
+ "versionStartIncluding": "0.1.0",
+ "versionEndExcluding": "0.9.2",
+ "matchCriteriaId": "6E3517E3-6D61-4C81-A11A-D7A4C48CE19E"
+ }
+ ]
+ }
+ ]
+ },
+ {
+ "nodes": [
+ {
+ "operator": "OR",
+ "negate": false,
+ "cpeMatch": [
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
+ "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
+ "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943"
+ }
+ ]
+ }
+ ]
+ },
+ {
+ "nodes": [
+ {
+ "operator": "OR",
+ "negate": false,
+ "cpeMatch": [
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*",
+ "matchCriteriaId": "CA277A6C-83EC-4536-9125-97B84C4FAF59"
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "references": [
+ {
+ "url": "https://access.redhat.com/security/cve/CVE-2024-2002",
+ "source": "secalert@redhat.com",
+ "tags": [
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267700",
+ "source": "secalert@redhat.com",
+ "tags": [
+ "Issue Tracking"
+ ]
+ },
+ {
+ "url": "https://github.com/davea42/libdwarf-code/blob/main/bugxml/data.txt",
+ "source": "secalert@redhat.com",
+ "tags": [
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://access.redhat.com/security/cve/CVE-2024-2002",
+ "source": "af854a3a-2127-422b-91ae-364da2661108",
+ "tags": [
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267700",
+ "source": "af854a3a-2127-422b-91ae-364da2661108",
+ "tags": [
+ "Issue Tracking"
+ ]
+ },
+ {
+ "url": "https://github.com/davea42/libdwarf-code/blob/main/bugxml/data.txt",
+ "source": "af854a3a-2127-422b-91ae-364da2661108",
+ "tags": [
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGPVLSPIXR32J6FOAFTTIMYTUUXJICGW/",
+ "source": "af854a3a-2127-422b-91ae-364da2661108",
+ "tags": [
+ "Mailing List"
+ ]
+ }
+ ]
+ }
+ },
+ {
+ "cve": {
+ "id": "CVE-2024-31497",
+ "sourceIdentifier": "cve@mitre.org",
+ "published": "2024-04-15T20:15:11.077",
+ "lastModified": "2025-11-04T22:16:00.673",
+ "vulnStatus": "Modified",
+ "cveTags": [],
+ "descriptions": [
+ {
+ "lang": "en",
+ "value": "In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user's NIST P-521 secret key via a quick attack in approximately 60 signatures. This is especially important in a scenario where an adversary is able to read messages signed by PuTTY or Pageant. The required set of signed messages may be publicly readable because they are stored in a public Git service that supports use of SSH for commit signing, and the signatures were made by Pageant through an agent-forwarding mechanism. In other words, an adversary may already have enough signature information to compromise a victim's private key, even if there is no further use of vulnerable PuTTY versions. After a key compromise, an adversary may be able to conduct supply-chain attacks on software maintained in Git. A second, independent scenario is that the adversary is an operator of an SSH server to which the victim authenticates (for remote login or file copy), even though this server is not fully trusted by the victim, and the victim uses the same private key for SSH connections to other services operated by other entities. Here, the rogue server operator (who would otherwise have no way to determine the victim's private key) can derive the victim's private key, and then use it for unauthorized access to those other services. If the other services include Git services, then again it may be possible to conduct supply-chain attacks on software maintained in Git. This also affects, for example, FileZilla before 3.67.0, WinSCP before 6.3.3, TortoiseGit before 2.15.0.1, and TortoiseSVN through 1.14.6."
+ },
+ {
+ "lang": "es",
+ "value": "En PuTTY 0.68 a 0.80 antes de 0.81, la generaci\u00f3n nonce ECDSA sesgada permite a un atacante recuperar la clave secreta NIST P-521 de un usuario mediante un ataque r\u00e1pido en aproximadamente 60 firmas. Esto es especialmente importante en un escenario en el que un adversario puede leer mensajes firmados por PuTTY o Pageant. El conjunto requerido de mensajes firmados puede ser legible p\u00fablicamente porque est\u00e1n almacenados en un servicio p\u00fablico Git que admite el uso de SSH para la firma de confirmaci\u00f3n, y Pageant realiz\u00f3 las firmas a trav\u00e9s de un mecanismo de reenv\u00edo de agentes. En otras palabras, es posible que un adversario ya tenga suficiente informaci\u00f3n de firma para comprometer la clave privada de una v\u00edctima, incluso si no se utilizan m\u00e1s versiones vulnerables de PuTTY. Despu\u00e9s de un compromiso clave, un adversario puede realizar ataques a la cadena de suministro del software mantenido en Git. Un segundo escenario independiente es que el adversario sea un operador de un servidor SSH en el que la v\u00edctima se autentica (para inicio de sesi\u00f3n remoto o copia de archivos), aunque la v\u00edctima no conf\u00ede plenamente en este servidor y la v\u00edctima utilice la misma clave privada. para conexiones SSH a otros servicios operados por otras entidades. Aqu\u00ed, el operador del servidor fraudulento (que de otro modo no tendr\u00eda forma de determinar la clave privada de la v\u00edctima) puede obtener la clave privada de la v\u00edctima y luego usarla para acceder no autorizado a esos otros servicios. Si los otros servicios incluyen servicios Git, nuevamente es posible realizar ataques a la cadena de suministro del software mantenido en Git. Esto tambi\u00e9n afecta, por ejemplo, a FileZilla anterior a 3.67.0, WinSCP anterior a 6.3.3, TortoiseGit anterior a 2.15.0.1 y TortoiseSVN hasta 1.14.6."
+ }
+ ],
+ "metrics": {
+ "cvssMetricV31": [
+ {
+ "source": "nvd@nist.gov",
+ "type": "Primary",
+ "cvssData": {
+ "version": "3.1",
+ "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
+ "baseScore": 5.9,
+ "baseSeverity": "MEDIUM",
+ "attackVector": "NETWORK",
+ "attackComplexity": "HIGH",
+ "privilegesRequired": "NONE",
+ "userInteraction": "NONE",
+ "scope": "UNCHANGED",
+ "confidentialityImpact": "HIGH",
+ "integrityImpact": "NONE",
+ "availabilityImpact": "NONE"
+ },
+ "exploitabilityScore": 2.2,
+ "impactScore": 3.6
+ },
+ {
+ "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+ "type": "Secondary",
+ "cvssData": {
+ "version": "3.1",
+ "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
+ "baseScore": 5.9,
+ "baseSeverity": "MEDIUM",
+ "attackVector": "NETWORK",
+ "attackComplexity": "HIGH",
+ "privilegesRequired": "NONE",
+ "userInteraction": "NONE",
+ "scope": "UNCHANGED",
+ "confidentialityImpact": "HIGH",
+ "integrityImpact": "NONE",
+ "availabilityImpact": "NONE"
+ },
+ "exploitabilityScore": 2.2,
+ "impactScore": 3.6
+ }
+ ]
+ },
+ "weaknesses": [
+ {
+ "source": "nvd@nist.gov",
+ "type": "Primary",
+ "description": [
+ {
+ "lang": "en",
+ "value": "CWE-338"
+ }
+ ]
+ },
+ {
+ "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+ "type": "Secondary",
+ "description": [
+ {
+ "lang": "en",
+ "value": "CWE-338"
+ }
+ ]
+ }
+ ],
+ "configurations": [
+ {
+ "nodes": [
+ {
+ "operator": "OR",
+ "negate": false,
+ "cpeMatch": [
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*",
+ "versionStartIncluding": "0.68",
+ "versionEndExcluding": "0.81",
+ "matchCriteriaId": "E0D6294C-4365-4187-8053-35F3AAC5229F"
+ }
+ ]
+ }
+ ]
+ },
+ {
+ "nodes": [
+ {
+ "operator": "OR",
+ "negate": false,
+ "cpeMatch": [
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:filezilla-project:filezilla_client:*:*:*:*:*:*:*:*",
+ "versionEndExcluding": "3.67.0",
+ "matchCriteriaId": "A0E9886A-527F-444B-AFB3-33CF777182CC"
+ }
+ ]
+ }
+ ]
+ },
+ {
+ "nodes": [
+ {
+ "operator": "OR",
+ "negate": false,
+ "cpeMatch": [
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:winscp:winscp:*:*:*:*:*:*:*:*",
+ "versionEndExcluding": "6.3.3",
+ "matchCriteriaId": "5DA80FE9-039E-4BF4-AC16-6E65FFAB22A2"
+ }
+ ]
+ }
+ ]
+ },
+ {
+ "nodes": [
+ {
+ "operator": "OR",
+ "negate": false,
+ "cpeMatch": [
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:tortoisegit:tortoisegit:*:*:*:*:*:*:*:*",
+ "versionEndExcluding": "2.15.0.1",
+ "matchCriteriaId": "A1C171EB-2081-44AC-9017-B3BA3A88B10A"
+ }
+ ]
+ }
+ ]
+ },
+ {
+ "nodes": [
+ {
+ "operator": "OR",
+ "negate": false,
+ "cpeMatch": [
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:a:tigris:tortoisesvn:*:*:*:*:*:*:*:*",
+ "versionEndExcluding": "1.14.6",
+ "matchCriteriaId": "26F28A31-E86D-43C1-8043-2B8ECD723AF7"
+ }
+ ]
+ }
+ ]
+ },
+ {
+ "nodes": [
+ {
+ "operator": "OR",
+ "negate": false,
+ "cpeMatch": [
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
+ "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
+ "matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646"
+ },
+ {
+ "vulnerable": true,
+ "criteria": "cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*",
+ "matchCriteriaId": "CA277A6C-83EC-4536-9125-97B84C4FAF59"
+ }
+ ]
+ }
+ ]
+ }
+ ],
+ "references": [
+ {
+ "url": "http://www.openwall.com/lists/oss-security/2024/04/15/6",
+ "source": "cve@mitre.org",
+ "tags": [
+ "Mailing List",
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275183",
+ "source": "cve@mitre.org",
+ "tags": [
+ "Issue Tracking"
+ ]
+ },
+ {
+ "url": "https://bugzilla.suse.com/show_bug.cgi?id=1222864",
+ "source": "cve@mitre.org",
+ "tags": [
+ "Issue Tracking"
+ ]
+ },
+ {
+ "url": "https://docs.ccv.brown.edu/oscar/connecting-to-oscar/ssh/ssh-agent-forwarding/key-generation-and-agent-forwarding-with-putty",
+ "source": "cve@mitre.org",
+ "tags": [
+ "Product"
+ ]
+ },
+ {
+ "url": "https://filezilla-project.org/versions.php",
+ "source": "cve@mitre.org",
+ "tags": [
+ "Release Notes"
+ ]
+ },
+ {
+ "url": "https://git.tartarus.org/?h=c193fe9848f50a88a4089aac647fecc31ae96d27&p=simon/putty.git",
+ "source": "cve@mitre.org",
+ "tags": [
+ "Mailing List",
+ "Patch"
+ ]
+ },
+ {
+ "url": "https://github.com/advisories/GHSA-6p4c-r453-8743",
+ "source": "cve@mitre.org",
+ "tags": [
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://github.com/daedalus/BreakingECDSAwithLLL",
+ "source": "cve@mitre.org",
+ "tags": [
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00014.html",
+ "source": "cve@mitre.org"
+ },
+ {
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZS3B37GNGWOOV7QU7B7JFK76U4TOP4V/",
+ "source": "cve@mitre.org",
+ "tags": [
+ "Mailing List",
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MMHILY2K7HQGQRHOC375KRRG2M6625RD/",
+ "source": "cve@mitre.org",
+ "tags": [
+ "Mailing List",
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PUOTQVGC4DISVHQGSPUYGXO6TLDK65LA/",
+ "source": "cve@mitre.org",
+ "tags": [
+ "Mailing List",
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WFDZBV7ZCAZ6AH3VCQ34SSY7L3J7VZXZ/",
+ "source": "cve@mitre.org",
+ "tags": [
+ "Mailing List",
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WMJH7M663BVO3SY6MFAW2FAZWLLXAPRQ/",
+ "source": "cve@mitre.org",
+ "tags": [
+ "Mailing List",
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://news.ycombinator.com/item?id=40044665",
+ "source": "cve@mitre.org",
+ "tags": [
+ "Issue Tracking"
+ ]
+ },
+ {
+ "url": "https://security-tracker.debian.org/tracker/CVE-2024-31497",
+ "source": "cve@mitre.org",
+ "tags": [
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://securityonline.info/cve-2024-31497-critical-putty-vulnerability-exposes-private-keys-immediate-action-required/",
+ "source": "cve@mitre.org",
+ "tags": [
+ "Press/Media Coverage"
+ ]
+ },
+ {
+ "url": "https://tartarus.org/~simon/putty-snapshots/htmldoc/Chapter9.html#pageant-forward",
+ "source": "cve@mitre.org",
+ "tags": [
+ "Product"
+ ]
+ },
+ {
+ "url": "https://tortoisegit.org",
+ "source": "cve@mitre.org",
+ "tags": [
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://twitter.com/CCBalert/status/1780229237569470549",
+ "source": "cve@mitre.org",
+ "tags": [
+ "Press/Media Coverage"
+ ]
+ },
+ {
+ "url": "https://twitter.com/lambdafu/status/1779969509522133272",
+ "source": "cve@mitre.org",
+ "tags": [
+ "Press/Media Coverage"
+ ]
+ },
+ {
+ "url": "https://winscp.net/eng/news.php",
+ "source": "cve@mitre.org",
+ "tags": [
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://www.bleepingcomputer.com/news/security/putty-ssh-client-flaw-allows-recovery-of-cryptographic-private-keys/",
+ "source": "cve@mitre.org",
+ "tags": [
+ "Press/Media Coverage"
+ ]
+ },
+ {
+ "url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html",
+ "source": "cve@mitre.org",
+ "tags": [
+ "Release Notes",
+ "Vendor Advisory"
+ ]
+ },
+ {
+ "url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html",
+ "source": "cve@mitre.org",
+ "tags": [
+ "Vendor Advisory"
+ ]
+ },
+ {
+ "url": "https://www.openwall.com/lists/oss-security/2024/04/15/6",
+ "source": "cve@mitre.org",
+ "tags": [
+ "Mailing List",
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://www.reddit.com/r/sysadmin/comments/1c4wmoj/putty_vulnerability_affecting_v068_to_v08/",
+ "source": "cve@mitre.org",
+ "tags": [
+ "Press/Media Coverage"
+ ]
+ },
+ {
+ "url": "http://www.openwall.com/lists/oss-security/2024/04/15/6",
+ "source": "af854a3a-2127-422b-91ae-364da2661108",
+ "tags": [
+ "Mailing List",
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275183",
+ "source": "af854a3a-2127-422b-91ae-364da2661108",
+ "tags": [
+ "Issue Tracking"
+ ]
+ },
+ {
+ "url": "https://bugzilla.suse.com/show_bug.cgi?id=1222864",
+ "source": "af854a3a-2127-422b-91ae-364da2661108",
+ "tags": [
+ "Issue Tracking"
+ ]
+ },
+ {
+ "url": "https://docs.ccv.brown.edu/oscar/connecting-to-oscar/ssh/ssh-agent-forwarding/key-generation-and-agent-forwarding-with-putty",
+ "source": "af854a3a-2127-422b-91ae-364da2661108",
+ "tags": [
+ "Product"
+ ]
+ },
+ {
+ "url": "https://filezilla-project.org/versions.php",
+ "source": "af854a3a-2127-422b-91ae-364da2661108",
+ "tags": [
+ "Release Notes"
+ ]
+ },
+ {
+ "url": "https://git.tartarus.org/?h=c193fe9848f50a88a4089aac647fecc31ae96d27&p=simon/putty.git",
+ "source": "af854a3a-2127-422b-91ae-364da2661108",
+ "tags": [
+ "Mailing List",
+ "Patch"
+ ]
+ },
+ {
+ "url": "https://github.com/advisories/GHSA-6p4c-r453-8743",
+ "source": "af854a3a-2127-422b-91ae-364da2661108",
+ "tags": [
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://github.com/daedalus/BreakingECDSAwithLLL",
+ "source": "af854a3a-2127-422b-91ae-364da2661108",
+ "tags": [
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00014.html",
+ "source": "af854a3a-2127-422b-91ae-364da2661108"
+ },
+ {
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZS3B37GNGWOOV7QU7B7JFK76U4TOP4V/",
+ "source": "af854a3a-2127-422b-91ae-364da2661108",
+ "tags": [
+ "Mailing List",
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MMHILY2K7HQGQRHOC375KRRG2M6625RD/",
+ "source": "af854a3a-2127-422b-91ae-364da2661108",
+ "tags": [
+ "Mailing List",
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PUOTQVGC4DISVHQGSPUYGXO6TLDK65LA/",
+ "source": "af854a3a-2127-422b-91ae-364da2661108",
+ "tags": [
+ "Mailing List",
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WFDZBV7ZCAZ6AH3VCQ34SSY7L3J7VZXZ/",
+ "source": "af854a3a-2127-422b-91ae-364da2661108",
+ "tags": [
+ "Mailing List",
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WMJH7M663BVO3SY6MFAW2FAZWLLXAPRQ/",
+ "source": "af854a3a-2127-422b-91ae-364da2661108",
+ "tags": [
+ "Mailing List",
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZS3B37GNGWOOV7QU7B7JFK76U4TOP4V/",
+ "source": "af854a3a-2127-422b-91ae-364da2661108"
+ },
+ {
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MMHILY2K7HQGQRHOC375KRRG2M6625RD/",
+ "source": "af854a3a-2127-422b-91ae-364da2661108"
+ },
+ {
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PUOTQVGC4DISVHQGSPUYGXO6TLDK65LA/",
+ "source": "af854a3a-2127-422b-91ae-364da2661108"
+ },
+ {
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WMJH7M663BVO3SY6MFAW2FAZWLLXAPRQ/",
+ "source": "af854a3a-2127-422b-91ae-364da2661108"
+ },
+ {
+ "url": "https://news.ycombinator.com/item?id=40044665",
+ "source": "af854a3a-2127-422b-91ae-364da2661108",
+ "tags": [
+ "Issue Tracking"
+ ]
+ },
+ {
+ "url": "https://security-tracker.debian.org/tracker/CVE-2024-31497",
+ "source": "af854a3a-2127-422b-91ae-364da2661108",
+ "tags": [
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://securityonline.info/cve-2024-31497-critical-putty-vulnerability-exposes-private-keys-immediate-action-required/",
+ "source": "af854a3a-2127-422b-91ae-364da2661108",
+ "tags": [
+ "Press/Media Coverage"
+ ]
+ },
+ {
+ "url": "https://tartarus.org/~simon/putty-snapshots/htmldoc/Chapter9.html#pageant-forward",
+ "source": "af854a3a-2127-422b-91ae-364da2661108",
+ "tags": [
+ "Product"
+ ]
+ },
+ {
+ "url": "https://tortoisegit.org",
+ "source": "af854a3a-2127-422b-91ae-364da2661108",
+ "tags": [
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://twitter.com/CCBalert/status/1780229237569470549",
+ "source": "af854a3a-2127-422b-91ae-364da2661108",
+ "tags": [
+ "Press/Media Coverage"
+ ]
+ },
+ {
+ "url": "https://twitter.com/lambdafu/status/1779969509522133272",
+ "source": "af854a3a-2127-422b-91ae-364da2661108",
+ "tags": [
+ "Press/Media Coverage"
+ ]
+ },
+ {
+ "url": "https://winscp.net/eng/news.php",
+ "source": "af854a3a-2127-422b-91ae-364da2661108",
+ "tags": [
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://www.bleepingcomputer.com/news/security/putty-ssh-client-flaw-allows-recovery-of-cryptographic-private-keys/",
+ "source": "af854a3a-2127-422b-91ae-364da2661108",
+ "tags": [
+ "Press/Media Coverage"
+ ]
+ },
+ {
+ "url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html",
+ "source": "af854a3a-2127-422b-91ae-364da2661108",
+ "tags": [
+ "Release Notes",
+ "Vendor Advisory"
+ ]
+ },
+ {
+ "url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html",
+ "source": "af854a3a-2127-422b-91ae-364da2661108",
+ "tags": [
+ "Vendor Advisory"
+ ]
+ },
+ {
+ "url": "https://www.openwall.com/lists/oss-security/2024/04/15/6",
+ "source": "af854a3a-2127-422b-91ae-364da2661108",
+ "tags": [
+ "Mailing List",
+ "Third Party Advisory"
+ ]
+ },
+ {
+ "url": "https://www.reddit.com/r/sysadmin/comments/1c4wmoj/putty_vulnerability_affecting_v068_to_v08/",
+ "source": "af854a3a-2127-422b-91ae-364da2661108",
+ "tags": [
+ "Press/Media Coverage"
+ ]
+ },
+ {
+ "url": "https://www.vicarius.io/vsociety/posts/understanding-a-critical-vulnerability-in-putty-biased-ecdsa-nonce-generation-revealing-nist-p-521-private-keys-cve-2024-31497",
+ "source": "af854a3a-2127-422b-91ae-364da2661108"
+ }
+ ]
+ }
+ }
+ ]
+}
\ No newline at end of file
diff --git a/vulnfeeds/conversion/versions.go b/vulnfeeds/conversion/versions.go
index 8ec95e6c8ab..a7cd8c2a234 100644
--- a/vulnfeeds/conversion/versions.go
+++ b/vulnfeeds/conversion/versions.go
@@ -16,7 +16,6 @@
package conversion
import (
- "context"
"errors"
"fmt"
"net/http"
@@ -26,11 +25,8 @@ import (
"slices"
"strings"
"sync"
- "time"
"github.com/knqyf263/go-cpe/naming"
- "github.com/ossf/osv-schema/bindings/go/osvschema"
- "github.com/sethvargo/go-retry"
"github.com/google/osv/vulnfeeds/git"
"github.com/google/osv/vulnfeeds/models"
@@ -198,7 +194,6 @@ func Repo(u string) (string, error) {
return fmt.Sprintf("%s://%s/%s", parsedURL.Scheme, parsedURL.Hostname(), pathParts[2]), nil
}
if parsedURL.Hostname() == "sourceware.org" {
- // Call out to models function for GitWeb URLs
return repoGitWeb(parsedURL)
}
if parsedURL.Hostname() == "git.postgresql.org" {
@@ -504,50 +499,6 @@ func resolveGitTag(parsedURL *url.URL, u string, gitSHA1Regex *regexp.Regexp) (s
return "", errors.New("no tag found")
}
-// Detect linkrot and handle link decay in HTTP(S) links via HEAD request with exponential backoff.
-func ValidateAndCanonicalizeLink(link string, httpClient *http.Client) (canonicalLink string, err error) {
- u, err := url.Parse(link)
- if !slices.Contains([]string{"http", "https"}, u.Scheme) {
- // Handle what's presumably a git:// URL.
- return link, err
- }
- backoff := retry.NewExponential(1 * time.Second)
- if err := retry.Do(context.Background(), retry.WithMaxRetries(3, backoff), func(ctx context.Context) error {
- req, err := http.NewRequestWithContext(ctx, http.MethodHead, link, nil)
- if err != nil {
- return err
- }
-
- // security.alpinelinux.org responds with text/html content.
- // default HEAD request in Go does not provide any Accept headers, causing a 406 response.
- req.Header.Set("Accept", "text/html")
-
- // Send the request
- resp, err := httpClient.Do(req)
- if err != nil {
- return err
- }
- defer resp.Body.Close()
-
- switch resp.StatusCode / 100 {
- // 4xx response codes are an instant fail.
- case 4:
- return fmt.Errorf("bad response: %v", resp.StatusCode)
- // 5xx response codes are retriable.
- case 5:
- return retry.RetryableError(fmt.Errorf("bad response: %v", resp.StatusCode))
- // Anything else is acceptable.
- default:
- canonicalLink = resp.Request.URL.String()
- return nil
- }
- }); err != nil {
- return link, fmt.Errorf("unable to determine validity of %q: %w", link, err)
- }
-
- return canonicalLink, nil
-}
-
// For URLs referencing commits in supported Git repository hosts, return a cloneable AffectedCommit.
func ExtractCommitsFromRefs(references []models.Reference, httpClient *http.Client) ([]models.AffectedCommit, error) {
var commits []models.AffectedCommit //nolint:prealloc
@@ -599,7 +550,7 @@ func ExtractGitCommit(link string, httpClient *http.Client, depth int) (string,
commit = c
// If URL doesn't validate, treat it as linkrot.
- possiblyDifferentLink, err := ValidateAndCanonicalizeLink(link, httpClient)
+ possiblyDifferentLink, err := git.ValidateAndCanonicalizeLink(link, httpClient)
if err != nil {
return "", "", err
}
@@ -656,7 +607,7 @@ func processExtractedVersion(version string) string {
return version
}
-func ExtractVersionsFromText(validVersions []string, text string, metrics *models.ConversionMetrics) []*osvschema.Range {
+func ExtractVersionsFromText(validVersions []string, text string, metrics *models.ConversionMetrics, source models.VersionSource) []models.RangeWithMetadata {
// Match:
// - x.x.x before x.x.x
// - x.x.x through x.x.x
@@ -669,14 +620,14 @@ func ExtractVersionsFromText(validVersions []string, text string, metrics *model
return nil
}
- versions := make([]*osvschema.Range, 0, len(matches))
+ versions := make([]models.RangeWithMetadata, 0, len(matches))
for _, match := range matches {
// Trim periods that are part of sentences.
introduced := processExtractedVersion(match[1])
fixed := processExtractedVersion(match[3])
lastaffected := ""
- if match[2] == "through" {
+ if match[2] == "through" && validVersions != nil {
// "Through" implies inclusive range, so the fixed version is the one that comes after.
var err error
fixed, err = nextVersion(validVersions, fixed)
@@ -708,7 +659,13 @@ func ExtractVersionsFromText(validVersions []string, text string, metrics *model
}
vr := BuildVersionRange(introduced, lastaffected, fixed)
- versions = append(versions, vr)
+ versions = append(versions, models.RangeWithMetadata{
+ Range: vr,
+ Metadata: models.Metadata{
+ Source: source,
+ },
+ },
+ )
}
return versions
@@ -734,8 +691,8 @@ func DeduplicateAffectedCommits(commits []models.AffectedCommit) []models.Affect
return uniqueCommits
}
-func ExtractVersionsFromCPEs(cve models.NVDCVE, validVersions []string, metrics *models.ConversionMetrics) []*osvschema.Range {
- versions := []*osvschema.Range{}
+func ExtractVersionsFromCPEs(cve models.NVDCVE, validVersions []string, metrics *models.ConversionMetrics) []models.RangeWithMetadata {
+ versions := []models.RangeWithMetadata{}
for _, config := range cve.Configurations {
for _, node := range config.Nodes {
@@ -814,7 +771,15 @@ func ExtractVersionsFromCPEs(cve models.NVDCVE, validVersions []string, metrics
metrics.AddNote("Warning: %s is not a valid fixed version", fixed)
}
vr := BuildVersionRange(introduced, lastaffected, fixed)
- versions = append(versions, vr)
+ versions = append(versions,
+ models.RangeWithMetadata{
+ Range: vr,
+ Metadata: models.Metadata{
+ CPE: match.Criteria,
+ Source: models.VersionSourceCPE,
+ },
+ },
+ )
}
}
}
@@ -1197,9 +1162,12 @@ func ReposFromReferences(cache *VPRepoCache, vp *VendorProduct, refs []models.Re
}
// Check if the repo URL has changed (e.g. via redirect)
- canonicalRepo, err := ValidateAndCanonicalizeLink(repo, httpClient)
+ canonicalRepo, err := git.FindCanonicalLink(repo, httpClient, repoTagsCache)
if err == nil {
repo = canonicalRepo
+ } else if errors.Is(err, git.ErrRateLimit) || strings.Contains(err.Error(), "429") {
+ metrics.Outcome = models.Error
+ return nil
}
if slices.Contains(repos, repo) {
diff --git a/vulnfeeds/conversion/versions_test.go b/vulnfeeds/conversion/versions_test.go
index 18b9da34aad..7be1453011d 100644
--- a/vulnfeeds/conversion/versions_test.go
+++ b/vulnfeeds/conversion/versions_test.go
@@ -5,7 +5,6 @@ import (
"fmt"
"log"
"net/http"
- "net/http/httptest"
"os"
"reflect"
"slices"
@@ -1203,75 +1202,6 @@ func TestInvalidRangeDetection(t *testing.T) {
}
}
-func TestValidateAndCanonicalizeLink(t *testing.T) {
- type args struct {
- link string
- }
- tests := []struct {
- name string
- args args
- wantCanonicalLink string
- wantErr bool
- skipOnCloudBuild bool
- disableExpiryDate time.Time // If test needs to be disabled due to known outage.
- }{
- {
- name: "A link that 404's",
- args: args{
- link: "https://github.com/WebKit/webkit/commit/6f9b511a115311b13c06eb58038ddc2c78da5531",
- },
- wantCanonicalLink: "https://github.com/WebKit/webkit/commit/6f9b511a115311b13c06eb58038ddc2c78da5531",
- wantErr: true,
- },
- {
- name: "A functioning link",
- args: args{
- link: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ee1fee900537b5d9560e9f937402de5ddc8412f3",
- },
- wantCanonicalLink: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ee1fee900537b5d9560e9f937402de5ddc8412f3",
- wantErr: false,
- skipOnCloudBuild: true, // observing indications of IP denylisting as at 2025-02-13
-
- },
- }
- for _, tt := range tests {
- t.Run(tt.name, func(t *testing.T) {
- r := testutils.SetupVCR(t)
- client := r.GetDefaultClient()
-
- if time.Now().Before(tt.disableExpiryDate) {
- t.Skipf("test %q has been skipped due to known outage and will be reenabled on %s.", tt.name, tt.disableExpiryDate)
- }
- if _, ok := os.LookupEnv("BUILD_ID"); ok && tt.skipOnCloudBuild {
- t.Skipf("test %q: running on Cloud Build", tt.name)
- }
- gotCanonicalLink, err := ValidateAndCanonicalizeLink(tt.args.link, client)
- if (err != nil) != tt.wantErr {
- t.Errorf("ValidateAndCanonicalizeLink() error = %v, wantErr %v", err, tt.wantErr)
- return
- }
- if gotCanonicalLink != tt.wantCanonicalLink {
- t.Errorf("ValidateAndCanonicalizeLink() = %v, want %v", gotCanonicalLink, tt.wantCanonicalLink)
- }
- })
- }
-}
-
-func TestValidateAndCanonicalizeLink_429(t *testing.T) {
- requests := 0
- ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) {
- requests++
- w.WriteHeader(http.StatusTooManyRequests)
- }))
- defer ts.Close()
-
- client := ts.Client()
- _, err := ValidateAndCanonicalizeLink(ts.URL, client)
- if err == nil {
- t.Errorf("ValidateAndCanonicalizeLink() expected error, got nil")
- }
-}
-
func TestCommit(t *testing.T) {
type args struct {
u string
diff --git a/vulnfeeds/git/repository.go b/vulnfeeds/git/repository.go
index 7ac252663e2..f98ff9796cb 100644
--- a/vulnfeeds/git/repository.go
+++ b/vulnfeeds/git/repository.go
@@ -73,8 +73,9 @@ type RepoTagsMap struct {
type RepoTagsCache struct {
sync.RWMutex
- m map[string]RepoTagsMap
- invalid map[string]bool
+ m map[string]RepoTagsMap
+ invalid map[string]bool
+ canonicalLink map[string]string
}
func (c *RepoTagsCache) Get(repo string) (RepoTagsMap, bool) {
@@ -116,6 +117,26 @@ func (c *RepoTagsCache) IsInvalid(repo string) bool {
return c.invalid[repo]
}
+func (c *RepoTagsCache) SetCanonicalLink(repo string, canonicalLink string) {
+ c.Lock()
+ defer c.Unlock()
+ if c.canonicalLink == nil {
+ c.canonicalLink = make(map[string]string)
+ }
+ c.canonicalLink[repo] = canonicalLink
+}
+
+func (c *RepoTagsCache) GetCanonicalLink(repo string) (string, bool) {
+ c.RLock()
+ defer c.RUnlock()
+ if c.canonicalLink == nil {
+ return "", false
+ }
+ canonicalLink, ok := c.canonicalLink[repo]
+
+ return canonicalLink, ok
+}
+
// RemoteRepoRefsWithRetry will exponentially retry listing the peeled references of the repoURL up to retries times.
func RemoteRepoRefsWithRetry(repoURL string, retries uint64) (refs []*plumbing.Reference, err error) {
remoteConfig := &config.RemoteConfig{
diff --git a/vulnfeeds/git/testdata/TestValidateAndCanonicalizeLink_A_functioning_link.yaml b/vulnfeeds/git/testdata/TestValidateAndCanonicalizeLink_A_functioning_link.yaml
new file mode 100644
index 00000000000..bd4bb3c6a9e
--- /dev/null
+++ b/vulnfeeds/git/testdata/TestValidateAndCanonicalizeLink_A_functioning_link.yaml
@@ -0,0 +1,51 @@
+---
+version: 2
+interactions:
+ - id: 0
+ request:
+ proto: HTTP/1.1
+ proto_major: 1
+ proto_minor: 1
+ content_length: 0
+ host: git.kernel.org
+ form:
+ id:
+ - ee1fee900537b5d9560e9f937402de5ddc8412f3
+ headers:
+ Accept:
+ - text/html
+ url: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ee1fee900537b5d9560e9f937402de5ddc8412f3
+ method: HEAD
+ response:
+ proto: HTTP/2.0
+ proto_major: 2
+ proto_minor: 0
+ content_length: -1
+ body: ""
+ headers:
+ Content-Security-Policy:
+ - 'default-src ''self''; worker-src ''self'' blob:; style-src ''self'' ''unsafe-inline''; script-src-attr ''unsafe-hashes'' ''sha256-rQQdnklrOmulrf5mQ2YjUK7CGbu4ywAi21E8nGlJcDc''; img-src https:'
+ Content-Type:
+ - text/html; charset=UTF-8
+ Date:
+ - Sun, 15 Mar 2026 23:51:42 GMT
+ Expires:
+ - Mon, 16 Mar 2026 00:51:42 GMT
+ Last-Modified:
+ - Sun, 15 Mar 2026 23:51:42 GMT
+ Referrer-Policy:
+ - same-origin
+ Server:
+ - nginx
+ Strict-Transport-Security:
+ - max-age=15768001
+ Vary:
+ - Accept-Encoding
+ - Accept-Encoding
+ X-Content-Type-Options:
+ - nosniff
+ X-Frame-Options:
+ - DENY
+ status: 200 OK
+ code: 200
+ duration: 440.799062ms
diff --git a/vulnfeeds/git/testdata/TestValidateAndCanonicalizeLink_A_link_that_404_s.yaml b/vulnfeeds/git/testdata/TestValidateAndCanonicalizeLink_A_link_that_404_s.yaml
new file mode 100644
index 00000000000..9fe78ef7f9b
--- /dev/null
+++ b/vulnfeeds/git/testdata/TestValidateAndCanonicalizeLink_A_link_that_404_s.yaml
@@ -0,0 +1,55 @@
+---
+version: 2
+interactions:
+ - id: 0
+ request:
+ proto: HTTP/1.1
+ proto_major: 1
+ proto_minor: 1
+ content_length: 0
+ host: github.com
+ headers:
+ Accept:
+ - text/html
+ url: https://github.com/WebKit/webkit/commit/6f9b511a115311b13c06eb58038ddc2c78da5531
+ method: HEAD
+ response:
+ proto: HTTP/2.0
+ proto_major: 2
+ proto_minor: 0
+ content_length: -1
+ body: ""
+ headers:
+ Cache-Control:
+ - no-cache
+ Content-Security-Policy:
+ - 'default-src ''none''; base-uri ''self''; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src ''self'' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com github.githubassets.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net productionresultssa1.blob.core.windows.net productionresultssa2.blob.core.windows.net productionresultssa3.blob.core.windows.net productionresultssa4.blob.core.windows.net productionresultssa5.blob.core.windows.net productionresultssa6.blob.core.windows.net productionresultssa7.blob.core.windows.net productionresultssa8.blob.core.windows.net productionresultssa9.blob.core.windows.net productionresultssa10.blob.core.windows.net productionresultssa11.blob.core.windows.net productionresultssa12.blob.core.windows.net productionresultssa13.blob.core.windows.net productionresultssa14.blob.core.windows.net productionresultssa15.blob.core.windows.net productionresultssa16.blob.core.windows.net productionresultssa17.blob.core.windows.net productionresultssa18.blob.core.windows.net productionresultssa19.blob.core.windows.net github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com wss://alive-staging.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action ''self'' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors ''none''; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src ''self'' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com release-assets.githubusercontent.com secured-user-images.githubusercontent.com user-images.githubusercontent.com private-user-images.githubusercontent.com opengraph.githubassets.com marketplace-screenshots.githubusercontent.com copilotprodattachments.blob.core.windows.net/github-production-copilot-attachments/ github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src ''self''; media-src github.com user-images.githubusercontent.com secured-user-images.githubusercontent.com private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com github.githubassets.com; script-src github.githubassets.com; style-src ''unsafe-inline'' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/'
+ Content-Type:
+ - text/html; charset=utf-8
+ Date:
+ - Sun, 15 Mar 2026 23:51:41 GMT
+ Referrer-Policy:
+ - no-referrer-when-downgrade
+ Server:
+ - github.com
+ Set-Cookie:
+ - _gh_sess=HMrlxmc%2Fb%2F1TmmGqTQzWSF6K3PP8zqktQBXZryX8Z5fUFdRTXVvE0HAr9K61HFAs0Avvqp3zzT011ncglKH2fELTFRYSKjKgzuPDtZU3PO3%2BzsvD2LxKCnX%2FvrVOaIs1lbxGUbnSmf5rSabJCI6vkY2Qz01W3M9EzcbcgAyh9XW1BSofuifKKvu1CWtMu34WcwVPY6s%2FFELIVc13re%2F1PNMOoVOW%2BrxCBXFRca7ALd%2F8Wjm7iWcqa%2BMzkwuokGG8CTK0yGyAhaLpWdzXCsNfGw%3D%3D--9mQ7%2FWdBKkFw5Tv0--zgdIuyAjFrh6sdywVP7OZg%3D%3D; path=/; HttpOnly; secure; SameSite=Lax
+ - _octo=GH1.1.1494558448.1773618700; expires=Mon, 15 Mar 2027 23:51:40 GMT; domain=.github.com; path=/; secure; SameSite=Lax
+ - logged_in=no; expires=Mon, 15 Mar 2027 23:51:40 GMT; domain=.github.com; path=/; HttpOnly; secure; SameSite=Lax
+ Strict-Transport-Security:
+ - max-age=31536000; includeSubdomains; preload
+ Vary:
+ - X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, X-Requested-With, Sec-Fetch-Site,Accept-Encoding, Accept, X-Requested-With
+ X-Content-Type-Options:
+ - nosniff
+ X-Frame-Options:
+ - deny
+ X-Github-Request-Id:
+ - B0DB:1A1B7B:2753EB:306577:69B7460C
+ X-Repository-Download:
+ - git clone https://github.com/WebKit/WebKit.git
+ X-Xss-Protection:
+ - "0"
+ status: 404 Not Found
+ code: 404
+ duration: 814.426424ms
diff --git a/vulnfeeds/git/versions.go b/vulnfeeds/git/versions.go
index 3983cc651c1..70b6326dd18 100644
--- a/vulnfeeds/git/versions.go
+++ b/vulnfeeds/git/versions.go
@@ -15,13 +15,17 @@
package git
import (
- "errors"
+ "context"
"fmt"
+ "net/http"
+ "net/url"
"regexp"
"slices"
"strings"
+ "time"
"github.com/google/osv/vulnfeeds/models"
+ "github.com/sethvargo/go-retry"
)
var (
@@ -84,7 +88,7 @@ func VersionToAffectedCommit(version string, repo string, commitType models.Comm
// Take an unnormalized version string, the pre-normalized mapping of tags to commits and return a commit hash.
func VersionToCommit(version string, normalizedTags map[string]NormalizedTag) (string, error) {
if version == "" {
- return "", errors.New("version cannot be empty")
+ return "", nil
}
// TODO: try unnormalized version first.
normalizedVersion, err := NormalizeVersion(version)
@@ -179,3 +183,63 @@ func ParseVersionRange(versionRange string) (models.AffectedVersion, error) {
return av, nil
}
+
+// Detect linkrot and handle link decay in HTTP(S) links via HEAD request with exponential backoff.
+func ValidateAndCanonicalizeLink(link string, httpClient *http.Client) (canonicalLink string, err error) {
+ u, err := url.Parse(link)
+ if !slices.Contains([]string{"http", "https"}, u.Scheme) {
+ // Handle what's presumably a git:// URL.
+ return link, err
+ }
+ if httpClient == nil {
+ httpClient = http.DefaultClient
+ }
+ backoff := retry.NewExponential(1 * time.Second)
+ if err := retry.Do(context.Background(), retry.WithMaxRetries(3, backoff), func(ctx context.Context) error {
+ req, err := http.NewRequestWithContext(ctx, http.MethodHead, link, nil)
+ if err != nil {
+ return err
+ }
+
+ // security.alpinelinux.org responds with text/html content.
+ // default HEAD request in Go does not provide any Accept headers, causing a 406 response.
+ req.Header.Set("Accept", "text/html")
+
+ // Send the request
+ resp, err := httpClient.Do(req)
+ if err != nil {
+ return err
+ }
+ defer resp.Body.Close()
+
+ switch resp.StatusCode / 100 {
+ // 4xx response codes are an instant fail.
+ case 4:
+ return fmt.Errorf("bad response: %v", resp.StatusCode)
+ // 5xx response codes are retriable.
+ case 5:
+ return retry.RetryableError(fmt.Errorf("bad response: %v", resp.StatusCode))
+ // Anything else is acceptable.
+ default:
+ canonicalLink = resp.Request.URL.String()
+ return nil
+ }
+ }); err != nil {
+ return link, fmt.Errorf("unable to determine validity of %q: %w", link, err)
+ }
+
+ return canonicalLink, nil
+}
+
+func FindCanonicalLink(link string, httpClient *http.Client, cache *RepoTagsCache) (canonicalLink string, err error) {
+ if canonicalLink, ok := cache.GetCanonicalLink(link); ok {
+ return canonicalLink, nil
+ }
+ canonicalLink, err = ValidateAndCanonicalizeLink(link, httpClient)
+ if err != nil {
+ return "", err
+ }
+ cache.SetCanonicalLink(link, canonicalLink)
+
+ return canonicalLink, nil
+}
diff --git a/vulnfeeds/git/versions_test.go b/vulnfeeds/git/versions_test.go
index 39e14e206a1..42440f17b71 100644
--- a/vulnfeeds/git/versions_test.go
+++ b/vulnfeeds/git/versions_test.go
@@ -1,6 +1,9 @@
package git
import (
+ "net/http"
+ "net/http/httptest"
+ "os"
"reflect"
"testing"
"time"
@@ -323,3 +326,70 @@ func TestParseVersionRange(t *testing.T) {
})
}
}
+
+func TestValidateAndCanonicalizeLink(t *testing.T) {
+ type args struct {
+ link string
+ }
+ tests := []struct {
+ name string
+ args args
+ wantCanonicalLink string
+ wantErr bool
+ skipOnCloudBuild bool
+ disableExpiryDate time.Time // If test needs to be disabled due to known outage.
+ }{
+ {
+ name: "A link that 404's",
+ args: args{
+ link: "https://github.com/WebKit/webkit/commit/6f9b511a115311b13c06eb58038ddc2c78da5531",
+ },
+ wantCanonicalLink: "https://github.com/WebKit/webkit/commit/6f9b511a115311b13c06eb58038ddc2c78da5531",
+ wantErr: true,
+ },
+ {
+ name: "A functioning link",
+ args: args{
+ link: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ee1fee900537b5d9560e9f937402de5ddc8412f3",
+ },
+ wantCanonicalLink: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ee1fee900537b5d9560e9f937402de5ddc8412f3",
+ wantErr: false,
+ },
+ }
+ for _, tt := range tests {
+ t.Run(tt.name, func(t *testing.T) {
+ r := testutils.SetupVCR(t)
+ client := r.GetDefaultClient()
+
+ if time.Now().Before(tt.disableExpiryDate) {
+ t.Skipf("test %q has been skipped due to known outage and will be reenabled on %s.", tt.name, tt.disableExpiryDate)
+ }
+ if _, ok := os.LookupEnv("BUILD_ID"); ok && tt.skipOnCloudBuild {
+ t.Skipf("test %q: running on Cloud Build", tt.name)
+ }
+ gotCanonicalLink, err := ValidateAndCanonicalizeLink(tt.args.link, client)
+ if (err != nil) != tt.wantErr {
+ t.Errorf("ValidateAndCanonicalizeLink() error = %v, wantErr %v", err, tt.wantErr)
+ return
+ }
+ if gotCanonicalLink != tt.wantCanonicalLink {
+ t.Errorf("ValidateAndCanonicalizeLink() = %v, want %v", gotCanonicalLink, tt.wantCanonicalLink)
+ }
+ })
+ }
+}
+
+func TestValidateAndCanonicalizeLink_429(t *testing.T) {
+ requests := 0
+ ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) {
+ requests++
+ w.WriteHeader(http.StatusTooManyRequests)
+ }))
+ defer ts.Close()
+
+ client := ts.Client()
+ _, err := ValidateAndCanonicalizeLink(ts.URL, client)
+ if err == nil {
+ t.Errorf("ValidateAndCanonicalizeLink() expected error, got nil")
+ }
+}
diff --git a/vulnfeeds/models/metrics.go b/vulnfeeds/models/metrics.go
index 2befba51d4f..f0f56c8f9ca 100644
--- a/vulnfeeds/models/metrics.go
+++ b/vulnfeeds/models/metrics.go
@@ -106,12 +106,13 @@ func (m *ConversionMetrics) AddSource(source VersionSource) {
type VersionSource string
const (
- VersionSourceNone VersionSource = "NOVERS"
- VersionSourceAffected VersionSource = "CVEAFFVERS"
- VersionSourceGit VersionSource = "GITVERS"
- VersionSourceCPE VersionSource = "CPEVERS"
- VersionSourceDescription VersionSource = "DESCRVERS"
- VersionSourceRefs VersionSource = "REFS"
+ VersionSourceNone VersionSource = "NO_SOURCE"
+ VersionSourceAffected VersionSource = "AFFECTED_FIELD"
+ VersionSourceGit VersionSource = "AFFECTED_FIELD_GIT"
+ VersionSourceCPE VersionSource = "CPE_FIELD"
+ VersionSourceDescription VersionSource = "DESCRIPTION"
+ VersionSourceText VersionSource = "TEXT_EXTRACTION"
+ VersionSourceRefs VersionSource = "REFERENCES"
)
func DetermineOutcome(metrics *ConversionMetrics) {
diff --git a/vulnfeeds/models/types.go b/vulnfeeds/models/types.go
index ab1bb500b32..ce6dbf308e1 100644
--- a/vulnfeeds/models/types.go
+++ b/vulnfeeds/models/types.go
@@ -5,6 +5,8 @@ import (
"cmp"
"reflect"
"strings"
+
+ "github.com/ossf/osv-schema/bindings/go/osvschema"
)
type AffectedCommit struct {
@@ -29,6 +31,16 @@ func SetCommitByType(ac *AffectedCommit, commitType CommitType, commitHash strin
}
}
+type RangeWithMetadata struct {
+ Range *osvschema.Range
+ Metadata Metadata
+}
+
+type Metadata struct {
+ CPE string
+ Source VersionSource
+}
+
func (ac *AffectedCommit) SetRepo(repo string) {
// GitHub.com repos are demonstrably case-insensitive, and frequently
// expressed in URLs with varying cases, so normalize them to lowercase.
diff --git a/vulnfeeds/test_data/cve5/CVE-2016-15012.json b/vulnfeeds/test_data/cve5/CVE-2016-15012.json
new file mode 100644
index 00000000000..33468df25aa
--- /dev/null
+++ b/vulnfeeds/test_data/cve5/CVE-2016-15012.json
@@ -0,0 +1,216 @@
+{
+ "dataType": "CVE_RECORD",
+ "dataVersion": "5.1",
+ "cveMetadata": {
+ "cveId": "CVE-2016-15012",
+ "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
+ "state": "PUBLISHED",
+ "assignerShortName": "VulDB",
+ "dateReserved": "2023-01-07T12:58:28.056Z",
+ "datePublished": "2023-01-07T12:59:27.772Z",
+ "dateUpdated": "2025-04-08T20:30:50.208Z"
+ },
+ "containers": {
+ "cna": {
+ "providerMetadata": {
+ "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
+ "shortName": "VulDB",
+ "dateUpdated": "2023-10-20T09:57:28.877Z"
+ },
+ "title": "forcedotcom SalesforceMobileSDK-Windows QuerySpec.cs ComputeCountSql sql injection",
+ "problemTypes": [
+ {
+ "descriptions": [
+ {
+ "type": "CWE",
+ "cweId": "CWE-89",
+ "lang": "en",
+ "description": "CWE-89 SQL Injection"
+ }
+ ]
+ }
+ ],
+ "affected": [
+ {
+ "vendor": "forcedotcom",
+ "product": "SalesforceMobileSDK-Windows",
+ "versions": [
+ {
+ "version": "4.x",
+ "status": "affected"
+ }
+ ]
+ }
+ ],
+ "descriptions": [
+ {
+ "lang": "en",
+ "value": "** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in forcedotcom SalesforceMobileSDK-Windows up to 4.x. It has been rated as critical. This issue affects the function ComputeCountSql of the file SalesforceSDK/SmartStore/Store/QuerySpec.cs. The manipulation leads to sql injection. Upgrading to version 5.0.0 is able to address this issue. The patch is named 83b3e91e0c1e84873a6d3ca3c5887eb5b4f5a3d8. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-217619. NOTE: This vulnerability only affects products that are no longer supported by the maintainer."
+ },
+ {
+ "lang": "de",
+ "value": "Eine Schwachstelle wurde in forcedotcom SalesforceMobileSDK-Windows bis 4.x ausgemacht. Sie wurde als kritisch eingestuft. Hierbei geht es um die Funktion ComputeCountSql der Datei SalesforceSDK/SmartStore/Store/QuerySpec.cs. Mittels Manipulieren mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Ein Aktualisieren auf die Version 5.0.0 vermag dieses Problem zu lösen. Der Patch wird als 83b3e91e0c1e84873a6d3ca3c5887eb5b4f5a3d8 bezeichnet. Als bestmögliche Massnahme wird das Einspielen eines Upgrades empfohlen."
+ }
+ ],
+ "metrics": [
+ {
+ "cvssV3_1": {
+ "version": "3.1",
+ "baseScore": 5.5,
+ "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
+ "baseSeverity": "MEDIUM"
+ }
+ },
+ {
+ "cvssV3_0": {
+ "version": "3.0",
+ "baseScore": 5.5,
+ "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
+ "baseSeverity": "MEDIUM"
+ }
+ },
+ {
+ "cvssV2_0": {
+ "version": "2.0",
+ "baseScore": 5.2,
+ "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P"
+ }
+ }
+ ],
+ "timeline": [
+ {
+ "time": "2023-01-07T00:00:00.000Z",
+ "lang": "en",
+ "value": "Advisory disclosed"
+ },
+ {
+ "time": "2023-01-07T00:00:00.000Z",
+ "lang": "en",
+ "value": "CVE reserved"
+ },
+ {
+ "time": "2023-01-07T01:00:00.000Z",
+ "lang": "en",
+ "value": "VulDB entry created"
+ },
+ {
+ "time": "2023-01-29T23:05:36.000Z",
+ "lang": "en",
+ "value": "VulDB entry last update"
+ }
+ ],
+ "credits": [
+ {
+ "lang": "en",
+ "value": "VulDB GitHub Commit Analyzer",
+ "type": "tool"
+ }
+ ],
+ "references": [
+ {
+ "url": "https://vuldb.com/?id.217619",
+ "tags": [
+ "vdb-entry",
+ "technical-description"
+ ]
+ },
+ {
+ "url": "https://vuldb.com/?ctiid.217619",
+ "tags": [
+ "signature",
+ "permissions-required"
+ ]
+ },
+ {
+ "url": "https://github.com/forcedotcom/SalesforceMobileSDK-Windows/commit/83b3e91e0c1e84873a6d3ca3c5887eb5b4f5a3d8",
+ "tags": [
+ "patch"
+ ]
+ },
+ {
+ "url": "https://github.com/forcedotcom/SalesforceMobileSDK-Windows/releases/tag/v5.0.0",
+ "tags": [
+ "patch"
+ ]
+ }
+ ],
+ "tags": [
+ "unsupported-when-assigned"
+ ]
+ },
+ "adp": [
+ {
+ "providerMetadata": {
+ "orgId": "af854a3a-2127-422b-91ae-364da2661108",
+ "shortName": "CVE",
+ "dateUpdated": "2024-08-06T03:47:34.640Z"
+ },
+ "title": "CVE Program Container",
+ "references": [
+ {
+ "url": "https://vuldb.com/?id.217619",
+ "tags": [
+ "vdb-entry",
+ "technical-description",
+ "x_transferred"
+ ]
+ },
+ {
+ "url": "https://vuldb.com/?ctiid.217619",
+ "tags": [
+ "signature",
+ "permissions-required",
+ "x_transferred"
+ ]
+ },
+ {
+ "url": "https://github.com/forcedotcom/SalesforceMobileSDK-Windows/commit/83b3e91e0c1e84873a6d3ca3c5887eb5b4f5a3d8",
+ "tags": [
+ "patch",
+ "x_transferred"
+ ]
+ },
+ {
+ "url": "https://github.com/forcedotcom/SalesforceMobileSDK-Windows/releases/tag/v5.0.0",
+ "tags": [
+ "patch",
+ "x_transferred"
+ ]
+ }
+ ]
+ },
+ {
+ "metrics": [
+ {
+ "other": {
+ "type": "ssvc",
+ "content": {
+ "timestamp": "2025-04-08T20:30:04.355647Z",
+ "id": "CVE-2016-15012",
+ "options": [
+ {
+ "Exploitation": "none"
+ },
+ {
+ "Automatable": "yes"
+ },
+ {
+ "Technical Impact": "total"
+ }
+ ],
+ "role": "CISA Coordinator",
+ "version": "2.0.3"
+ }
+ }
+ }
+ ],
+ "title": "CISA ADP Vulnrichment",
+ "providerMetadata": {
+ "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+ "shortName": "CISA-ADP",
+ "dateUpdated": "2025-04-08T20:30:50.208Z"
+ }
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/vulnfeeds/test_data/cve5/CVE-2016-1897.json b/vulnfeeds/test_data/cve5/CVE-2016-1897.json
new file mode 100644
index 00000000000..ce1ef670cc9
--- /dev/null
+++ b/vulnfeeds/test_data/cve5/CVE-2016-1897.json
@@ -0,0 +1,379 @@
+{
+ "containers": {
+ "cna": {
+ "affected": [
+ {
+ "product": "n/a",
+ "vendor": "n/a",
+ "versions": [
+ {
+ "status": "affected",
+ "version": "n/a"
+ }
+ ]
+ }
+ ],
+ "datePublic": "2016-01-14T00:00:00.000Z",
+ "descriptions": [
+ {
+ "lang": "en",
+ "value": "FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the concat protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP request in which the URL string contains the first line of a local file."
+ }
+ ],
+ "problemTypes": [
+ {
+ "descriptions": [
+ {
+ "description": "n/a",
+ "lang": "en",
+ "type": "text"
+ }
+ ]
+ }
+ ],
+ "providerMetadata": {
+ "dateUpdated": "2017-06-30T16:57:01.000Z",
+ "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
+ "shortName": "mitre"
+ },
+ "references": [
+ {
+ "tags": [
+ "x_refsource_MISC"
+ ],
+ "url": "http://security.stackexchange.com/questions/110644"
+ },
+ {
+ "name": "openSUSE-SU-2016:0243",
+ "tags": [
+ "vendor-advisory",
+ "x_refsource_SUSE"
+ ],
+ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00034.html"
+ },
+ {
+ "name": "1034932",
+ "tags": [
+ "vdb-entry",
+ "x_refsource_SECTRACK"
+ ],
+ "url": "http://www.securitytracker.com/id/1034932"
+ },
+ {
+ "name": "GLSA-201705-08",
+ "tags": [
+ "vendor-advisory",
+ "x_refsource_GENTOO"
+ ],
+ "url": "https://security.gentoo.org/glsa/201705-08"
+ },
+ {
+ "name": "80501",
+ "tags": [
+ "vdb-entry",
+ "x_refsource_BID"
+ ],
+ "url": "http://www.securityfocus.com/bid/80501"
+ },
+ {
+ "name": "USN-2944-1",
+ "tags": [
+ "vendor-advisory",
+ "x_refsource_UBUNTU"
+ ],
+ "url": "http://www.ubuntu.com/usn/USN-2944-1"
+ },
+ {
+ "name": "[oss-security] 20160114 Re: Fwd: FFmpeg: stealing local files with HLS+concat",
+ "tags": [
+ "mailing-list",
+ "x_refsource_MLIST"
+ ],
+ "url": "http://www.openwall.com/lists/oss-security/2016/01/14/1"
+ },
+ {
+ "name": "SSA:2016-034-02",
+ "tags": [
+ "vendor-advisory",
+ "x_refsource_SLACKWARE"
+ ],
+ "url": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.529036"
+ },
+ {
+ "name": "DSA-3506",
+ "tags": [
+ "vendor-advisory",
+ "x_refsource_DEBIAN"
+ ],
+ "url": "http://www.debian.org/security/2016/dsa-3506"
+ },
+ {
+ "tags": [
+ "x_refsource_MISC"
+ ],
+ "url": "http://habrahabr.ru/company/mailru/blog/274855"
+ },
+ {
+ "name": "GLSA-201606-09",
+ "tags": [
+ "vendor-advisory",
+ "x_refsource_GENTOO"
+ ],
+ "url": "https://security.gentoo.org/glsa/201606-09"
+ },
+ {
+ "name": "VU#772447",
+ "tags": [
+ "third-party-advisory",
+ "x_refsource_CERT-VN"
+ ],
+ "url": "https://www.kb.cert.org/vuls/id/772447"
+ }
+ ],
+ "x_legacyV4Record": {
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2016-1897",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
+ ]
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the concat protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP request in which the URL string contains the first line of a local file."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "http://security.stackexchange.com/questions/110644",
+ "refsource": "MISC",
+ "url": "http://security.stackexchange.com/questions/110644"
+ },
+ {
+ "name": "openSUSE-SU-2016:0243",
+ "refsource": "SUSE",
+ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00034.html"
+ },
+ {
+ "name": "1034932",
+ "refsource": "SECTRACK",
+ "url": "http://www.securitytracker.com/id/1034932"
+ },
+ {
+ "name": "GLSA-201705-08",
+ "refsource": "GENTOO",
+ "url": "https://security.gentoo.org/glsa/201705-08"
+ },
+ {
+ "name": "80501",
+ "refsource": "BID",
+ "url": "http://www.securityfocus.com/bid/80501"
+ },
+ {
+ "name": "USN-2944-1",
+ "refsource": "UBUNTU",
+ "url": "http://www.ubuntu.com/usn/USN-2944-1"
+ },
+ {
+ "name": "[oss-security] 20160114 Re: Fwd: FFmpeg: stealing local files with HLS+concat",
+ "refsource": "MLIST",
+ "url": "http://www.openwall.com/lists/oss-security/2016/01/14/1"
+ },
+ {
+ "name": "SSA:2016-034-02",
+ "refsource": "SLACKWARE",
+ "url": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.529036"
+ },
+ {
+ "name": "DSA-3506",
+ "refsource": "DEBIAN",
+ "url": "http://www.debian.org/security/2016/dsa-3506"
+ },
+ {
+ "name": "http://habrahabr.ru/company/mailru/blog/274855",
+ "refsource": "MISC",
+ "url": "http://habrahabr.ru/company/mailru/blog/274855"
+ },
+ {
+ "name": "GLSA-201606-09",
+ "refsource": "GENTOO",
+ "url": "https://security.gentoo.org/glsa/201606-09"
+ },
+ {
+ "name": "VU#772447",
+ "refsource": "CERT-VN",
+ "url": "https://www.kb.cert.org/vuls/id/772447"
+ }
+ ]
+ }
+ }
+ },
+ "adp": [
+ {
+ "providerMetadata": {
+ "orgId": "af854a3a-2127-422b-91ae-364da2661108",
+ "shortName": "CVE",
+ "dateUpdated": "2024-08-05T23:10:39.912Z"
+ },
+ "title": "CVE Program Container",
+ "references": [
+ {
+ "tags": [
+ "x_refsource_MISC",
+ "x_transferred"
+ ],
+ "url": "http://security.stackexchange.com/questions/110644"
+ },
+ {
+ "name": "openSUSE-SU-2016:0243",
+ "tags": [
+ "vendor-advisory",
+ "x_refsource_SUSE",
+ "x_transferred"
+ ],
+ "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00034.html"
+ },
+ {
+ "name": "1034932",
+ "tags": [
+ "vdb-entry",
+ "x_refsource_SECTRACK",
+ "x_transferred"
+ ],
+ "url": "http://www.securitytracker.com/id/1034932"
+ },
+ {
+ "name": "GLSA-201705-08",
+ "tags": [
+ "vendor-advisory",
+ "x_refsource_GENTOO",
+ "x_transferred"
+ ],
+ "url": "https://security.gentoo.org/glsa/201705-08"
+ },
+ {
+ "name": "80501",
+ "tags": [
+ "vdb-entry",
+ "x_refsource_BID",
+ "x_transferred"
+ ],
+ "url": "http://www.securityfocus.com/bid/80501"
+ },
+ {
+ "name": "USN-2944-1",
+ "tags": [
+ "vendor-advisory",
+ "x_refsource_UBUNTU",
+ "x_transferred"
+ ],
+ "url": "http://www.ubuntu.com/usn/USN-2944-1"
+ },
+ {
+ "name": "[oss-security] 20160114 Re: Fwd: FFmpeg: stealing local files with HLS+concat",
+ "tags": [
+ "mailing-list",
+ "x_refsource_MLIST",
+ "x_transferred"
+ ],
+ "url": "http://www.openwall.com/lists/oss-security/2016/01/14/1"
+ },
+ {
+ "name": "SSA:2016-034-02",
+ "tags": [
+ "vendor-advisory",
+ "x_refsource_SLACKWARE",
+ "x_transferred"
+ ],
+ "url": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.529036"
+ },
+ {
+ "name": "DSA-3506",
+ "tags": [
+ "vendor-advisory",
+ "x_refsource_DEBIAN",
+ "x_transferred"
+ ],
+ "url": "http://www.debian.org/security/2016/dsa-3506"
+ },
+ {
+ "tags": [
+ "x_refsource_MISC",
+ "x_transferred"
+ ],
+ "url": "http://habrahabr.ru/company/mailru/blog/274855"
+ },
+ {
+ "name": "GLSA-201606-09",
+ "tags": [
+ "vendor-advisory",
+ "x_refsource_GENTOO",
+ "x_transferred"
+ ],
+ "url": "https://security.gentoo.org/glsa/201606-09"
+ },
+ {
+ "name": "VU#772447",
+ "tags": [
+ "third-party-advisory",
+ "x_refsource_CERT-VN",
+ "x_transferred"
+ ],
+ "url": "https://www.kb.cert.org/vuls/id/772447"
+ }
+ ]
+ }
+ ]
+ },
+ "cveMetadata": {
+ "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
+ "assignerShortName": "mitre",
+ "cveId": "CVE-2016-1897",
+ "datePublished": "2016-01-15T02:00:00.000Z",
+ "dateReserved": "2016-01-14T00:00:00.000Z",
+ "dateUpdated": "2024-08-05T23:10:39.912Z",
+ "state": "PUBLISHED"
+ },
+ "dataType": "CVE_RECORD",
+ "dataVersion": "5.1"
+}
\ No newline at end of file
diff --git a/vulnfeeds/test_data/cve5/CVE-2018-14618.json b/vulnfeeds/test_data/cve5/CVE-2018-14618.json
new file mode 100644
index 00000000000..7200576ddc4
--- /dev/null
+++ b/vulnfeeds/test_data/cve5/CVE-2018-14618.json
@@ -0,0 +1,396 @@
+{
+ "containers": {
+ "cna": {
+ "affected": [
+ {
+ "product": "curl",
+ "vendor": "[UNKNOWN]",
+ "versions": [
+ {
+ "status": "affected",
+ "version": "7.61.1"
+ }
+ ]
+ }
+ ],
+ "datePublic": "2018-09-05T00:00:00.000Z",
+ "descriptions": [
+ {
+ "lang": "en",
+ "value": "curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently used to iterate over the password and generate output into the allocated storage buffer. On systems with a 32 bit size_t, the math to calculate SUM triggers an integer overflow when the password length exceeds 2GB (2^31 bytes). This integer overflow usually causes a very small buffer to actually get allocated instead of the intended very huge one, making the use of that buffer end up in a heap buffer overflow. (This bug is almost identical to CVE-2017-8816.)"
+ }
+ ],
+ "metrics": [
+ {
+ "cvssV3_0": {
+ "attackComplexity": "HIGH",
+ "attackVector": "NETWORK",
+ "availabilityImpact": "HIGH",
+ "baseScore": 7.5,
+ "baseSeverity": "HIGH",
+ "confidentialityImpact": "HIGH",
+ "integrityImpact": "HIGH",
+ "privilegesRequired": "NONE",
+ "scope": "UNCHANGED",
+ "userInteraction": "REQUIRED",
+ "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
+ "version": "3.0"
+ }
+ }
+ ],
+ "problemTypes": [
+ {
+ "descriptions": [
+ {
+ "cweId": "CWE-131",
+ "description": "CWE-131",
+ "lang": "en",
+ "type": "CWE"
+ }
+ ]
+ },
+ {
+ "descriptions": [
+ {
+ "cweId": "CWE-122",
+ "description": "CWE-122",
+ "lang": "en",
+ "type": "CWE"
+ }
+ ]
+ }
+ ],
+ "providerMetadata": {
+ "dateUpdated": "2019-07-29T18:06:14.000Z",
+ "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
+ "shortName": "redhat"
+ },
+ "references": [
+ {
+ "tags": [
+ "x_refsource_CONFIRM"
+ ],
+ "url": "https://curl.haxx.se/docs/CVE-2018-14618.html"
+ },
+ {
+ "name": "GLSA-201903-03",
+ "tags": [
+ "vendor-advisory",
+ "x_refsource_GENTOO"
+ ],
+ "url": "https://security.gentoo.org/glsa/201903-03"
+ },
+ {
+ "name": "USN-3765-1",
+ "tags": [
+ "vendor-advisory",
+ "x_refsource_UBUNTU"
+ ],
+ "url": "https://usn.ubuntu.com/3765-1/"
+ },
+ {
+ "name": "RHSA-2018:3558",
+ "tags": [
+ "vendor-advisory",
+ "x_refsource_REDHAT"
+ ],
+ "url": "https://access.redhat.com/errata/RHSA-2018:3558"
+ },
+ {
+ "tags": [
+ "x_refsource_CONFIRM"
+ ],
+ "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0014"
+ },
+ {
+ "name": "DSA-4286",
+ "tags": [
+ "vendor-advisory",
+ "x_refsource_DEBIAN"
+ ],
+ "url": "https://www.debian.org/security/2018/dsa-4286"
+ },
+ {
+ "name": "1041605",
+ "tags": [
+ "vdb-entry",
+ "x_refsource_SECTRACK"
+ ],
+ "url": "http://www.securitytracker.com/id/1041605"
+ },
+ {
+ "name": "USN-3765-2",
+ "tags": [
+ "vendor-advisory",
+ "x_refsource_UBUNTU"
+ ],
+ "url": "https://usn.ubuntu.com/3765-2/"
+ },
+ {
+ "tags": [
+ "x_refsource_CONFIRM"
+ ],
+ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14618"
+ },
+ {
+ "tags": [
+ "x_refsource_CONFIRM"
+ ],
+ "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf"
+ },
+ {
+ "name": "RHSA-2019:1880",
+ "tags": [
+ "vendor-advisory",
+ "x_refsource_REDHAT"
+ ],
+ "url": "https://access.redhat.com/errata/RHSA-2019:1880"
+ }
+ ],
+ "x_legacyV4Record": {
+ "CVE_data_meta": {
+ "ASSIGNER": "secalert@redhat.com",
+ "ID": "CVE-2018-14618",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "curl",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "7.61.1"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "[UNKNOWN]"
+ }
+ ]
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently used to iterate over the password and generate output into the allocated storage buffer. On systems with a 32 bit size_t, the math to calculate SUM triggers an integer overflow when the password length exceeds 2GB (2^31 bytes). This integer overflow usually causes a very small buffer to actually get allocated instead of the intended very huge one, making the use of that buffer end up in a heap buffer overflow. (This bug is almost identical to CVE-2017-8816.)"
+ }
+ ]
+ },
+ "impact": {
+ "cvss": [
+ [
+ {
+ "vectorString": "7.5/CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
+ "version": "3.0"
+ }
+ ]
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-131"
+ }
+ ]
+ },
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "CWE-122"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "https://curl.haxx.se/docs/CVE-2018-14618.html",
+ "refsource": "CONFIRM",
+ "url": "https://curl.haxx.se/docs/CVE-2018-14618.html"
+ },
+ {
+ "name": "GLSA-201903-03",
+ "refsource": "GENTOO",
+ "url": "https://security.gentoo.org/glsa/201903-03"
+ },
+ {
+ "name": "USN-3765-1",
+ "refsource": "UBUNTU",
+ "url": "https://usn.ubuntu.com/3765-1/"
+ },
+ {
+ "name": "RHSA-2018:3558",
+ "refsource": "REDHAT",
+ "url": "https://access.redhat.com/errata/RHSA-2018:3558"
+ },
+ {
+ "name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0014",
+ "refsource": "CONFIRM",
+ "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0014"
+ },
+ {
+ "name": "DSA-4286",
+ "refsource": "DEBIAN",
+ "url": "https://www.debian.org/security/2018/dsa-4286"
+ },
+ {
+ "name": "1041605",
+ "refsource": "SECTRACK",
+ "url": "http://www.securitytracker.com/id/1041605"
+ },
+ {
+ "name": "USN-3765-2",
+ "refsource": "UBUNTU",
+ "url": "https://usn.ubuntu.com/3765-2/"
+ },
+ {
+ "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14618",
+ "refsource": "CONFIRM",
+ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14618"
+ },
+ {
+ "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf",
+ "refsource": "CONFIRM",
+ "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf"
+ },
+ {
+ "name": "RHSA-2019:1880",
+ "refsource": "REDHAT",
+ "url": "https://access.redhat.com/errata/RHSA-2019:1880"
+ }
+ ]
+ }
+ }
+ },
+ "adp": [
+ {
+ "providerMetadata": {
+ "orgId": "af854a3a-2127-422b-91ae-364da2661108",
+ "shortName": "CVE",
+ "dateUpdated": "2024-08-05T09:29:51.906Z"
+ },
+ "title": "CVE Program Container",
+ "references": [
+ {
+ "tags": [
+ "x_refsource_CONFIRM",
+ "x_transferred"
+ ],
+ "url": "https://curl.haxx.se/docs/CVE-2018-14618.html"
+ },
+ {
+ "name": "GLSA-201903-03",
+ "tags": [
+ "vendor-advisory",
+ "x_refsource_GENTOO",
+ "x_transferred"
+ ],
+ "url": "https://security.gentoo.org/glsa/201903-03"
+ },
+ {
+ "name": "USN-3765-1",
+ "tags": [
+ "vendor-advisory",
+ "x_refsource_UBUNTU",
+ "x_transferred"
+ ],
+ "url": "https://usn.ubuntu.com/3765-1/"
+ },
+ {
+ "name": "RHSA-2018:3558",
+ "tags": [
+ "vendor-advisory",
+ "x_refsource_REDHAT",
+ "x_transferred"
+ ],
+ "url": "https://access.redhat.com/errata/RHSA-2018:3558"
+ },
+ {
+ "tags": [
+ "x_refsource_CONFIRM",
+ "x_transferred"
+ ],
+ "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0014"
+ },
+ {
+ "name": "DSA-4286",
+ "tags": [
+ "vendor-advisory",
+ "x_refsource_DEBIAN",
+ "x_transferred"
+ ],
+ "url": "https://www.debian.org/security/2018/dsa-4286"
+ },
+ {
+ "name": "1041605",
+ "tags": [
+ "vdb-entry",
+ "x_refsource_SECTRACK",
+ "x_transferred"
+ ],
+ "url": "http://www.securitytracker.com/id/1041605"
+ },
+ {
+ "name": "USN-3765-2",
+ "tags": [
+ "vendor-advisory",
+ "x_refsource_UBUNTU",
+ "x_transferred"
+ ],
+ "url": "https://usn.ubuntu.com/3765-2/"
+ },
+ {
+ "tags": [
+ "x_refsource_CONFIRM",
+ "x_transferred"
+ ],
+ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14618"
+ },
+ {
+ "tags": [
+ "x_refsource_CONFIRM",
+ "x_transferred"
+ ],
+ "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf"
+ },
+ {
+ "name": "RHSA-2019:1880",
+ "tags": [
+ "vendor-advisory",
+ "x_refsource_REDHAT",
+ "x_transferred"
+ ],
+ "url": "https://access.redhat.com/errata/RHSA-2019:1880"
+ }
+ ]
+ }
+ ]
+ },
+ "cveMetadata": {
+ "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
+ "assignerShortName": "redhat",
+ "cveId": "CVE-2018-14618",
+ "datePublished": "2018-09-05T19:00:00.000Z",
+ "dateReserved": "2018-07-27T00:00:00.000Z",
+ "dateUpdated": "2024-08-05T09:29:51.906Z",
+ "state": "PUBLISHED"
+ },
+ "dataType": "CVE_RECORD",
+ "dataVersion": "5.1"
+}
\ No newline at end of file
diff --git a/vulnfeeds/test_data/cve5/CVE-2022-33068.json b/vulnfeeds/test_data/cve5/CVE-2022-33068.json
new file mode 100644
index 00000000000..f6ac848a552
--- /dev/null
+++ b/vulnfeeds/test_data/cve5/CVE-2022-33068.json
@@ -0,0 +1,246 @@
+{
+ "containers": {
+ "cna": {
+ "affected": [
+ {
+ "product": "n/a",
+ "vendor": "n/a",
+ "versions": [
+ {
+ "status": "affected",
+ "version": "n/a"
+ }
+ ]
+ }
+ ],
+ "descriptions": [
+ {
+ "lang": "en",
+ "value": "An integer overflow in the component hb-ot-shape-fallback.cc of Harfbuzz v4.3.0 allows attackers to cause a Denial of Service (DoS) via unspecified vectors."
+ }
+ ],
+ "problemTypes": [
+ {
+ "descriptions": [
+ {
+ "description": "n/a",
+ "lang": "en",
+ "type": "text"
+ }
+ ]
+ }
+ ],
+ "providerMetadata": {
+ "dateUpdated": "2022-09-25T15:06:57.000Z",
+ "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
+ "shortName": "mitre"
+ },
+ "references": [
+ {
+ "tags": [
+ "x_refsource_MISC"
+ ],
+ "url": "https://github.com/harfbuzz/harfbuzz/issues/3557"
+ },
+ {
+ "tags": [
+ "x_refsource_MISC"
+ ],
+ "url": "https://github.com/harfbuzz/harfbuzz/commit/62e803b36173fd096d7ad460dd1d1db9be542593"
+ },
+ {
+ "name": "FEDORA-2022-a32f9488a0",
+ "tags": [
+ "vendor-advisory",
+ "x_refsource_FEDORA"
+ ],
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FQBJ24W6TXLSAQWCFW7IBGUMX4AJI3S4/"
+ },
+ {
+ "name": "FEDORA-2022-ac58de6e98",
+ "tags": [
+ "vendor-advisory",
+ "x_refsource_FEDORA"
+ ],
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QQMEXOVDL3T2UXKBCON7JSOCE646G7HG/"
+ },
+ {
+ "name": "FEDORA-2022-ced8f872b1",
+ "tags": [
+ "vendor-advisory",
+ "x_refsource_FEDORA"
+ ],
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W56WTC5IY4EIUHVUIHMCXA3BSBZLSZCI/"
+ },
+ {
+ "name": "GLSA-202209-11",
+ "tags": [
+ "vendor-advisory",
+ "x_refsource_GENTOO"
+ ],
+ "url": "https://security.gentoo.org/glsa/202209-11"
+ }
+ ],
+ "x_legacyV4Record": {
+ "CVE_data_meta": {
+ "ASSIGNER": "cve@mitre.org",
+ "ID": "CVE-2022-33068",
+ "STATE": "PUBLIC"
+ },
+ "affects": {
+ "vendor": {
+ "vendor_data": [
+ {
+ "product": {
+ "product_data": [
+ {
+ "product_name": "n/a",
+ "version": {
+ "version_data": [
+ {
+ "version_value": "n/a"
+ }
+ ]
+ }
+ }
+ ]
+ },
+ "vendor_name": "n/a"
+ }
+ ]
+ }
+ },
+ "data_format": "MITRE",
+ "data_type": "CVE",
+ "data_version": "4.0",
+ "description": {
+ "description_data": [
+ {
+ "lang": "eng",
+ "value": "An integer overflow in the component hb-ot-shape-fallback.cc of Harfbuzz v4.3.0 allows attackers to cause a Denial of Service (DoS) via unspecified vectors."
+ }
+ ]
+ },
+ "problemtype": {
+ "problemtype_data": [
+ {
+ "description": [
+ {
+ "lang": "eng",
+ "value": "n/a"
+ }
+ ]
+ }
+ ]
+ },
+ "references": {
+ "reference_data": [
+ {
+ "name": "https://github.com/harfbuzz/harfbuzz/issues/3557",
+ "refsource": "MISC",
+ "url": "https://github.com/harfbuzz/harfbuzz/issues/3557"
+ },
+ {
+ "name": "https://github.com/harfbuzz/harfbuzz/commit/62e803b36173fd096d7ad460dd1d1db9be542593",
+ "refsource": "MISC",
+ "url": "https://github.com/harfbuzz/harfbuzz/commit/62e803b36173fd096d7ad460dd1d1db9be542593"
+ },
+ {
+ "name": "FEDORA-2022-a32f9488a0",
+ "refsource": "FEDORA",
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FQBJ24W6TXLSAQWCFW7IBGUMX4AJI3S4/"
+ },
+ {
+ "name": "FEDORA-2022-ac58de6e98",
+ "refsource": "FEDORA",
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QQMEXOVDL3T2UXKBCON7JSOCE646G7HG/"
+ },
+ {
+ "name": "FEDORA-2022-ced8f872b1",
+ "refsource": "FEDORA",
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W56WTC5IY4EIUHVUIHMCXA3BSBZLSZCI/"
+ },
+ {
+ "name": "GLSA-202209-11",
+ "refsource": "GENTOO",
+ "url": "https://security.gentoo.org/glsa/202209-11"
+ }
+ ]
+ }
+ }
+ },
+ "adp": [
+ {
+ "providerMetadata": {
+ "orgId": "af854a3a-2127-422b-91ae-364da2661108",
+ "shortName": "CVE",
+ "dateUpdated": "2024-08-03T08:01:19.054Z"
+ },
+ "title": "CVE Program Container",
+ "references": [
+ {
+ "tags": [
+ "x_refsource_MISC",
+ "x_transferred"
+ ],
+ "url": "https://github.com/harfbuzz/harfbuzz/issues/3557"
+ },
+ {
+ "tags": [
+ "x_refsource_MISC",
+ "x_transferred"
+ ],
+ "url": "https://github.com/harfbuzz/harfbuzz/commit/62e803b36173fd096d7ad460dd1d1db9be542593"
+ },
+ {
+ "name": "FEDORA-2022-a32f9488a0",
+ "tags": [
+ "vendor-advisory",
+ "x_refsource_FEDORA",
+ "x_transferred"
+ ],
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FQBJ24W6TXLSAQWCFW7IBGUMX4AJI3S4/"
+ },
+ {
+ "name": "FEDORA-2022-ac58de6e98",
+ "tags": [
+ "vendor-advisory",
+ "x_refsource_FEDORA",
+ "x_transferred"
+ ],
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QQMEXOVDL3T2UXKBCON7JSOCE646G7HG/"
+ },
+ {
+ "name": "FEDORA-2022-ced8f872b1",
+ "tags": [
+ "vendor-advisory",
+ "x_refsource_FEDORA",
+ "x_transferred"
+ ],
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W56WTC5IY4EIUHVUIHMCXA3BSBZLSZCI/"
+ },
+ {
+ "name": "GLSA-202209-11",
+ "tags": [
+ "vendor-advisory",
+ "x_refsource_GENTOO",
+ "x_transferred"
+ ],
+ "url": "https://security.gentoo.org/glsa/202209-11"
+ }
+ ]
+ }
+ ]
+ },
+ "cveMetadata": {
+ "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
+ "assignerShortName": "mitre",
+ "cveId": "CVE-2022-33068",
+ "datePublished": "2022-06-22T13:24:42.000Z",
+ "dateReserved": "2022-06-13T00:00:00.000Z",
+ "dateUpdated": "2024-08-03T08:01:19.054Z",
+ "state": "PUBLISHED"
+ },
+ "dataType": "CVE_RECORD",
+ "dataVersion": "5.1"
+}
\ No newline at end of file
diff --git a/vulnfeeds/test_data/cve5/CVE-2023-1055.json b/vulnfeeds/test_data/cve5/CVE-2023-1055.json
new file mode 100644
index 00000000000..926d9889e9f
--- /dev/null
+++ b/vulnfeeds/test_data/cve5/CVE-2023-1055.json
@@ -0,0 +1,122 @@
+{
+ "dataType": "CVE_RECORD",
+ "dataVersion": "5.1",
+ "cveMetadata": {
+ "state": "PUBLISHED",
+ "cveId": "CVE-2023-1055",
+ "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
+ "assignerShortName": "redhat",
+ "dateUpdated": "2025-03-11T14:02:59.854Z",
+ "dateReserved": "2023-02-27T00:00:00.000Z",
+ "datePublished": "2023-02-27T00:00:00.000Z"
+ },
+ "containers": {
+ "cna": {
+ "providerMetadata": {
+ "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
+ "shortName": "redhat",
+ "dateUpdated": "2023-07-26T00:00:00.000Z"
+ },
+ "descriptions": [
+ {
+ "lang": "en",
+ "value": "A flaw was found in RHDS 11 and RHDS 12. While browsing entries LDAP tries to decode the userPassword attribute instead of the userCertificate attribute which could lead into sensitive information leaked. An attacker with a local account where the cockpit-389-ds is running can list the processes and display the hashed passwords. The highest threat from this vulnerability is to data confidentiality."
+ }
+ ],
+ "affected": [
+ {
+ "vendor": "n/a",
+ "product": "Red Hat Directory Server",
+ "versions": [
+ {
+ "version": "11 and 12",
+ "status": "affected"
+ }
+ ]
+ }
+ ],
+ "references": [
+ {
+ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2173517#c0"
+ },
+ {
+ "name": "FEDORA-2023-c92be0dfa0",
+ "tags": [
+ "vendor-advisory"
+ ],
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZOYQ5TCV6ZEPMDV4CSLK3KINAAO4SRI/"
+ }
+ ],
+ "problemTypes": [
+ {
+ "descriptions": [
+ {
+ "type": "CWE",
+ "lang": "en",
+ "description": "CWE-200",
+ "cweId": "CWE-200"
+ }
+ ]
+ }
+ ]
+ },
+ "adp": [
+ {
+ "providerMetadata": {
+ "orgId": "af854a3a-2127-422b-91ae-364da2661108",
+ "shortName": "CVE",
+ "dateUpdated": "2024-08-02T05:32:46.360Z"
+ },
+ "title": "CVE Program Container",
+ "references": [
+ {
+ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2173517#c0",
+ "tags": [
+ "x_transferred"
+ ]
+ },
+ {
+ "name": "FEDORA-2023-c92be0dfa0",
+ "tags": [
+ "vendor-advisory",
+ "x_transferred"
+ ],
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZOYQ5TCV6ZEPMDV4CSLK3KINAAO4SRI/"
+ }
+ ]
+ },
+ {
+ "metrics": [
+ {
+ "other": {
+ "type": "ssvc",
+ "content": {
+ "timestamp": "2025-03-11T14:02:37.150328Z",
+ "id": "CVE-2023-1055",
+ "options": [
+ {
+ "Exploitation": "none"
+ },
+ {
+ "Automatable": "no"
+ },
+ {
+ "Technical Impact": "partial"
+ }
+ ],
+ "role": "CISA Coordinator",
+ "version": "2.0.3"
+ }
+ }
+ }
+ ],
+ "title": "CISA ADP Vulnrichment",
+ "providerMetadata": {
+ "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+ "shortName": "CISA-ADP",
+ "dateUpdated": "2025-03-11T14:02:59.854Z"
+ }
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/vulnfeeds/test_data/cve5/CVE-2023-22466.json b/vulnfeeds/test_data/cve5/CVE-2023-22466.json
new file mode 100644
index 00000000000..a6623a458f6
--- /dev/null
+++ b/vulnfeeds/test_data/cve5/CVE-2023-22466.json
@@ -0,0 +1,189 @@
+{
+ "dataType": "CVE_RECORD",
+ "dataVersion": "5.1",
+ "cveMetadata": {
+ "cveId": "CVE-2023-22466",
+ "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
+ "state": "PUBLISHED",
+ "assignerShortName": "GitHub_M",
+ "dateReserved": "2022-12-29T03:00:40.879Z",
+ "datePublished": "2023-01-04T21:47:09.400Z",
+ "dateUpdated": "2025-03-10T21:32:32.950Z"
+ },
+ "containers": {
+ "cna": {
+ "title": "Tokio's reject_remote_clients configuration may get dropped when creating a Windows named pipe",
+ "problemTypes": [
+ {
+ "descriptions": [
+ {
+ "cweId": "CWE-665",
+ "lang": "en",
+ "description": "CWE-665: Improper Initialization",
+ "type": "CWE"
+ }
+ ]
+ }
+ ],
+ "metrics": [
+ {
+ "cvssV3_1": {
+ "attackComplexity": "LOW",
+ "attackVector": "NETWORK",
+ "availabilityImpact": "LOW",
+ "baseScore": 5.4,
+ "baseSeverity": "MEDIUM",
+ "confidentialityImpact": "LOW",
+ "integrityImpact": "NONE",
+ "privilegesRequired": "LOW",
+ "scope": "UNCHANGED",
+ "userInteraction": "NONE",
+ "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L",
+ "version": "3.1"
+ }
+ }
+ ],
+ "references": [
+ {
+ "name": "https://github.com/tokio-rs/tokio/security/advisories/GHSA-7rrj-xr53-82p7",
+ "tags": [
+ "x_refsource_CONFIRM"
+ ],
+ "url": "https://github.com/tokio-rs/tokio/security/advisories/GHSA-7rrj-xr53-82p7"
+ },
+ {
+ "name": "https://github.com/tokio-rs/tokio/pull/5336",
+ "tags": [
+ "x_refsource_MISC"
+ ],
+ "url": "https://github.com/tokio-rs/tokio/pull/5336"
+ },
+ {
+ "name": "https://github.com/tokio-rs/tokio/releases/tag/tokio-1.23.1",
+ "tags": [
+ "x_refsource_MISC"
+ ],
+ "url": "https://github.com/tokio-rs/tokio/releases/tag/tokio-1.23.1"
+ },
+ {
+ "name": "https://learn.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-createnamedpipea#pipe_reject_remote_clients",
+ "tags": [
+ "x_refsource_MISC"
+ ],
+ "url": "https://learn.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-createnamedpipea#pipe_reject_remote_clients"
+ }
+ ],
+ "affected": [
+ {
+ "vendor": "tokio-rs",
+ "product": "tokio",
+ "versions": [
+ {
+ "version": ">= 1.7.0, < 1.18.4",
+ "status": "affected"
+ },
+ {
+ "version": ">= 1.19.0, < 1.20.3",
+ "status": "affected"
+ },
+ {
+ "version": ">= 1.21.0, < 1.23.1",
+ "status": "affected"
+ }
+ ]
+ }
+ ],
+ "providerMetadata": {
+ "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
+ "shortName": "GitHub_M",
+ "dateUpdated": "2023-01-04T21:47:09.400Z"
+ },
+ "descriptions": [
+ {
+ "lang": "en",
+ "value": "Tokio is a runtime for writing applications with Rust. Starting with version 1.7.0 and prior to versions 1.18.4, 1.20.3, and 1.23.1, when configuring a Windows named pipe server, setting `pipe_mode` will reset `reject_remote_clients` to `false`. If the application has previously configured `reject_remote_clients` to `true`, this effectively undoes the configuration. Remote clients may only access the named pipe if the named pipe's associated path is accessible via a publicly shared folder (SMB). Versions 1.23.1, 1.20.3, and 1.18.4 have been patched. The fix will also be present in all releases starting from version 1.24.0. Named pipes were introduced to Tokio in version 1.7.0, so releases older than 1.7.0 are not affected. As a workaround, ensure that `pipe_mode` is set first after initializing a `ServerOptions`."
+ }
+ ],
+ "source": {
+ "advisory": "GHSA-7rrj-xr53-82p7",
+ "discovery": "UNKNOWN"
+ }
+ },
+ "adp": [
+ {
+ "providerMetadata": {
+ "orgId": "af854a3a-2127-422b-91ae-364da2661108",
+ "shortName": "CVE",
+ "dateUpdated": "2024-08-02T10:13:48.445Z"
+ },
+ "title": "CVE Program Container",
+ "references": [
+ {
+ "name": "https://github.com/tokio-rs/tokio/security/advisories/GHSA-7rrj-xr53-82p7",
+ "tags": [
+ "x_refsource_CONFIRM",
+ "x_transferred"
+ ],
+ "url": "https://github.com/tokio-rs/tokio/security/advisories/GHSA-7rrj-xr53-82p7"
+ },
+ {
+ "name": "https://github.com/tokio-rs/tokio/pull/5336",
+ "tags": [
+ "x_refsource_MISC",
+ "x_transferred"
+ ],
+ "url": "https://github.com/tokio-rs/tokio/pull/5336"
+ },
+ {
+ "name": "https://github.com/tokio-rs/tokio/releases/tag/tokio-1.23.1",
+ "tags": [
+ "x_refsource_MISC",
+ "x_transferred"
+ ],
+ "url": "https://github.com/tokio-rs/tokio/releases/tag/tokio-1.23.1"
+ },
+ {
+ "name": "https://learn.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-createnamedpipea#pipe_reject_remote_clients",
+ "tags": [
+ "x_refsource_MISC",
+ "x_transferred"
+ ],
+ "url": "https://learn.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-createnamedpipea#pipe_reject_remote_clients"
+ }
+ ]
+ },
+ {
+ "metrics": [
+ {
+ "other": {
+ "type": "ssvc",
+ "content": {
+ "timestamp": "2025-03-10T21:00:36.854340Z",
+ "id": "CVE-2023-22466",
+ "options": [
+ {
+ "Exploitation": "none"
+ },
+ {
+ "Automatable": "no"
+ },
+ {
+ "Technical Impact": "partial"
+ }
+ ],
+ "role": "CISA Coordinator",
+ "version": "2.0.3"
+ }
+ }
+ }
+ ],
+ "title": "CISA ADP Vulnrichment",
+ "providerMetadata": {
+ "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+ "shortName": "CISA-ADP",
+ "dateUpdated": "2025-03-10T21:32:32.950Z"
+ }
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/vulnfeeds/test_data/cve5/CVE-2024-2002.json b/vulnfeeds/test_data/cve5/CVE-2024-2002.json
new file mode 100644
index 00000000000..4a49a6eab70
--- /dev/null
+++ b/vulnfeeds/test_data/cve5/CVE-2024-2002.json
@@ -0,0 +1,219 @@
+{
+ "dataType": "CVE_RECORD",
+ "dataVersion": "5.2",
+ "cveMetadata": {
+ "cveId": "CVE-2024-2002",
+ "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
+ "state": "PUBLISHED",
+ "assignerShortName": "redhat",
+ "dateReserved": "2024-02-29T08:38:25.706Z",
+ "datePublished": "2024-03-18T12:26:31.386Z",
+ "dateUpdated": "2025-11-20T18:21:28.745Z"
+ },
+ "containers": {
+ "cna": {
+ "title": "Libdwarf: crashes randomly on fuzzed object",
+ "metrics": [
+ {
+ "other": {
+ "content": {
+ "value": "Moderate",
+ "namespace": "https://access.redhat.com/security/updates/classification/"
+ },
+ "type": "Red Hat severity rating"
+ }
+ },
+ {
+ "cvssV3_1": {
+ "attackComplexity": "LOW",
+ "attackVector": "NETWORK",
+ "availabilityImpact": "HIGH",
+ "baseScore": 7.5,
+ "baseSeverity": "HIGH",
+ "confidentialityImpact": "NONE",
+ "integrityImpact": "NONE",
+ "privilegesRequired": "NONE",
+ "scope": "UNCHANGED",
+ "userInteraction": "NONE",
+ "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
+ "version": "3.1"
+ },
+ "format": "CVSS"
+ }
+ ],
+ "descriptions": [
+ {
+ "lang": "en",
+ "value": "A double-free vulnerability was found in libdwarf. In a multiply-corrupted DWARF object, libdwarf may try to dealloc(free) an allocation twice, potentially causing unpredictable and various results."
+ }
+ ],
+ "affected": [
+ {
+ "versions": [
+ {
+ "status": "affected",
+ "version": "0.1.0"
+ },
+ {
+ "status": "unaffected",
+ "version": "0.9.2"
+ }
+ ],
+ "packageName": "libdwarf",
+ "collectionURL": "https://github.com/davea42/libdwarf-code/",
+ "defaultStatus": "unaffected"
+ },
+ {
+ "vendor": "Red Hat",
+ "product": "Red Hat Enterprise Linux 7",
+ "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
+ "packageName": "libdwarf",
+ "defaultStatus": "unknown",
+ "cpes": [
+ "cpe:/o:redhat:enterprise_linux:7"
+ ]
+ },
+ {
+ "vendor": "Red Hat",
+ "product": "Red Hat Enterprise Linux 8",
+ "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
+ "packageName": "libdwarf",
+ "defaultStatus": "unaffected",
+ "cpes": [
+ "cpe:/o:redhat:enterprise_linux:8"
+ ]
+ }
+ ],
+ "references": [
+ {
+ "url": "https://access.redhat.com/security/cve/CVE-2024-2002",
+ "tags": [
+ "vdb-entry",
+ "x_refsource_REDHAT"
+ ]
+ },
+ {
+ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267700",
+ "name": "RHBZ#2267700",
+ "tags": [
+ "issue-tracking",
+ "x_refsource_REDHAT"
+ ]
+ },
+ {
+ "url": "https://github.com/davea42/libdwarf-code/blob/main/bugxml/data.txt"
+ }
+ ],
+ "datePublic": "2024-02-17T00:00:00.000Z",
+ "problemTypes": [
+ {
+ "descriptions": [
+ {
+ "cweId": "CWE-415",
+ "description": "Double Free",
+ "lang": "en",
+ "type": "CWE"
+ }
+ ]
+ }
+ ],
+ "x_redhatCweChain": "CWE-415: Double Free",
+ "workarounds": [
+ {
+ "lang": "en",
+ "value": "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
+ }
+ ],
+ "timeline": [
+ {
+ "lang": "en",
+ "time": "2024-03-04T00:00:00.000Z",
+ "value": "Reported to Red Hat."
+ },
+ {
+ "lang": "en",
+ "time": "2024-02-17T00:00:00.000Z",
+ "value": "Made public."
+ }
+ ],
+ "providerMetadata": {
+ "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
+ "shortName": "redhat",
+ "dateUpdated": "2025-11-20T18:21:28.745Z"
+ }
+ },
+ "adp": [
+ {
+ "providerMetadata": {
+ "orgId": "af854a3a-2127-422b-91ae-364da2661108",
+ "shortName": "CVE",
+ "dateUpdated": "2024-08-01T18:56:22.520Z"
+ },
+ "title": "CVE Program Container",
+ "references": [
+ {
+ "url": "https://access.redhat.com/security/cve/CVE-2024-2002",
+ "tags": [
+ "vdb-entry",
+ "x_refsource_REDHAT",
+ "x_transferred"
+ ]
+ },
+ {
+ "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267700",
+ "name": "RHBZ#2267700",
+ "tags": [
+ "issue-tracking",
+ "x_refsource_REDHAT",
+ "x_transferred"
+ ]
+ },
+ {
+ "url": "https://github.com/davea42/libdwarf-code/blob/main/bugxml/data.txt",
+ "tags": [
+ "x_transferred"
+ ]
+ },
+ {
+ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGPVLSPIXR32J6FOAFTTIMYTUUXJICGW/",
+ "tags": [
+ "x_transferred"
+ ]
+ }
+ ]
+ },
+ {
+ "metrics": [
+ {
+ "other": {
+ "type": "ssvc",
+ "content": {
+ "timestamp": "2024-08-28T15:05:19.693453Z",
+ "id": "CVE-2024-2002",
+ "options": [
+ {
+ "Exploitation": "none"
+ },
+ {
+ "Automatable": "no"
+ },
+ {
+ "Technical Impact": "total"
+ }
+ ],
+ "role": "CISA Coordinator",
+ "version": "2.0.3"
+ }
+ }
+ }
+ ],
+ "title": "CISA ADP Vulnrichment",
+ "providerMetadata": {
+ "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+ "shortName": "CISA-ADP",
+ "dateUpdated": "2024-08-28T15:05:38.930Z"
+ }
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/vulnfeeds/test_data/cve5/CVE-2024-7264.json b/vulnfeeds/test_data/cve5/CVE-2024-7264.json
new file mode 100644
index 00000000000..28835f93052
--- /dev/null
+++ b/vulnfeeds/test_data/cve5/CVE-2024-7264.json
@@ -0,0 +1,725 @@
+{
+ "dataType": "CVE_RECORD",
+ "cveMetadata": {
+ "cveId": "CVE-2024-7264",
+ "assignerOrgId": "2499f714-1537-4658-8207-48ae4bb9eae9",
+ "state": "PUBLISHED",
+ "assignerShortName": "curl",
+ "dateReserved": "2024-07-30T08:04:22.389Z",
+ "datePublished": "2024-07-31T08:08:14.585Z",
+ "dateUpdated": "2025-11-03T22:32:51.400Z"
+ },
+ "containers": {
+ "cna": {
+ "title": "ASN.1 date parser overread",
+ "descriptions": [
+ {
+ "lang": "en",
+ "value": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used."
+ }
+ ],
+ "providerMetadata": {
+ "orgId": "2499f714-1537-4658-8207-48ae4bb9eae9",
+ "shortName": "curl",
+ "dateUpdated": "2024-07-31T08:10:08.639Z"
+ },
+ "problemTypes": [
+ {
+ "descriptions": [
+ {
+ "lang": "en",
+ "description": "CWE-125 Out-of-bounds Read"
+ }
+ ]
+ }
+ ],
+ "affected": [
+ {
+ "vendor": "curl",
+ "product": "curl",
+ "versions": [
+ {
+ "version": "8.9.0",
+ "status": "affected",
+ "lessThanOrEqual": "8.9.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "8.8.0",
+ "status": "affected",
+ "lessThanOrEqual": "8.8.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "8.7.1",
+ "status": "affected",
+ "lessThanOrEqual": "8.7.1",
+ "versionType": "semver"
+ },
+ {
+ "version": "8.7.0",
+ "status": "affected",
+ "lessThanOrEqual": "8.7.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "8.6.0",
+ "status": "affected",
+ "lessThanOrEqual": "8.6.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "8.5.0",
+ "status": "affected",
+ "lessThanOrEqual": "8.5.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "8.4.0",
+ "status": "affected",
+ "lessThanOrEqual": "8.4.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "8.3.0",
+ "status": "affected",
+ "lessThanOrEqual": "8.3.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "8.2.1",
+ "status": "affected",
+ "lessThanOrEqual": "8.2.1",
+ "versionType": "semver"
+ },
+ {
+ "version": "8.2.0",
+ "status": "affected",
+ "lessThanOrEqual": "8.2.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "8.1.2",
+ "status": "affected",
+ "lessThanOrEqual": "8.1.2",
+ "versionType": "semver"
+ },
+ {
+ "version": "8.1.1",
+ "status": "affected",
+ "lessThanOrEqual": "8.1.1",
+ "versionType": "semver"
+ },
+ {
+ "version": "8.1.0",
+ "status": "affected",
+ "lessThanOrEqual": "8.1.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "8.0.1",
+ "status": "affected",
+ "lessThanOrEqual": "8.0.1",
+ "versionType": "semver"
+ },
+ {
+ "version": "8.0.0",
+ "status": "affected",
+ "lessThanOrEqual": "8.0.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.88.1",
+ "status": "affected",
+ "lessThanOrEqual": "7.88.1",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.88.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.88.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.87.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.87.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.86.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.86.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.85.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.85.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.84.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.84.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.83.1",
+ "status": "affected",
+ "lessThanOrEqual": "7.83.1",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.83.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.83.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.82.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.82.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.81.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.81.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.80.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.80.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.79.1",
+ "status": "affected",
+ "lessThanOrEqual": "7.79.1",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.79.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.79.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.78.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.78.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.77.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.77.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.76.1",
+ "status": "affected",
+ "lessThanOrEqual": "7.76.1",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.76.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.76.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.75.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.75.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.74.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.74.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.73.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.73.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.72.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.72.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.71.1",
+ "status": "affected",
+ "lessThanOrEqual": "7.71.1",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.71.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.71.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.70.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.70.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.69.1",
+ "status": "affected",
+ "lessThanOrEqual": "7.69.1",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.69.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.69.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.68.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.68.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.67.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.67.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.66.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.66.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.65.3",
+ "status": "affected",
+ "lessThanOrEqual": "7.65.3",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.65.2",
+ "status": "affected",
+ "lessThanOrEqual": "7.65.2",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.65.1",
+ "status": "affected",
+ "lessThanOrEqual": "7.65.1",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.65.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.65.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.64.1",
+ "status": "affected",
+ "lessThanOrEqual": "7.64.1",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.64.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.64.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.63.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.63.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.62.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.62.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.61.1",
+ "status": "affected",
+ "lessThanOrEqual": "7.61.1",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.61.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.61.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.60.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.60.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.59.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.59.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.58.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.58.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.57.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.57.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.56.1",
+ "status": "affected",
+ "lessThanOrEqual": "7.56.1",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.56.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.56.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.55.1",
+ "status": "affected",
+ "lessThanOrEqual": "7.55.1",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.55.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.55.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.54.1",
+ "status": "affected",
+ "lessThanOrEqual": "7.54.1",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.54.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.54.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.53.1",
+ "status": "affected",
+ "lessThanOrEqual": "7.53.1",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.53.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.53.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.52.1",
+ "status": "affected",
+ "lessThanOrEqual": "7.52.1",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.52.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.52.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.51.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.51.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.50.3",
+ "status": "affected",
+ "lessThanOrEqual": "7.50.3",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.50.2",
+ "status": "affected",
+ "lessThanOrEqual": "7.50.2",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.50.1",
+ "status": "affected",
+ "lessThanOrEqual": "7.50.1",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.50.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.50.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.49.1",
+ "status": "affected",
+ "lessThanOrEqual": "7.49.1",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.49.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.49.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.48.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.48.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.47.1",
+ "status": "affected",
+ "lessThanOrEqual": "7.47.1",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.47.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.47.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.46.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.46.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.45.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.45.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.44.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.44.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.43.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.43.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.42.1",
+ "status": "affected",
+ "lessThanOrEqual": "7.42.1",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.42.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.42.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.41.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.41.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.40.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.40.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.39.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.39.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.38.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.38.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.37.1",
+ "status": "affected",
+ "lessThanOrEqual": "7.37.1",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.37.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.37.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.36.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.36.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.35.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.35.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.34.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.34.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.33.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.33.0",
+ "versionType": "semver"
+ },
+ {
+ "version": "7.32.0",
+ "status": "affected",
+ "lessThanOrEqual": "7.32.0",
+ "versionType": "semver"
+ }
+ ],
+ "defaultStatus": "unaffected"
+ }
+ ],
+ "references": [
+ {
+ "url": "https://curl.se/docs/CVE-2024-7264.json",
+ "name": "json"
+ },
+ {
+ "url": "https://curl.se/docs/CVE-2024-7264.html",
+ "name": "www"
+ },
+ {
+ "url": "https://hackerone.com/reports/2629968",
+ "name": "issue"
+ },
+ {
+ "url": "http://www.openwall.com/lists/oss-security/2024/07/31/1"
+ }
+ ],
+ "credits": [
+ {
+ "lang": "en",
+ "value": "Dov Murik (Transmit Security)",
+ "type": "finder"
+ },
+ {
+ "lang": "en",
+ "value": "Stefan Eissing",
+ "type": "remediation developer"
+ }
+ ]
+ },
+ "adp": [
+ {
+ "title": "CVE Program Container",
+ "references": [
+ {
+ "url": "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519"
+ },
+ {
+ "tags": [
+ "x_transferred"
+ ],
+ "url": "http://www.openwall.com/lists/oss-security/2024/07/31/1"
+ },
+ {
+ "url": "https://security.netapp.com/advisory/ntap-20240828-0008/"
+ },
+ {
+ "url": "https://security.netapp.com/advisory/ntap-20241025-0010/"
+ },
+ {
+ "url": "https://security.netapp.com/advisory/ntap-20241025-0006/"
+ }
+ ],
+ "providerMetadata": {
+ "orgId": "af854a3a-2127-422b-91ae-364da2661108",
+ "shortName": "CVE",
+ "dateUpdated": "2025-11-03T22:32:51.400Z"
+ }
+ },
+ {
+ "metrics": [
+ {
+ "cvssV3_1": {
+ "scope": "UNCHANGED",
+ "version": "3.1",
+ "baseScore": 6.3,
+ "attackVector": "NETWORK",
+ "baseSeverity": "MEDIUM",
+ "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
+ "integrityImpact": "LOW",
+ "userInteraction": "NONE",
+ "attackComplexity": "LOW",
+ "availabilityImpact": "LOW",
+ "privilegesRequired": "LOW",
+ "confidentialityImpact": "LOW"
+ }
+ },
+ {
+ "other": {
+ "type": "ssvc",
+ "content": {
+ "timestamp": "2024-08-01T20:05:41.315706Z",
+ "id": "CVE-2024-7264",
+ "options": [
+ {
+ "Exploitation": "none"
+ },
+ {
+ "Automatable": "no"
+ },
+ {
+ "Technical Impact": "partial"
+ }
+ ],
+ "role": "CISA Coordinator",
+ "version": "2.0.3"
+ }
+ }
+ }
+ ],
+ "title": "CISA ADP Vulnrichment",
+ "providerMetadata": {
+ "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+ "shortName": "CISA-ADP",
+ "dateUpdated": "2024-10-30T19:41:40.489Z"
+ }
+ }
+ ]
+ },
+ "dataVersion": "5.2"
+}
\ No newline at end of file
diff --git a/vulnfeeds/test_data/cve5/CVE-2025-4565.json b/vulnfeeds/test_data/cve5/CVE-2025-4565.json
new file mode 100644
index 00000000000..608a48a18e1
--- /dev/null
+++ b/vulnfeeds/test_data/cve5/CVE-2025-4565.json
@@ -0,0 +1,206 @@
+{
+ "dataType": "CVE_RECORD",
+ "dataVersion": "5.1",
+ "cveMetadata": {
+ "cveId": "CVE-2025-4565",
+ "assignerOrgId": "14ed7db2-1595-443d-9d34-6215bf890778",
+ "state": "PUBLISHED",
+ "assignerShortName": "Google",
+ "dateReserved": "2025-05-12T05:48:12.941Z",
+ "datePublished": "2025-06-16T14:50:40.906Z",
+ "dateUpdated": "2025-06-16T15:39:18.263Z"
+ },
+ "containers": {
+ "cna": {
+ "affected": [
+ {
+ "collectionURL": "https://github.com/protocolbuffers/protobuf/",
+ "defaultStatus": "unaffected",
+ "packageName": "protobuf",
+ "product": "Python-Protobuf",
+ "programFiles": [
+ "python/google/protobuf/internal/decoder.py"
+ ],
+ "repo": "https://github.com/protocolbuffers/protobuf/",
+ "vendor": "protocolbuffers",
+ "versions": [
+ {
+ "lessThan": "4.25.8",
+ "status": "affected",
+ "version": "0",
+ "versionType": "semver"
+ },
+ {
+ "lessThan": "5.29.5",
+ "status": "affected",
+ "version": "0",
+ "versionType": "semver"
+ },
+ {
+ "lessThan": "6.31.1",
+ "status": "affected",
+ "version": "0",
+ "versionType": "semver"
+ }
+ ]
+ },
+ {
+ "collectionURL": "https://pypi.org/project/protobuf/",
+ "defaultStatus": "unaffected",
+ "product": "Python-Protobuf",
+ "repo": "https://pypi.org/project/protobuf/",
+ "vendor": "protocolbuffers",
+ "versions": [
+ {
+ "lessThan": "4.25.8",
+ "status": "affected",
+ "version": "0",
+ "versionType": "semver"
+ },
+ {
+ "lessThan": "5.29.5",
+ "status": "affected",
+ "version": "0",
+ "versionType": "semver"
+ },
+ {
+ "lessThan": "6.31.1",
+ "status": "affected",
+ "version": "0",
+ "versionType": "semver"
+ }
+ ]
+ }
+ ],
+ "credits": [
+ {
+ "lang": "en",
+ "type": "finder",
+ "value": "Alexis Challande - Trail of Bits Ecosystem Security Team"
+ }
+ ],
+ "datePublic": "2025-05-12T22:00:00.000Z",
+ "descriptions": [
+ {
+ "lang": "en",
+ "supportingMedia": [
+ {
+ "base64": false,
+ "type": "text/html",
+ "value": "Any project that uses Protobuf Pure-Python backend to parse untrusted Protocol Buffers data containing an arbitrary number of recursive groups, recursive messages or a series of SGROUP tags can be corrupted by exceeding the Python recursion limit. This can result in a Denial of service by crashing the application with a RecursionError. We recommend upgrading to version =>6.31.1 or beyond commit 17838beda2943d08b8a9d4df5b68f5f04f26d901
"
+ }
+ ],
+ "value": "Any project that uses Protobuf Pure-Python backend to parse untrusted Protocol Buffers data containing an arbitrary number of recursive groups, recursive messages or a series of SGROUP tags can be corrupted by exceeding the Python recursion limit. This can result in a Denial of service by crashing the application with a RecursionError. We recommend upgrading to version =>6.31.1 or beyond commit 17838beda2943d08b8a9d4df5b68f5f04f26d901"
+ }
+ ],
+ "impacts": [
+ {
+ "capecId": "CAPEC-130",
+ "descriptions": [
+ {
+ "lang": "en",
+ "value": "CAPEC-130 Excessive Allocation"
+ }
+ ]
+ }
+ ],
+ "metrics": [
+ {
+ "cvssV4_0": {
+ "Automatable": "NOT_DEFINED",
+ "Recovery": "NOT_DEFINED",
+ "Safety": "NOT_DEFINED",
+ "attackComplexity": "LOW",
+ "attackRequirements": "PRESENT",
+ "attackVector": "NETWORK",
+ "baseScore": 8.2,
+ "baseSeverity": "HIGH",
+ "privilegesRequired": "NONE",
+ "providerUrgency": "NOT_DEFINED",
+ "subAvailabilityImpact": "NONE",
+ "subConfidentialityImpact": "NONE",
+ "subIntegrityImpact": "NONE",
+ "userInteraction": "NONE",
+ "valueDensity": "NOT_DEFINED",
+ "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
+ "version": "4.0",
+ "vulnAvailabilityImpact": "HIGH",
+ "vulnConfidentialityImpact": "NONE",
+ "vulnIntegrityImpact": "NONE",
+ "vulnerabilityResponseEffort": "NOT_DEFINED"
+ },
+ "format": "CVSS",
+ "scenarios": [
+ {
+ "lang": "en",
+ "value": "GENERAL"
+ }
+ ]
+ }
+ ],
+ "problemTypes": [
+ {
+ "descriptions": [
+ {
+ "cweId": "CWE-674",
+ "description": "CWE-674 Uncontrolled Recursion",
+ "lang": "en",
+ "type": "CWE"
+ }
+ ]
+ }
+ ],
+ "providerMetadata": {
+ "orgId": "14ed7db2-1595-443d-9d34-6215bf890778",
+ "shortName": "Google",
+ "dateUpdated": "2025-06-16T14:50:40.906Z"
+ },
+ "references": [
+ {
+ "url": "https://github.com/protocolbuffers/protobuf/commit/17838beda2943d08b8a9d4df5b68f5f04f26d901"
+ }
+ ],
+ "source": {
+ "discovery": "EXTERNAL"
+ },
+ "title": "Unbounded recursion in Python Protobuf",
+ "x_generator": {
+ "engine": "Vulnogram 0.2.0"
+ }
+ },
+ "adp": [
+ {
+ "metrics": [
+ {
+ "other": {
+ "type": "ssvc",
+ "content": {
+ "timestamp": "2025-06-16T15:38:57.654894Z",
+ "id": "CVE-2025-4565",
+ "options": [
+ {
+ "Exploitation": "none"
+ },
+ {
+ "Automatable": "yes"
+ },
+ {
+ "Technical Impact": "partial"
+ }
+ ],
+ "role": "CISA Coordinator",
+ "version": "2.0.3"
+ }
+ }
+ }
+ ],
+ "title": "CISA ADP Vulnrichment",
+ "providerMetadata": {
+ "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+ "shortName": "CISA-ADP",
+ "dateUpdated": "2025-06-16T15:39:18.263Z"
+ }
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/vulnfeeds/test_data/cve5/CVE-2026-20912.json b/vulnfeeds/test_data/cve5/CVE-2026-20912.json
new file mode 100644
index 00000000000..f269bd6c127
--- /dev/null
+++ b/vulnfeeds/test_data/cve5/CVE-2026-20912.json
@@ -0,0 +1,160 @@
+{
+ "dataType": "CVE_RECORD",
+ "dataVersion": "5.2",
+ "cveMetadata": {
+ "cveId": "CVE-2026-20912",
+ "assignerOrgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
+ "state": "PUBLISHED",
+ "assignerShortName": "Gitea",
+ "dateReserved": "2026-01-08T23:02:37.548Z",
+ "datePublished": "2026-01-22T22:01:52.026Z",
+ "dateUpdated": "2026-01-23T21:53:41.649Z"
+ },
+ "containers": {
+ "cna": {
+ "affected": [
+ {
+ "vendor": "Gitea",
+ "product": "Gitea Open Source Git Server",
+ "versions": [
+ {
+ "version": "0",
+ "lessThanOrEqual": "1.25.3",
+ "status": "affected",
+ "versionType": "semver"
+ }
+ ],
+ "defaultStatus": "unaffected"
+ }
+ ],
+ "descriptions": [
+ {
+ "lang": "en",
+ "value": "Gitea does not properly validate repository ownership when linking attachments to releases. An attachment uploaded to a private repository could potentially be linked to a release in a different public repository, making it accessible to unauthorized users."
+ }
+ ],
+ "problemTypes": [
+ {
+ "descriptions": [
+ {
+ "cweId": "CWE-284",
+ "description": "CWE-284: Improper Access Control",
+ "lang": "en",
+ "type": "CWE"
+ }
+ ]
+ },
+ {
+ "descriptions": [
+ {
+ "cweId": "CWE-639",
+ "description": "CWE-639: Authorization Bypass Through User-Controlled Key",
+ "lang": "en",
+ "type": "CWE"
+ }
+ ]
+ }
+ ],
+ "references": [
+ {
+ "url": "https://github.com/go-gitea/gitea/security/advisories/GHSA-vfmv-f93v-37mw",
+ "name": "GitHub Security Advisory",
+ "tags": [
+ "vendor-advisory"
+ ]
+ },
+ {
+ "url": "https://github.com/go-gitea/gitea/pull/36320",
+ "name": "GitHub Pull Request #36320",
+ "tags": [
+ "patch"
+ ]
+ },
+ {
+ "url": "https://github.com/go-gitea/gitea/pull/36355",
+ "name": "GitHub Pull Request #36355",
+ "tags": [
+ "patch"
+ ]
+ },
+ {
+ "url": "https://github.com/go-gitea/gitea/releases/tag/v1.25.4",
+ "name": "Gitea v1.25.4 Release",
+ "tags": [
+ "release-notes"
+ ]
+ },
+ {
+ "url": "https://blog.gitea.com/release-of-1.25.4/",
+ "name": "Gitea v1.25.4 Release Blog Post",
+ "tags": [
+ "release-notes"
+ ]
+ }
+ ],
+ "credits": [
+ {
+ "lang": "en",
+ "value": "spingARbor",
+ "type": "reporter"
+ }
+ ],
+ "title": "Gitea: Cross-Repository Authorization Bypass via Release Attachment Linking Leads to Private Attachment Disclosure",
+ "providerMetadata": {
+ "orgId": "88ee5874-cf24-4952-aea0-31affedb7ff2",
+ "shortName": "Gitea",
+ "dateUpdated": "2026-01-22T22:01:52.026Z"
+ }
+ },
+ "adp": [
+ {
+ "metrics": [
+ {
+ "cvssV3_1": {
+ "scope": "UNCHANGED",
+ "version": "3.1",
+ "baseScore": 9.1,
+ "attackVector": "NETWORK",
+ "baseSeverity": "CRITICAL",
+ "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
+ "integrityImpact": "HIGH",
+ "userInteraction": "NONE",
+ "attackComplexity": "LOW",
+ "availabilityImpact": "NONE",
+ "privilegesRequired": "NONE",
+ "confidentialityImpact": "HIGH"
+ }
+ },
+ {
+ "other": {
+ "type": "ssvc",
+ "content": {
+ "timestamp": "2026-01-23T17:51:12.073308Z",
+ "id": "CVE-2026-20912",
+ "options": [
+ {
+ "Exploitation": "none"
+ },
+ {
+ "Automatable": "yes"
+ },
+ {
+ "Technical Impact": "total"
+ }
+ ],
+ "role": "CISA Coordinator",
+ "version": "2.0.3"
+ }
+ }
+ }
+ ],
+ "title": "CISA ADP Vulnrichment",
+ "providerMetadata": {
+ "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+ "shortName": "CISA-ADP",
+ "dateUpdated": "2026-01-23T21:53:41.649Z"
+ }
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/vulnfeeds/test_data/cve5/CVE-2026-23522.json b/vulnfeeds/test_data/cve5/CVE-2026-23522.json
new file mode 100644
index 00000000000..85e5c3aee72
--- /dev/null
+++ b/vulnfeeds/test_data/cve5/CVE-2026-23522.json
@@ -0,0 +1,155 @@
+{
+ "dataType": "CVE_RECORD",
+ "dataVersion": "5.2",
+ "cveMetadata": {
+ "cveId": "CVE-2026-23522",
+ "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
+ "state": "PUBLISHED",
+ "assignerShortName": "GitHub_M",
+ "dateReserved": "2026-01-13T18:22:43.980Z",
+ "datePublished": "2026-01-19T16:53:32.371Z",
+ "dateUpdated": "2026-01-20T21:35:39.441Z"
+ },
+ "containers": {
+ "cna": {
+ "title": "Lobe Chat has IDOR in Knowledge Base File Removal that Allows Cross User File Deletion",
+ "problemTypes": [
+ {
+ "descriptions": [
+ {
+ "cweId": "CWE-284",
+ "lang": "en",
+ "description": "CWE-284: Improper Access Control",
+ "type": "CWE"
+ }
+ ]
+ },
+ {
+ "descriptions": [
+ {
+ "cweId": "CWE-639",
+ "lang": "en",
+ "description": "CWE-639: Authorization Bypass Through User-Controlled Key",
+ "type": "CWE"
+ }
+ ]
+ },
+ {
+ "descriptions": [
+ {
+ "cweId": "CWE-862",
+ "lang": "en",
+ "description": "CWE-862: Missing Authorization",
+ "type": "CWE"
+ }
+ ]
+ },
+ {
+ "descriptions": [
+ {
+ "cweId": "CWE-915",
+ "lang": "en",
+ "description": "CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes",
+ "type": "CWE"
+ }
+ ]
+ }
+ ],
+ "metrics": [
+ {
+ "cvssV3_1": {
+ "attackComplexity": "HIGH",
+ "attackVector": "NETWORK",
+ "availabilityImpact": "NONE",
+ "baseScore": 3.7,
+ "baseSeverity": "LOW",
+ "confidentialityImpact": "NONE",
+ "integrityImpact": "LOW",
+ "privilegesRequired": "NONE",
+ "scope": "UNCHANGED",
+ "userInteraction": "NONE",
+ "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
+ "version": "3.1"
+ }
+ }
+ ],
+ "references": [
+ {
+ "name": "https://github.com/lobehub/lobe-chat/security/advisories/GHSA-j7xp-4mg9-x28r",
+ "tags": [
+ "x_refsource_CONFIRM"
+ ],
+ "url": "https://github.com/lobehub/lobe-chat/security/advisories/GHSA-j7xp-4mg9-x28r"
+ },
+ {
+ "name": "https://github.com/lobehub/lobe-chat/commit/2c1762b85acb84467ed5e799afe1499cd2f912e6",
+ "tags": [
+ "x_refsource_MISC"
+ ],
+ "url": "https://github.com/lobehub/lobe-chat/commit/2c1762b85acb84467ed5e799afe1499cd2f912e6"
+ }
+ ],
+ "affected": [
+ {
+ "vendor": "lobehub",
+ "product": "lobe-chat",
+ "versions": [
+ {
+ "version": "< 2.0.0-next.193",
+ "status": "affected"
+ }
+ ]
+ }
+ ],
+ "providerMetadata": {
+ "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
+ "shortName": "GitHub_M",
+ "dateUpdated": "2026-01-19T16:53:32.371Z"
+ },
+ "descriptions": [
+ {
+ "lang": "en",
+ "value": "LobeChat is an open source chat application platform. Prior to version 2.0.0-next.193, `knowledgeBase.removeFilesFromKnowledgeBase` tRPC ep allows authenticated users to delete files from any knowledge base without verifying ownership. `userId` filter in the database query is commented out, so it's enabling attackers to delete other users' KB files if they know the knowledge base ID and file ID. While the vulnerability is confirmed, practical exploitation requires knowing target's KB ID and target's file ID. These IDs are random and not easily enumerable. However, IDs may leak through shared links, logs, referrer headers and so on. Missing authorization check is a critical security flaw regardless. Users should upgrade to version 2.0.0-next.193 to receive a patch."
+ }
+ ],
+ "source": {
+ "advisory": "GHSA-j7xp-4mg9-x28r",
+ "discovery": "UNKNOWN"
+ }
+ },
+ "adp": [
+ {
+ "metrics": [
+ {
+ "other": {
+ "type": "ssvc",
+ "content": {
+ "timestamp": "2026-01-20T21:35:33.327391Z",
+ "id": "CVE-2026-23522",
+ "options": [
+ {
+ "Exploitation": "poc"
+ },
+ {
+ "Automatable": "no"
+ },
+ {
+ "Technical Impact": "partial"
+ }
+ ],
+ "role": "CISA Coordinator",
+ "version": "2.0.3"
+ }
+ }
+ }
+ ],
+ "title": "CISA ADP Vulnrichment",
+ "providerMetadata": {
+ "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
+ "shortName": "CISA-ADP",
+ "dateUpdated": "2026-01-20T21:35:39.441Z"
+ }
+ }
+ ]
+ }
+}
\ No newline at end of file
diff --git a/vulnfeeds/utility/utility.go b/vulnfeeds/utility/utility.go
index bbbe3956ae4..38819d0ae85 100644
--- a/vulnfeeds/utility/utility.go
+++ b/vulnfeeds/utility/utility.go
@@ -1,10 +1,12 @@
package utility
import (
+ "cmp"
"encoding/json"
"fmt"
"reflect"
"regexp"
+ "slices"
"google.golang.org/protobuf/encoding/protojson"
"google.golang.org/protobuf/proto"
@@ -57,9 +59,15 @@ func IsRepoURL(url string) bool {
// which is suitable for OSV's database_specific field.
func NewStructpbFromMap(v map[string]any) (*structpb.Struct, error) {
x := &structpb.Struct{Fields: make(map[string]*structpb.Value, len(v))}
- for k, v := range v {
+ keys := make([]string, 0, len(v))
+ for k := range v {
+ keys = append(keys, k)
+ }
+ slices.Sort(keys)
+
+ for _, k := range keys {
var err error
- x.Fields[k], err = newStructpbValue(v)
+ x.Fields[k], err = newStructpbValue(v[k])
if err != nil {
return nil, err
}
@@ -74,6 +82,15 @@ func newStructpbValue(v any) (*structpb.Value, error) {
return structpb.NewNullValue(), nil
}
+ if msg, ok := v.(proto.Message); ok {
+ val, err := protoToAny(msg)
+ if err != nil {
+ return nil, fmt.Errorf("failed to convert proto message: %w", err)
+ }
+
+ return structpb.NewValue(val)
+ }
+
val := reflect.ValueOf(v)
switch val.Kind() {
case reflect.Slice:
@@ -83,6 +100,26 @@ func newStructpbValue(v any) (*structpb.Value, error) {
}
return structpbValueFromList(anyList)
+ case reflect.Map:
+ if val.Type().Key().Kind() == reflect.String {
+ keys := val.MapKeys()
+ slices.SortFunc(keys, func(a, b reflect.Value) int {
+ return cmp.Compare(a.String(), b.String())
+ })
+
+ x := &structpb.Struct{Fields: make(map[string]*structpb.Value, len(keys))}
+ for _, k := range keys {
+ var err error
+ x.Fields[k.String()], err = newStructpbValue(val.MapIndex(k).Interface())
+ if err != nil {
+ return nil, err
+ }
+ }
+
+ return structpb.NewStructValue(x), nil
+ }
+
+ return structpb.NewValue(v)
default:
return structpb.NewValue(v)
}
@@ -93,25 +130,16 @@ func newStructpbValue(v any) (*structpb.Value, error) {
// It iterates through the list, converting any proto.Message elements into
// any type via JSON marshalling, while other elements are included as-is.
func structpbValueFromList(list []any) (*structpb.Value, error) {
- anyList := make([]any, 0, len(list))
+ values := make([]*structpb.Value, 0, len(list))
for i, v := range list {
- if msg, ok := v.(proto.Message); ok {
- val, err := protoToAny(msg)
- if err != nil {
- return nil, fmt.Errorf("failed to convert proto message for item %d: %w", i, err)
- }
- anyList = append(anyList, val)
- } else {
- anyList = append(anyList, v)
+ val, err := newStructpbValue(v)
+ if err != nil {
+ return nil, fmt.Errorf("failed to convert item %d: %w", i, err)
}
+ values = append(values, val)
}
- val, err := structpb.NewValue(anyList)
- if err != nil {
- return nil, fmt.Errorf("failed to create new structpb.Value from list: %w", err)
- }
-
- return val, nil
+ return structpb.NewListValue(&structpb.ListValue{Values: values}), nil
}
// protoToAny converts a proto.Message to an any type by marshalling to JSON