From 83cdc209f0c06f4ea586ea9015b7cdb7ee551c87 Mon Sep 17 00:00:00 2001 From: Jess Lowe Date: Wed, 11 Mar 2026 22:30:45 +0000 Subject: [PATCH 01/26] Make initial changes to the final json files. --- vulnfeeds/conversion/common.go | 73 ++++++++++--- vulnfeeds/conversion/common_test.go | 22 ++-- vulnfeeds/conversion/grouping.go | 149 +++++++++++++++++--------- vulnfeeds/conversion/grouping_test.go | 9 +- vulnfeeds/conversion/nvd/converter.go | 68 +++++++----- vulnfeeds/conversion/versions.go | 21 ++-- vulnfeeds/git/versions.go | 3 +- vulnfeeds/models/types.go | 12 +++ vulnfeeds/utility/utility.go | 42 +++++--- 9 files changed, 271 insertions(+), 128 deletions(-) diff --git a/vulnfeeds/conversion/common.go b/vulnfeeds/conversion/common.go index 8609fee8a63..f5c19ce98cf 100644 --- a/vulnfeeds/conversion/common.go +++ b/vulnfeeds/conversion/common.go @@ -175,7 +175,7 @@ func WriteMetricsFile(metrics *models.ConversionMetrics, metricsFile *os.File) e // GitVersionsToCommits examines repos and tries to convert versions to commits by treating them as Git tags. // Returns the resolved ranges, unresolved ranges, and successful repos involved. -func GitVersionsToCommits(versionRanges []*osvschema.Range, repos []string, metrics *models.ConversionMetrics, cache *git.RepoTagsCache) ([]*osvschema.Range, []*osvschema.Range, []string) { +func GitVersionsToCommits(versionRanges []models.RangeWithMetadata, repos []string, metrics *models.ConversionMetrics, cache *git.RepoTagsCache) ([]*osvschema.Range, []models.RangeWithMetadata, []string) { var newVersionRanges []*osvschema.Range unresolvedRanges := versionRanges var successfulRepos []string @@ -198,10 +198,10 @@ func GitVersionsToCommits(versionRanges []*osvschema.Range, repos []string, metr continue } - var stillUnresolvedRanges []*osvschema.Range + var stillUnresolvedRanges []models.RangeWithMetadata for _, vr := range unresolvedRanges { var introduced, fixed, lastAffected string - for _, e := range vr.GetEvents() { + for _, e := range vr.Range.GetEvents() { if e.GetIntroduced() != "" { introduced = e.GetIntroduced() } @@ -242,8 +242,11 @@ func GitVersionsToCommits(versionRanges []*osvschema.Range, repos []string, metr successfulRepos = append(successfulRepos, repo) newVR.Repo = repo newVR.Type = osvschema.Range_GIT - if len(vr.GetEvents()) > 0 { - databaseSpecific, err := utility.NewStructpbFromMap(map[string]any{"versions": vr.GetEvents()}) + if len(vr.Range.GetEvents()) > 0 { + databaseSpecific, err := utility.NewStructpbFromMap(map[string]any{ + "versions": vr.Range.GetEvents(), + "cpe": vr.Metadata.CPE, + }) if err != nil { metrics.AddNote("failed to make database specific: %v", err) } else { @@ -324,7 +327,7 @@ func MergeTwoRanges(range1, range2 *osvschema.Range) (*osvschema.Range, error) { for k, v := range db2.GetFields() { val2 := v.AsInterface() if existing, ok := mergedMap[k]; ok { - mergedVal, err := mergeDatabaseSpecificValues(existing, val2) + mergedVal, err := MergeDatabaseSpecificValues(existing, val2) if err != nil { logger.Info("Failed to merge database specific key", "key", k, "err", err) } @@ -346,18 +349,26 @@ func MergeTwoRanges(range1, range2 *osvschema.Range) (*osvschema.Range, error) { return mergedRange, nil } -// mergeDatabaseSpecificValues is a helper function that recursively merges two +// MergeDatabaseSpecificValues is a helper function that recursively merges two // values from a DatabaseSpecific field. It handles lists (by appending), maps // (by recursively merging keys), and simple strings (by creating a list if they // differ). It returns an error if the types of the two values do not match. -func mergeDatabaseSpecificValues(val1, val2 any) (any, error) { +func MergeDatabaseSpecificValues(val1, val2 any) (any, error) { switch v1 := val1.(type) { case []any: if v2, ok := val2.([]any); ok { - return append(v1, v2...), nil + return deduplicateList(append(v1, v2...)), nil } - return nil, fmt.Errorf("mismatching types: %T and %T", val1, val2) + // Check if the list contains elements of the same type as val2 + if len(v1) > 0 { + if fmt.Sprintf("%T", v1[0]) != fmt.Sprintf("%T", val2) { + return nil, fmt.Errorf("mismatching types: list of %T and %T", v1[0], val2) + } + } + + // Append single value to list + return deduplicateList(append(v1, val2)), nil case map[string]any: if v2, ok := val2.(map[string]any); ok { merged := make(map[string]any) @@ -366,7 +377,7 @@ func mergeDatabaseSpecificValues(val1, val2 any) (any, error) { } for k, v := range v2 { if existing, ok := merged[k]; ok { - mergedVal, err := mergeDatabaseSpecificValues(existing, v) + mergedVal, err := MergeDatabaseSpecificValues(existing, v) if err != nil { return nil, err } @@ -382,15 +393,27 @@ func mergeDatabaseSpecificValues(val1, val2 any) (any, error) { return nil, fmt.Errorf("mismatching types: %T and %T", val1, val2) case string: if v2, ok := val2.(string); ok { - if v1 == v2 { - return v1, nil + return deduplicateList([]any{v1, v2}), nil + } + if v2, ok := val2.([]any); ok { + if len(v2) > 0 { + if _, isString := v2[0].(string); !isString { + return nil, fmt.Errorf("mismatching types: string and list of %T", v2[0]) + } } - - return []any{v1, v2}, nil + return deduplicateList(append([]any{v1}, v2...)), nil } return nil, fmt.Errorf("mismatching types: %T and %T", val1, val2) default: + if v2, ok := val2.([]any); ok { + if len(v2) > 0 { + if fmt.Sprintf("%T", val1) != fmt.Sprintf("%T", v2[0]) { + return nil, fmt.Errorf("mismatching types: %T and list of %T", val1, v2[0]) + } + } + return deduplicateList(append([]any{val1}, v2...)), nil + } if fmt.Sprintf("%T", val1) != fmt.Sprintf("%T", val2) { return nil, fmt.Errorf("mismatching types: %T and %T", val1, val2) } @@ -398,6 +421,24 @@ func mergeDatabaseSpecificValues(val1, val2 any) (any, error) { return val1, nil } - return []any{val1, val2}, nil + return deduplicateList([]any{val1, val2}), nil + } +} + +// deduplicateList removes duplicate comparable elements (like strings) from a list. +func deduplicateList(list []any) []any { + var unique []any + seen := make(map[any]bool) + for _, item := range list { + switch item.(type) { + case string, int, int32, int64, float32, float64, bool: + if !seen[item] { + seen[item] = true + unique = append(unique, item) + } + default: + unique = append(unique, item) + } } + return unique } diff --git a/vulnfeeds/conversion/common_test.go b/vulnfeeds/conversion/common_test.go index 84ca6444c61..2580f43fc08 100644 --- a/vulnfeeds/conversion/common_test.go +++ b/vulnfeeds/conversion/common_test.go @@ -228,10 +228,16 @@ func TestMergeDatabaseSpecificValues(t *testing.T) { want: []any{"a", "b", "c", "d"}, }, { - name: "List and string mismatch", - val1: []any{"a", "b"}, - val2: "c", - wantErr: true, + name: "List and string", + val1: []any{"a", "b"}, + val2: "c", + want: []any{"a", "b", "c"}, + }, + { + name: "String and list", + val1: "a", + val2: []any{"b", "c"}, + want: []any{"a", "b", "c"}, }, { name: "Merge maps", @@ -268,7 +274,7 @@ func TestMergeDatabaseSpecificValues(t *testing.T) { name: "Merge same strings", val1: "value1", val2: "value1", - want: "value1", + want: []any{"value1"}, }, { name: "Merge different strings", @@ -304,13 +310,13 @@ func TestMergeDatabaseSpecificValues(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - got, err := mergeDatabaseSpecificValues(tt.val1, tt.val2) + got, err := MergeDatabaseSpecificValues(tt.val1, tt.val2) if (err != nil) != tt.wantErr { - t.Errorf("mergeDatabaseSpecificValues() error = %v, wantErr %v", err, tt.wantErr) + t.Errorf("MergeDatabaseSpecificValues() error = %v, wantErr %v", err, tt.wantErr) return } if !tt.wantErr && !cmp.Equal(got, tt.want) { - t.Errorf("mergeDatabaseSpecificValues() mismatch (-want +got):\n%s", cmp.Diff(tt.want, got)) + t.Errorf("MergeDatabaseSpecificValues() mismatch (-want +got):\n%s", cmp.Diff(tt.want, got)) } }) } diff --git a/vulnfeeds/conversion/grouping.go b/vulnfeeds/conversion/grouping.go index 48f0b4546c9..f8998e6beb2 100644 --- a/vulnfeeds/conversion/grouping.go +++ b/vulnfeeds/conversion/grouping.go @@ -21,67 +21,116 @@ func GroupAffectedRanges(affected []*osvschema.Affected) { continue } - // Key for grouping: Type + Repo + Introduced Value - type groupKey struct { - RangeType osvschema.Range_Type - Repo string - Introduced string - } + aff.Ranges = GroupRanges(aff.GetRanges()) + } +} - groups := make(map[groupKey]*osvschema.Range) - var order []groupKey // To maintain deterministic order of first appearance - - for _, r := range aff.GetRanges() { - // Find the introduced event - var introduced string - var introducedCount int - for _, e := range r.GetEvents() { - if e.GetIntroduced() != "" { - introduced = e.GetIntroduced() - introducedCount++ - } - } +func GroupRanges(ranges []*osvschema.Range) []*osvschema.Range { + // Key for grouping: Type + Repo + Introduced Value + type groupKey struct { + RangeType osvschema.Range_Type + Repo string + Introduced string + } - if introducedCount > 1 { - logger.Error("Multiple 'introduced' events found in a single range", slog.Any("range", r)) - } + groups := make(map[groupKey]*osvschema.Range) + var order []groupKey // To maintain deterministic order of first appearance - // If no introduced event is found, we use an empty string as the introduced value. - key := groupKey{ - RangeType: r.GetType(), - Repo: r.GetRepo(), - Introduced: introduced, + for _, r := range ranges { + // Find the introduced event + var introduced string + var introducedCount int + for _, e := range r.GetEvents() { + if e.GetIntroduced() != "" { + introduced = e.GetIntroduced() + introducedCount++ } + } - if _, exists := groups[key]; !exists { - // Initialize with a deep copy of the first range found for this group - // We need to be careful about DatabaseSpecific. - // We want to keep the "versions" from this first range. - groups[key] = &osvschema.Range{ - Type: r.GetType(), - Repo: r.GetRepo(), - Events: []*osvschema.Event{}, - DatabaseSpecific: r.GetDatabaseSpecific(), // Start with this one's DS - } - order = append(order, key) - } else { - // Merge DatabaseSpecific "versions" - mergeDatabaseSpecificVersions(groups[key], r.GetDatabaseSpecific()) + if introducedCount > 1 { + logger.Error("Multiple 'introduced' events found in a single range", slog.Any("range", r)) + } + + // If no introduced event is found, we use an empty string as the introduced value. + key := groupKey{ + RangeType: r.GetType(), + Repo: r.GetRepo(), + Introduced: introduced, + } + + if _, exists := groups[key]; !exists { + // Initialize with a deep copy of the first range found for this group + // We need to be careful about DatabaseSpecific. + // We want to keep the "versions" from this first range. + groups[key] = &osvschema.Range{ + Type: r.GetType(), + Repo: r.GetRepo(), + Events: []*osvschema.Event{}, + DatabaseSpecific: r.GetDatabaseSpecific(), // Start with this one's DS } + order = append(order, key) + } else { + // Merge DatabaseSpecific + mergeDatabaseSpecific(groups[key], r.GetDatabaseSpecific()) + } + + // Add all events to the group. Deduplication happens later in cleanEvents. + groups[key].Events = append(groups[key].Events, r.GetEvents()...) + } + + // Reconstruct ranges from groups + var newRanges []*osvschema.Range + for _, key := range order { + r := groups[key] + r.Events = cleanEvents(r.GetEvents()) + newRanges = append(newRanges, r) + } + return newRanges +} + +// mergeDatabaseSpecific merges the source DatabaseSpecific into the target DatabaseSpecific. +// It uses MergeDatabaseSpecificValues for all fields except "versions", which is handled +// by mergeDatabaseSpecificVersions for deduplication. +func mergeDatabaseSpecific(target *osvschema.Range, source *structpb.Struct) { + if source == nil { + return + } - // Add all events to the group. Deduplication happens later in cleanEvents. - groups[key].Events = append(groups[key].Events, r.GetEvents()...) + if target.GetDatabaseSpecific() == nil { + var err error + target.DatabaseSpecific, err = structpb.NewStruct(nil) + if err != nil { + logger.Fatal("Failed to create DatabaseSpecific", slog.Any("error", err)) } + } - // Reconstruct ranges from groups - var newRanges []*osvschema.Range - for _, key := range order { - r := groups[key] - r.Events = cleanEvents(r.GetEvents()) - newRanges = append(newRanges, r) + targetFields := target.GetDatabaseSpecific().GetFields() + if targetFields == nil { + targetFields = make(map[string]*structpb.Value) + target.DatabaseSpecific.Fields = targetFields + } + + for k, v := range source.GetFields() { + if k == "versions" { + continue // Handled separately + } + val2 := v.AsInterface() + if existing, ok := targetFields[k]; ok { + mergedVal, err := MergeDatabaseSpecificValues(existing.AsInterface(), val2) + if err != nil { + logger.Info("Failed to merge database specific key", "key", k, "err", err) + } + if newVal, err := structpb.NewValue(mergedVal); err == nil { + targetFields[k] = newVal + } else { + logger.Warn("Failed to create structpb.Value for merged key", "key", k, "err", err) + } + } else { + targetFields[k] = v } - aff.Ranges = newRanges } + + mergeDatabaseSpecificVersions(target, source) } // mergeDatabaseSpecificVersions merges the "versions" field from the source DatabaseSpecific diff --git a/vulnfeeds/conversion/grouping_test.go b/vulnfeeds/conversion/grouping_test.go index 62d057dcc94..feb1a8173ea 100644 --- a/vulnfeeds/conversion/grouping_test.go +++ b/vulnfeeds/conversion/grouping_test.go @@ -237,7 +237,7 @@ func TestGroupAffectedRanges(t *testing.T) { }, }, { - name: "Different DatabaseSpecific (non-versions) - merge, second gets overwritten", + name: "Different DatabaseSpecific (non-versions) - merge properly", affected: []*osvschema.Affected{ { Ranges: []*osvschema.Range{ @@ -280,7 +280,12 @@ func TestGroupAffectedRanges(t *testing.T) { }, DatabaseSpecific: &structpb.Struct{ Fields: map[string]*structpb.Value{ - "foo": structpb.NewStringValue("bar"), + "foo": structpb.NewListValue(&structpb.ListValue{ + Values: []*structpb.Value{ + structpb.NewStringValue("bar"), + structpb.NewStringValue("baz"), + }, + }), }, }, }, diff --git a/vulnfeeds/conversion/nvd/converter.go b/vulnfeeds/conversion/nvd/converter.go index 5fd0aa63d3d..0004b4418be 100644 --- a/vulnfeeds/conversion/nvd/converter.go +++ b/vulnfeeds/conversion/nvd/converter.go @@ -18,6 +18,7 @@ import ( "github.com/google/osv/vulnfeeds/utility/logger" "github.com/google/osv/vulnfeeds/vulns" "github.com/ossf/osv-schema/bindings/go/osvschema" + "google.golang.org/protobuf/types/known/structpb" ) var ErrNoRanges = errors.New("no ranges") @@ -58,14 +59,19 @@ func CVEToOSV(cve models.NVDCVE, repos []string, cache *git.RepoTagsCache, direc } successfulRepos := make(map[string]bool) - var resolvedRanges, unresolvedRanges []*osvschema.Range + var resolvedRanges []*osvschema.Range + var unresolvedRanges []models.RangeWithMetadata // Exit early if there are no repositories if len(repos) == 0 { metrics.SetOutcome(models.NoRepos) metrics.UnresolvedRangesCount += len(cpeRanges) - affected := MergeRangesAndCreateAffected(resolvedRanges, cpeRanges, nil, nil, metrics) - v.Affected = append(v.Affected, affected) + + unresolvedDatabaseSpecificField := createUnresolvedDatabaseSpecificField(unresolvedRanges, metrics) + if unresolvedDatabaseSpecificField != nil { + v.DatabaseSpecific = unresolvedDatabaseSpecificField + } + // Exit early outputFiles(v, directory, maybeVendorName, maybeProductName, metrics, rejectFailed, outputMetrics) @@ -121,9 +127,16 @@ func CVEToOSV(cve models.NVDCVE, repos []string, cache *git.RepoTagsCache, direc // Use the successful repos for more efficient merging. keys := slices.Collect(maps.Keys(successfulRepos)) - affected := MergeRangesAndCreateAffected(resolvedRanges, unresolvedRanges, commits, keys, metrics) + groupedRanges := c.GroupRanges(resolvedRanges) + affected := MergeRangesAndCreateAffected(groupedRanges, commits, keys, metrics) v.Affected = append(v.Affected, affected) + unresolvedDatabaseSpecificField := createUnresolvedDatabaseSpecificField(unresolvedRanges, metrics) + // TODO: this should be if v.DatabaseSpecific != nil, initalise, otherwise add it. + if unresolvedDatabaseSpecificField != nil { + v.DatabaseSpecific = unresolvedDatabaseSpecificField + } + if metrics.Outcome == models.Error || (!outputMetrics && rejectFailed && metrics.Outcome != models.Successful) { return metrics.Outcome } @@ -198,10 +211,6 @@ func CVEToPackageInfo(cve models.NVDCVE, repos []string, cache *git.RepoTagsCach slices.SortStableFunc(versions.AffectedCommits, models.AffectedCommitCompare) - if metrics.Outcome == models.Error { - return metrics.Outcome - } - var pkgInfos []vulns.PackageInfo pi := vulns.PackageInfo{VersionInfo: versions} pkgInfos = append(pkgInfos, pi) // combine-to-osv expects a serialised *array* of PackageInfo @@ -324,11 +333,10 @@ func FindRepos(cve models.NVDCVE, vpRepoCache *c.VPRepoCache, repoTagsCache *git // // Arguments: // - resolvedRanges: A slice of resolved OSV ranges to be merged. -// - unresolvedRanges: A slice of unresolved OSV ranges to be included in the database specific field. // - commits: A slice of affected commits to be converted into events and added to ranges. // - successfulRepos: A slice of repository URLs that were successfully processed. // - metrics: A pointer to ConversionMetrics to track the outcome and notes. -func MergeRangesAndCreateAffected(resolvedRanges []*osvschema.Range, unresolvedRanges []*osvschema.Range, commits []models.AffectedCommit, successfulRepos []string, metrics *models.ConversionMetrics) *osvschema.Affected { +func MergeRangesAndCreateAffected(resolvedRanges []*osvschema.Range, commits []models.AffectedCommit, successfulRepos []string, metrics *models.ConversionMetrics) *osvschema.Affected { var newResolvedRanges []*osvschema.Range // Combine the ranges appropriately if len(resolvedRanges) > 0 { @@ -386,14 +394,6 @@ func MergeRangesAndCreateAffected(resolvedRanges []*osvschema.Range, unresolvedR Ranges: newResolvedRanges, } - if len(unresolvedRanges) > 0 { - databaseSpecific, err := utility.NewStructpbFromMap(map[string]any{"unresolved_ranges": unresolvedRanges}) - if err != nil { - metrics.AddNote("failed to make database specific: %v", err) - } - newAffected.DatabaseSpecific = databaseSpecific - } - return newAffected } @@ -468,11 +468,7 @@ func outputFiles(v *vulns.Vulnerability, dir string, vendor string, product stri logger.Info("Failed to create directory "+vulnDir, slog.String("cve", cveID), slog.String("path", vulnDir), slog.Any("err", err)) } - if metrics.Outcome == models.Error { - return - } - - if !rejectFailed || metrics.Outcome == models.Successful { + if metrics.Outcome != models.Error && (!rejectFailed || metrics.Outcome == models.Successful) { osvFile, errCVE := c.CreateOSVFile(models.CVEID(cveID), vulnDir) if errCVE != nil { logger.Fatal("File failed to be created for CVE", slog.String("cve", cveID)) @@ -495,7 +491,7 @@ func outputFiles(v *vulns.Vulnerability, dir string, vendor string, product stri } // processRanges attempts to resolve the given ranges to commits and updates the metrics accordingly. -func processRanges(ranges []*osvschema.Range, repos []string, metrics *models.ConversionMetrics, cache *git.RepoTagsCache, source models.VersionSource) ([]*osvschema.Range, []*osvschema.Range, []string) { +func processRanges(ranges []models.RangeWithMetadata, repos []string, metrics *models.ConversionMetrics, cache *git.RepoTagsCache, source models.VersionSource) ([]*osvschema.Range, []models.RangeWithMetadata, []string) { if len(ranges) == 0 { return nil, nil, nil } @@ -517,3 +513,27 @@ func processRanges(ranges []*osvschema.Range, repos []string, metrics *models.Co return r, un, sR } + +func createUnresolvedDatabaseSpecificField(unresolvedRanges []models.RangeWithMetadata, metrics *models.ConversionMetrics) *structpb.Struct { + if len(unresolvedRanges) > 0 { + var unresolvedRangesMap []map[string]any + for _, ur := range unresolvedRanges { + urMap := map[string]any{ + "range": ur.Range, + "metadata": map[string]any{ + "cpe": ur.Metadata.CPE, + }, + } + unresolvedRangesMap = append(unresolvedRangesMap, urMap) + } + databaseSpecific, err := utility.NewStructpbFromMap(map[string]any{ + "unresolved_ranges": unresolvedRangesMap, + }) + if err != nil { + metrics.AddNote("failed to make database specific: %v", err) + } + return databaseSpecific + } + + return nil +} diff --git a/vulnfeeds/conversion/versions.go b/vulnfeeds/conversion/versions.go index 8ec95e6c8ab..73443143db2 100644 --- a/vulnfeeds/conversion/versions.go +++ b/vulnfeeds/conversion/versions.go @@ -29,7 +29,6 @@ import ( "time" "github.com/knqyf263/go-cpe/naming" - "github.com/ossf/osv-schema/bindings/go/osvschema" "github.com/sethvargo/go-retry" "github.com/google/osv/vulnfeeds/git" @@ -198,7 +197,7 @@ func Repo(u string) (string, error) { return fmt.Sprintf("%s://%s/%s", parsedURL.Scheme, parsedURL.Hostname(), pathParts[2]), nil } if parsedURL.Hostname() == "sourceware.org" { - // Call out to models function for GitWeb URLs + // Call out to m function for GitWeb URLs return repoGitWeb(parsedURL) } if parsedURL.Hostname() == "git.postgresql.org" { @@ -656,7 +655,7 @@ func processExtractedVersion(version string) string { return version } -func ExtractVersionsFromText(validVersions []string, text string, metrics *models.ConversionMetrics) []*osvschema.Range { +func ExtractVersionsFromText(validVersions []string, text string, metrics *models.ConversionMetrics) []models.RangeWithMetadata { // Match: // - x.x.x before x.x.x // - x.x.x through x.x.x @@ -669,14 +668,14 @@ func ExtractVersionsFromText(validVersions []string, text string, metrics *model return nil } - versions := make([]*osvschema.Range, 0, len(matches)) + versions := make([]models.RangeWithMetadata, 0, len(matches)) for _, match := range matches { // Trim periods that are part of sentences. introduced := processExtractedVersion(match[1]) fixed := processExtractedVersion(match[3]) lastaffected := "" - if match[2] == "through" { + if match[2] == "through" && validVersions != nil { // "Through" implies inclusive range, so the fixed version is the one that comes after. var err error fixed, err = nextVersion(validVersions, fixed) @@ -707,8 +706,8 @@ func ExtractVersionsFromText(validVersions []string, text string, metrics *model lastaffected = "" } - vr := BuildVersionRange(introduced, lastaffected, fixed) - versions = append(versions, vr) + vr := c.BuildVersionRange(introduced, lastaffected, fixed) + versions = append(versions, models.RangeWithMetadata{Range: vr}) } return versions @@ -734,8 +733,8 @@ func DeduplicateAffectedCommits(commits []models.AffectedCommit) []models.Affect return uniqueCommits } -func ExtractVersionsFromCPEs(cve models.NVDCVE, validVersions []string, metrics *models.ConversionMetrics) []*osvschema.Range { - versions := []*osvschema.Range{} +func ExtractVersionsFromCPEs(cve models.NVDCVE, validVersions []string, metrics *models.ConversionMetrics) []models.RangeWithMetadata { + versions := []models.RangeWithMetadata{} for _, config := range cve.Configurations { for _, node := range config.Nodes { @@ -813,8 +812,8 @@ func ExtractVersionsFromCPEs(cve models.NVDCVE, validVersions []string, metrics if fixed != "" && !HasVersion(validVersions, fixed) { metrics.AddNote("Warning: %s is not a valid fixed version", fixed) } - vr := BuildVersionRange(introduced, lastaffected, fixed) - versions = append(versions, vr) + vr := c.BuildVersionRange(introduced, lastaffected, fixed) + versions = append(versions, models.RangeWithMetadata{Range: vr, Metadata: models.Metadata{CPE: match.Criteria}}) } } } diff --git a/vulnfeeds/git/versions.go b/vulnfeeds/git/versions.go index 3983cc651c1..e7e3a38013b 100644 --- a/vulnfeeds/git/versions.go +++ b/vulnfeeds/git/versions.go @@ -15,7 +15,6 @@ package git import ( - "errors" "fmt" "regexp" "slices" @@ -84,7 +83,7 @@ func VersionToAffectedCommit(version string, repo string, commitType models.Comm // Take an unnormalized version string, the pre-normalized mapping of tags to commits and return a commit hash. func VersionToCommit(version string, normalizedTags map[string]NormalizedTag) (string, error) { if version == "" { - return "", errors.New("version cannot be empty") + return "", nil } // TODO: try unnormalized version first. normalizedVersion, err := NormalizeVersion(version) diff --git a/vulnfeeds/models/types.go b/vulnfeeds/models/types.go index ab1bb500b32..27bb36055ff 100644 --- a/vulnfeeds/models/types.go +++ b/vulnfeeds/models/types.go @@ -5,6 +5,8 @@ import ( "cmp" "reflect" "strings" + + "github.com/ossf/osv-schema/bindings/go/osvschema" ) type AffectedCommit struct { @@ -29,6 +31,16 @@ func SetCommitByType(ac *AffectedCommit, commitType CommitType, commitHash strin } } +type RangeWithMetadata struct { + Range *osvschema.Range + Metadata Metadata +} + +type Metadata struct { + CPE string +} + + func (ac *AffectedCommit) SetRepo(repo string) { // GitHub.com repos are demonstrably case-insensitive, and frequently // expressed in URLs with varying cases, so normalize them to lowercase. diff --git a/vulnfeeds/utility/utility.go b/vulnfeeds/utility/utility.go index bbbe3956ae4..8e0db1c8e5d 100644 --- a/vulnfeeds/utility/utility.go +++ b/vulnfeeds/utility/utility.go @@ -74,6 +74,14 @@ func newStructpbValue(v any) (*structpb.Value, error) { return structpb.NewNullValue(), nil } + if msg, ok := v.(proto.Message); ok { + val, err := protoToAny(msg) + if err != nil { + return nil, fmt.Errorf("failed to convert proto message: %w", err) + } + return structpb.NewValue(val) + } + val := reflect.ValueOf(v) switch val.Kind() { case reflect.Slice: @@ -83,6 +91,19 @@ func newStructpbValue(v any) (*structpb.Value, error) { } return structpbValueFromList(anyList) + case reflect.Map: + if val.Type().Key().Kind() == reflect.String { + m := make(map[string]any) + for _, k := range val.MapKeys() { + m[k.String()] = val.MapIndex(k).Interface() + } + structpbMap, err := NewStructpbFromMap(m) + if err != nil { + return nil, err + } + return structpb.NewStructValue(structpbMap), nil + } + return structpb.NewValue(v) default: return structpb.NewValue(v) } @@ -93,25 +114,16 @@ func newStructpbValue(v any) (*structpb.Value, error) { // It iterates through the list, converting any proto.Message elements into // any type via JSON marshalling, while other elements are included as-is. func structpbValueFromList(list []any) (*structpb.Value, error) { - anyList := make([]any, 0, len(list)) + var values []*structpb.Value for i, v := range list { - if msg, ok := v.(proto.Message); ok { - val, err := protoToAny(msg) - if err != nil { - return nil, fmt.Errorf("failed to convert proto message for item %d: %w", i, err) - } - anyList = append(anyList, val) - } else { - anyList = append(anyList, v) + val, err := newStructpbValue(v) + if err != nil { + return nil, fmt.Errorf("failed to convert item %d: %w", i, err) } + values = append(values, val) } - val, err := structpb.NewValue(anyList) - if err != nil { - return nil, fmt.Errorf("failed to create new structpb.Value from list: %w", err) - } - - return val, nil + return structpb.NewListValue(&structpb.ListValue{Values: values}), nil } // protoToAny converts a proto.Message to an any type by marshalling to JSON From 80e9eac2b58c6e49073fdd3067a4cd357790afc9 Mon Sep 17 00:00:00 2001 From: Jess Lowe Date: Thu, 12 Mar 2026 02:26:03 +0000 Subject: [PATCH 02/26] cache canonicalizing link --- vulnfeeds/conversion/common.go | 9 ++++ vulnfeeds/conversion/nvd/converter.go | 3 +- vulnfeeds/conversion/versions.go | 51 +------------------- vulnfeeds/conversion/versions_test.go | 69 --------------------------- vulnfeeds/git/repository.go | 21 +++++++- vulnfeeds/git/versions.go | 64 +++++++++++++++++++++++++ vulnfeeds/git/versions_test.go | 55 +++++++++++++++++++++ 7 files changed, 152 insertions(+), 120 deletions(-) diff --git a/vulnfeeds/conversion/common.go b/vulnfeeds/conversion/common.go index f5c19ce98cf..838a3579e71 100644 --- a/vulnfeeds/conversion/common.go +++ b/vulnfeeds/conversion/common.go @@ -9,6 +9,7 @@ import ( "fmt" "io/fs" "log/slog" + "net/http" "os" "path/filepath" "slices" @@ -64,6 +65,7 @@ func AddAffected(v *vulns.Vulnerability, aff *osvschema.Affected, metrics *model } func DeduplicateRefs(refs []models.Reference) []models.Reference { + refs = slices.Clone(refs) // Deduplicate references by URL. refs = slices.Clone(refs) slices.SortStableFunc(refs, func(a, b models.Reference) int { @@ -187,6 +189,13 @@ func GitVersionsToCommits(versionRanges []models.RangeWithMetadata, repos []stri if cache.IsInvalid(repo) { continue } + + repo, err := git.FindCanonicalLink(repo, http.DefaultClient, cache) + if err != nil { + metrics.AddNote("Failed to find canonical link - %s", repo) + continue + } + normalizedTags, err := git.NormalizeRepoTags(repo, cache) if err != nil { if errors.Is(err, git.ErrRateLimit) || strings.Contains(err.Error(), "429") { diff --git a/vulnfeeds/conversion/nvd/converter.go b/vulnfeeds/conversion/nvd/converter.go index 0004b4418be..ace98da4992 100644 --- a/vulnfeeds/conversion/nvd/converter.go +++ b/vulnfeeds/conversion/nvd/converter.go @@ -29,6 +29,7 @@ var ErrUnresolvedFix = errors.New("fixes not resolved to commits") func CVEToOSV(cve models.NVDCVE, repos []string, cache *git.RepoTagsCache, directory string, metrics *models.ConversionMetrics, rejectFailed bool, outputMetrics bool) models.ConversionOutcome { CPEs := c.CPEs(cve) metrics.CPEs = CPEs + refs := c.DeduplicateRefs(cve.References) // The vendor name and product name are used to construct the output `vulnDir` below, so need to be set to *something* to keep the output tidy. maybeVendorName := "ENOCPE" maybeProductName := "ENOCPE" @@ -90,7 +91,7 @@ func CVEToOSV(cve models.NVDCVE, repos []string, cache *git.RepoTagsCache, direc } // Extract Commits - commits, err := c.ExtractCommitsFromRefs(cve.References, http.DefaultClient) + commits, err := c.ExtractCommitsFromRefs(refs, http.DefaultClient) if err != nil { metrics.AddNote("Failed to extract commits from refs: %#v", err) } diff --git a/vulnfeeds/conversion/versions.go b/vulnfeeds/conversion/versions.go index 73443143db2..bccb8c83a1d 100644 --- a/vulnfeeds/conversion/versions.go +++ b/vulnfeeds/conversion/versions.go @@ -16,7 +16,6 @@ package conversion import ( - "context" "errors" "fmt" "net/http" @@ -26,10 +25,8 @@ import ( "slices" "strings" "sync" - "time" "github.com/knqyf263/go-cpe/naming" - "github.com/sethvargo/go-retry" "github.com/google/osv/vulnfeeds/git" "github.com/google/osv/vulnfeeds/models" @@ -503,50 +500,6 @@ func resolveGitTag(parsedURL *url.URL, u string, gitSHA1Regex *regexp.Regexp) (s return "", errors.New("no tag found") } -// Detect linkrot and handle link decay in HTTP(S) links via HEAD request with exponential backoff. -func ValidateAndCanonicalizeLink(link string, httpClient *http.Client) (canonicalLink string, err error) { - u, err := url.Parse(link) - if !slices.Contains([]string{"http", "https"}, u.Scheme) { - // Handle what's presumably a git:// URL. - return link, err - } - backoff := retry.NewExponential(1 * time.Second) - if err := retry.Do(context.Background(), retry.WithMaxRetries(3, backoff), func(ctx context.Context) error { - req, err := http.NewRequestWithContext(ctx, http.MethodHead, link, nil) - if err != nil { - return err - } - - // security.alpinelinux.org responds with text/html content. - // default HEAD request in Go does not provide any Accept headers, causing a 406 response. - req.Header.Set("Accept", "text/html") - - // Send the request - resp, err := httpClient.Do(req) - if err != nil { - return err - } - defer resp.Body.Close() - - switch resp.StatusCode / 100 { - // 4xx response codes are an instant fail. - case 4: - return fmt.Errorf("bad response: %v", resp.StatusCode) - // 5xx response codes are retriable. - case 5: - return retry.RetryableError(fmt.Errorf("bad response: %v", resp.StatusCode)) - // Anything else is acceptable. - default: - canonicalLink = resp.Request.URL.String() - return nil - } - }); err != nil { - return link, fmt.Errorf("unable to determine validity of %q: %w", link, err) - } - - return canonicalLink, nil -} - // For URLs referencing commits in supported Git repository hosts, return a cloneable AffectedCommit. func ExtractCommitsFromRefs(references []models.Reference, httpClient *http.Client) ([]models.AffectedCommit, error) { var commits []models.AffectedCommit //nolint:prealloc @@ -598,7 +551,7 @@ func ExtractGitCommit(link string, httpClient *http.Client, depth int) (string, commit = c // If URL doesn't validate, treat it as linkrot. - possiblyDifferentLink, err := ValidateAndCanonicalizeLink(link, httpClient) + possiblyDifferentLink, err := git.ValidateAndCanonicalizeLink(link, httpClient) if err != nil { return "", "", err } @@ -1196,7 +1149,7 @@ func ReposFromReferences(cache *VPRepoCache, vp *VendorProduct, refs []models.Re } // Check if the repo URL has changed (e.g. via redirect) - canonicalRepo, err := ValidateAndCanonicalizeLink(repo, httpClient) + canonicalRepo, err := git.FindCanonicalLink(repo, httpClient, repoTagsCache) if err == nil { repo = canonicalRepo } diff --git a/vulnfeeds/conversion/versions_test.go b/vulnfeeds/conversion/versions_test.go index 18b9da34aad..43fce103d21 100644 --- a/vulnfeeds/conversion/versions_test.go +++ b/vulnfeeds/conversion/versions_test.go @@ -1203,75 +1203,6 @@ func TestInvalidRangeDetection(t *testing.T) { } } -func TestValidateAndCanonicalizeLink(t *testing.T) { - type args struct { - link string - } - tests := []struct { - name string - args args - wantCanonicalLink string - wantErr bool - skipOnCloudBuild bool - disableExpiryDate time.Time // If test needs to be disabled due to known outage. - }{ - { - name: "A link that 404's", - args: args{ - link: "https://github.com/WebKit/webkit/commit/6f9b511a115311b13c06eb58038ddc2c78da5531", - }, - wantCanonicalLink: "https://github.com/WebKit/webkit/commit/6f9b511a115311b13c06eb58038ddc2c78da5531", - wantErr: true, - }, - { - name: "A functioning link", - args: args{ - link: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ee1fee900537b5d9560e9f937402de5ddc8412f3", - }, - wantCanonicalLink: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ee1fee900537b5d9560e9f937402de5ddc8412f3", - wantErr: false, - skipOnCloudBuild: true, // observing indications of IP denylisting as at 2025-02-13 - - }, - } - for _, tt := range tests { - t.Run(tt.name, func(t *testing.T) { - r := testutils.SetupVCR(t) - client := r.GetDefaultClient() - - if time.Now().Before(tt.disableExpiryDate) { - t.Skipf("test %q has been skipped due to known outage and will be reenabled on %s.", tt.name, tt.disableExpiryDate) - } - if _, ok := os.LookupEnv("BUILD_ID"); ok && tt.skipOnCloudBuild { - t.Skipf("test %q: running on Cloud Build", tt.name) - } - gotCanonicalLink, err := ValidateAndCanonicalizeLink(tt.args.link, client) - if (err != nil) != tt.wantErr { - t.Errorf("ValidateAndCanonicalizeLink() error = %v, wantErr %v", err, tt.wantErr) - return - } - if gotCanonicalLink != tt.wantCanonicalLink { - t.Errorf("ValidateAndCanonicalizeLink() = %v, want %v", gotCanonicalLink, tt.wantCanonicalLink) - } - }) - } -} - -func TestValidateAndCanonicalizeLink_429(t *testing.T) { - requests := 0 - ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) { - requests++ - w.WriteHeader(http.StatusTooManyRequests) - })) - defer ts.Close() - - client := ts.Client() - _, err := ValidateAndCanonicalizeLink(ts.URL, client) - if err == nil { - t.Errorf("ValidateAndCanonicalizeLink() expected error, got nil") - } -} - func TestCommit(t *testing.T) { type args struct { u string diff --git a/vulnfeeds/git/repository.go b/vulnfeeds/git/repository.go index 7ac252663e2..d4fa09050ab 100644 --- a/vulnfeeds/git/repository.go +++ b/vulnfeeds/git/repository.go @@ -75,7 +75,7 @@ type RepoTagsCache struct { m map[string]RepoTagsMap invalid map[string]bool -} + canonicalLink map[string]string} func (c *RepoTagsCache) Get(repo string) (RepoTagsMap, bool) { c.RLock() @@ -116,6 +116,25 @@ func (c *RepoTagsCache) IsInvalid(repo string) bool { return c.invalid[repo] } +func (c *RepoTagsCache) SetCanonicalLink(repo string, canonicalLink string) { + c.Lock() + defer c.Unlock() + if c.canonicalLink == nil { + c.canonicalLink = make(map[string]string) + } + c.canonicalLink[repo] = canonicalLink +} + +func (c *RepoTagsCache) GetCanonicalLink(repo string) (string, bool) { + c.RLock() + defer c.RUnlock() + if c.canonicalLink == nil { + return "", false + } + canonicalLink, ok := c.canonicalLink[repo] + return canonicalLink, ok +} + // RemoteRepoRefsWithRetry will exponentially retry listing the peeled references of the repoURL up to retries times. func RemoteRepoRefsWithRetry(repoURL string, retries uint64) (refs []*plumbing.Reference, err error) { remoteConfig := &config.RemoteConfig{ diff --git a/vulnfeeds/git/versions.go b/vulnfeeds/git/versions.go index e7e3a38013b..2600785fc28 100644 --- a/vulnfeeds/git/versions.go +++ b/vulnfeeds/git/versions.go @@ -15,12 +15,17 @@ package git import ( + "context" "fmt" + "net/http" + "net/url" "regexp" "slices" "strings" + "time" "github.com/google/osv/vulnfeeds/models" + "github.com/sethvargo/go-retry" ) var ( @@ -178,3 +183,62 @@ func ParseVersionRange(versionRange string) (models.AffectedVersion, error) { return av, nil } + +// Detect linkrot and handle link decay in HTTP(S) links via HEAD request with exponential backoff. +func ValidateAndCanonicalizeLink(link string, httpClient *http.Client) (canonicalLink string, err error) { + u, err := url.Parse(link) + if !slices.Contains([]string{"http", "https"}, u.Scheme) { + // Handle what's presumably a git:// URL. + return link, err + } + if httpClient == nil { + httpClient = http.DefaultClient + } + backoff := retry.NewExponential(1 * time.Second) + if err := retry.Do(context.Background(), retry.WithMaxRetries(3, backoff), func(ctx context.Context) error { + req, err := http.NewRequestWithContext(ctx, http.MethodHead, link, nil) + if err != nil { + return err + } + + // security.alpinelinux.org responds with text/html content. + // default HEAD request in Go does not provide any Accept headers, causing a 406 response. + req.Header.Set("Accept", "text/html") + + // Send the request + resp, err := httpClient.Do(req) + if err != nil { + return err + } + defer resp.Body.Close() + + switch resp.StatusCode / 100 { + // 4xx response codes are an instant fail. + case 4: + return fmt.Errorf("bad response: %v", resp.StatusCode) + // 5xx response codes are retriable. + case 5: + return retry.RetryableError(fmt.Errorf("bad response: %v", resp.StatusCode)) + // Anything else is acceptable. + default: + canonicalLink = resp.Request.URL.String() + return nil + } + }); err != nil { + return link, fmt.Errorf("unable to determine validity of %q: %w", link, err) + } + + return canonicalLink, nil +} + +func FindCanonicalLink(link string, httpClient *http.Client, cache *RepoTagsCache) (canonicalLink string, err error) { + if canonicalLink, ok := cache.GetCanonicalLink(link); ok { + return canonicalLink, nil + } + canonicalLink, err = ValidateAndCanonicalizeLink(link, httpClient) + if err != nil { + return "", err + } + cache.SetCanonicalLink(link, canonicalLink) + return canonicalLink, nil +} \ No newline at end of file diff --git a/vulnfeeds/git/versions_test.go b/vulnfeeds/git/versions_test.go index 39e14e206a1..d23de7adcc9 100644 --- a/vulnfeeds/git/versions_test.go +++ b/vulnfeeds/git/versions_test.go @@ -1,6 +1,7 @@ package git import ( + "os" "reflect" "testing" "time" @@ -323,3 +324,57 @@ func TestParseVersionRange(t *testing.T) { }) } } + +func TestValidateAndCanonicalizeLink(t *testing.T) { + type args struct { + link string + } + tests := []struct { + name string + args args + wantCanonicalLink string + wantErr bool + skipOnCloudBuild bool + disableExpiryDate time.Time // If test needs to be disabled due to known outage. + }{ + { + name: "A link that 404's", + args: args{ + link: "https://github.com/WebKit/webkit/commit/6f9b511a115311b13c06eb58038ddc2c78da5531", + }, + wantCanonicalLink: "https://github.com/WebKit/webkit/commit/6f9b511a115311b13c06eb58038ddc2c78da5531", + wantErr: true, + }, + { + name: "A functioning link", + args: args{ + link: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ee1fee900537b5d9560e9f937402de5ddc8412f3", + }, + wantCanonicalLink: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ee1fee900537b5d9560e9f937402de5ddc8412f3", + wantErr: false, + skipOnCloudBuild: true, // observing indications of IP denylisting as at 2025-02-13 + + }, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + r := testutils.SetupVCR(t) + client := r.GetDefaultClient() + + if time.Now().Before(tt.disableExpiryDate) { + t.Skipf("test %q has been skipped due to known outage and will be reenabled on %s.", tt.name, tt.disableExpiryDate) + } + if _, ok := os.LookupEnv("BUILD_ID"); ok && tt.skipOnCloudBuild { + t.Skipf("test %q: running on Cloud Build", tt.name) + } + gotCanonicalLink, err := ValidateAndCanonicalizeLink(tt.args.link, client) + if (err != nil) != tt.wantErr { + t.Errorf("ValidateAndCanonicalizeLink() error = %v, wantErr %v", err, tt.wantErr) + return + } + if gotCanonicalLink != tt.wantCanonicalLink { + t.Errorf("ValidateAndCanonicalizeLink() = %v, want %v", gotCanonicalLink, tt.wantCanonicalLink) + } + }) + } +} \ No newline at end of file From 258139d986bac225921cc0a304f261e626061c7a Mon Sep 17 00:00:00 2001 From: Jess Lowe Date: Mon, 16 Mar 2026 00:31:42 +0000 Subject: [PATCH 03/26] add interoperability with cve5 records too --- vulnfeeds/conversion/common.go | 102 +++++++++++++++++- .../conversion/cve5/default_extractor.go | 58 ++++++---- vulnfeeds/conversion/cve5/strategies.go | 13 --- vulnfeeds/conversion/grouping.go | 3 +- vulnfeeds/conversion/nvd/converter.go | 68 ++---------- vulnfeeds/git/repository.go | 8 +- ...ndCanonicalizeLink_A_functioning_link.yaml | 51 +++++++++ ...AndCanonicalizeLink_A_link_that_404_s.yaml | 55 ++++++++++ vulnfeeds/git/versions.go | 3 +- vulnfeeds/git/versions_test.go | 17 ++- vulnfeeds/models/types.go | 3 +- vulnfeeds/utility/utility.go | 5 +- 12 files changed, 278 insertions(+), 108 deletions(-) create mode 100644 vulnfeeds/git/testdata/TestValidateAndCanonicalizeLink_A_functioning_link.yaml create mode 100644 vulnfeeds/git/testdata/TestValidateAndCanonicalizeLink_A_link_that_404_s.yaml diff --git a/vulnfeeds/conversion/common.go b/vulnfeeds/conversion/common.go index 838a3579e71..feb54dbcc8f 100644 --- a/vulnfeeds/conversion/common.go +++ b/vulnfeeds/conversion/common.go @@ -22,6 +22,7 @@ import ( "github.com/google/osv/vulnfeeds/utility/logger" "github.com/google/osv/vulnfeeds/vulns" "github.com/ossf/osv-schema/bindings/go/osvschema" + "google.golang.org/protobuf/types/known/structpb" ) // AddAffected adds an osvschema.Affected to a vulnerability, ensuring that no duplicate ranges are added. @@ -189,10 +190,15 @@ func GitVersionsToCommits(versionRanges []models.RangeWithMetadata, repos []stri if cache.IsInvalid(repo) { continue } - + repo, err := git.FindCanonicalLink(repo, http.DefaultClient, cache) if err != nil { - metrics.AddNote("Failed to find canonical link - %s", repo) + metrics.AddNote("Failed to find canonical link - %s %v", repo, err) + if errors.Is(err, git.ErrRateLimit) || strings.Contains(err.Error(), "429") { + metrics.Outcome = models.Error + return nil, nil, nil + } + continue } @@ -252,10 +258,13 @@ func GitVersionsToCommits(versionRanges []models.RangeWithMetadata, repos []stri newVR.Repo = repo newVR.Type = osvschema.Range_GIT if len(vr.Range.GetEvents()) > 0 { - databaseSpecific, err := utility.NewStructpbFromMap(map[string]any{ + dbSpecificMap := map[string]any{ "versions": vr.Range.GetEvents(), - "cpe": vr.Metadata.CPE, - }) + } + if vr.Metadata.CPE != "" { + dbSpecificMap["cpe"] = vr.Metadata.CPE + } + databaseSpecific, err := utility.NewStructpbFromMap(dbSpecificMap) if err != nil { metrics.AddNote("failed to make database specific: %v", err) } else { @@ -410,6 +419,7 @@ func MergeDatabaseSpecificValues(val1, val2 any) (any, error) { return nil, fmt.Errorf("mismatching types: string and list of %T", v2[0]) } } + return deduplicateList(append([]any{v1}, v2...)), nil } @@ -421,6 +431,7 @@ func MergeDatabaseSpecificValues(val1, val2 any) (any, error) { return nil, fmt.Errorf("mismatching types: %T and list of %T", val1, v2[0]) } } + return deduplicateList(append([]any{val1}, v2...)), nil } if fmt.Sprintf("%T", val1) != fmt.Sprintf("%T", val2) { @@ -449,5 +460,86 @@ func deduplicateList(list []any) []any { unique = append(unique, item) } } + return unique } + +func CreateUnresolvedDatabaseSpecificField(unresolvedRanges []models.RangeWithMetadata, metrics *models.ConversionMetrics) *structpb.Struct { + if len(unresolvedRanges) > 0 { + var unresolvedRangesMap []map[string]any + for _, ur := range unresolvedRanges { + urMap := map[string]any{ + "range": ur.Range, + } + if ur.Metadata.CPE != "" { + urMap["metadata"] = map[string]any{ + "cpe": ur.Metadata.CPE, + } + } + unresolvedRangesMap = append(unresolvedRangesMap, urMap) + } + databaseSpecific, err := utility.NewStructpbFromMap(map[string]any{ + "unresolved_ranges": unresolvedRangesMap, + }) + if err != nil { + metrics.AddNote("failed to make database specific: %v", err) + } + + return databaseSpecific + } + + return nil +} + +func AddFieldToDatabaseSpecific(ds *structpb.Struct, field string, value any) error { + if ds == nil { + return errors.New("database specific is nil") + } + if ds.Fields == nil { + return errors.New("database specific fields is nil") + } + if ds.GetFields()[field] != nil { + return fmt.Errorf("field %s already exists", field) + } + + switch v := value.(type) { + case *structpb.Value: + ds.Fields[field] = v + case *structpb.Struct: + ds.Fields[field] = structpb.NewStructValue(v) + case *structpb.ListValue: + ds.Fields[field] = structpb.NewListValue(v) + default: + val, err := structpb.NewValue(v) + if err != nil { + return fmt.Errorf("failed to create structpb value: %w", err) + } + ds.Fields[field] = val + } + + return nil +} + +// ProcessRanges attempts to resolve the given ranges to commits and updates the metrics accordingly. +func ProcessRanges(ranges []models.RangeWithMetadata, repos []string, metrics *models.ConversionMetrics, cache *git.RepoTagsCache, source models.VersionSource) ([]*osvschema.Range, []models.RangeWithMetadata, []string) { + if len(ranges) == 0 { + return nil, nil, nil + } + + r, un, sR := GitVersionsToCommits(ranges, repos, metrics, cache) + if len(r) > 0 { + metrics.ResolvedRangesCount += len(r) + metrics.SetOutcome(models.Successful) + } + + if len(un) > 0 { + metrics.UnresolvedRangesCount += len(un) + if len(r) == 0 { + metrics.SetOutcome(models.NoCommitRanges) + } + } + + metrics.VersionSources = append(metrics.VersionSources, source) + + return r, un, sR +} diff --git a/vulnfeeds/conversion/cve5/default_extractor.go b/vulnfeeds/conversion/cve5/default_extractor.go index 78ee2f6586c..d5d5cf0bd8d 100644 --- a/vulnfeeds/conversion/cve5/default_extractor.go +++ b/vulnfeeds/conversion/cve5/default_extractor.go @@ -4,7 +4,6 @@ import ( c "github.com/google/osv/vulnfeeds/conversion" "github.com/google/osv/vulnfeeds/git" "github.com/google/osv/vulnfeeds/models" - "github.com/google/osv/vulnfeeds/utility" "github.com/google/osv/vulnfeeds/utility/logger" "github.com/google/osv/vulnfeeds/vulns" "github.com/ossf/osv-schema/bindings/go/osvschema" @@ -36,14 +35,22 @@ func (d *DefaultVersionExtractor) ExtractVersions(cve models.CVE5, v *vulns.Vuln ranges := d.handleAffected(cve.Containers.CNA.Affected, metrics) + var unresolvedRanges []models.RangeWithMetadata if len(ranges) != 0 { - resolvedRanges, unresolvedRanges, _ := c.GitVersionsToCommits(ranges, repos, metrics, repoTagsCache) - if len(resolvedRanges) == 0 { + var nr []models.RangeWithMetadata + for _, r := range ranges { + nr = append(nr, models.RangeWithMetadata{ + Range: r, + }) + } + r, uR, _ := c.GitVersionsToCommits(nr, repos, metrics, repoTagsCache) + if len(r) == 0 { metrics.AddNote("Failed to convert git versions to commits") } else { gotVersions = true } - addRangesToAffected(resolvedRanges, unresolvedRanges, v, metrics) + addRangesToAffected(r, v, metrics) + unresolvedRanges = append(unresolvedRanges, uR...) } if !gotVersions { @@ -51,26 +58,43 @@ func (d *DefaultVersionExtractor) ExtractVersions(cve models.CVE5, v *vulns.Vuln versionRanges, _ := cpeVersionExtraction(cve, metrics) if len(versionRanges) != 0 { - resolvedRanges, unresolvedRanges, _ := c.GitVersionsToCommits(versionRanges, repos, metrics, repoTagsCache) - if len(resolvedRanges) == 0 { + var nr []models.RangeWithMetadata + for _, r := range versionRanges { + nr = append(nr, models.RangeWithMetadata{ + Range: r, + }) + } + r, uR, _ := c.GitVersionsToCommits(nr, repos, metrics, repoTagsCache) + if len(r) == 0 { metrics.AddNote("Failed to convert git versions to commits") } else { gotVersions = true } - addRangesToAffected(resolvedRanges, unresolvedRanges, v, metrics) + addRangesToAffected(r, v, metrics) + unresolvedRanges = append(unresolvedRanges, uR...) } } if !gotVersions { metrics.AddNote("No versions in CPEs so attempting extraction from description") - versionRanges := textVersionExtraction(cve, metrics) - if len(versionRanges) != 0 { - resolvedRanges, unresolvedRanges, _ := c.GitVersionsToCommits(versionRanges, repos, metrics, repoTagsCache) - if len(resolvedRanges) == 0 { + textRanges := cves.ExtractVersionsFromText(nil, models.EnglishDescription(cve.Containers.CNA.Descriptions), metrics) + if len(textRanges) > 0 { + metrics.AddNote("Extracted versions from description: %v", textRanges) + } + if len(textRanges) != 0 { + r, uR, _ := c.GitVersionsToCommits(textRanges, repos, metrics, repoTagsCache) + if len(r) == 0 { metrics.AddNote("Failed to convert git versions to commits") } - addRangesToAffected(resolvedRanges, unresolvedRanges, v, metrics) + unresolvedRanges = append(unresolvedRanges, uR...) + } + } + + if len(unresolvedRanges) > 0 { + unresolvedDatabaseSpecificField := conversion.CreateUnresolvedDatabaseSpecificField(unresolvedRanges, metrics) + if err := conversion.AddFieldToDatabaseSpecific(v.DatabaseSpecific, "unresolved_ranges", unresolvedDatabaseSpecificField); err != nil { + logger.Warn("failed to make database specific: %v", err) } } } @@ -134,19 +158,11 @@ func (d *DefaultVersionExtractor) FindNormalAffectedRanges(affected models.Affec return versionRanges, mostFrequentVersionType } -func addRangesToAffected(resolvedRanges []*osvschema.Range, unresolvedRanges []*osvschema.Range, v *vulns.Vulnerability, metrics *models.ConversionMetrics) { +func addRangesToAffected(resolvedRanges []*osvschema.Range, v *vulns.Vulnerability, metrics *models.ConversionMetrics) { if len(resolvedRanges) > 0 { aff := &osvschema.Affected{ Ranges: resolvedRanges, } - if len(unresolvedRanges) > 0 { - databaseSpecific, err := utility.NewStructpbFromMap(map[string]any{"unresolved_ranges": unresolvedRanges}) - if err != nil { - logger.Warn("failed to make database specific: %v", err) - } else { - aff.DatabaseSpecific = databaseSpecific - } - } c.AddAffected(v, aff, metrics) } } diff --git a/vulnfeeds/conversion/cve5/strategies.go b/vulnfeeds/conversion/cve5/strategies.go index 602ae467915..0bf4e576634 100644 --- a/vulnfeeds/conversion/cve5/strategies.go +++ b/vulnfeeds/conversion/cve5/strategies.go @@ -21,19 +21,6 @@ func cpeVersionExtraction(cve models.CVE5, metrics *models.ConversionMetrics) ([ return nil, err } -// textVersionExtraction is a helper function for CPE and description extraction. -func textVersionExtraction(cve models.CVE5, metrics *models.ConversionMetrics) []*osvschema.Range { - // As a last resort, try extracting versions from the description text. - versions := c.ExtractVersionsFromText(nil, models.EnglishDescription(cve.Containers.CNA.Descriptions), metrics) - if len(versions) > 0 { - // NOTE: These versions are not currently saved due to the need for better validation. - metrics.VersionSources = append(metrics.VersionSources, models.VersionSourceDescription) - metrics.AddNote("Extracted versions from description but did not save them: %+v", versions) - } - - return []*osvschema.Range{} -} - // initialNormalExtraction handles an expected case of version ranges in the affected field of CVE5 func initialNormalExtraction(vers models.Versions, metrics *models.ConversionMetrics, versionTypesCount map[VersionRangeType]int) ([]*osvschema.Range, VersionRangeType, bool) { if vers.Status != "affected" { diff --git a/vulnfeeds/conversion/grouping.go b/vulnfeeds/conversion/grouping.go index f8998e6beb2..d3983aa5f88 100644 --- a/vulnfeeds/conversion/grouping.go +++ b/vulnfeeds/conversion/grouping.go @@ -79,12 +79,13 @@ func GroupRanges(ranges []*osvschema.Range) []*osvschema.Range { } // Reconstruct ranges from groups - var newRanges []*osvschema.Range + newRanges := make([]*osvschema.Range, 0, len(order)) for _, key := range order { r := groups[key] r.Events = cleanEvents(r.GetEvents()) newRanges = append(newRanges, r) } + return newRanges } diff --git a/vulnfeeds/conversion/nvd/converter.go b/vulnfeeds/conversion/nvd/converter.go index ace98da4992..ac7651b18a0 100644 --- a/vulnfeeds/conversion/nvd/converter.go +++ b/vulnfeeds/conversion/nvd/converter.go @@ -14,11 +14,9 @@ import ( c "github.com/google/osv/vulnfeeds/conversion" "github.com/google/osv/vulnfeeds/git" "github.com/google/osv/vulnfeeds/models" - "github.com/google/osv/vulnfeeds/utility" "github.com/google/osv/vulnfeeds/utility/logger" "github.com/google/osv/vulnfeeds/vulns" "github.com/ossf/osv-schema/bindings/go/osvschema" - "google.golang.org/protobuf/types/known/structpb" ) var ErrNoRanges = errors.New("no ranges") @@ -68,7 +66,7 @@ func CVEToOSV(cve models.NVDCVE, repos []string, cache *git.RepoTagsCache, direc metrics.SetOutcome(models.NoRepos) metrics.UnresolvedRangesCount += len(cpeRanges) - unresolvedDatabaseSpecificField := createUnresolvedDatabaseSpecificField(unresolvedRanges, metrics) + unresolvedDatabaseSpecificField := c.CreateUnresolvedDatabaseSpecificField(unresolvedRanges, metrics) if unresolvedDatabaseSpecificField != nil { v.DatabaseSpecific = unresolvedDatabaseSpecificField } @@ -80,7 +78,7 @@ func CVEToOSV(cve models.NVDCVE, repos []string, cache *git.RepoTagsCache, direc } // If we have ranges, try to resolve them - r, un, sR := processRanges(cpeRanges, repos, metrics, cache, models.VersionSourceCPE) + r, un, sR := c.ProcessRanges(cpeRanges, repos, metrics, cache, models.VersionSourceCPE) if metrics.Outcome == models.Error { return models.Error } @@ -110,7 +108,7 @@ func CVEToOSV(cve models.NVDCVE, repos []string, cache *git.RepoTagsCache, direc if len(textRanges) > 0 { metrics.AddNote("Extracted versions from description: %v", textRanges) } - r, un, sR := processRanges(textRanges, repos, metrics, cache, models.VersionSourceDescription) + r, un, sR := c.ProcessRanges(textRanges, repos, metrics, cache, models.VersionSourceDescription) if metrics.Outcome == models.Error { return models.Error } @@ -132,14 +130,12 @@ func CVEToOSV(cve models.NVDCVE, repos []string, cache *git.RepoTagsCache, direc affected := MergeRangesAndCreateAffected(groupedRanges, commits, keys, metrics) v.Affected = append(v.Affected, affected) - unresolvedDatabaseSpecificField := createUnresolvedDatabaseSpecificField(unresolvedRanges, metrics) - // TODO: this should be if v.DatabaseSpecific != nil, initalise, otherwise add it. + unresolvedDatabaseSpecificField := c.CreateUnresolvedDatabaseSpecificField(unresolvedRanges, metrics) + // TODO: this should be if v.DatabaseSpecific != nil, initialise, otherwise add it. if unresolvedDatabaseSpecificField != nil { - v.DatabaseSpecific = unresolvedDatabaseSpecificField - } - - if metrics.Outcome == models.Error || (!outputMetrics && rejectFailed && metrics.Outcome != models.Successful) { - return metrics.Outcome + if err := c.AddFieldToDatabaseSpecific(v.DatabaseSpecific, "unresolved_ranges", unresolvedDatabaseSpecificField); err != nil { + logger.Warn("failed to add unresolved ranges to database specific: %v", err) + } } outputFiles(v, directory, maybeVendorName, maybeProductName, metrics, rejectFailed, outputMetrics) @@ -490,51 +486,3 @@ func outputFiles(v *vulns.Vulnerability, dir string, vendor string, product stri metricsFile.Close() } } - -// processRanges attempts to resolve the given ranges to commits and updates the metrics accordingly. -func processRanges(ranges []models.RangeWithMetadata, repos []string, metrics *models.ConversionMetrics, cache *git.RepoTagsCache, source models.VersionSource) ([]*osvschema.Range, []models.RangeWithMetadata, []string) { - if len(ranges) == 0 { - return nil, nil, nil - } - - r, un, sR := c.GitVersionsToCommits(ranges, repos, metrics, cache) - if len(r) > 0 { - metrics.ResolvedRangesCount += len(r) - metrics.SetOutcome(models.Successful) - } - - if len(un) > 0 { - metrics.UnresolvedRangesCount += len(un) - if len(r) == 0 { - metrics.SetOutcome(models.NoCommitRanges) - } - } - - metrics.VersionSources = append(metrics.VersionSources, source) - - return r, un, sR -} - -func createUnresolvedDatabaseSpecificField(unresolvedRanges []models.RangeWithMetadata, metrics *models.ConversionMetrics) *structpb.Struct { - if len(unresolvedRanges) > 0 { - var unresolvedRangesMap []map[string]any - for _, ur := range unresolvedRanges { - urMap := map[string]any{ - "range": ur.Range, - "metadata": map[string]any{ - "cpe": ur.Metadata.CPE, - }, - } - unresolvedRangesMap = append(unresolvedRangesMap, urMap) - } - databaseSpecific, err := utility.NewStructpbFromMap(map[string]any{ - "unresolved_ranges": unresolvedRangesMap, - }) - if err != nil { - metrics.AddNote("failed to make database specific: %v", err) - } - return databaseSpecific - } - - return nil -} diff --git a/vulnfeeds/git/repository.go b/vulnfeeds/git/repository.go index d4fa09050ab..f98ff9796cb 100644 --- a/vulnfeeds/git/repository.go +++ b/vulnfeeds/git/repository.go @@ -73,9 +73,10 @@ type RepoTagsMap struct { type RepoTagsCache struct { sync.RWMutex - m map[string]RepoTagsMap - invalid map[string]bool - canonicalLink map[string]string} + m map[string]RepoTagsMap + invalid map[string]bool + canonicalLink map[string]string +} func (c *RepoTagsCache) Get(repo string) (RepoTagsMap, bool) { c.RLock() @@ -132,6 +133,7 @@ func (c *RepoTagsCache) GetCanonicalLink(repo string) (string, bool) { return "", false } canonicalLink, ok := c.canonicalLink[repo] + return canonicalLink, ok } diff --git a/vulnfeeds/git/testdata/TestValidateAndCanonicalizeLink_A_functioning_link.yaml b/vulnfeeds/git/testdata/TestValidateAndCanonicalizeLink_A_functioning_link.yaml new file mode 100644 index 00000000000..bd4bb3c6a9e --- /dev/null +++ b/vulnfeeds/git/testdata/TestValidateAndCanonicalizeLink_A_functioning_link.yaml @@ -0,0 +1,51 @@ +--- +version: 2 +interactions: + - id: 0 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + host: git.kernel.org + form: + id: + - ee1fee900537b5d9560e9f937402de5ddc8412f3 + headers: + Accept: + - text/html + url: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ee1fee900537b5d9560e9f937402de5ddc8412f3 + method: HEAD + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + content_length: -1 + body: "" + headers: + Content-Security-Policy: + - 'default-src ''self''; worker-src ''self'' blob:; style-src ''self'' ''unsafe-inline''; script-src-attr ''unsafe-hashes'' ''sha256-rQQdnklrOmulrf5mQ2YjUK7CGbu4ywAi21E8nGlJcDc''; img-src https:' + Content-Type: + - text/html; charset=UTF-8 + Date: + - Sun, 15 Mar 2026 23:51:42 GMT + Expires: + - Mon, 16 Mar 2026 00:51:42 GMT + Last-Modified: + - Sun, 15 Mar 2026 23:51:42 GMT + Referrer-Policy: + - same-origin + Server: + - nginx + Strict-Transport-Security: + - max-age=15768001 + Vary: + - Accept-Encoding + - Accept-Encoding + X-Content-Type-Options: + - nosniff + X-Frame-Options: + - DENY + status: 200 OK + code: 200 + duration: 440.799062ms diff --git a/vulnfeeds/git/testdata/TestValidateAndCanonicalizeLink_A_link_that_404_s.yaml b/vulnfeeds/git/testdata/TestValidateAndCanonicalizeLink_A_link_that_404_s.yaml new file mode 100644 index 00000000000..9fe78ef7f9b --- /dev/null +++ b/vulnfeeds/git/testdata/TestValidateAndCanonicalizeLink_A_link_that_404_s.yaml @@ -0,0 +1,55 @@ +--- +version: 2 +interactions: + - id: 0 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + host: github.com + headers: + Accept: + - text/html + url: https://github.com/WebKit/webkit/commit/6f9b511a115311b13c06eb58038ddc2c78da5531 + method: HEAD + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + content_length: -1 + body: "" + headers: + Cache-Control: + - no-cache + Content-Security-Policy: + - 'default-src ''none''; base-uri ''self''; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src ''self'' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com github.githubassets.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net productionresultssa1.blob.core.windows.net productionresultssa2.blob.core.windows.net productionresultssa3.blob.core.windows.net productionresultssa4.blob.core.windows.net productionresultssa5.blob.core.windows.net productionresultssa6.blob.core.windows.net productionresultssa7.blob.core.windows.net productionresultssa8.blob.core.windows.net productionresultssa9.blob.core.windows.net productionresultssa10.blob.core.windows.net productionresultssa11.blob.core.windows.net productionresultssa12.blob.core.windows.net productionresultssa13.blob.core.windows.net productionresultssa14.blob.core.windows.net productionresultssa15.blob.core.windows.net productionresultssa16.blob.core.windows.net productionresultssa17.blob.core.windows.net productionresultssa18.blob.core.windows.net productionresultssa19.blob.core.windows.net github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com wss://alive-staging.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action ''self'' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors ''none''; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src ''self'' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com release-assets.githubusercontent.com secured-user-images.githubusercontent.com user-images.githubusercontent.com private-user-images.githubusercontent.com opengraph.githubassets.com marketplace-screenshots.githubusercontent.com copilotprodattachments.blob.core.windows.net/github-production-copilot-attachments/ github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src ''self''; media-src github.com user-images.githubusercontent.com secured-user-images.githubusercontent.com private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com github.githubassets.com; script-src github.githubassets.com; style-src ''unsafe-inline'' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/' + Content-Type: + - text/html; charset=utf-8 + Date: + - Sun, 15 Mar 2026 23:51:41 GMT + Referrer-Policy: + - no-referrer-when-downgrade + Server: + - github.com + Set-Cookie: + - _gh_sess=HMrlxmc%2Fb%2F1TmmGqTQzWSF6K3PP8zqktQBXZryX8Z5fUFdRTXVvE0HAr9K61HFAs0Avvqp3zzT011ncglKH2fELTFRYSKjKgzuPDtZU3PO3%2BzsvD2LxKCnX%2FvrVOaIs1lbxGUbnSmf5rSabJCI6vkY2Qz01W3M9EzcbcgAyh9XW1BSofuifKKvu1CWtMu34WcwVPY6s%2FFELIVc13re%2F1PNMOoVOW%2BrxCBXFRca7ALd%2F8Wjm7iWcqa%2BMzkwuokGG8CTK0yGyAhaLpWdzXCsNfGw%3D%3D--9mQ7%2FWdBKkFw5Tv0--zgdIuyAjFrh6sdywVP7OZg%3D%3D; path=/; HttpOnly; secure; SameSite=Lax + - _octo=GH1.1.1494558448.1773618700; expires=Mon, 15 Mar 2027 23:51:40 GMT; domain=.github.com; path=/; secure; SameSite=Lax + - logged_in=no; expires=Mon, 15 Mar 2027 23:51:40 GMT; domain=.github.com; path=/; HttpOnly; secure; SameSite=Lax + Strict-Transport-Security: + - max-age=31536000; includeSubdomains; preload + Vary: + - X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, X-Requested-With, Sec-Fetch-Site,Accept-Encoding, Accept, X-Requested-With + X-Content-Type-Options: + - nosniff + X-Frame-Options: + - deny + X-Github-Request-Id: + - B0DB:1A1B7B:2753EB:306577:69B7460C + X-Repository-Download: + - git clone https://github.com/WebKit/WebKit.git + X-Xss-Protection: + - "0" + status: 404 Not Found + code: 404 + duration: 814.426424ms diff --git a/vulnfeeds/git/versions.go b/vulnfeeds/git/versions.go index 2600785fc28..70b6326dd18 100644 --- a/vulnfeeds/git/versions.go +++ b/vulnfeeds/git/versions.go @@ -240,5 +240,6 @@ func FindCanonicalLink(link string, httpClient *http.Client, cache *RepoTagsCach return "", err } cache.SetCanonicalLink(link, canonicalLink) + return canonicalLink, nil -} \ No newline at end of file +} diff --git a/vulnfeeds/git/versions_test.go b/vulnfeeds/git/versions_test.go index d23de7adcc9..ff571691890 100644 --- a/vulnfeeds/git/versions_test.go +++ b/vulnfeeds/git/versions_test.go @@ -377,4 +377,19 @@ func TestValidateAndCanonicalizeLink(t *testing.T) { } }) } -} \ No newline at end of file +} + +func TestValidateAndCanonicalizeLink_429(t *testing.T) { + requests := 0 + ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) { + requests++ + w.WriteHeader(http.StatusTooManyRequests) + })) + defer ts.Close() + + client := ts.Client() + _, err := ValidateAndCanonicalizeLink(ts.URL, client) + if err == nil { + t.Errorf("ValidateAndCanonicalizeLink() expected error, got nil") + } +} diff --git a/vulnfeeds/models/types.go b/vulnfeeds/models/types.go index 27bb36055ff..c2cdd6e03c4 100644 --- a/vulnfeeds/models/types.go +++ b/vulnfeeds/models/types.go @@ -32,7 +32,7 @@ func SetCommitByType(ac *AffectedCommit, commitType CommitType, commitHash strin } type RangeWithMetadata struct { - Range *osvschema.Range + Range *osvschema.Range Metadata Metadata } @@ -40,7 +40,6 @@ type Metadata struct { CPE string } - func (ac *AffectedCommit) SetRepo(repo string) { // GitHub.com repos are demonstrably case-insensitive, and frequently // expressed in URLs with varying cases, so normalize them to lowercase. diff --git a/vulnfeeds/utility/utility.go b/vulnfeeds/utility/utility.go index 8e0db1c8e5d..5552b402477 100644 --- a/vulnfeeds/utility/utility.go +++ b/vulnfeeds/utility/utility.go @@ -79,6 +79,7 @@ func newStructpbValue(v any) (*structpb.Value, error) { if err != nil { return nil, fmt.Errorf("failed to convert proto message: %w", err) } + return structpb.NewValue(val) } @@ -101,8 +102,10 @@ func newStructpbValue(v any) (*structpb.Value, error) { if err != nil { return nil, err } + return structpb.NewStructValue(structpbMap), nil } + return structpb.NewValue(v) default: return structpb.NewValue(v) @@ -114,7 +117,7 @@ func newStructpbValue(v any) (*structpb.Value, error) { // It iterates through the list, converting any proto.Message elements into // any type via JSON marshalling, while other elements are included as-is. func structpbValueFromList(list []any) (*structpb.Value, error) { - var values []*structpb.Value + values := make([]*structpb.Value, 0, len(list)) for i, v := range list { val, err := newStructpbValue(v) if err != nil { From be4008fd69cc6c13008f99a1e460c41ab21f1cc9 Mon Sep 17 00:00:00 2001 From: Jess Lowe Date: Mon, 16 Mar 2026 00:40:48 +0000 Subject: [PATCH 04/26] add database specific --- vulnfeeds/conversion/nvd/converter.go | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/vulnfeeds/conversion/nvd/converter.go b/vulnfeeds/conversion/nvd/converter.go index ac7651b18a0..f9afc3f5e61 100644 --- a/vulnfeeds/conversion/nvd/converter.go +++ b/vulnfeeds/conversion/nvd/converter.go @@ -14,6 +14,7 @@ import ( c "github.com/google/osv/vulnfeeds/conversion" "github.com/google/osv/vulnfeeds/git" "github.com/google/osv/vulnfeeds/models" + "github.com/google/osv/vulnfeeds/utility" "github.com/google/osv/vulnfeeds/utility/logger" "github.com/google/osv/vulnfeeds/vulns" "github.com/ossf/osv-schema/bindings/go/osvschema" @@ -44,6 +45,12 @@ func CVEToOSV(cve models.NVDCVE, repos []string, cache *git.RepoTagsCache, direc // Create basic OSV record v := vulns.FromNVDCVE(cve.ID, cve) + databaseSpecific, err := utility.NewStructpbFromMap(make(map[string]any)) + if err != nil { + metrics.AddNote("Failed to convert database specific: %v", err) + } else { + v.DatabaseSpecific = databaseSpecific + } // At the bare minimum, we want to attempt to extract the raw version information // from CPEs, whether or not they can resolve to commits. From 380f9f6d49a542f159744d3cc7740f3214e60785 Mon Sep 17 00:00:00 2001 From: Jess Lowe Date: Mon, 16 Mar 2026 02:33:29 +0000 Subject: [PATCH 05/26] Move MergeRangesAndCreateAffected to common --- vulnfeeds/conversion/grouping.go | 117 +++++++++++++++++++++++++ vulnfeeds/conversion/nvd/converter.go | 120 +------------------------- 2 files changed, 118 insertions(+), 119 deletions(-) diff --git a/vulnfeeds/conversion/grouping.go b/vulnfeeds/conversion/grouping.go index d3983aa5f88..fc20eae3d66 100644 --- a/vulnfeeds/conversion/grouping.go +++ b/vulnfeeds/conversion/grouping.go @@ -5,6 +5,7 @@ import ( "log/slog" "slices" + "github.com/google/osv/vulnfeeds/models" "github.com/google/osv/vulnfeeds/utility/logger" "github.com/ossf/osv-schema/bindings/go/osvschema" "google.golang.org/protobuf/encoding/protojson" @@ -249,3 +250,119 @@ func cleanEvents(events []*osvschema.Event) []*osvschema.Event { return finalEvents } + +// MergeRangesAndCreateAffected combines resolved and unresolved ranges with commits to create an OSV Affected object. +// It merges ranges for the same repository and adds commit events to the appropriate ranges at the end. +// +// Arguments: +// - resolvedRanges: A slice of resolved OSV ranges to be merged. +// - commits: A slice of affected commits to be converted into events and added to ranges. +// - successfulRepos: A slice of repository URLs that were successfully processed. +// - metrics: A pointer to ConversionMetrics to track the outcome and notes. +func MergeRangesAndCreateAffected(resolvedRanges []*osvschema.Range, commits []models.AffectedCommit, successfulRepos []string, metrics *models.ConversionMetrics) *osvschema.Affected { + var newResolvedRanges []*osvschema.Range + // Combine the ranges appropriately + if len(resolvedRanges) > 0 { + slices.Sort(successfulRepos) + successfulRepos = slices.Compact(successfulRepos) + for _, repo := range successfulRepos { + var mergedRange *osvschema.Range + for _, vr := range resolvedRanges { + if vr.GetRepo() == repo { + if mergedRange == nil { + mergedRange = vr + } else { + var err error + mergedRange, err = MergeTwoRanges(mergedRange, vr) + if err != nil { + metrics.AddNote("Failed to merge ranges: %v", err) + } + } + } + } + if len(commits) > 0 { + for _, commit := range commits { + if commit.Repo == repo { + if mergedRange == nil { + mergedRange = BuildVersionRange(commit.Introduced, commit.LastAffected, commit.Fixed) + mergedRange.Repo = repo + } else { + event := convertCommitToEvent(commit) + if event != nil { + addEventToRange(mergedRange, event) + } + } + } + } + } + if mergedRange != nil { + newResolvedRanges = append(newResolvedRanges, mergedRange) + } + } + } + + // if there are no resolved version but there are commits, we should create a range for each commit + if len(resolvedRanges) == 0 && len(commits) > 0 { + for _, commit := range commits { + newResolvedRanges = append(newResolvedRanges, BuildVersionRange(commit.Introduced, commit.LastAffected, commit.Fixed)) + metrics.ResolvedRangesCount++ + } + } + + newAffected := &osvschema.Affected{ + Ranges: newResolvedRanges, + } + + return newAffected +} + +// addEventToRange adds an event to a version range, avoiding duplicates. +// Introduced events are prepended to the events list, while others are appended. +// +// Arguments: +// - versionRange: The OSV range to which the event will be added. +// - event: The OSV event (Introduced, Fixed, or LastAffected) to add. +func addEventToRange(versionRange *osvschema.Range, event *osvschema.Event) { + // Handle duplicate events being added + for _, e := range versionRange.GetEvents() { + if e.GetIntroduced() != "" && e.GetIntroduced() == event.GetIntroduced() { + return + } + if e.GetFixed() != "" && e.GetFixed() == event.GetFixed() { + return + } + if e.GetLastAffected() != "" && e.GetLastAffected() == event.GetLastAffected() { + return + } + } + //TODO: maybe handle if the fixed event appears as an introduced event or similar. + + if event.GetIntroduced() != "" { + versionRange.Events = append([]*osvschema.Event{{ + Introduced: event.GetIntroduced()}}, versionRange.GetEvents()...) + } else { + versionRange.Events = append(versionRange.Events, event) + } +} + +// convertCommitToEvent creates an OSV Event from an AffectedCommit. +// It returns an event with the Introduced, Fixed, or LastAffected value from the commit. +func convertCommitToEvent(commit models.AffectedCommit) *osvschema.Event { + if commit.Introduced != "" { + return &osvschema.Event{ + Introduced: commit.Introduced, + } + } + if commit.Fixed != "" { + return &osvschema.Event{ + Fixed: commit.Fixed, + } + } + if commit.LastAffected != "" { + return &osvschema.Event{ + LastAffected: commit.LastAffected, + } + } + + return nil +} \ No newline at end of file diff --git a/vulnfeeds/conversion/nvd/converter.go b/vulnfeeds/conversion/nvd/converter.go index f9afc3f5e61..2791202b681 100644 --- a/vulnfeeds/conversion/nvd/converter.go +++ b/vulnfeeds/conversion/nvd/converter.go @@ -134,7 +134,7 @@ func CVEToOSV(cve models.NVDCVE, repos []string, cache *git.RepoTagsCache, direc // Use the successful repos for more efficient merging. keys := slices.Collect(maps.Keys(successfulRepos)) groupedRanges := c.GroupRanges(resolvedRanges) - affected := MergeRangesAndCreateAffected(groupedRanges, commits, keys, metrics) + affected := c.MergeRangesAndCreateAffected(groupedRanges, commits, keys, metrics) v.Affected = append(v.Affected, affected) unresolvedDatabaseSpecificField := c.CreateUnresolvedDatabaseSpecificField(unresolvedRanges, metrics) @@ -332,125 +332,7 @@ func FindRepos(cve models.NVDCVE, vpRepoCache *c.VPRepoCache, repoTagsCache *git return reposForCVE } -// MergeRangesAndCreateAffected combines resolved and unresolved ranges with commits to create an OSV Affected object. -// It merges ranges for the same repository and adds commit events to the appropriate ranges at the end. -// -// Arguments: -// - resolvedRanges: A slice of resolved OSV ranges to be merged. -// - commits: A slice of affected commits to be converted into events and added to ranges. -// - successfulRepos: A slice of repository URLs that were successfully processed. -// - metrics: A pointer to ConversionMetrics to track the outcome and notes. -func MergeRangesAndCreateAffected(resolvedRanges []*osvschema.Range, commits []models.AffectedCommit, successfulRepos []string, metrics *models.ConversionMetrics) *osvschema.Affected { - var newResolvedRanges []*osvschema.Range - // Combine the ranges appropriately - if len(resolvedRanges) > 0 { - slices.Sort(successfulRepos) - successfulRepos = slices.Compact(successfulRepos) - for _, repo := range successfulRepos { - var mergedRange *osvschema.Range - for _, vr := range resolvedRanges { - if vr.GetRepo() == repo { - if mergedRange == nil { - mergedRange = vr - } else { - var err error - mergedRange, err = c.MergeTwoRanges(mergedRange, vr) - if err != nil { - metrics.AddNote("Failed to merge ranges: %v", err) - } - } - } - } - if len(commits) > 0 { - for _, commit := range commits { - if commit.Repo == repo { - if mergedRange == nil { - mergedRange = c.BuildVersionRange(commit.Introduced, commit.LastAffected, commit.Fixed) - mergedRange.Repo = repo - mergedRange.Type = osvschema.Range_GIT - } else { - event := convertCommitToEvent(commit) - if event != nil { - addEventToRange(mergedRange, event) - } - } - } - } - } - if mergedRange != nil { - newResolvedRanges = append(newResolvedRanges, mergedRange) - } - } - } - - // if there are no resolved version but there are commits, we should create a range for each commit - if len(resolvedRanges) == 0 && len(commits) > 0 { - for _, commit := range commits { - newRange := c.BuildVersionRange(commit.Introduced, commit.LastAffected, commit.Fixed) - newRange.Repo = commit.Repo - newRange.Type = osvschema.Range_GIT - newResolvedRanges = append(newResolvedRanges, newRange) - metrics.ResolvedRangesCount++ - } - } - - newAffected := &osvschema.Affected{ - Ranges: newResolvedRanges, - } - - return newAffected -} - -// addEventToRange adds an event to a version range, avoiding duplicates. -// Introduced events are prepended to the events list, while others are appended. -// -// Arguments: -// - versionRange: The OSV range to which the event will be added. -// - event: The OSV event (Introduced, Fixed, or LastAffected) to add. -func addEventToRange(versionRange *osvschema.Range, event *osvschema.Event) { - // Handle duplicate events being added - for _, e := range versionRange.GetEvents() { - if e.GetIntroduced() != "" && e.GetIntroduced() == event.GetIntroduced() { - return - } - if e.GetFixed() != "" && e.GetFixed() == event.GetFixed() { - return - } - if e.GetLastAffected() != "" && e.GetLastAffected() == event.GetLastAffected() { - return - } - } - //TODO: maybe handle if the fixed event appears as an introduced event or similar. - - if event.GetIntroduced() != "" { - versionRange.Events = append([]*osvschema.Event{{ - Introduced: event.GetIntroduced()}}, versionRange.GetEvents()...) - } else { - versionRange.Events = append(versionRange.Events, event) - } -} -// convertCommitToEvent creates an OSV Event from an AffectedCommit. -// It returns an event with the Introduced, Fixed, or LastAffected value from the commit. -func convertCommitToEvent(commit models.AffectedCommit) *osvschema.Event { - if commit.Introduced != "" { - return &osvschema.Event{ - Introduced: commit.Introduced, - } - } - if commit.Fixed != "" { - return &osvschema.Event{ - Fixed: commit.Fixed, - } - } - if commit.LastAffected != "" { - return &osvschema.Event{ - LastAffected: commit.LastAffected, - } - } - - return nil -} // outputFiles writes the OSV vulnerability record and conversion metrics to files in the specified directory. // It creates the necessary subdirectories based on the vendor and product names and handles whether or not From dbe777bd7d7111c588620981f60cb9cf2005ace9 Mon Sep 17 00:00:00 2001 From: Jess Lowe Date: Mon, 16 Mar 2026 02:34:04 +0000 Subject: [PATCH 06/26] handle when introduced the same as lessthan or equal meaning its not a range --- vulnfeeds/conversion/cve5/strategies.go | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/vulnfeeds/conversion/cve5/strategies.go b/vulnfeeds/conversion/cve5/strategies.go index 0bf4e576634..7775c0461e5 100644 --- a/vulnfeeds/conversion/cve5/strategies.go +++ b/vulnfeeds/conversion/cve5/strategies.go @@ -41,13 +41,18 @@ func initialNormalExtraction(vers models.Versions, metrics *models.ConversionMet vLTOEQual := vulns.CheckQuality(vers.LessThanOrEqual) hasRange := vLessThanQual.AtLeast(acceptableQuality) || vLTOEQual.AtLeast(acceptableQuality) - metrics.AddNote("Range detected: %v", hasRange) + // Handle cases where 'lessThan' is mistakenly the same as 'version'. if vers.LessThan != "" && vers.LessThan == vers.Version { metrics.AddNote("Warning: lessThan (%s) is the same as introduced (%s)\n", vers.LessThan, vers.Version) hasRange = false } + if vers.LessThanOrEqual != "" && vers.LessThanOrEqual == vers.Version { + metrics.AddNote("Warning: lessThanOrEqual (%s) is the same as introduced (%s)\n", vers.LessThanOrEqual, vers.Version) + hasRange = false + } + metrics.AddNote("Range detected: %v", hasRange) if hasRange { if vQuality.AtLeast(acceptableQuality) { introduced = vers.Version From f2d5477df2fa7d91a585184c2db31b857a83888c Mon Sep 17 00:00:00 2001 From: Jess Lowe Date: Mon, 16 Mar 2026 02:34:23 +0000 Subject: [PATCH 07/26] handle unresolved signatures --- .../conversion/cve5/default_extractor.go | 37 ++++++++++++++----- 1 file changed, 27 insertions(+), 10 deletions(-) diff --git a/vulnfeeds/conversion/cve5/default_extractor.go b/vulnfeeds/conversion/cve5/default_extractor.go index d5d5cf0bd8d..4851bae97aa 100644 --- a/vulnfeeds/conversion/cve5/default_extractor.go +++ b/vulnfeeds/conversion/cve5/default_extractor.go @@ -34,7 +34,8 @@ func (d *DefaultVersionExtractor) ExtractVersions(cve models.CVE5, v *vulns.Vuln repoTagsCache := &git.RepoTagsCache{} ranges := d.handleAffected(cve.Containers.CNA.Affected, metrics) - + successfulRepos := make(map[string]bool) + var resolvedRanges []*osvschema.Range var unresolvedRanges []models.RangeWithMetadata if len(ranges) != 0 { var nr []models.RangeWithMetadata @@ -43,14 +44,18 @@ func (d *DefaultVersionExtractor) ExtractVersions(cve models.CVE5, v *vulns.Vuln Range: r, }) } - r, uR, _ := c.GitVersionsToCommits(nr, repos, metrics, repoTagsCache) + r, un, sR := conversion.ProcessRanges(nr, repos, metrics, repoTagsCache, models.VersionSourceAffected) + resolvedRanges = append(resolvedRanges, r...) + unresolvedRanges = append(unresolvedRanges, un...) + for _, s := range sR { + successfulRepos[s] = true + } if len(r) == 0 { metrics.AddNote("Failed to convert git versions to commits") } else { gotVersions = true + metrics.SetOutcome(models.Successful) } - addRangesToAffected(r, v, metrics) - unresolvedRanges = append(unresolvedRanges, uR...) } if !gotVersions { @@ -64,14 +69,17 @@ func (d *DefaultVersionExtractor) ExtractVersions(cve models.CVE5, v *vulns.Vuln Range: r, }) } - r, uR, _ := c.GitVersionsToCommits(nr, repos, metrics, repoTagsCache) + r, un, sR := conversion.ProcessRanges(nr, repos, metrics, repoTagsCache, models.VersionSourceAffected) + resolvedRanges = append(resolvedRanges, r...) + unresolvedRanges = append(unresolvedRanges, un...) + for _, s := range sR { + successfulRepos[s] = true + } if len(r) == 0 { metrics.AddNote("Failed to convert git versions to commits") } else { gotVersions = true } - addRangesToAffected(r, v, metrics) - unresolvedRanges = append(unresolvedRanges, uR...) } } @@ -82,15 +90,24 @@ func (d *DefaultVersionExtractor) ExtractVersions(cve models.CVE5, v *vulns.Vuln metrics.AddNote("Extracted versions from description: %v", textRanges) } if len(textRanges) != 0 { - r, uR, _ := c.GitVersionsToCommits(textRanges, repos, metrics, repoTagsCache) + r, un, sR := c.ProcessRanges(textRanges, repos, metrics, repoTagsCache, models.VersionSourceAffected) + resolvedRanges = append(resolvedRanges, r...) + unresolvedRanges = append(unresolvedRanges, un...) + for _, s := range sR { + successfulRepos[s] = true + } if len(r) == 0 { metrics.AddNote("Failed to convert git versions to commits") } - - unresolvedRanges = append(unresolvedRanges, uR...) } } + keys := slices.Collect(maps.Keys(successfulRepos)) + groupedRanges := c.GroupRanges(resolvedRanges) + affected := c.MergeRangesAndCreateAffected(groupedRanges, nil, keys, metrics) + v.Affected = append(v.Affected, affected) + + if len(unresolvedRanges) > 0 { unresolvedDatabaseSpecificField := conversion.CreateUnresolvedDatabaseSpecificField(unresolvedRanges, metrics) if err := conversion.AddFieldToDatabaseSpecific(v.DatabaseSpecific, "unresolved_ranges", unresolvedDatabaseSpecificField); err != nil { From 2d34d0dd03117235c3183f072ef2234691a54383 Mon Sep 17 00:00:00 2001 From: Jess Lowe Date: Mon, 16 Mar 2026 22:44:00 +0000 Subject: [PATCH 08/26] fix nested unresolved ranges and duplicate unresolved ranges. --- vulnfeeds/conversion/common.go | 13 +++++++------ .../cve5/__snapshots__/converter_test.snap | 3 +++ vulnfeeds/conversion/cve5/default_extractor.go | 4 ++-- vulnfeeds/conversion/nvd/converter.go | 15 ++++++++------- 4 files changed, 20 insertions(+), 15 deletions(-) diff --git a/vulnfeeds/conversion/common.go b/vulnfeeds/conversion/common.go index feb54dbcc8f..8328e2cdaa4 100644 --- a/vulnfeeds/conversion/common.go +++ b/vulnfeeds/conversion/common.go @@ -464,7 +464,7 @@ func deduplicateList(list []any) []any { return unique } -func CreateUnresolvedDatabaseSpecificField(unresolvedRanges []models.RangeWithMetadata, metrics *models.ConversionMetrics) *structpb.Struct { +func CreateUnresolvedRanges(unresolvedRanges []models.RangeWithMetadata) *structpb.ListValue { if len(unresolvedRanges) > 0 { var unresolvedRangesMap []map[string]any for _, ur := range unresolvedRanges { @@ -478,14 +478,15 @@ func CreateUnresolvedDatabaseSpecificField(unresolvedRanges []models.RangeWithMe } unresolvedRangesMap = append(unresolvedRangesMap, urMap) } - databaseSpecific, err := utility.NewStructpbFromMap(map[string]any{ - "unresolved_ranges": unresolvedRangesMap, + + ds, err := utility.NewStructpbFromMap(map[string]any{ + "list": unresolvedRangesMap, }) if err != nil { - metrics.AddNote("failed to make database specific: %v", err) + logger.Warn("failed to convert unresolved ranges to structpb", "err", err) + return nil } - - return databaseSpecific + return ds.Fields["list"].GetListValue() } return nil diff --git a/vulnfeeds/conversion/cve5/__snapshots__/converter_test.snap b/vulnfeeds/conversion/cve5/__snapshots__/converter_test.snap index 079da532b0f..bd357f7441f 100755 --- a/vulnfeeds/conversion/cve5/__snapshots__/converter_test.snap +++ b/vulnfeeds/conversion/cve5/__snapshots__/converter_test.snap @@ -1,6 +1,9 @@ [TestConvertAndExportCVEToOSV/disputed_record - 1] { + "affected": [ + {} + ], "database_specific": { "cna_assigner": "unknown", "isDisputed": true, diff --git a/vulnfeeds/conversion/cve5/default_extractor.go b/vulnfeeds/conversion/cve5/default_extractor.go index 4851bae97aa..117ac2c4e3e 100644 --- a/vulnfeeds/conversion/cve5/default_extractor.go +++ b/vulnfeeds/conversion/cve5/default_extractor.go @@ -109,8 +109,8 @@ func (d *DefaultVersionExtractor) ExtractVersions(cve models.CVE5, v *vulns.Vuln if len(unresolvedRanges) > 0 { - unresolvedDatabaseSpecificField := conversion.CreateUnresolvedDatabaseSpecificField(unresolvedRanges, metrics) - if err := conversion.AddFieldToDatabaseSpecific(v.DatabaseSpecific, "unresolved_ranges", unresolvedDatabaseSpecificField); err != nil { + unresolvedRangesList := conversion.CreateUnresolvedRanges(unresolvedRanges) + if err := conversion.AddFieldToDatabaseSpecific(v.DatabaseSpecific, "unresolved_ranges", unresolvedRangesList); err != nil { logger.Warn("failed to make database specific: %v", err) } } diff --git a/vulnfeeds/conversion/nvd/converter.go b/vulnfeeds/conversion/nvd/converter.go index 2791202b681..e795bb444f7 100644 --- a/vulnfeeds/conversion/nvd/converter.go +++ b/vulnfeeds/conversion/nvd/converter.go @@ -73,9 +73,11 @@ func CVEToOSV(cve models.NVDCVE, repos []string, cache *git.RepoTagsCache, direc metrics.SetOutcome(models.NoRepos) metrics.UnresolvedRangesCount += len(cpeRanges) - unresolvedDatabaseSpecificField := c.CreateUnresolvedDatabaseSpecificField(unresolvedRanges, metrics) - if unresolvedDatabaseSpecificField != nil { - v.DatabaseSpecific = unresolvedDatabaseSpecificField + unresolvedRangesList := conversion.CreateUnresolvedRanges(unresolvedRanges) + if unresolvedRangesList != nil { + if err := conversion.AddFieldToDatabaseSpecific(v.DatabaseSpecific, "unresolved_ranges", unresolvedRangesList); err != nil { + logger.Warn("failed to add unresolved ranges to database specific: %v", err) + } } // Exit early @@ -137,10 +139,9 @@ func CVEToOSV(cve models.NVDCVE, repos []string, cache *git.RepoTagsCache, direc affected := c.MergeRangesAndCreateAffected(groupedRanges, commits, keys, metrics) v.Affected = append(v.Affected, affected) - unresolvedDatabaseSpecificField := c.CreateUnresolvedDatabaseSpecificField(unresolvedRanges, metrics) - // TODO: this should be if v.DatabaseSpecific != nil, initialise, otherwise add it. - if unresolvedDatabaseSpecificField != nil { - if err := c.AddFieldToDatabaseSpecific(v.DatabaseSpecific, "unresolved_ranges", unresolvedDatabaseSpecificField); err != nil { + unresolvedRangesList := c.CreateUnresolvedRanges(unresolvedRanges) + if unresolvedRangesList != nil { + if err := conversion.AddFieldToDatabaseSpecific(v.DatabaseSpecific, "unresolved_ranges", unresolvedRangesList); err != nil { logger.Warn("failed to add unresolved ranges to database specific: %v", err) } } From f2e66a7280374d7bf8ce86be2e64b7e73f58a670 Mon Sep 17 00:00:00 2001 From: Jess Lowe Date: Sun, 22 Mar 2026 23:20:36 +0000 Subject: [PATCH 09/26] fix linter errors --- vulnfeeds/conversion/nvd/converter.go | 6 +++--- vulnfeeds/conversion/versions.go | 4 ++-- vulnfeeds/conversion/versions_test.go | 1 - vulnfeeds/git/versions_test.go | 2 ++ 4 files changed, 7 insertions(+), 6 deletions(-) diff --git a/vulnfeeds/conversion/nvd/converter.go b/vulnfeeds/conversion/nvd/converter.go index e795bb444f7..09a525d1c5e 100644 --- a/vulnfeeds/conversion/nvd/converter.go +++ b/vulnfeeds/conversion/nvd/converter.go @@ -73,9 +73,9 @@ func CVEToOSV(cve models.NVDCVE, repos []string, cache *git.RepoTagsCache, direc metrics.SetOutcome(models.NoRepos) metrics.UnresolvedRangesCount += len(cpeRanges) - unresolvedRangesList := conversion.CreateUnresolvedRanges(unresolvedRanges) + unresolvedRangesList := c.CreateUnresolvedRanges(cpeRanges) if unresolvedRangesList != nil { - if err := conversion.AddFieldToDatabaseSpecific(v.DatabaseSpecific, "unresolved_ranges", unresolvedRangesList); err != nil { + if err := c.AddFieldToDatabaseSpecific(v.DatabaseSpecific, "unresolved_ranges", unresolvedRangesList); err != nil { logger.Warn("failed to add unresolved ranges to database specific: %v", err) } } @@ -141,7 +141,7 @@ func CVEToOSV(cve models.NVDCVE, repos []string, cache *git.RepoTagsCache, direc unresolvedRangesList := c.CreateUnresolvedRanges(unresolvedRanges) if unresolvedRangesList != nil { - if err := conversion.AddFieldToDatabaseSpecific(v.DatabaseSpecific, "unresolved_ranges", unresolvedRangesList); err != nil { + if err := c.AddFieldToDatabaseSpecific(v.DatabaseSpecific, "unresolved_ranges", unresolvedRangesList); err != nil { logger.Warn("failed to add unresolved ranges to database specific: %v", err) } } diff --git a/vulnfeeds/conversion/versions.go b/vulnfeeds/conversion/versions.go index bccb8c83a1d..3312848243c 100644 --- a/vulnfeeds/conversion/versions.go +++ b/vulnfeeds/conversion/versions.go @@ -659,7 +659,7 @@ func ExtractVersionsFromText(validVersions []string, text string, metrics *model lastaffected = "" } - vr := c.BuildVersionRange(introduced, lastaffected, fixed) + vr := BuildVersionRange(introduced, lastaffected, fixed) versions = append(versions, models.RangeWithMetadata{Range: vr}) } @@ -765,7 +765,7 @@ func ExtractVersionsFromCPEs(cve models.NVDCVE, validVersions []string, metrics if fixed != "" && !HasVersion(validVersions, fixed) { metrics.AddNote("Warning: %s is not a valid fixed version", fixed) } - vr := c.BuildVersionRange(introduced, lastaffected, fixed) + vr := BuildVersionRange(introduced, lastaffected, fixed) versions = append(versions, models.RangeWithMetadata{Range: vr, Metadata: models.Metadata{CPE: match.Criteria}}) } } diff --git a/vulnfeeds/conversion/versions_test.go b/vulnfeeds/conversion/versions_test.go index 43fce103d21..7be1453011d 100644 --- a/vulnfeeds/conversion/versions_test.go +++ b/vulnfeeds/conversion/versions_test.go @@ -5,7 +5,6 @@ import ( "fmt" "log" "net/http" - "net/http/httptest" "os" "reflect" "slices" diff --git a/vulnfeeds/git/versions_test.go b/vulnfeeds/git/versions_test.go index ff571691890..ad19990d042 100644 --- a/vulnfeeds/git/versions_test.go +++ b/vulnfeeds/git/versions_test.go @@ -1,6 +1,8 @@ package git import ( + "net/http" + "net/http/httptest" "os" "reflect" "testing" From dc3ec8b5915f574842ea6997b527fdbe9c338596 Mon Sep 17 00:00:00 2001 From: Jess Lowe Date: Sun, 22 Mar 2026 23:22:53 +0000 Subject: [PATCH 10/26] reduce duplication of logic --- vulnfeeds/conversion/common.go | 5 +- .../conversion/cve5/default_extractor.go | 71 ++++++++----------- vulnfeeds/conversion/cve5/strategies.go | 2 +- vulnfeeds/conversion/grouping.go | 2 +- vulnfeeds/conversion/nvd/converter.go | 2 - 5 files changed, 33 insertions(+), 49 deletions(-) diff --git a/vulnfeeds/conversion/common.go b/vulnfeeds/conversion/common.go index 8328e2cdaa4..9651fb0aca4 100644 --- a/vulnfeeds/conversion/common.go +++ b/vulnfeeds/conversion/common.go @@ -478,7 +478,7 @@ func CreateUnresolvedRanges(unresolvedRanges []models.RangeWithMetadata) *struct } unresolvedRangesMap = append(unresolvedRangesMap, urMap) } - + ds, err := utility.NewStructpbFromMap(map[string]any{ "list": unresolvedRangesMap, }) @@ -486,7 +486,8 @@ func CreateUnresolvedRanges(unresolvedRanges []models.RangeWithMetadata) *struct logger.Warn("failed to convert unresolved ranges to structpb", "err", err) return nil } - return ds.Fields["list"].GetListValue() + + return ds.GetFields()["list"].GetListValue() } return nil diff --git a/vulnfeeds/conversion/cve5/default_extractor.go b/vulnfeeds/conversion/cve5/default_extractor.go index 117ac2c4e3e..f8645e45b53 100644 --- a/vulnfeeds/conversion/cve5/default_extractor.go +++ b/vulnfeeds/conversion/cve5/default_extractor.go @@ -1,6 +1,10 @@ package cve5 import ( + "maps" + "slices" + + "github.com/google/osv/vulnfeeds/conversion" c "github.com/google/osv/vulnfeeds/conversion" "github.com/google/osv/vulnfeeds/git" "github.com/google/osv/vulnfeeds/models" @@ -37,13 +41,8 @@ func (d *DefaultVersionExtractor) ExtractVersions(cve models.CVE5, v *vulns.Vuln successfulRepos := make(map[string]bool) var resolvedRanges []*osvschema.Range var unresolvedRanges []models.RangeWithMetadata - if len(ranges) != 0 { - var nr []models.RangeWithMetadata - for _, r := range ranges { - nr = append(nr, models.RangeWithMetadata{ - Range: r, - }) - } + + processRanges := func(nr []models.RangeWithMetadata) bool { r, un, sR := conversion.ProcessRanges(nr, repos, metrics, repoTagsCache, models.VersionSourceAffected) resolvedRanges = append(resolvedRanges, r...) unresolvedRanges = append(unresolvedRanges, un...) @@ -52,7 +51,25 @@ func (d *DefaultVersionExtractor) ExtractVersions(cve models.CVE5, v *vulns.Vuln } if len(r) == 0 { metrics.AddNote("Failed to convert git versions to commits") - } else { + return false + } + + return true + } + + toRangeWithMetadata := func(r []*osvschema.Range) []models.RangeWithMetadata { + var nr []models.RangeWithMetadata + for _, rng := range r { + nr = append(nr, models.RangeWithMetadata{ + Range: rng, + }) + } + + return nr + } + + if len(ranges) != 0 { + if processRanges(toRangeWithMetadata(ranges)) { gotVersions = true metrics.SetOutcome(models.Successful) } @@ -63,21 +80,7 @@ func (d *DefaultVersionExtractor) ExtractVersions(cve models.CVE5, v *vulns.Vuln versionRanges, _ := cpeVersionExtraction(cve, metrics) if len(versionRanges) != 0 { - var nr []models.RangeWithMetadata - for _, r := range versionRanges { - nr = append(nr, models.RangeWithMetadata{ - Range: r, - }) - } - r, un, sR := conversion.ProcessRanges(nr, repos, metrics, repoTagsCache, models.VersionSourceAffected) - resolvedRanges = append(resolvedRanges, r...) - unresolvedRanges = append(unresolvedRanges, un...) - for _, s := range sR { - successfulRepos[s] = true - } - if len(r) == 0 { - metrics.AddNote("Failed to convert git versions to commits") - } else { + if processRanges(toRangeWithMetadata(versionRanges)) { gotVersions = true } } @@ -85,20 +88,12 @@ func (d *DefaultVersionExtractor) ExtractVersions(cve models.CVE5, v *vulns.Vuln if !gotVersions { metrics.AddNote("No versions in CPEs so attempting extraction from description") - textRanges := cves.ExtractVersionsFromText(nil, models.EnglishDescription(cve.Containers.CNA.Descriptions), metrics) + textRanges := c.ExtractVersionsFromText(nil, models.EnglishDescription(cve.Containers.CNA.Descriptions), metrics) if len(textRanges) > 0 { metrics.AddNote("Extracted versions from description: %v", textRanges) } if len(textRanges) != 0 { - r, un, sR := c.ProcessRanges(textRanges, repos, metrics, repoTagsCache, models.VersionSourceAffected) - resolvedRanges = append(resolvedRanges, r...) - unresolvedRanges = append(unresolvedRanges, un...) - for _, s := range sR { - successfulRepos[s] = true - } - if len(r) == 0 { - metrics.AddNote("Failed to convert git versions to commits") - } + processRanges(textRanges) } } @@ -107,7 +102,6 @@ func (d *DefaultVersionExtractor) ExtractVersions(cve models.CVE5, v *vulns.Vuln affected := c.MergeRangesAndCreateAffected(groupedRanges, nil, keys, metrics) v.Affected = append(v.Affected, affected) - if len(unresolvedRanges) > 0 { unresolvedRangesList := conversion.CreateUnresolvedRanges(unresolvedRanges) if err := conversion.AddFieldToDatabaseSpecific(v.DatabaseSpecific, "unresolved_ranges", unresolvedRangesList); err != nil { @@ -174,12 +168,3 @@ func (d *DefaultVersionExtractor) FindNormalAffectedRanges(affected models.Affec return versionRanges, mostFrequentVersionType } - -func addRangesToAffected(resolvedRanges []*osvschema.Range, v *vulns.Vulnerability, metrics *models.ConversionMetrics) { - if len(resolvedRanges) > 0 { - aff := &osvschema.Affected{ - Ranges: resolvedRanges, - } - c.AddAffected(v, aff, metrics) - } -} diff --git a/vulnfeeds/conversion/cve5/strategies.go b/vulnfeeds/conversion/cve5/strategies.go index 7775c0461e5..3196e77e87a 100644 --- a/vulnfeeds/conversion/cve5/strategies.go +++ b/vulnfeeds/conversion/cve5/strategies.go @@ -41,7 +41,7 @@ func initialNormalExtraction(vers models.Versions, metrics *models.ConversionMet vLTOEQual := vulns.CheckQuality(vers.LessThanOrEqual) hasRange := vLessThanQual.AtLeast(acceptableQuality) || vLTOEQual.AtLeast(acceptableQuality) - + // Handle cases where 'lessThan' is mistakenly the same as 'version'. if vers.LessThan != "" && vers.LessThan == vers.Version { metrics.AddNote("Warning: lessThan (%s) is the same as introduced (%s)\n", vers.LessThan, vers.Version) diff --git a/vulnfeeds/conversion/grouping.go b/vulnfeeds/conversion/grouping.go index fc20eae3d66..8270a7c4f65 100644 --- a/vulnfeeds/conversion/grouping.go +++ b/vulnfeeds/conversion/grouping.go @@ -365,4 +365,4 @@ func convertCommitToEvent(commit models.AffectedCommit) *osvschema.Event { } return nil -} \ No newline at end of file +} diff --git a/vulnfeeds/conversion/nvd/converter.go b/vulnfeeds/conversion/nvd/converter.go index 09a525d1c5e..49cf5439a75 100644 --- a/vulnfeeds/conversion/nvd/converter.go +++ b/vulnfeeds/conversion/nvd/converter.go @@ -333,8 +333,6 @@ func FindRepos(cve models.NVDCVE, vpRepoCache *c.VPRepoCache, repoTagsCache *git return reposForCVE } - - // outputFiles writes the OSV vulnerability record and conversion metrics to files in the specified directory. // It creates the necessary subdirectories based on the vendor and product names and handles whether or not // the files should be written based on the rejectFailed and outputMetrics flags. From 030e8f9abbb2b6dfaf356db5fde290e3da1fe5af Mon Sep 17 00:00:00 2001 From: Jess Lowe Date: Sun, 22 Mar 2026 23:52:02 +0000 Subject: [PATCH 11/26] fix linting errors --- vulnfeeds/conversion/cve5/default_extractor.go | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/vulnfeeds/conversion/cve5/default_extractor.go b/vulnfeeds/conversion/cve5/default_extractor.go index f8645e45b53..7ef6bfeb92a 100644 --- a/vulnfeeds/conversion/cve5/default_extractor.go +++ b/vulnfeeds/conversion/cve5/default_extractor.go @@ -4,7 +4,6 @@ import ( "maps" "slices" - "github.com/google/osv/vulnfeeds/conversion" c "github.com/google/osv/vulnfeeds/conversion" "github.com/google/osv/vulnfeeds/git" "github.com/google/osv/vulnfeeds/models" @@ -43,7 +42,7 @@ func (d *DefaultVersionExtractor) ExtractVersions(cve models.CVE5, v *vulns.Vuln var unresolvedRanges []models.RangeWithMetadata processRanges := func(nr []models.RangeWithMetadata) bool { - r, un, sR := conversion.ProcessRanges(nr, repos, metrics, repoTagsCache, models.VersionSourceAffected) + r, un, sR := c.ProcessRanges(nr, repos, metrics, repoTagsCache, models.VersionSourceAffected) resolvedRanges = append(resolvedRanges, r...) unresolvedRanges = append(unresolvedRanges, un...) for _, s := range sR { @@ -103,8 +102,8 @@ func (d *DefaultVersionExtractor) ExtractVersions(cve models.CVE5, v *vulns.Vuln v.Affected = append(v.Affected, affected) if len(unresolvedRanges) > 0 { - unresolvedRangesList := conversion.CreateUnresolvedRanges(unresolvedRanges) - if err := conversion.AddFieldToDatabaseSpecific(v.DatabaseSpecific, "unresolved_ranges", unresolvedRangesList); err != nil { + unresolvedRangesList := c.CreateUnresolvedRanges(unresolvedRanges) + if err := c.AddFieldToDatabaseSpecific(v.DatabaseSpecific, "unresolved_ranges", unresolvedRangesList); err != nil { logger.Warn("failed to make database specific: %v", err) } } From 099130d1bae7b0c735c8ea5c3f7e71f48f5c7912 Mon Sep 17 00:00:00 2001 From: Jess Lowe Date: Mon, 23 Mar 2026 00:57:01 +0000 Subject: [PATCH 12/26] condense unresolved_ranges output --- vulnfeeds/conversion/common.go | 42 +++++++++++++++++++++++++++------- 1 file changed, 34 insertions(+), 8 deletions(-) diff --git a/vulnfeeds/conversion/common.go b/vulnfeeds/conversion/common.go index 9651fb0aca4..013df562ee5 100644 --- a/vulnfeeds/conversion/common.go +++ b/vulnfeeds/conversion/common.go @@ -466,21 +466,47 @@ func deduplicateList(list []any) []any { func CreateUnresolvedRanges(unresolvedRanges []models.RangeWithMetadata) *structpb.ListValue { if len(unresolvedRanges) > 0 { - var unresolvedRangesMap []map[string]any + cpes := []string{} + unresolvedRangesMap := make(map[string]any) + var events []*osvschema.Event + // Create a range from all those with CPEs for _, ur := range unresolvedRanges { - urMap := map[string]any{ - "range": ur.Range, - } if ur.Metadata.CPE != "" { - urMap["metadata"] = map[string]any{ - "cpe": ur.Metadata.CPE, + cpes = append(cpes, ur.Metadata.CPE) + } + urEvents := ur.Range.GetEvents() + + for _, e := range urEvents { + if e.Introduced != "0" && e.Introduced != "" { + events = append(events, e) + continue + } + if e.LastAffected != "" { + events = append(events, e) + continue + } + if e.Fixed != "" { + events = append(events, e) } } - unresolvedRangesMap = append(unresolvedRangesMap, urMap) } + if len(cpes) > 1 { + slices.Sort(cpes) + cpes = slices.Compact(cpes) + unresolvedRangesMap["metadata"] = map[string]any{ + "cpes": cpes, + } + } else if len(cpes) == 1 { + unresolvedRangesMap["metadata"] = map[string]any{ + "cpe": cpes[0], + } + } + + unresolvedRangesMap["versions"] = events + ds, err := utility.NewStructpbFromMap(map[string]any{ - "list": unresolvedRangesMap, + "list": []any{unresolvedRangesMap}, }) if err != nil { logger.Warn("failed to convert unresolved ranges to structpb", "err", err) From 3ed18548489315792f9ba66f954a826628486abb Mon Sep 17 00:00:00 2001 From: Jess Lowe Date: Mon, 23 Mar 2026 01:00:08 +0000 Subject: [PATCH 13/26] Make ToRangeWithMetadata a normal function --- vulnfeeds/conversion/common.go | 13 ++++++++++++- vulnfeeds/conversion/cve5/default_extractor.go | 18 ++++-------------- 2 files changed, 16 insertions(+), 15 deletions(-) diff --git a/vulnfeeds/conversion/common.go b/vulnfeeds/conversion/common.go index 013df562ee5..71e093d56e2 100644 --- a/vulnfeeds/conversion/common.go +++ b/vulnfeeds/conversion/common.go @@ -464,6 +464,17 @@ func deduplicateList(list []any) []any { return unique } +func ToRangeWithMetadata(r []*osvschema.Range) []models.RangeWithMetadata { + var nr []models.RangeWithMetadata + for _, rng := range r { + nr = append(nr, models.RangeWithMetadata{ + Range: rng, + }) + } + + return nr +} + func CreateUnresolvedRanges(unresolvedRanges []models.RangeWithMetadata) *structpb.ListValue { if len(unresolvedRanges) > 0 { cpes := []string{} @@ -475,7 +486,7 @@ func CreateUnresolvedRanges(unresolvedRanges []models.RangeWithMetadata) *struct cpes = append(cpes, ur.Metadata.CPE) } urEvents := ur.Range.GetEvents() - + for _, e := range urEvents { if e.Introduced != "0" && e.Introduced != "" { events = append(events, e) diff --git a/vulnfeeds/conversion/cve5/default_extractor.go b/vulnfeeds/conversion/cve5/default_extractor.go index 7ef6bfeb92a..6c234d3123d 100644 --- a/vulnfeeds/conversion/cve5/default_extractor.go +++ b/vulnfeeds/conversion/cve5/default_extractor.go @@ -56,19 +56,9 @@ func (d *DefaultVersionExtractor) ExtractVersions(cve models.CVE5, v *vulns.Vuln return true } - toRangeWithMetadata := func(r []*osvschema.Range) []models.RangeWithMetadata { - var nr []models.RangeWithMetadata - for _, rng := range r { - nr = append(nr, models.RangeWithMetadata{ - Range: rng, - }) - } - - return nr - } - + if len(ranges) != 0 { - if processRanges(toRangeWithMetadata(ranges)) { + if processRanges(c.ToRangeWithMetadata(ranges)) { gotVersions = true metrics.SetOutcome(models.Successful) } @@ -79,7 +69,7 @@ func (d *DefaultVersionExtractor) ExtractVersions(cve models.CVE5, v *vulns.Vuln versionRanges, _ := cpeVersionExtraction(cve, metrics) if len(versionRanges) != 0 { - if processRanges(toRangeWithMetadata(versionRanges)) { + if processRanges(c.ToRangeWithMetadata(versionRanges)) { gotVersions = true } } @@ -166,4 +156,4 @@ func (d *DefaultVersionExtractor) FindNormalAffectedRanges(affected models.Affec } return versionRanges, mostFrequentVersionType -} +} \ No newline at end of file From cc40dc559beb9026a1155e457a2f78a4a1c7dcc1 Mon Sep 17 00:00:00 2001 From: Jess Lowe Date: Mon, 23 Mar 2026 02:53:59 +0000 Subject: [PATCH 14/26] Add source information to metadata --- vulnfeeds/conversion/common.go | 71 +++++++++++++------ vulnfeeds/conversion/cve5/common.go | 21 +++--- .../conversion/cve5/default_extractor.go | 29 ++++---- vulnfeeds/conversion/cve5/extraction.go | 3 +- vulnfeeds/conversion/cve5/linux_extractor.go | 38 ++++++---- vulnfeeds/conversion/cve5/strategies.go | 2 +- .../cve5/version_extraction_test.go | 6 +- vulnfeeds/conversion/versions.go | 18 ++++- vulnfeeds/models/metrics.go | 1 + vulnfeeds/models/types.go | 3 +- 10 files changed, 130 insertions(+), 62 deletions(-) diff --git a/vulnfeeds/conversion/common.go b/vulnfeeds/conversion/common.go index 71e093d56e2..e2e6e9c5368 100644 --- a/vulnfeeds/conversion/common.go +++ b/vulnfeeds/conversion/common.go @@ -464,11 +464,14 @@ func deduplicateList(list []any) []any { return unique } -func ToRangeWithMetadata(r []*osvschema.Range) []models.RangeWithMetadata { - var nr []models.RangeWithMetadata +func ToRangeWithMetadata(r []*osvschema.Range, s models.VersionSource) []models.RangeWithMetadata { + nr := make([]models.RangeWithMetadata, 0, len(r)) for _, rng := range r { nr = append(nr, models.RangeWithMetadata{ Range: rng, + Metadata: models.Metadata{ + Source: s, + }, }) } @@ -476,58 +479,82 @@ func ToRangeWithMetadata(r []*osvschema.Range) []models.RangeWithMetadata { } func CreateUnresolvedRanges(unresolvedRanges []models.RangeWithMetadata) *structpb.ListValue { - if len(unresolvedRanges) > 0 { + if len(unresolvedRanges) == 0 { + return nil + } + + rangesBySource := make(map[string][]models.RangeWithMetadata) + var sources []string + for _, ur := range unresolvedRanges { + sourceStr := string(ur.Metadata.Source) + if _, ok := rangesBySource[sourceStr]; !ok { + sources = append(sources, sourceStr) + } + rangesBySource[sourceStr] = append(rangesBySource[sourceStr], ur) + } + + slices.Sort(sources) + + listElements := make([]any, 0, len(sources)) + + for _, source := range sources { + ranges := rangesBySource[source] cpes := []string{} unresolvedRangesMap := make(map[string]any) var events []*osvschema.Event + // Create a range from all those with CPEs - for _, ur := range unresolvedRanges { + for _, ur := range ranges { if ur.Metadata.CPE != "" { cpes = append(cpes, ur.Metadata.CPE) } urEvents := ur.Range.GetEvents() for _, e := range urEvents { - if e.Introduced != "0" && e.Introduced != "" { + if e.GetIntroduced() != "0" && e.GetIntroduced() != "" { events = append(events, e) continue } - if e.LastAffected != "" { + if e.GetLastAffected() != "" { events = append(events, e) continue } - if e.Fixed != "" { + if e.GetFixed() != "" { events = append(events, e) } } } + metadata := make(map[string]any) if len(cpes) > 1 { slices.Sort(cpes) cpes = slices.Compact(cpes) - unresolvedRangesMap["metadata"] = map[string]any{ - "cpes": cpes, - } + metadata["cpes"] = cpes } else if len(cpes) == 1 { - unresolvedRangesMap["metadata"] = map[string]any{ - "cpe": cpes[0], - } + metadata["cpe"] = cpes[0] } - unresolvedRangesMap["versions"] = events + if source != "" { + metadata["source"] = source + } - ds, err := utility.NewStructpbFromMap(map[string]any{ - "list": []any{unresolvedRangesMap}, - }) - if err != nil { - logger.Warn("failed to convert unresolved ranges to structpb", "err", err) - return nil + if len(metadata) > 0 { + unresolvedRangesMap["metadata"] = metadata } - return ds.GetFields()["list"].GetListValue() + unresolvedRangesMap["versions"] = events + listElements = append(listElements, unresolvedRangesMap) + } + + ds, err := utility.NewStructpbFromMap(map[string]any{ + "list": listElements, + }) + if err != nil { + logger.Warn("failed to convert unresolved ranges to structpb", "err", err) + return nil } - return nil + return ds.GetFields()["list"].GetListValue() } func AddFieldToDatabaseSpecific(ds *structpb.Struct, field string, value any) error { diff --git a/vulnfeeds/conversion/cve5/common.go b/vulnfeeds/conversion/cve5/common.go index efdd522c4cc..1d00bc12fae 100644 --- a/vulnfeeds/conversion/cve5/common.go +++ b/vulnfeeds/conversion/cve5/common.go @@ -6,7 +6,7 @@ import ( "strconv" "strings" - "github.com/google/osv/vulnfeeds/conversion" + c "github.com/google/osv/vulnfeeds/conversion" "github.com/google/osv/vulnfeeds/models" "github.com/google/osv/vulnfeeds/vulns" "github.com/ossf/osv-schema/bindings/go/osvschema" @@ -53,10 +53,10 @@ func toVersionRangeType(s string) VersionRangeType { // findCPEVersionRanges extracts version ranges and CPE strings from the CNA's // CPE applicability statements in a CVE record. -func findCPEVersionRanges(cve models.CVE5) (versionRanges []*osvschema.Range, cpes []string, err error) { +func findCPEVersionRanges(cve models.CVE5) (versionRanges []models.RangeWithMetadata, cpes []string, err error) { // TODO(jesslowe): Add logic to also extract CPEs from the 'affected' field (e.g., CVE-2025-1110). - for _, c := range cve.Containers.CNA.CPEApplicability { - for _, node := range c.Nodes { + for _, cpe := range cve.Containers.CNA.CPEApplicability { + for _, node := range cpe.Nodes { if node.Operator != "OR" { continue } @@ -70,11 +70,14 @@ func findCPEVersionRanges(cve models.CVE5) (versionRanges []*osvschema.Range, cp if match.VersionStartIncluding == "" { match.VersionStartIncluding = "0" } - + var nr []*osvschema.Range if match.VersionEndExcluding != "" { - versionRanges = append(versionRanges, conversion.BuildVersionRange(match.VersionStartIncluding, "", match.VersionEndExcluding)) + nr = append(nr, c.BuildVersionRange(match.VersionStartIncluding, "", match.VersionEndExcluding)) } else if match.VersionEndIncluding != "" { - versionRanges = append(versionRanges, conversion.BuildVersionRange(match.VersionStartIncluding, match.VersionEndIncluding, "")) + nr = append(nr, c.BuildVersionRange(match.VersionStartIncluding, match.VersionEndIncluding, "")) + } + if nr != nil { + versionRanges = append(versionRanges, c.ToRangeWithMetadata(nr, models.VersionSourceCPE)...) } } } @@ -98,8 +101,8 @@ func compareSemverLike(a, b string) int { // We ignore the error, so non-numeric parts default to 0. numA, _ := strconv.Atoi(partsA[i]) numB, _ := strconv.Atoi(partsB[i]) - if c := cmp.Compare(numA, numB); c != 0 { - return c + if v := cmp.Compare(numA, numB); v != 0 { + return v } } // If lengths are the same, they're equal. diff --git a/vulnfeeds/conversion/cve5/default_extractor.go b/vulnfeeds/conversion/cve5/default_extractor.go index 6c234d3123d..753e8127322 100644 --- a/vulnfeeds/conversion/cve5/default_extractor.go +++ b/vulnfeeds/conversion/cve5/default_extractor.go @@ -15,8 +15,8 @@ import ( // DefaultVersionExtractor provides the default version extraction logic. type DefaultVersionExtractor struct{} -func (d *DefaultVersionExtractor) handleAffected(affected []models.Affected, metrics *models.ConversionMetrics) []*osvschema.Range { - var ranges []*osvschema.Range +func (d *DefaultVersionExtractor) handleAffected(affected []models.Affected, metrics *models.ConversionMetrics) []models.RangeWithMetadata { + var ranges []models.RangeWithMetadata for _, cveAff := range affected { versionRanges, _ := d.FindNormalAffectedRanges(cveAff, metrics) @@ -56,9 +56,8 @@ func (d *DefaultVersionExtractor) ExtractVersions(cve models.CVE5, v *vulns.Vuln return true } - if len(ranges) != 0 { - if processRanges(c.ToRangeWithMetadata(ranges)) { + if processRanges(ranges) { gotVersions = true metrics.SetOutcome(models.Successful) } @@ -69,7 +68,7 @@ func (d *DefaultVersionExtractor) ExtractVersions(cve models.CVE5, v *vulns.Vuln versionRanges, _ := cpeVersionExtraction(cve, metrics) if len(versionRanges) != 0 { - if processRanges(c.ToRangeWithMetadata(versionRanges)) { + if processRanges(versionRanges) { gotVersions = true } } @@ -99,13 +98,13 @@ func (d *DefaultVersionExtractor) ExtractVersions(cve models.CVE5, v *vulns.Vuln } } -func (d *DefaultVersionExtractor) FindNormalAffectedRanges(affected models.Affected, metrics *models.ConversionMetrics) ([]*osvschema.Range, VersionRangeType) { +func (d *DefaultVersionExtractor) FindNormalAffectedRanges(affected models.Affected, metrics *models.ConversionMetrics) ([]models.RangeWithMetadata, VersionRangeType) { versionTypesCount := make(map[VersionRangeType]int) - var versionRanges []*osvschema.Range + var versionRanges []models.RangeWithMetadata for _, vers := range affected.Versions { ranges, _, shouldContinue := initialNormalExtraction(vers, metrics, versionTypesCount) if len(ranges) > 0 { - versionRanges = append(versionRanges, ranges...) + versionRanges = append(versionRanges, c.ToRangeWithMetadata(ranges, models.VersionSourceAffected)...) } if shouldContinue { @@ -121,11 +120,16 @@ func (d *DefaultVersionExtractor) FindNormalAffectedRanges(affected models.Affec if av.Introduced == "" { continue } + if av.Fixed != "" { - versionRanges = append(versionRanges, c.BuildVersionRange(av.Introduced, "", av.Fixed)) + vr := []*osvschema.Range{c.BuildVersionRange(av.Introduced, "", av.Fixed)} + versionRanges = append(versionRanges, c.ToRangeWithMetadata(vr, models.VersionSourceAffected)...) + continue } else if av.LastAffected != "" { - versionRanges = append(versionRanges, c.BuildVersionRange(av.Introduced, av.LastAffected, "")) + vr := []*osvschema.Range{c.BuildVersionRange(av.Introduced, av.LastAffected, "")} + versionRanges = append(versionRanges, c.ToRangeWithMetadata(vr, models.VersionSourceAffected)...) + continue } } @@ -140,7 +144,8 @@ func (d *DefaultVersionExtractor) FindNormalAffectedRanges(affected models.Affec // As a fallback, assume a single version means it's the last affected version. if vulns.CheckQuality(vers.Version).AtLeast(acceptableQuality) { - versionRanges = append(versionRanges, c.BuildVersionRange("0", vers.Version, "")) + vr := []*osvschema.Range{c.BuildVersionRange("0", vers.Version, "")} + versionRanges = append(versionRanges, c.ToRangeWithMetadata(vr, models.VersionSourceAffected)...) metrics.AddNote("Single version found %v - Assuming introduced = 0 and last affected = %v", vers.Version, vers.Version) } } @@ -156,4 +161,4 @@ func (d *DefaultVersionExtractor) FindNormalAffectedRanges(affected models.Affec } return versionRanges, mostFrequentVersionType -} \ No newline at end of file +} diff --git a/vulnfeeds/conversion/cve5/extraction.go b/vulnfeeds/conversion/cve5/extraction.go index ab83f049c52..ebd3491f483 100644 --- a/vulnfeeds/conversion/cve5/extraction.go +++ b/vulnfeeds/conversion/cve5/extraction.go @@ -3,13 +3,12 @@ package cve5 import ( "github.com/google/osv/vulnfeeds/models" "github.com/google/osv/vulnfeeds/vulns" - "github.com/ossf/osv-schema/bindings/go/osvschema" ) // VersionExtractor defines the interface for different version extraction strategies. type VersionExtractor interface { ExtractVersions(cve models.CVE5, v *vulns.Vulnerability, metrics *models.ConversionMetrics, repos []string) - FindNormalAffectedRanges(affected models.Affected, metrics *models.ConversionMetrics) ([]*osvschema.Range, VersionRangeType) + FindNormalAffectedRanges(affected models.Affected, metrics *models.ConversionMetrics) ([]models.RangeWithMetadata, VersionRangeType) } // GetVersionExtractor returns the appropriate VersionExtractor for a given CNA. diff --git a/vulnfeeds/conversion/cve5/linux_extractor.go b/vulnfeeds/conversion/cve5/linux_extractor.go index 677fd20e616..92c40b5f60a 100644 --- a/vulnfeeds/conversion/cve5/linux_extractor.go +++ b/vulnfeeds/conversion/cve5/linux_extractor.go @@ -6,8 +6,9 @@ import ( "strconv" "strings" - "github.com/google/osv/vulnfeeds/conversion" + c "github.com/google/osv/vulnfeeds/conversion" "github.com/google/osv/vulnfeeds/models" + "github.com/google/osv/vulnfeeds/utility/logger" "github.com/google/osv/vulnfeeds/vulns" "github.com/ossf/osv-schema/bindings/go/osvconstants" "github.com/ossf/osv-schema/bindings/go/osvschema" @@ -30,7 +31,11 @@ func (l *LinuxVersionExtractor) handleAffected(v *vulns.Vulnerability, affected if cveAff.DefaultStatus == "affected" { versionRanges, versionType = findInverseAffectedRanges(cveAff, metrics) } else { - versionRanges, versionType = l.FindNormalAffectedRanges(cveAff, metrics) + var versionRangesWithMetadata []models.RangeWithMetadata + versionRangesWithMetadata, versionType = l.FindNormalAffectedRanges(cveAff, metrics) + for _, r := range versionRangesWithMetadata { + versionRanges = append(versionRanges, r.Range) + } } if (versionType == VersionRangeTypeGit && hasGit) || len(versionRanges) == 0 { continue @@ -43,7 +48,7 @@ func (l *LinuxVersionExtractor) handleAffected(v *vulns.Vulnerability, affected } aff := createLinuxAffected(versionRanges, versionType, cveAff.Repo) metrics.AddSource(models.VersionSourceAffected) - conversion.AddAffected(v, aff, metrics) + c.AddAffected(v, aff, metrics) } return gotVersions @@ -55,10 +60,16 @@ func (l *LinuxVersionExtractor) ExtractVersions(cve models.CVE5, v *vulns.Vulner if !gotVersions { metrics.AddNote("No versions in affected, attempting to extract from CPE") - versionRanges, _ := cpeVersionExtraction(cve, metrics) - + versionRanges, err := cpeVersionExtraction(cve, metrics) + if err != nil { + logger.Warn("Error when extracting CPE versions") + } if len(versionRanges) != 0 { - aff := createLinuxAffected(versionRanges, VersionRangeTypeEcosystem, "") + var ranges []*osvschema.Range + for _, r := range versionRanges { + ranges = append(ranges, r.Range) + } + aff := createLinuxAffected(ranges, VersionRangeTypeEcosystem, "") v.Affected = append(v.Affected, aff) } } @@ -136,7 +147,7 @@ func findInverseAffectedRanges(cveAff models.Affected, metrics *models.Conversio // Create ranges by pairing sorted introduced and fixed versions. for index, f := range fixed { if index < len(introduced) { - ranges = append(ranges, conversion.BuildVersionRange(introduced[index], "", f)) + ranges = append(ranges, c.BuildVersionRange(introduced[index], "", f)) metrics.AddNote("Introduced from version value - %s", introduced[index]) metrics.AddNote("Fixed from version value - %s", f) } @@ -150,12 +161,12 @@ func findInverseAffectedRanges(cveAff models.Affected, metrics *models.Conversio return nil, VersionRangeTypeUnknown } -func (l *LinuxVersionExtractor) FindNormalAffectedRanges(affected models.Affected, metrics *models.ConversionMetrics) ([]*osvschema.Range, VersionRangeType) { +func (l *LinuxVersionExtractor) FindNormalAffectedRanges(affected models.Affected, metrics *models.ConversionMetrics) ([]models.RangeWithMetadata, VersionRangeType) { versionTypesCount := make(map[VersionRangeType]int) - var versionRanges []*osvschema.Range + var versionRanges []models.RangeWithMetadata for _, vers := range affected.Versions { ranges, currentVersionType, shouldContinue := initialNormalExtraction(vers, metrics, versionTypesCount) - versionRanges = append(versionRanges, ranges...) + versionRanges = append(versionRanges, c.ToRangeWithMetadata(ranges, models.VersionSourceAffected)...) if shouldContinue { continue } @@ -165,13 +176,16 @@ func (l *LinuxVersionExtractor) FindNormalAffectedRanges(affected models.Affecte metrics.AddNote("Only version exists") if currentVersionType == VersionRangeTypeGit { - versionRanges = append(versionRanges, conversion.BuildVersionRange(vers.Version, "", "")) + vr := []*osvschema.Range{c.BuildVersionRange(vers.Version, "", "")} + versionRanges = append(versionRanges, c.ToRangeWithMetadata(vr, models.VersionSourceGit)...) + continue } // As a fallback, assume a single version means it's the last affected version. if vulns.CheckQuality(vers.Version).AtLeast(acceptableQuality) { - versionRanges = append(versionRanges, conversion.BuildVersionRange("0", vers.Version, "")) + vr := []*osvschema.Range{c.BuildVersionRange("0", vers.Version, "")} + versionRanges = append(versionRanges, c.ToRangeWithMetadata(vr, models.VersionSourceAffected)...) metrics.AddNote("Single version found %v - Assuming introduced = 0 and last affected = %v", vers.Version, vers.Version) } } diff --git a/vulnfeeds/conversion/cve5/strategies.go b/vulnfeeds/conversion/cve5/strategies.go index 3196e77e87a..95b5babd448 100644 --- a/vulnfeeds/conversion/cve5/strategies.go +++ b/vulnfeeds/conversion/cve5/strategies.go @@ -7,7 +7,7 @@ import ( "github.com/ossf/osv-schema/bindings/go/osvschema" ) -func cpeVersionExtraction(cve models.CVE5, metrics *models.ConversionMetrics) ([]*osvschema.Range, error) { +func cpeVersionExtraction(cve models.CVE5, metrics *models.ConversionMetrics) ([]models.RangeWithMetadata, error) { cpeRanges, cpeStrings, err := findCPEVersionRanges(cve) if err == nil && len(cpeRanges) > 0 { metrics.VersionSources = append(metrics.VersionSources, models.VersionSourceCPE) diff --git a/vulnfeeds/conversion/cve5/version_extraction_test.go b/vulnfeeds/conversion/cve5/version_extraction_test.go index f4ad81610be..cdb05ecc72a 100644 --- a/vulnfeeds/conversion/cve5/version_extraction_test.go +++ b/vulnfeeds/conversion/cve5/version_extraction_test.go @@ -114,7 +114,11 @@ func TestFindNormalAffectedRanges(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { versionExtractor := &DefaultVersionExtractor{} - gotRanges, gotRangeType := versionExtractor.FindNormalAffectedRanges(tt.affected, &models.ConversionMetrics{}) + gotRangesWithMeta, gotRangeType := versionExtractor.FindNormalAffectedRanges(tt.affected, &models.ConversionMetrics{}) + var gotRanges []*osvschema.Range + for _, r := range gotRangesWithMeta { + gotRanges = append(gotRanges, r.Range) + } if diff := cmp.Diff(tt.wantRanges, gotRanges, protocmp.Transform()); diff != "" { t.Errorf("findNormalAffectedRanges() ranges mismatch (-want +got):\n%s", diff) } diff --git a/vulnfeeds/conversion/versions.go b/vulnfeeds/conversion/versions.go index 3312848243c..05c86a77d10 100644 --- a/vulnfeeds/conversion/versions.go +++ b/vulnfeeds/conversion/versions.go @@ -660,7 +660,13 @@ func ExtractVersionsFromText(validVersions []string, text string, metrics *model } vr := BuildVersionRange(introduced, lastaffected, fixed) - versions = append(versions, models.RangeWithMetadata{Range: vr}) + versions = append(versions, models.RangeWithMetadata{ + Range: vr, + Metadata: models.Metadata{ + Source: models.VersionSourceText, + }, + }, + ) } return versions @@ -766,7 +772,15 @@ func ExtractVersionsFromCPEs(cve models.NVDCVE, validVersions []string, metrics metrics.AddNote("Warning: %s is not a valid fixed version", fixed) } vr := BuildVersionRange(introduced, lastaffected, fixed) - versions = append(versions, models.RangeWithMetadata{Range: vr, Metadata: models.Metadata{CPE: match.Criteria}}) + versions = append(versions, + models.RangeWithMetadata{ + Range: vr, + Metadata: models.Metadata{ + CPE: match.Criteria, + Source: models.VersionSourceCPE, + }, + }, + ) } } } diff --git a/vulnfeeds/models/metrics.go b/vulnfeeds/models/metrics.go index 2befba51d4f..24876574514 100644 --- a/vulnfeeds/models/metrics.go +++ b/vulnfeeds/models/metrics.go @@ -111,6 +111,7 @@ const ( VersionSourceGit VersionSource = "GITVERS" VersionSourceCPE VersionSource = "CPEVERS" VersionSourceDescription VersionSource = "DESCRVERS" + VersionSourceText VersionSource = "TEXT" VersionSourceRefs VersionSource = "REFS" ) diff --git a/vulnfeeds/models/types.go b/vulnfeeds/models/types.go index c2cdd6e03c4..ce6dbf308e1 100644 --- a/vulnfeeds/models/types.go +++ b/vulnfeeds/models/types.go @@ -37,7 +37,8 @@ type RangeWithMetadata struct { } type Metadata struct { - CPE string + CPE string + Source VersionSource } func (ac *AffectedCommit) SetRepo(repo string) { From 9a2515c851a845b56258e03ba3d1201ef5257419 Mon Sep 17 00:00:00 2001 From: Jess Lowe Date: Mon, 23 Mar 2026 03:10:41 +0000 Subject: [PATCH 15/26] Added grouping tests --- vulnfeeds/conversion/grouping.go | 7 +- vulnfeeds/conversion/grouping_test.go | 198 ++++++++++++++++++++++++++ vulnfeeds/conversion/versions.go | 1 - 3 files changed, 204 insertions(+), 2 deletions(-) diff --git a/vulnfeeds/conversion/grouping.go b/vulnfeeds/conversion/grouping.go index 8270a7c4f65..f5c70deb704 100644 --- a/vulnfeeds/conversion/grouping.go +++ b/vulnfeeds/conversion/grouping.go @@ -259,7 +259,12 @@ func cleanEvents(events []*osvschema.Event) []*osvschema.Event { // - commits: A slice of affected commits to be converted into events and added to ranges. // - successfulRepos: A slice of repository URLs that were successfully processed. // - metrics: A pointer to ConversionMetrics to track the outcome and notes. -func MergeRangesAndCreateAffected(resolvedRanges []*osvschema.Range, commits []models.AffectedCommit, successfulRepos []string, metrics *models.ConversionMetrics) *osvschema.Affected { +func MergeRangesAndCreateAffected( + resolvedRanges []*osvschema.Range, + commits []models.AffectedCommit, + successfulRepos []string, + metrics *models.ConversionMetrics, +) *osvschema.Affected { var newResolvedRanges []*osvschema.Range // Combine the ranges appropriately if len(resolvedRanges) > 0 { diff --git a/vulnfeeds/conversion/grouping_test.go b/vulnfeeds/conversion/grouping_test.go index feb1a8173ea..a284569c0fa 100644 --- a/vulnfeeds/conversion/grouping_test.go +++ b/vulnfeeds/conversion/grouping_test.go @@ -4,6 +4,7 @@ import ( "testing" "github.com/google/go-cmp/cmp" + "github.com/google/osv/vulnfeeds/models" "github.com/ossf/osv-schema/bindings/go/osvschema" "google.golang.org/protobuf/testing/protocmp" "google.golang.org/protobuf/types/known/structpb" @@ -435,3 +436,200 @@ func TestGroupAffectedRanges(t *testing.T) { }) } } + +func TestMergeRangesAndCreateAffected(t *testing.T) { + tests := []struct { + name string + resolvedRanges []*osvschema.Range + commits []models.AffectedCommit + successfulRepos []string + want *osvschema.Affected + }{ + { + name: "Merge existing ranges with commits for the same repo", + resolvedRanges: []*osvschema.Range{ + { + Type: osvschema.Range_GIT, + Repo: "repo1", + Events: []*osvschema.Event{ + {Introduced: "0"}, + {Fixed: "1.0"}, + }, + }, + }, + commits: []models.AffectedCommit{ + { + Repo: "repo1", + Introduced: "1.1", + }, + { + Repo: "repo1", + Fixed: "1.2", + }, + }, + successfulRepos: []string{"repo1"}, + want: &osvschema.Affected{ + Ranges: []*osvschema.Range{ + { + Type: osvschema.Range_GIT, + Repo: "repo1", + Events: []*osvschema.Event{ + {Introduced: "1.1"}, + {Introduced: "0"}, + {Fixed: "1.0"}, + {Fixed: "1.2"}, + }, + }, + }, + }, + }, + { + name: "No resolved ranges, only commits", + resolvedRanges: nil, + commits: []models.AffectedCommit{ + { + Repo: "repo2", + Introduced: "0", + Fixed: "1.0", + }, + }, + successfulRepos: []string{"repo2"}, + want: &osvschema.Affected{ + Ranges: []*osvschema.Range{ + { + Events: []*osvschema.Event{ + {Introduced: "0"}, + {Fixed: "1.0"}, + }, + }, + }, + }, + }, + { + name: "Duplicate events are deduplicated", + resolvedRanges: []*osvschema.Range{ + { + Type: osvschema.Range_GIT, + Repo: "repo3", + Events: []*osvschema.Event{ + {Introduced: "0"}, + {Fixed: "1.0"}, + }, + }, + }, + commits: []models.AffectedCommit{ + // duplicate fixed + { + Repo: "repo3", + Fixed: "1.0", + }, + // duplicate introduced + { + Repo: "repo3", + Introduced: "0", + }, + // new last affected + { + Repo: "repo3", + LastAffected: "0.5", + }, + }, + successfulRepos: []string{"repo3"}, + want: &osvschema.Affected{ + Ranges: []*osvschema.Range{ + { + Type: osvschema.Range_GIT, + Repo: "repo3", + Events: []*osvschema.Event{ + {Introduced: "0"}, + {Fixed: "1.0"}, + {LastAffected: "0.5"}, + }, + }, + }, + }, + }, + { + name: "Commits for repos not in successfulRepos are ignored when resolvedRanges exist", + resolvedRanges: []*osvschema.Range{ + { + Type: osvschema.Range_GIT, + Repo: "repo4", + Events: []*osvschema.Event{ + {Introduced: "0"}, + }, + }, + }, + commits: []models.AffectedCommit{ + { + Repo: "repo_ignored", + Introduced: "1.1", + }, + }, + successfulRepos: []string{"repo4"}, // repo_ignored is absent + want: &osvschema.Affected{ + Ranges: []*osvschema.Range{ + { + Type: osvschema.Range_GIT, + Repo: "repo4", + Events: []*osvschema.Event{ + {Introduced: "0"}, + }, + }, + }, + }, + }, + { + name: "Multiple resolved ranges for same repo are merged and commits appended", + resolvedRanges: []*osvschema.Range{ + { + Type: osvschema.Range_GIT, + Repo: "repo5", + Events: []*osvschema.Event{ + {Introduced: "0"}, + {Fixed: "1.0"}, + }, + }, + { + Type: osvschema.Range_GIT, + Repo: "repo5", + Events: []*osvschema.Event{ + {Introduced: "2.0"}, + {Fixed: "3.0"}, + }, + }, + }, + commits: []models.AffectedCommit{ + { + Repo: "repo5", + Fixed: "4.0", + }, + }, + successfulRepos: []string{"repo5"}, + want: &osvschema.Affected{ + Ranges: []*osvschema.Range{ + { + Type: osvschema.Range_GIT, + Repo: "repo5", + Events: []*osvschema.Event{ + {Introduced: "0"}, + {Fixed: "1.0"}, + {Introduced: "2.0"}, + {Fixed: "3.0"}, + {Fixed: "4.0"}, + }, + }, + }, + }, + }, + } + + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + got := MergeRangesAndCreateAffected(tt.resolvedRanges, tt.commits, tt.successfulRepos, &models.ConversionMetrics{}) + if diff := cmp.Diff(tt.want, got, protocmp.Transform()); diff != "" { + t.Errorf("MergeRangesAndCreateAffected() mismatch (-want +got):\n%s", diff) + } + }) + } +} diff --git a/vulnfeeds/conversion/versions.go b/vulnfeeds/conversion/versions.go index 05c86a77d10..20f876f5583 100644 --- a/vulnfeeds/conversion/versions.go +++ b/vulnfeeds/conversion/versions.go @@ -194,7 +194,6 @@ func Repo(u string) (string, error) { return fmt.Sprintf("%s://%s/%s", parsedURL.Scheme, parsedURL.Hostname(), pathParts[2]), nil } if parsedURL.Hostname() == "sourceware.org" { - // Call out to m function for GitWeb URLs return repoGitWeb(parsedURL) } if parsedURL.Hostname() == "git.postgresql.org" { From 7d30cdf117757c457dacebe056cdd50c5ce3bead Mon Sep 17 00:00:00 2001 From: Jess Lowe Date: Mon, 23 Mar 2026 03:38:28 +0000 Subject: [PATCH 16/26] make sure utility output is deterministic --- vulnfeeds/conversion/grouping_test.go | 4 ++-- vulnfeeds/utility/utility.go | 33 +++++++++++++++++++-------- 2 files changed, 25 insertions(+), 12 deletions(-) diff --git a/vulnfeeds/conversion/grouping_test.go b/vulnfeeds/conversion/grouping_test.go index a284569c0fa..aed20c1a3bb 100644 --- a/vulnfeeds/conversion/grouping_test.go +++ b/vulnfeeds/conversion/grouping_test.go @@ -463,8 +463,8 @@ func TestMergeRangesAndCreateAffected(t *testing.T) { Introduced: "1.1", }, { - Repo: "repo1", - Fixed: "1.2", + Repo: "repo1", + Fixed: "1.2", }, }, successfulRepos: []string{"repo1"}, diff --git a/vulnfeeds/utility/utility.go b/vulnfeeds/utility/utility.go index 5552b402477..38819d0ae85 100644 --- a/vulnfeeds/utility/utility.go +++ b/vulnfeeds/utility/utility.go @@ -1,10 +1,12 @@ package utility import ( + "cmp" "encoding/json" "fmt" "reflect" "regexp" + "slices" "google.golang.org/protobuf/encoding/protojson" "google.golang.org/protobuf/proto" @@ -57,9 +59,15 @@ func IsRepoURL(url string) bool { // which is suitable for OSV's database_specific field. func NewStructpbFromMap(v map[string]any) (*structpb.Struct, error) { x := &structpb.Struct{Fields: make(map[string]*structpb.Value, len(v))} - for k, v := range v { + keys := make([]string, 0, len(v)) + for k := range v { + keys = append(keys, k) + } + slices.Sort(keys) + + for _, k := range keys { var err error - x.Fields[k], err = newStructpbValue(v) + x.Fields[k], err = newStructpbValue(v[k]) if err != nil { return nil, err } @@ -94,16 +102,21 @@ func newStructpbValue(v any) (*structpb.Value, error) { return structpbValueFromList(anyList) case reflect.Map: if val.Type().Key().Kind() == reflect.String { - m := make(map[string]any) - for _, k := range val.MapKeys() { - m[k.String()] = val.MapIndex(k).Interface() - } - structpbMap, err := NewStructpbFromMap(m) - if err != nil { - return nil, err + keys := val.MapKeys() + slices.SortFunc(keys, func(a, b reflect.Value) int { + return cmp.Compare(a.String(), b.String()) + }) + + x := &structpb.Struct{Fields: make(map[string]*structpb.Value, len(keys))} + for _, k := range keys { + var err error + x.Fields[k.String()], err = newStructpbValue(val.MapIndex(k).Interface()) + if err != nil { + return nil, err + } } - return structpb.NewStructValue(structpbMap), nil + return structpb.NewStructValue(x), nil } return structpb.NewValue(v) From 79d46e6c3142d5cd29159615dc52e6761ff4187e Mon Sep 17 00:00:00 2001 From: Jess Lowe Date: Mon, 23 Mar 2026 03:51:50 +0000 Subject: [PATCH 17/26] make sure that if canonical link 429s, it sets outcome to Error --- vulnfeeds/conversion/versions.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/vulnfeeds/conversion/versions.go b/vulnfeeds/conversion/versions.go index 20f876f5583..e603df8de69 100644 --- a/vulnfeeds/conversion/versions.go +++ b/vulnfeeds/conversion/versions.go @@ -1165,6 +1165,9 @@ func ReposFromReferences(cache *VPRepoCache, vp *VendorProduct, refs []models.Re canonicalRepo, err := git.FindCanonicalLink(repo, httpClient, repoTagsCache) if err == nil { repo = canonicalRepo + } else if errors.Is(err, git.ErrRateLimit) || strings.Contains(err.Error(), "429") { + metrics.Outcome = models.Error + return nil } if slices.Contains(repos, repo) { From ccdeba3e48b0780b84d0abb679e9228586a30354 Mon Sep 17 00:00:00 2001 From: Jess Lowe Date: Mon, 23 Mar 2026 03:53:32 +0000 Subject: [PATCH 18/26] remove skiponcloudbuild bc of vcr --- vulnfeeds/git/versions_test.go | 2 -- 1 file changed, 2 deletions(-) diff --git a/vulnfeeds/git/versions_test.go b/vulnfeeds/git/versions_test.go index ad19990d042..42440f17b71 100644 --- a/vulnfeeds/git/versions_test.go +++ b/vulnfeeds/git/versions_test.go @@ -354,8 +354,6 @@ func TestValidateAndCanonicalizeLink(t *testing.T) { }, wantCanonicalLink: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ee1fee900537b5d9560e9f937402de5ddc8412f3", wantErr: false, - skipOnCloudBuild: true, // observing indications of IP denylisting as at 2025-02-13 - }, } for _, tt := range tests { From 348c95b85429dc400c8862edbf54ea4e16bd25fc Mon Sep 17 00:00:00 2001 From: Jess Lowe Date: Mon, 23 Mar 2026 06:06:42 +0000 Subject: [PATCH 19/26] have resolved ranges also use metadata --- vulnfeeds/cmd/combine-to-osv/main.go | 4 +- vulnfeeds/conversion/common.go | 32 ++++++--- vulnfeeds/conversion/common_test.go | 2 +- .../cve5/__snapshots__/converter_test.snap | 2 + .../conversion/cve5/default_extractor.go | 6 +- .../cve5/version_extraction_test.go | 2 + vulnfeeds/conversion/grouping.go | 70 +++++++++++++------ vulnfeeds/conversion/grouping_test.go | 28 +++++++- vulnfeeds/conversion/nvd/converter.go | 5 +- vulnfeeds/conversion/versions.go | 4 +- vulnfeeds/models/metrics.go | 14 ++-- 11 files changed, 121 insertions(+), 48 deletions(-) diff --git a/vulnfeeds/cmd/combine-to-osv/main.go b/vulnfeeds/cmd/combine-to-osv/main.go index 8ee3b13f195..02e14c966f3 100644 --- a/vulnfeeds/cmd/combine-to-osv/main.go +++ b/vulnfeeds/cmd/combine-to-osv/main.go @@ -313,9 +313,7 @@ func pickAffectedInformation(cve5Affected []*osvschema.Affected, nvdAffected []* } if c5Intro != "" || c5Fixed != "" { - newRange := conversion.BuildVersionRange(c5Intro, "", c5Fixed) - newRange.Repo = repo - newRange.Type = osvschema.Range_GIT // Preserve the repo + newRange := conversion.BuildGitVersionRange(c5Intro, "", c5Fixed, repo) newAffectedRanges = append(newAffectedRanges, newRange) } else { newAffectedRanges = cveRanges diff --git a/vulnfeeds/conversion/common.go b/vulnfeeds/conversion/common.go index e2e6e9c5368..286c6fba58e 100644 --- a/vulnfeeds/conversion/common.go +++ b/vulnfeeds/conversion/common.go @@ -178,8 +178,8 @@ func WriteMetricsFile(metrics *models.ConversionMetrics, metricsFile *os.File) e // GitVersionsToCommits examines repos and tries to convert versions to commits by treating them as Git tags. // Returns the resolved ranges, unresolved ranges, and successful repos involved. -func GitVersionsToCommits(versionRanges []models.RangeWithMetadata, repos []string, metrics *models.ConversionMetrics, cache *git.RepoTagsCache) ([]*osvschema.Range, []models.RangeWithMetadata, []string) { - var newVersionRanges []*osvschema.Range +func GitVersionsToCommits(versionRanges []models.RangeWithMetadata, repos []string, metrics *models.ConversionMetrics, cache *git.RepoTagsCache) ([]models.RangeWithMetadata, []models.RangeWithMetadata, []string) { + var newVersionRanges []models.RangeWithMetadata unresolvedRanges := versionRanges var successfulRepos []string @@ -250,13 +250,11 @@ func GitVersionsToCommits(versionRanges []models.RangeWithMetadata, repos []stri var newVR *osvschema.Range if fixedCommit != "" { - newVR = BuildVersionRange(introducedCommit, "", fixedCommit) + newVR = BuildGitVersionRange(introducedCommit, "", fixedCommit, repo) } else { - newVR = BuildVersionRange(introducedCommit, lastAffectedCommit, "") + newVR = BuildGitVersionRange(introducedCommit, lastAffectedCommit, "", repo) } successfulRepos = append(successfulRepos, repo) - newVR.Repo = repo - newVR.Type = osvschema.Range_GIT if len(vr.Range.GetEvents()) > 0 { dbSpecificMap := map[string]any{ "versions": vr.Range.GetEvents(), @@ -264,6 +262,9 @@ func GitVersionsToCommits(versionRanges []models.RangeWithMetadata, repos []stri if vr.Metadata.CPE != "" { dbSpecificMap["cpe"] = vr.Metadata.CPE } + if string(vr.Metadata.Source) != "" { + dbSpecificMap["source"] = string(vr.Metadata.Source) + } databaseSpecific, err := utility.NewStructpbFromMap(dbSpecificMap) if err != nil { metrics.AddNote("failed to make database specific: %v", err) @@ -272,7 +273,10 @@ func GitVersionsToCommits(versionRanges []models.RangeWithMetadata, repos []stri } } - newVersionRanges = append(newVersionRanges, newVR) + newVersionRanges = append(newVersionRanges, models.RangeWithMetadata{ + Range: newVR, + Metadata: vr.Metadata, + }) } else { stillUnresolvedRanges = append(stillUnresolvedRanges, vr) } @@ -308,6 +312,14 @@ func BuildVersionRange(intro string, lastAff string, fixed string) *osvschema.Ra return &versionRange } +func BuildGitVersionRange(intro string, lastAff string, fixed string, repo string) *osvschema.Range { + versionRange := BuildVersionRange(intro, lastAff, fixed) + versionRange.Repo = repo + versionRange.Type = osvschema.Range_GIT + + return versionRange +} + // MergeTwoRanges combines two osvschema.Range objects into a single range. // It merges the events and the DatabaseSpecific fields. If the ranges are // not for the same repository or are of different types, it returns an error. @@ -411,6 +423,10 @@ func MergeDatabaseSpecificValues(val1, val2 any) (any, error) { return nil, fmt.Errorf("mismatching types: %T and %T", val1, val2) case string: if v2, ok := val2.(string); ok { + if v1 == v2 { + return v1, nil + } + return deduplicateList([]any{v1, v2}), nil } if v2, ok := val2.([]any); ok { @@ -587,7 +603,7 @@ func AddFieldToDatabaseSpecific(ds *structpb.Struct, field string, value any) er } // ProcessRanges attempts to resolve the given ranges to commits and updates the metrics accordingly. -func ProcessRanges(ranges []models.RangeWithMetadata, repos []string, metrics *models.ConversionMetrics, cache *git.RepoTagsCache, source models.VersionSource) ([]*osvschema.Range, []models.RangeWithMetadata, []string) { +func ProcessRanges(ranges []models.RangeWithMetadata, repos []string, metrics *models.ConversionMetrics, cache *git.RepoTagsCache, source models.VersionSource) ([]models.RangeWithMetadata, []models.RangeWithMetadata, []string) { if len(ranges) == 0 { return nil, nil, nil } diff --git a/vulnfeeds/conversion/common_test.go b/vulnfeeds/conversion/common_test.go index 2580f43fc08..1c3e2e901c3 100644 --- a/vulnfeeds/conversion/common_test.go +++ b/vulnfeeds/conversion/common_test.go @@ -274,7 +274,7 @@ func TestMergeDatabaseSpecificValues(t *testing.T) { name: "Merge same strings", val1: "value1", val2: "value1", - want: []any{"value1"}, + want: "value1", }, { name: "Merge different strings", diff --git a/vulnfeeds/conversion/cve5/__snapshots__/converter_test.snap b/vulnfeeds/conversion/cve5/__snapshots__/converter_test.snap index bd357f7441f..98376dc8c86 100755 --- a/vulnfeeds/conversion/cve5/__snapshots__/converter_test.snap +++ b/vulnfeeds/conversion/cve5/__snapshots__/converter_test.snap @@ -30,6 +30,7 @@ "ranges": [ { "database_specific": { + "source": "AFFECTED_FIELD", "versions": [ { "introduced": "18.0" @@ -100,6 +101,7 @@ "ranges": [ { "database_specific": { + "source": "AFFECTED_FIELD", "versions": [ { "introduced": "0" diff --git a/vulnfeeds/conversion/cve5/default_extractor.go b/vulnfeeds/conversion/cve5/default_extractor.go index 753e8127322..30503fa9776 100644 --- a/vulnfeeds/conversion/cve5/default_extractor.go +++ b/vulnfeeds/conversion/cve5/default_extractor.go @@ -38,7 +38,7 @@ func (d *DefaultVersionExtractor) ExtractVersions(cve models.CVE5, v *vulns.Vuln ranges := d.handleAffected(cve.Containers.CNA.Affected, metrics) successfulRepos := make(map[string]bool) - var resolvedRanges []*osvschema.Range + var resolvedRanges []models.RangeWithMetadata var unresolvedRanges []models.RangeWithMetadata processRanges := func(nr []models.RangeWithMetadata) bool { @@ -76,7 +76,7 @@ func (d *DefaultVersionExtractor) ExtractVersions(cve models.CVE5, v *vulns.Vuln if !gotVersions { metrics.AddNote("No versions in CPEs so attempting extraction from description") - textRanges := c.ExtractVersionsFromText(nil, models.EnglishDescription(cve.Containers.CNA.Descriptions), metrics) + textRanges := c.ExtractVersionsFromText(nil, models.EnglishDescription(cve.Containers.CNA.Descriptions), metrics, models.VersionSourceDescription) if len(textRanges) > 0 { metrics.AddNote("Extracted versions from description: %v", textRanges) } @@ -135,7 +135,7 @@ func (d *DefaultVersionExtractor) FindNormalAffectedRanges(affected models.Affec } // Try to extract versions from text like "before 1.4.7". - possibleVersions := c.ExtractVersionsFromText(nil, vers.Version, metrics) + possibleVersions := c.ExtractVersionsFromText(nil, vers.Version, metrics, models.VersionSourceAffected) if possibleVersions != nil { metrics.AddNote("Versions retrieved from text but not used CURRENTLY") diff --git a/vulnfeeds/conversion/cve5/version_extraction_test.go b/vulnfeeds/conversion/cve5/version_extraction_test.go index cdb05ecc72a..58b288009a4 100644 --- a/vulnfeeds/conversion/cve5/version_extraction_test.go +++ b/vulnfeeds/conversion/cve5/version_extraction_test.go @@ -389,6 +389,7 @@ func TestExtractVersions(t *testing.T) { }, DatabaseSpecific: &structpb.Struct{ Fields: map[string]*structpb.Value{ + "source": structpb.NewStringValue("AFFECTED_FIELD"), "versions": { Kind: &structpb.Value_ListValue{ ListValue: &structpb.ListValue{ @@ -434,6 +435,7 @@ func TestExtractVersions(t *testing.T) { }, DatabaseSpecific: &structpb.Struct{ Fields: map[string]*structpb.Value{ + "source": structpb.NewStringValue("AFFECTED_FIELD"), "versions": { Kind: &structpb.Value_ListValue{ ListValue: &structpb.ListValue{ diff --git a/vulnfeeds/conversion/grouping.go b/vulnfeeds/conversion/grouping.go index f5c70deb704..1b5bfdf5672 100644 --- a/vulnfeeds/conversion/grouping.go +++ b/vulnfeeds/conversion/grouping.go @@ -22,11 +22,20 @@ func GroupAffectedRanges(affected []*osvschema.Affected) { continue } - aff.Ranges = GroupRanges(aff.GetRanges()) + var rwms []models.RangeWithMetadata + for _, r := range aff.GetRanges() { + rwms = append(rwms, models.RangeWithMetadata{Range: r}) + } + grouped := GroupRanges(rwms) + var out []*osvschema.Range + for _, rwm := range grouped { + out = append(out, rwm.Range) + } + aff.Ranges = out } } -func GroupRanges(ranges []*osvschema.Range) []*osvschema.Range { +func GroupRanges(ranges []models.RangeWithMetadata) []models.RangeWithMetadata { // Key for grouping: Type + Repo + Introduced Value type groupKey struct { RangeType osvschema.Range_Type @@ -34,10 +43,11 @@ func GroupRanges(ranges []*osvschema.Range) []*osvschema.Range { Introduced string } - groups := make(map[groupKey]*osvschema.Range) + groups := make(map[groupKey]models.RangeWithMetadata) var order []groupKey // To maintain deterministic order of first appearance - for _, r := range ranges { + for _, rwm := range ranges { + r := rwm.Range // Find the introduced event var introduced string var introducedCount int @@ -63,28 +73,31 @@ func GroupRanges(ranges []*osvschema.Range) []*osvschema.Range { // Initialize with a deep copy of the first range found for this group // We need to be careful about DatabaseSpecific. // We want to keep the "versions" from this first range. - groups[key] = &osvschema.Range{ - Type: r.GetType(), - Repo: r.GetRepo(), - Events: []*osvschema.Event{}, - DatabaseSpecific: r.GetDatabaseSpecific(), // Start with this one's DS + groups[key] = models.RangeWithMetadata{ + Range: &osvschema.Range{ + Type: r.GetType(), + Repo: r.GetRepo(), + Events: []*osvschema.Event{}, + DatabaseSpecific: r.GetDatabaseSpecific(), // Start with this one's DS + }, + Metadata: rwm.Metadata, } order = append(order, key) } else { // Merge DatabaseSpecific - mergeDatabaseSpecific(groups[key], r.GetDatabaseSpecific()) + mergeDatabaseSpecific(groups[key].Range, r.GetDatabaseSpecific()) } // Add all events to the group. Deduplication happens later in cleanEvents. - groups[key].Events = append(groups[key].Events, r.GetEvents()...) + groups[key].Range.Events = append(groups[key].Range.Events, r.GetEvents()...) } // Reconstruct ranges from groups - newRanges := make([]*osvschema.Range, 0, len(order)) + newRanges := make([]models.RangeWithMetadata, 0, len(order)) for _, key := range order { - r := groups[key] - r.Events = cleanEvents(r.GetEvents()) - newRanges = append(newRanges, r) + rwm := groups[key] + rwm.Range.Events = cleanEvents(rwm.Range.GetEvents()) + newRanges = append(newRanges, rwm) } return newRanges @@ -260,7 +273,7 @@ func cleanEvents(events []*osvschema.Event) []*osvschema.Event { // - successfulRepos: A slice of repository URLs that were successfully processed. // - metrics: A pointer to ConversionMetrics to track the outcome and notes. func MergeRangesAndCreateAffected( - resolvedRanges []*osvschema.Range, + resolvedRanges []models.RangeWithMetadata, commits []models.AffectedCommit, successfulRepos []string, metrics *models.ConversionMetrics, @@ -272,7 +285,8 @@ func MergeRangesAndCreateAffected( successfulRepos = slices.Compact(successfulRepos) for _, repo := range successfulRepos { var mergedRange *osvschema.Range - for _, vr := range resolvedRanges { + for _, vrwm := range resolvedRanges { + vr := vrwm.Range if vr.GetRepo() == repo { if mergedRange == nil { mergedRange = vr @@ -289,14 +303,24 @@ func MergeRangesAndCreateAffected( for _, commit := range commits { if commit.Repo == repo { if mergedRange == nil { - mergedRange = BuildVersionRange(commit.Introduced, commit.LastAffected, commit.Fixed) - mergedRange.Repo = repo + mergedRange = BuildGitVersionRange(commit.Introduced, commit.LastAffected, commit.Fixed, repo) } else { event := convertCommitToEvent(commit) if event != nil { addEventToRange(mergedRange, event) } } + + if mergedRange.GetDatabaseSpecific() == nil { + mergedRange.DatabaseSpecific = &structpb.Struct{ + Fields: make(map[string]*structpb.Value), + } + } + mergeDatabaseSpecific(mergedRange, &structpb.Struct{ + Fields: map[string]*structpb.Value{ + "source": structpb.NewStringValue(string(models.VersionSourceRefs)), + }, + }) } } } @@ -309,7 +333,13 @@ func MergeRangesAndCreateAffected( // if there are no resolved version but there are commits, we should create a range for each commit if len(resolvedRanges) == 0 && len(commits) > 0 { for _, commit := range commits { - newResolvedRanges = append(newResolvedRanges, BuildVersionRange(commit.Introduced, commit.LastAffected, commit.Fixed)) + vr := BuildGitVersionRange(commit.Introduced, commit.LastAffected, commit.Fixed, commit.Repo) + vr.DatabaseSpecific = &structpb.Struct{ + Fields: map[string]*structpb.Value{ + "source": structpb.NewStringValue(string(models.VersionSourceRefs)), + }, + } + newResolvedRanges = append(newResolvedRanges, vr) metrics.ResolvedRangesCount++ } } diff --git a/vulnfeeds/conversion/grouping_test.go b/vulnfeeds/conversion/grouping_test.go index aed20c1a3bb..a798abad410 100644 --- a/vulnfeeds/conversion/grouping_test.go +++ b/vulnfeeds/conversion/grouping_test.go @@ -479,6 +479,11 @@ func TestMergeRangesAndCreateAffected(t *testing.T) { {Fixed: "1.0"}, {Fixed: "1.2"}, }, + DatabaseSpecific: &structpb.Struct{ + Fields: map[string]*structpb.Value{ + "source": structpb.NewStringValue("REFERENCES"), + }, + }, }, }, }, @@ -501,6 +506,13 @@ func TestMergeRangesAndCreateAffected(t *testing.T) { {Introduced: "0"}, {Fixed: "1.0"}, }, + Repo: "repo2", + Type: osvschema.Range_GIT, + DatabaseSpecific: &structpb.Struct{ + Fields: map[string]*structpb.Value{ + "source": structpb.NewStringValue("REFERENCES"), + }, + }, }, }, }, @@ -545,6 +557,11 @@ func TestMergeRangesAndCreateAffected(t *testing.T) { {Fixed: "1.0"}, {LastAffected: "0.5"}, }, + DatabaseSpecific: &structpb.Struct{ + Fields: map[string]*structpb.Value{ + "source": structpb.NewStringValue("REFERENCES"), + }, + }, }, }, }, @@ -618,6 +635,11 @@ func TestMergeRangesAndCreateAffected(t *testing.T) { {Fixed: "3.0"}, {Fixed: "4.0"}, }, + DatabaseSpecific: &structpb.Struct{ + Fields: map[string]*structpb.Value{ + "source": structpb.NewStringValue("REFERENCES"), + }, + }, }, }, }, @@ -626,7 +648,11 @@ func TestMergeRangesAndCreateAffected(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - got := MergeRangesAndCreateAffected(tt.resolvedRanges, tt.commits, tt.successfulRepos, &models.ConversionMetrics{}) + var rwms []models.RangeWithMetadata + for _, r := range tt.resolvedRanges { + rwms = append(rwms, models.RangeWithMetadata{Range: r}) + } + got := MergeRangesAndCreateAffected(rwms, tt.commits, tt.successfulRepos, &models.ConversionMetrics{}) if diff := cmp.Diff(tt.want, got, protocmp.Transform()); diff != "" { t.Errorf("MergeRangesAndCreateAffected() mismatch (-want +got):\n%s", diff) } diff --git a/vulnfeeds/conversion/nvd/converter.go b/vulnfeeds/conversion/nvd/converter.go index 49cf5439a75..95f31a4a2d6 100644 --- a/vulnfeeds/conversion/nvd/converter.go +++ b/vulnfeeds/conversion/nvd/converter.go @@ -17,7 +17,6 @@ import ( "github.com/google/osv/vulnfeeds/utility" "github.com/google/osv/vulnfeeds/utility/logger" "github.com/google/osv/vulnfeeds/vulns" - "github.com/ossf/osv-schema/bindings/go/osvschema" ) var ErrNoRanges = errors.New("no ranges") @@ -65,7 +64,7 @@ func CVEToOSV(cve models.NVDCVE, repos []string, cache *git.RepoTagsCache, direc } successfulRepos := make(map[string]bool) - var resolvedRanges []*osvschema.Range + var resolvedRanges []models.RangeWithMetadata var unresolvedRanges []models.RangeWithMetadata // Exit early if there are no repositories @@ -113,7 +112,7 @@ func CVEToOSV(cve models.NVDCVE, repos []string, cache *git.RepoTagsCache, direc // Extract Versions From Text if no CPE versions found if len(resolvedRanges) == 0 { - textRanges := c.ExtractVersionsFromText(nil, models.EnglishDescription(cve.Descriptions), metrics) + textRanges := c.ExtractVersionsFromText(nil, models.EnglishDescription(cve.Descriptions), metrics, models.VersionSourceDescription) if len(textRanges) > 0 { metrics.AddNote("Extracted versions from description: %v", textRanges) } diff --git a/vulnfeeds/conversion/versions.go b/vulnfeeds/conversion/versions.go index e603df8de69..a7cd8c2a234 100644 --- a/vulnfeeds/conversion/versions.go +++ b/vulnfeeds/conversion/versions.go @@ -607,7 +607,7 @@ func processExtractedVersion(version string) string { return version } -func ExtractVersionsFromText(validVersions []string, text string, metrics *models.ConversionMetrics) []models.RangeWithMetadata { +func ExtractVersionsFromText(validVersions []string, text string, metrics *models.ConversionMetrics, source models.VersionSource) []models.RangeWithMetadata { // Match: // - x.x.x before x.x.x // - x.x.x through x.x.x @@ -662,7 +662,7 @@ func ExtractVersionsFromText(validVersions []string, text string, metrics *model versions = append(versions, models.RangeWithMetadata{ Range: vr, Metadata: models.Metadata{ - Source: models.VersionSourceText, + Source: source, }, }, ) diff --git a/vulnfeeds/models/metrics.go b/vulnfeeds/models/metrics.go index 24876574514..f0f56c8f9ca 100644 --- a/vulnfeeds/models/metrics.go +++ b/vulnfeeds/models/metrics.go @@ -106,13 +106,13 @@ func (m *ConversionMetrics) AddSource(source VersionSource) { type VersionSource string const ( - VersionSourceNone VersionSource = "NOVERS" - VersionSourceAffected VersionSource = "CVEAFFVERS" - VersionSourceGit VersionSource = "GITVERS" - VersionSourceCPE VersionSource = "CPEVERS" - VersionSourceDescription VersionSource = "DESCRVERS" - VersionSourceText VersionSource = "TEXT" - VersionSourceRefs VersionSource = "REFS" + VersionSourceNone VersionSource = "NO_SOURCE" + VersionSourceAffected VersionSource = "AFFECTED_FIELD" + VersionSourceGit VersionSource = "AFFECTED_FIELD_GIT" + VersionSourceCPE VersionSource = "CPE_FIELD" + VersionSourceDescription VersionSource = "DESCRIPTION" + VersionSourceText VersionSource = "TEXT_EXTRACTION" + VersionSourceRefs VersionSource = "REFERENCES" ) func DetermineOutcome(metrics *ConversionMetrics) { From 8bd4a8cadf8df8ea49f70577708adb86cb758b83 Mon Sep 17 00:00:00 2001 From: Jess Lowe Date: Fri, 27 Mar 2026 03:33:41 +0000 Subject: [PATCH 20/26] add snapshot tests --- .../__snapshots__/main_test.snap | 13 + vulnfeeds/cmd/combine-to-osv/main_test.go | 38 + .../cmd/converters/cve/nvd-cve-osv/main.go | 17 +- vulnfeeds/conversion/common.go | 16 + .../cve5/__snapshots__/converter_test.snap | 1370 +++++++++++++++++ vulnfeeds/conversion/cve5/converter_test.go | 46 + .../nvd/__snapshots__/converter_test.snap | 1016 ++++++++++++ vulnfeeds/conversion/nvd/converter_test.go | 63 + 8 files changed, 2563 insertions(+), 16 deletions(-) create mode 100755 vulnfeeds/cmd/combine-to-osv/__snapshots__/main_test.snap create mode 100755 vulnfeeds/conversion/nvd/__snapshots__/converter_test.snap diff --git a/vulnfeeds/cmd/combine-to-osv/__snapshots__/main_test.snap b/vulnfeeds/cmd/combine-to-osv/__snapshots__/main_test.snap new file mode 100755 index 00000000000..cf9bab12ec1 --- /dev/null +++ b/vulnfeeds/cmd/combine-to-osv/__snapshots__/main_test.snap @@ -0,0 +1,13 @@ + +[TestCombineDirsSnapshot - 1] +{"schema_version":"1.7.3", "id":"CVE-2016-15012", "published":"2023-01-07T12:59:27.772Z", "modified":"2025-04-08T20:30:50.208Z", "summary":"forcedotcom SalesforceMobileSDK-Windows QuerySpec.cs ComputeCountSql sql injection", "details":"** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in forcedotcom SalesforceMobileSDK-Windows up to 4.x. It has been rated as critical. This issue affects the function ComputeCountSql of the file SalesforceSDK/SmartStore/Store/QuerySpec.cs. The manipulation leads to sql injection. Upgrading to version 5.0.0 is able to address this issue. The patch is named 83b3e91e0c1e84873a6d3ca3c5887eb5b4f5a3d8. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-217619. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.", "affected":[{"ranges":[{"type":"GIT", "repo":"https://github.com/forcedotcom/salesforcemobilesdk-windows", "events":[{"introduced":"0"}, {"fixed":"83b3e91e0c1e84873a6d3ca3c5887eb5b4f5a3d8"}]}]}], "references":[{"type":"FIX", "url":"https://github.com/forcedotcom/SalesforceMobileSDK-Windows/commit/83b3e91e0c1e84873a6d3ca3c5887eb5b4f5a3d8"}, {"type":"FIX", "url":"https://github.com/forcedotcom/SalesforceMobileSDK-Windows/releases/tag/v5.0.0"}, {"type":"ADVISORY", "url":"https://nvd.nist.gov/vuln/detail/CVE-2016-15012"}, {"type":"REPORT", "url":"https://vuldb.com/?ctiid.217619"}, {"type":"ADVISORY", "url":"https://vuldb.com/?id.217619"}], "database_specific":{"cna_assigner":"VulDB", "cwe_ids":["CWE-89"], "osv_generated_from":"unknown"}, "severity":[{"type":"CVSS_V3", "score":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}]} +{"schema_version":"1.7.3", "id":"CVE-2016-1897", "published":"2016-01-15T02:00:00Z", "modified":"2025-04-12T10:46:40.837Z", "details":"FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the concat protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP request in which the URL string contains the first line of a local file.", "affected":[{"ranges":[{"type":"GIT", "repo":"https://github.com/ffmpeg/ffmpeg", "events":[{"introduced":"0"}, {"last_affected":"2b8b2ba19fe0ca6594cb09439b9ead2c328a79d8"}, {"last_affected":"acf511de34e0b79fff0183e06ed37f1aa8dc3d94"}, {"last_affected":"9d0bb7fc3991b030603acfe899e6f001e530c89a"}, {"last_affected":"b4552cc9b8c37410f754af5d34d24e7b8a9b4b0e"}, {"last_affected":"7de7bd4f563a1431bdac59dae5d8e930e71405e6"}, {"last_affected":"205e2264c3d5b1a16a4493b9281b9167d09c3505"}, {"last_affected":"3d91569c5e39f4062393fdb40b038e31df38473a"}, {"last_affected":"0caff57c42cac0f80152187473b1ee753aca8257"}, {"last_affected":"a37e42b3ee4226a4d2c69cd4eebf9c81e6df8ea5"}, {"last_affected":"9422cd85a081f6e084731e87eda3e8e4df9f6827"}, {"last_affected":"29353dd3f8159089ecf2fa0886f94f4cf32e75f2"}, {"last_affected":"eda6effcabcf9c238e4635eb058d72371336e09b"}, {"last_affected":"d3139c9733f1994fb86825e0d1fd2a5abf3be7b5"}, {"last_affected":"e7873dfccad595e9d8fc65217ebffcf3686e1d34"}, {"last_affected":"27172a5ca360e61a07ff16bf22f2ec91208f4e00"}, {"last_affected":"41802887eb647bee21238e0a575a7c4bbf954b86"}, {"last_affected":"68f89b8264d46d5812e710ca0f903d4d323ec899"}, {"last_affected":"6baf9c4406bcdf1015c9ec8bd6b8c4aef77624ac"}, {"last_affected":"e72c0a04664a9aab449b63135fe16ade51a99bb6"}, {"last_affected":"c2eb668617555cb8b8bcfb9796241ada9471ac65"}, {"last_affected":"f406bf3fa933be089bd76a95f75ea57b0942f8c5"}, {"last_affected":"e0a03d1f9cb18139ede8c3d0263a21828494c951"}, {"last_affected":"0edc79962641dd853cda187ee13b617701346061"}, {"last_affected":"1b99667005156cadc8d3ae0099ef5d244e598ac5"}, {"last_affected":"49fa398858df1a1e425740672de5fb4819b4d947"}, {"last_affected":"5df02760dd2f050b996f931fa7cdf8871bfa5d96"}, {"last_affected":"b05d3550407418aea53f2672463a8ebc8f75654e"}, {"last_affected":"969aee07e68c5930782bc46f2ac2391db55b8d1b"}, {"last_affected":"9f09bfe681259cfed7414f207c88f84c09d5b501"}, {"last_affected":"86a01362c0e46d155fbfc1ef19f5ba17af3ee69d"}, {"last_affected":"36cfee3adc70c6a78a07df4bb16349c4b0893ef4"}, {"last_affected":"bf0d2ee92c33d802907e829f99c26a46578ed679"}, {"last_affected":"1c14b09caf903f2e776dcd661085db49511bf531"}, {"last_affected":"051cd7dc5f42542753f809109d00ec3cf19eb337"}, {"last_affected":"3ec3f70ddb1b97fd6174ab3ca8617d8a1a6516ab"}, {"last_affected":"7c2d152f562ab089ecf8262438e2f8e9cb9c546f"}, {"last_affected":"b88de7b31a4a5c35d10b1392d2d86d93fc942b4c"}, {"last_affected":"bc259185cb69c6532232be4b2ad57a70ef7ed946"}, {"last_affected":"d005e2ecce5c8104679b39f2050a9d83e417d275"}, {"last_affected":"b44506c393b176dc396502ad262ac18bec52a110"}, {"last_affected":"db27f50e0658e91758e8a17fdcf390e6bc93c1d2"}, {"last_affected":"13a72d9b08c914c3d3c99be1053e9d5cda8baa88"}, {"last_affected":"e1ce4f805f31aecec83fc7c7ecaab623f3b6327f"}, {"last_affected":"d61454e7c1de48f6a9059ca98f55e6beb52a618c"}, {"last_affected":"043f32606046b1470218511ded151edfa7a126ee"}, {"last_affected":"dd2394754d8cee3717b3e198c83cc382674cf126"}, {"last_affected":"4afe2684d8f50b28ce6743c7ee999f3157c9857f"}, {"last_affected":"1fd7fb9036fcfb1620068014d8a52112067d2d59"}, {"last_affected":"3c63503792147a996997023694a3b45f27ab3f78"}, {"last_affected":"2c8c55195da97ee45fb0daf6d68c22b942e14ade"}, {"last_affected":"de7b74d2544d2cb5ff85db20a9853116ea72ed47"}, {"last_affected":"1047c286fa20c79dde8ddd7577a3b87cc1effdb7"}, {"last_affected":"0045969e411bcf946b2393e7bcb42032cb71a9a1"}, {"last_affected":"5e4ec87720a64cd969120af60e82cbd55454ab8e"}, {"last_affected":"da2186be81b5cb2d24da5671e25affbb8f09920d"}, {"last_affected":"2c01dd2ea5e39238261945185d2b30e11979cf4b"}, {"last_affected":"959ab06c68f8c74a0f31bcaf2692cbbdaf5702f6"}, {"last_affected":"07d508e4f55f6045b83df3346448b149faab5d7d"}, {"last_affected":"3429714f3d046f4e2235848a60b6f63bd084e01f"}, {"last_affected":"d0599a3516c5da31c7009af7574abbff360b9ce6"}, {"last_affected":"faac8e43315dae5818816bcebe52d11777b064b2"}, {"last_affected":"21d0ae829f72ec327aff31b0cb1af1261b56596c"}, {"last_affected":"1eb646ec9f87ed488f52561867e107eaee89e20c"}, {"last_affected":"d52b5f85f2837b0de9bdefe2a650d8d1b0e02ec1"}, {"last_affected":"f478bdabf2afcd5f709789347f8a3becc4ff17bc"}, {"last_affected":"b2c9cd36d34c4157af10342ad3476dd9260bbefe"}, {"last_affected":"04fd0250e1fd3fddcd7bc96c8ac95455f910637e"}, {"last_affected":"af5917698bd44f136fd0ff00a9e5f8b5f92f2d58"}, {"last_affected":"b17cec526214dff9d6ac1d97b70167d15a4e14d7"}, {"last_affected":"48d388b03336d01e0db9b729f9f82cbadf3af7bd"}, {"last_affected":"d6ce1cb14077891f3f6ac86cfd243835c92eb374"}, {"last_affected":"0bcb6ac150690d1b799982efabc11cab3420f3e3"}, {"last_affected":"620197d1ffea20e9168372c354438f1c1e926ecd"}, {"last_affected":"15466db69e60f486c44e4c3e680d27c951f125d7"}, {"last_affected":"93f3752b970cc7c9e1a360037fff1ddb9dcbb86e"}, {"last_affected":"26241af6f8b291eed42c597ffa2b32802331f813"}, {"last_affected":"58142a27ea96bf9246586a91a82db85e37646933"}, {"last_affected":"40934e0e9b632fa6c6ec22ac03b530625a027c79"}, {"last_affected":"c9b3451da3cf632424c07c35759c9ffbd537fa9e"}, {"last_affected":"644296e736ee219cd02f7b7d7b7b4c7c5a464217"}, {"last_affected":"644179e0d4155ae8f5ddd5c3f6bd003e2e13cf94"}], "database_specific":{"cpe":["cpe:2.3:a:ffmpeg:ffmpeg:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.1:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.1.8:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.10:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.11:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.12:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.13:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.14:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.15:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.16:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.3:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.4:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.4.9:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.4.10:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.4.11:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.4.12:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.5:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.5.4:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.5.6:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.5.7:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.5.8:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.5.9:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.6:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.6.6:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.7:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.7.4:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.8:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.8:dev:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.8.2:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.8.3:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.8.4:*:*:*:*:*:*:*"], "source":"CPE_FIELD", "versions":[{"introduced":"0"}, {"last_affected":"2.0"}, {"last_affected":"2.0.1"}, {"last_affected":"2.0.2"}, {"last_affected":"2.0.3"}, {"last_affected":"2.0.4"}, {"last_affected":"2.0.5"}, {"last_affected":"2.0.6"}, {"last_affected":"2.0.7"}, {"last_affected":"2.1"}, {"last_affected":"2.1.1"}, {"last_affected":"2.1.2"}, {"last_affected":"2.1.3"}, {"last_affected":"2.1.4"}, {"last_affected":"2.1.5"}, {"last_affected":"2.1.6"}, {"last_affected":"2.1.7"}, {"last_affected":"2.1.8"}, {"last_affected":"2.2"}, {"last_affected":"2.2.1"}, {"last_affected":"2.2.2"}, {"last_affected":"2.2.3"}, {"last_affected":"2.2.4"}, {"last_affected":"2.2.5"}, {"last_affected":"2.2.6"}, {"last_affected":"2.2.7"}, {"last_affected":"2.2.8"}, {"last_affected":"2.2.9"}, {"last_affected":"2.2.10"}, {"last_affected":"2.2.11"}, {"last_affected":"2.2.12"}, {"last_affected":"2.2.13"}, {"last_affected":"2.2.14"}, {"last_affected":"2.2.15"}, {"last_affected":"2.2.16"}, {"last_affected":"2.3"}, {"last_affected":"2.3.1"}, {"last_affected":"2.3.2"}, {"last_affected":"2.3.3"}, {"last_affected":"2.3.4"}, {"last_affected":"2.3.5"}, {"last_affected":"2.3.6"}, {"last_affected":"2.4"}, {"last_affected":"2.4.1"}, {"last_affected":"2.4.2"}, {"last_affected":"2.4.3"}, {"last_affected":"2.4.4"}, {"last_affected":"2.4.5"}, {"last_affected":"2.4.6"}, {"last_affected":"2.4.7"}, {"last_affected":"2.4.8"}, {"last_affected":"2.4.9"}, {"last_affected":"2.4.10"}, {"last_affected":"2.4.11"}, {"last_affected":"2.4.12"}, {"last_affected":"2.5"}, {"last_affected":"2.5.1"}, {"last_affected":"2.5.2"}, {"last_affected":"2.5.3"}, {"last_affected":"2.5.4"}, {"last_affected":"2.5.5"}, {"last_affected":"2.5.6"}, {"last_affected":"2.5.7"}, {"last_affected":"2.5.8"}, {"last_affected":"2.5.9"}, {"last_affected":"2.6"}, {"last_affected":"2.6.1"}, {"last_affected":"2.6.2"}, {"last_affected":"2.6.3"}, {"last_affected":"2.6.4"}, {"last_affected":"2.6.5"}, {"last_affected":"2.6.6"}, {"last_affected":"2.7"}, {"last_affected":"2.7.1"}, {"last_affected":"2.7.2"}, {"last_affected":"2.7.3"}, {"last_affected":"2.7.4"}, {"last_affected":"2.8"}, {"last_affected":"2.8-dev"}, {"last_affected":"2.8.1"}, {"last_affected":"2.8.2"}, {"last_affected":"2.8.3"}, {"last_affected":"2.8.4"}]}}]}], "references":[{"type":"ARTICLE", "url":"http://habrahabr.ru/company/mailru/blog/274855"}, {"type":"ADVISORY", "url":"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00034.html"}, {"type":"WEB", "url":"http://security.stackexchange.com/questions/110644"}, {"type":"ADVISORY", "url":"http://www.debian.org/security/2016/dsa-3506"}, {"type":"ARTICLE", "url":"http://www.openwall.com/lists/oss-security/2016/01/14/1"}, {"type":"ADVISORY", "url":"http://www.securityfocus.com/bid/80501"}, {"type":"ADVISORY", "url":"http://www.securitytracker.com/id/1034932"}, {"type":"ADVISORY", "url":"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.529036"}, {"type":"ADVISORY", "url":"http://www.ubuntu.com/usn/USN-2944-1"}, {"type":"ADVISORY", "url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1897"}, {"type":"ADVISORY", "url":"https://security.gentoo.org/glsa/201606-09"}, {"type":"ADVISORY", "url":"https://security.gentoo.org/glsa/201705-08"}, {"type":"ADVISORY", "url":"https://www.kb.cert.org/vuls/id/772447"}], "database_specific":{"cna_assigner":"mitre", "osv_generated_from":"unknown"}} +{"schema_version":"1.7.3", "id":"CVE-2018-14618", "published":"2018-09-05T19:00:00Z", "modified":"2024-11-21T03:49:26.003Z", "details":"curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently used to iterate over the password and generate output into the allocated storage buffer. On systems with a 32 bit size_t, the math to calculate SUM triggers an integer overflow when the password length exceeds 2GB (2^31 bytes). This integer overflow usually causes a very small buffer to actually get allocated instead of the intended very huge one, making the use of that buffer end up in a heap buffer overflow. (This bug is almost identical to CVE-2017-8816.)", "affected":[{"ranges":[{"type":"GIT", "repo":"https://github.com/curl/curl", "events":[{"introduced":"0"}, {"fixed":"432eb5f5c254ee8383b2522ce597c9219877923e"}, {"last_affected":"52707f959058c148c8a5ef4e81d0599780a1c014"}, {"last_affected":"ac98c73b04aec60683ec2094f3c311485f08d6ab"}], "database_specific":{"cpe":["cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:7.6:*:*:*:*:*:*:*"], "source":"CPE_FIELD", "versions":[{"introduced":"0"}, {"fixed":"7.61.1"}, {"last_affected":"7.5"}, {"last_affected":"7.6"}]}}]}], "references":[{"type":"ADVISORY", "url":"http://www.securitytracker.com/id/1041605"}, {"type":"ADVISORY", "url":"https://access.redhat.com/errata/RHSA-2018:3558"}, {"type":"ADVISORY", "url":"https://access.redhat.com/errata/RHSA-2019:1880"}, {"type":"REPORT", "url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14618"}, {"type":"WEB", "url":"https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf"}, {"type":"WEB", "url":"https://curl.haxx.se/docs/CVE-2018-14618.html"}, {"type":"ADVISORY", "url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14618"}, {"type":"WEB", "url":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0014"}, {"type":"ADVISORY", "url":"https://security.gentoo.org/glsa/201903-03"}, {"type":"ADVISORY", "url":"https://usn.ubuntu.com/3765-1/"}, {"type":"ADVISORY", "url":"https://usn.ubuntu.com/3765-2/"}, {"type":"ADVISORY", "url":"https://www.debian.org/security/2018/dsa-4286"}], "database_specific":{"cna_assigner":"redhat", "cwe_ids":["CWE-122", "CWE-131"], "osv_generated_from":"unknown", "unresolved_ranges":[{"metadata":{"source":"AFFECTED_FIELD"}, "versions":[{"last_affected":"7.61.1"}]}, {"metadata":{"source":"DESCRIPTION"}, "versions":[{"fixed":"7.61.1"}]}]}, "severity":[{"type":"CVSS_V3", "score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}]} +{"schema_version":"1.7.3", "id":"CVE-2022-33068", "published":"2022-06-22T13:24:42Z", "modified":"2024-11-21T07:07:30.140Z", "details":"An integer overflow in the component hb-ot-shape-fallback.cc of Harfbuzz v4.3.0 allows attackers to cause a Denial of Service (DoS) via unspecified vectors.", "affected":[{"ranges":[{"type":"GIT", "repo":"https://github.com/harfbuzz/harfbuzz", "events":[{"introduced":"0"}, {"last_affected":"aee123fc83388b8f5acfb301d87bd92eccc5b843"}, {"fixed":"62e803b36173fd096d7ad460dd1d1db9be542593"}], "database_specific":{"cpe":"cpe:2.3:a:harfbuzz_project:harfbuzz:4.3.0:*:*:*:*:*:*:*", "source":["CPE_FIELD", "REFERENCES"], "versions":[{"introduced":"0"}, {"last_affected":"4.3.0"}]}}]}], "references":[{"type":"FIX", "url":"https://github.com/harfbuzz/harfbuzz/commit/62e803b36173fd096d7ad460dd1d1db9be542593"}, {"type":"REPORT", "url":"https://github.com/harfbuzz/harfbuzz/issues/3557"}, {"type":"ADVISORY", "url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FQBJ24W6TXLSAQWCFW7IBGUMX4AJI3S4/"}, {"type":"ADVISORY", "url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QQMEXOVDL3T2UXKBCON7JSOCE646G7HG/"}, {"type":"ADVISORY", "url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W56WTC5IY4EIUHVUIHMCXA3BSBZLSZCI/"}, {"type":"ADVISORY", "url":"https://nvd.nist.gov/vuln/detail/CVE-2022-33068"}, {"type":"ADVISORY", "url":"https://security.gentoo.org/glsa/202209-11"}], "database_specific":{"cna_assigner":"mitre", "osv_generated_from":"unknown"}} +{"schema_version":"1.7.3", "id":"CVE-2023-22466", "published":"2023-01-04T21:47:09.400Z", "modified":"2025-03-10T21:32:32.950Z", "aliases":["GHSA-7rrj-xr53-82p7"], "summary":"Tokio's reject_remote_clients configuration may get dropped when creating a Windows named pipe", "details":"Tokio is a runtime for writing applications with Rust. Starting with version 1.7.0 and prior to versions 1.18.4, 1.20.3, and 1.23.1, when configuring a Windows named pipe server, setting `pipe_mode` will reset `reject_remote_clients` to `false`. If the application has previously configured `reject_remote_clients` to `true`, this effectively undoes the configuration. Remote clients may only access the named pipe if the named pipe's associated path is accessible via a publicly shared folder (SMB). Versions 1.23.1, 1.20.3, and 1.18.4 have been patched. The fix will also be present in all releases starting from version 1.24.0. Named pipes were introduced to Tokio in version 1.7.0, so releases older than 1.7.0 are not affected. As a workaround, ensure that `pipe_mode` is set first after initializing a `ServerOptions`.", "affected":[{"ranges":[{"type":"GIT", "repo":"https://github.com/tokio-rs/tokio", "events":[{"introduced":"50795e652ecb0747c8d048aeaa38a41dddb2da4b"}, {"fixed":"1a997ffbd62334af2553775234e75ede2d7d949f"}]}]}], "references":[{"type":"FIX", "url":"https://github.com/tokio-rs/tokio/pull/5336"}, {"type":"WEB", "url":"https://github.com/tokio-rs/tokio/releases/tag/tokio-1.23.1"}, {"type":"ADVISORY", "url":"https://github.com/tokio-rs/tokio/security/advisories/GHSA-7rrj-xr53-82p7"}, {"type":"WEB", "url":"https://learn.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-createnamedpipea#pipe_reject_remote_clients"}, {"type":"ADVISORY", "url":"https://nvd.nist.gov/vuln/detail/CVE-2023-22466"}], "database_specific":{"cna_assigner":"GitHub_M", "cwe_ids":["CWE-665"], "osv_generated_from":"unknown"}, "severity":[{"type":"CVSS_V3", "score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L"}]} +{"schema_version":"1.7.3", "id":"CVE-2024-2002", "published":"2024-03-18T12:26:31.386Z", "modified":"2025-11-20T18:21:28.745Z", "summary":"Libdwarf: crashes randomly on fuzzed object", "details":"A double-free vulnerability was found in libdwarf. In a multiply-corrupted DWARF object, libdwarf may try to dealloc(free) an allocation twice, potentially causing unpredictable and various results.", "affected":[{"ranges":[{"type":"GIT", "repo":"https://github.com/davea42/libdwarf-code", "events":[{"introduced":"0"}, {"fixed":"5e43a5ab73cb00c8a46660b361366a8c9c3c93c9"}], "database_specific":{"cpe":"cpe:2.3:a:libdwarf_project:libdwarf:*:*:*:*:*:*:*:*", "source":"CPE_FIELD", "versions":[{"introduced":"0.1.0"}, {"fixed":"0.9.2"}]}}]}], "references":[{"type":"WEB", "url":"https://access.redhat.com/downloads/content/package-browser/"}, {"type":"ADVISORY", "url":"https://access.redhat.com/security/cve/CVE-2024-2002"}, {"type":"REPORT", "url":"https://bugzilla.redhat.com/show_bug.cgi?id=2267700"}, {"type":"WEB", "url":"https://github.com/davea42/libdwarf-code/"}, {"type":"WEB", "url":"https://github.com/davea42/libdwarf-code/blob/main/bugxml/data.txt"}, {"type":"WEB", "url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGPVLSPIXR32J6FOAFTTIMYTUUXJICGW/"}, {"type":"ADVISORY", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-2002"}], "database_specific":{"cna_assigner":"redhat", "cwe_ids":["CWE-415"], "osv_generated_from":"unknown", "unresolved_ranges":[{"metadata":{"source":"AFFECTED_FIELD"}, "versions":[{"last_affected":"0.1.0"}]}]}, "severity":[{"type":"CVSS_V3", "score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]} +{"schema_version":"1.7.3", "id":"CVE-2024-7264", "published":"2024-07-31T08:08:14.585Z", "modified":"2025-11-03T23:17:31.647Z", "summary":"ASN.1 date parser overread", "details":"libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "affected":[{"ranges":[{"type":"GIT", "repo":"https://github.com/curl/curl", "events":[{"introduced":"70812c2f32fc5734bcbbe572b9f61c380433ad6a"}, {"fixed":"27959ecce75cdb2809c0bdb3286e60e08fadb519"}]}]}], "references":[{"type":"WEB", "url":"http://www.openwall.com/lists/oss-security/2024/07/31/1"}, {"type":"WEB", "url":"https://curl.se/docs/CVE-2024-7264.html"}, {"type":"WEB", "url":"https://curl.se/docs/CVE-2024-7264.json"}, {"type":"FIX", "url":"https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519"}, {"type":"WEB", "url":"https://hackerone.com/reports/2629968"}, {"type":"ADVISORY", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-7264"}, {"type":"ADVISORY", "url":"https://security.netapp.com/advisory/ntap-20240828-0008/"}, {"type":"ADVISORY", "url":"https://security.netapp.com/advisory/ntap-20241025-0006/"}, {"type":"ADVISORY", "url":"https://security.netapp.com/advisory/ntap-20241025-0010/"}], "database_specific":{"cna_assigner":"curl", "osv_generated_from":"unknown"}, "severity":[{"type":"CVSS_V3", "score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}]} +{"schema_version":"1.7.3", "id":"CVE-2025-4565", "published":"2025-06-16T14:50:40.906Z", "modified":"2025-08-14T17:05:37.770Z", "summary":"Unbounded recursion in Python Protobuf", "details":"Any project that uses Protobuf Pure-Python backend to parse untrusted Protocol Buffers data containing an arbitrary number of recursive groups, recursive messages or a series of SGROUP tags can be corrupted by exceeding the Python recursion limit. This can result in a Denial of service by crashing the application with a RecursionError. We recommend upgrading to version =>6.31.1 or beyond commit 17838beda2943d08b8a9d4df5b68f5f04f26d901", "affected":[{"ranges":[{"type":"GIT", "repo":"https://github.com/protocolbuffers/protobuf", "events":[{"introduced":"d295af5c3002c08e1bfd9d7f9e175d0a4d015f1e"}, {"fixed":"74211c0dfc2777318ab53c2cd2c317a2ef9012de"}]}]}], "references":[{"type":"WEB", "url":"https://github.com/protocolbuffers/protobuf/"}, {"type":"FIX", "url":"https://github.com/protocolbuffers/protobuf/commit/17838beda2943d08b8a9d4df5b68f5f04f26d901"}, {"type":"ADVISORY", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-4565"}, {"type":"PACKAGE", "url":"https://pypi.org/project/protobuf/"}], "database_specific":{"cna_assigner":"Google", "cwe_ids":["CWE-674"], "osv_generated_from":"unknown"}, "severity":[{"type":"CVSS_V4", "score":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"}]} +{"schema_version":"1.7.3", "id":"CVE-2026-20912", "published":"2026-01-22T22:01:52.026Z", "modified":"2026-01-29T22:03:58.330Z", "aliases":["GHSA-vfmv-f93v-37mw"], "summary":"Gitea: Cross-Repository Authorization Bypass via Release Attachment Linking Leads to Private Attachment Disclosure", "details":"Gitea does not properly validate repository ownership when linking attachments to releases. An attachment uploaded to a private repository could potentially be linked to a release in a different public repository, making it accessible to unauthorized users.", "affected":[{"ranges":[{"type":"GIT", "repo":"https://github.com/go-gitea/gitea", "events":[{"introduced":"0"}, {"fixed":"369830bada2fd8826a5135cb2fc66660a9bef708"}]}]}], "references":[{"type":"ADVISORY", "url":"https://blog.gitea.com/release-of-1.25.4/"}, {"type":"FIX", "url":"https://github.com/go-gitea/gitea/pull/36320"}, {"type":"FIX", "url":"https://github.com/go-gitea/gitea/pull/36355"}, {"type":"ADVISORY", "url":"https://github.com/go-gitea/gitea/releases/tag/v1.25.4"}, {"type":"ADVISORY", "url":"https://github.com/go-gitea/gitea/security/advisories/GHSA-vfmv-f93v-37mw"}, {"type":"ADVISORY", "url":"https://nvd.nist.gov/vuln/detail/CVE-2026-20912"}], "database_specific":{"cna_assigner":"Gitea", "cwe_ids":["CWE-284", "CWE-639"], "osv_generated_from":"unknown"}, "severity":[{"type":"CVSS_V3", "score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"}]} +{"schema_version":"1.7.3", "id":"CVE-2026-23522", "published":"2026-01-19T16:53:32.371Z", "modified":"2026-01-26T15:05:39.840Z", "aliases":["GHSA-j7xp-4mg9-x28r"], "summary":"Lobe Chat has IDOR in Knowledge Base File Removal that Allows Cross User File Deletion", "details":"LobeChat is an open source chat application platform. Prior to version 2.0.0-next.193, `knowledgeBase.removeFilesFromKnowledgeBase` tRPC ep allows authenticated users to delete files from any knowledge base without verifying ownership. `userId` filter in the database query is commented out, so it's enabling attackers to delete other users' KB files if they know the knowledge base ID and file ID. While the vulnerability is confirmed, practical exploitation requires knowing target's KB ID and target's file ID. These IDs are random and not easily enumerable. However, IDs may leak through shared links, logs, referrer headers and so on. Missing authorization check is a critical security flaw regardless. Users should upgrade to version 2.0.0-next.193 to receive a patch.", "affected":[{"ranges":[{"type":"GIT", "repo":"https://github.com/lobehub/lobehub", "events":[{"introduced":"0"}, {"fixed":"eeda4f90af57368584fa97250cbb0d5bf0a5e16e"}]}]}], "references":[{"type":"FIX", "url":"https://github.com/lobehub/lobe-chat/commit/2c1762b85acb84467ed5e799afe1499cd2f912e6"}, {"type":"ADVISORY", "url":"https://github.com/lobehub/lobe-chat/security/advisories/GHSA-j7xp-4mg9-x28r"}, {"type":"ADVISORY", "url":"https://nvd.nist.gov/vuln/detail/CVE-2026-23522"}], "database_specific":{"cna_assigner":"GitHub_M", "cwe_ids":["CWE-284", "CWE-639", "CWE-862", "CWE-915"], "osv_generated_from":"unknown"}, "severity":[{"type":"CVSS_V3", "score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}]} +--- diff --git a/vulnfeeds/cmd/combine-to-osv/main_test.go b/vulnfeeds/cmd/combine-to-osv/main_test.go index 0fca9cf16a2..45dd3b333ae 100644 --- a/vulnfeeds/cmd/combine-to-osv/main_test.go +++ b/vulnfeeds/cmd/combine-to-osv/main_test.go @@ -3,13 +3,16 @@ package main import ( "path/filepath" "sort" + "strings" "testing" "time" + "github.com/gkampitakis/go-snaps/snaps" "github.com/google/go-cmp/cmp" "github.com/google/go-cmp/cmp/cmpopts" "github.com/google/osv/vulnfeeds/models" "github.com/ossf/osv-schema/bindings/go/osvschema" + "google.golang.org/protobuf/encoding/protojson" "google.golang.org/protobuf/testing/protocmp" "google.golang.org/protobuf/types/known/timestamppb" ) @@ -429,3 +432,38 @@ func TestCombineTwoOSVRecords(t *testing.T) { t.Errorf("combineTwoOSVRecords() mismatch (-want +got):\n%s", diff) } } + +func TestCombineDirsSnapshot(t *testing.T) { + cve5Path := "cve5" + nvdPath := "nvd" + + cve5osv := loadOSV(cve5Path) + nvdosv := loadOSV(nvdPath) + + // Since combineIntoOSV modifies nvdosv, make a copy to avoid side effects + nvdosvCopy := make(map[models.CVEID]*osvschema.Vulnerability) + for k, v := range nvdosv { + nvdosvCopy[k] = v + } + + combined := combineIntoOSV(cve5osv, nvdosvCopy, nil) + + // Sort by ID to ensure deterministic snapshot + var keys []string + for k := range combined { + keys = append(keys, string(k)) + } + sort.Strings(keys) + + var output []string + for _, k := range keys { + v := combined[models.CVEID(k)] + file, err := protojson.Marshal(v) + if err != nil { + t.Fatalf("Failed to marshal %s: %v", k, err) + } + output = append(output, string(file)) + } + + snaps.MatchSnapshot(t, strings.Join(output, "\n")) +} diff --git a/vulnfeeds/cmd/converters/cve/nvd-cve-osv/main.go b/vulnfeeds/cmd/converters/cve/nvd-cve-osv/main.go index b1bfdf4c46e..1f0a9867e38 100644 --- a/vulnfeeds/cmd/converters/cve/nvd-cve-osv/main.go +++ b/vulnfeeds/cmd/converters/cve/nvd-cve-osv/main.go @@ -32,21 +32,6 @@ var ( cpuProfile = flag.String("cpuprofile", "", "Path to write cpu profile to file (default = no output)") ) -func loadCPEDictionary(productToRepo *c.VPRepoCache, f string) error { - data, err := os.ReadFile(f) - if err != nil { - return err - } - - var tempMap c.VendorProductToRepoMap - if err := json.Unmarshal(data, &tempMap); err != nil { - return err - } - productToRepo.Initialize(tempMap) - - return nil -} - func main() { flag.Parse() if !slices.Contains([]string{"OSV", "PackageInfo"}, *outFormat) { @@ -82,7 +67,7 @@ func main() { vpRepoCache := c.NewVPRepoCache() if *parsedCPEDictionary != "" { - err = loadCPEDictionary(vpRepoCache, *parsedCPEDictionary) + err = c.LoadCPEDictionary(vpRepoCache, *parsedCPEDictionary) if err != nil { logger.Fatal("Failed to load parsed CPE dictionary", slog.Any("err", err)) } diff --git a/vulnfeeds/conversion/common.go b/vulnfeeds/conversion/common.go index 286c6fba58e..083671586e7 100644 --- a/vulnfeeds/conversion/common.go +++ b/vulnfeeds/conversion/common.go @@ -625,3 +625,19 @@ func ProcessRanges(ranges []models.RangeWithMetadata, repos []string, metrics *m return r, un, sR } + + +func LoadCPEDictionary(productToRepo *VPRepoCache, f string) error { + data, err := os.ReadFile(f) + if err != nil { + return err + } + + var tempMap VendorProductToRepoMap + if err := json.Unmarshal(data, &tempMap); err != nil { + return err + } + productToRepo.Initialize(tempMap) + + return nil +} \ No newline at end of file diff --git a/vulnfeeds/conversion/cve5/__snapshots__/converter_test.snap b/vulnfeeds/conversion/cve5/__snapshots__/converter_test.snap index 98376dc8c86..0a51baf1dcb 100755 --- a/vulnfeeds/conversion/cve5/__snapshots__/converter_test.snap +++ b/vulnfeeds/conversion/cve5/__snapshots__/converter_test.snap @@ -340,3 +340,1373 @@ "summary": "partitions: mac: fix handling of bogus partition table" } --- + +[TestCVE5Snapshot - 1] +{ + "affected": [ + { + "ranges": [ + { + "database_specific": { + "source": "AFFECTED_FIELD", + "versions": [ + { + "introduced": "0" + }, + { + "fixed": "2.0.0-next.193" + } + ] + }, + "events": [ + { + "introduced": "0" + }, + { + "fixed": "eeda4f90af57368584fa97250cbb0d5bf0a5e16e" + } + ], + "repo": "https://github.com/lobehub/lobehub", + "type": "GIT" + } + ] + } + ], + "aliases": [ + "GHSA-j7xp-4mg9-x28r" + ], + "database_specific": { + "cna_assigner": "GitHub_M", + "cwe_ids": [ + "CWE-284", + "CWE-639", + "CWE-862", + "CWE-915" + ], + "osv_generated_from": "unknown" + }, + "details": "LobeChat is an open source chat application platform. Prior to version 2.0.0-next.193, `knowledgeBase.removeFilesFromKnowledgeBase` tRPC ep allows authenticated users to delete files from any knowledge base without verifying ownership. `userId` filter in the database query is commented out, so it's enabling attackers to delete other users' KB files if they know the knowledge base ID and file ID. While the vulnerability is confirmed, practical exploitation requires knowing target's KB ID and target's file ID. These IDs are random and not easily enumerable. However, IDs may leak through shared links, logs, referrer headers and so on. Missing authorization check is a critical security flaw regardless. Users should upgrade to version 2.0.0-next.193 to receive a patch.", + "id": "CVE-2026-23522", + "modified": "2026-01-20T21:35:39.441Z", + "published": "2026-01-19T16:53:32.371Z", + "references": [ + { + "type": "FIX", + "url": "https://github.com/lobehub/lobe-chat/commit/2c1762b85acb84467ed5e799afe1499cd2f912e6" + }, + { + "type": "ADVISORY", + "url": "https://github.com/lobehub/lobe-chat/security/advisories/GHSA-j7xp-4mg9-x28r" + }, + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23522" + } + ], + "schema_version": "1.7.3", + "severity": [ + { + "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", + "type": "CVSS_V3" + } + ], + "summary": "Lobe Chat has IDOR in Knowledge Base File Removal that Allows Cross User File Deletion" +} +{ + "affected": [ + { + "ranges": [ + { + "database_specific": { + "source": "AFFECTED_FIELD", + "versions": [ + { + "introduced": "0" + }, + { + "fixed": "4.25.8" + }, + { + "fixed": "5.29.5" + }, + { + "fixed": "6.31.1" + } + ] + }, + "events": [ + { + "introduced": "0" + }, + { + "fixed": "a4cbdd3ed0042e8f9b9c30e8b0634096d9532809" + }, + { + "fixed": "f5de0a0495faa63b4186fc767324f8b9a7bf4fc4" + }, + { + "fixed": "74211c0dfc2777318ab53c2cd2c317a2ef9012de" + } + ], + "repo": "https://github.com/protocolbuffers/protobuf", + "type": "GIT" + } + ] + } + ], + "database_specific": { + "cna_assigner": "Google", + "cwe_ids": [ + "CWE-674" + ], + "osv_generated_from": "unknown" + }, + "details": "Any project that uses Protobuf Pure-Python backend to parse untrusted Protocol Buffers data containing an arbitrary number of recursive groups, recursive messages or a series of SGROUP tags can be corrupted by exceeding the Python recursion limit. This can result in a Denial of service by crashing the application with a RecursionError. We recommend upgrading to version =\u003e6.31.1 or beyond commit 17838beda2943d08b8a9d4df5b68f5f04f26d901", + "id": "CVE-2025-4565", + "modified": "2025-06-16T15:39:18.263Z", + "published": "2025-06-16T14:50:40.906Z", + "references": [ + { + "type": "WEB", + "url": "https://github.com/protocolbuffers/protobuf/" + }, + { + "type": "FIX", + "url": "https://github.com/protocolbuffers/protobuf/commit/17838beda2943d08b8a9d4df5b68f5f04f26d901" + }, + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4565" + }, + { + "type": "PACKAGE", + "url": "https://pypi.org/project/protobuf/" + } + ], + "schema_version": "1.7.3", + "severity": [ + { + "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", + "type": "CVSS_V4" + } + ], + "summary": "Unbounded recursion in Python Protobuf" +} +{ + "affected": [ + { + "ranges": [ + { + "database_specific": { + "source": "AFFECTED_FIELD", + "versions": [ + { + "introduced": "0" + }, + { + "last_affected": "1.25.3" + } + ] + }, + "events": [ + { + "introduced": "0" + }, + { + "last_affected": "9a7cfd8620989d9de6dc4ca0c95d9fd42c1768ed" + } + ], + "repo": "https://github.com/go-gitea/gitea", + "type": "GIT" + } + ] + } + ], + "aliases": [ + "GHSA-vfmv-f93v-37mw" + ], + "database_specific": { + "cna_assigner": "Gitea", + "cwe_ids": [ + "CWE-284", + "CWE-639" + ], + "osv_generated_from": "unknown" + }, + "details": "Gitea does not properly validate repository ownership when linking attachments to releases. An attachment uploaded to a private repository could potentially be linked to a release in a different public repository, making it accessible to unauthorized users.", + "id": "CVE-2026-20912", + "modified": "2026-01-23T21:53:41.649Z", + "published": "2026-01-22T22:01:52.026Z", + "references": [ + { + "type": "ADVISORY", + "url": "https://blog.gitea.com/release-of-1.25.4/" + }, + { + "type": "FIX", + "url": "https://github.com/go-gitea/gitea/pull/36320" + }, + { + "type": "FIX", + "url": "https://github.com/go-gitea/gitea/pull/36355" + }, + { + "type": "ADVISORY", + "url": "https://github.com/go-gitea/gitea/releases/tag/v1.25.4" + }, + { + "type": "ADVISORY", + "url": "https://github.com/go-gitea/gitea/security/advisories/GHSA-vfmv-f93v-37mw" + }, + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-20912" + } + ], + "schema_version": "1.7.3", + "severity": [ + { + "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", + "type": "CVSS_V3" + } + ], + "summary": "Gitea: Cross-Repository Authorization Bypass via Release Attachment Linking Leads to Private Attachment Disclosure" +} +{ + "affected": [ + { + "ranges": [ + { + "database_specific": { + "source": "AFFECTED_FIELD", + "versions": [ + { + "introduced": "0" + }, + { + "last_affected": "4.x" + } + ] + }, + "events": [ + { + "introduced": "0" + }, + { + "last_affected": "85c43e41805cde051a7a29aefcac2cd6aee8c69d" + } + ], + "repo": "https://github.com/forcedotcom/salesforcemobilesdk-windows", + "type": "GIT" + } + ] + } + ], + "database_specific": { + "cna_assigner": "VulDB", + "cwe_ids": [ + "CWE-89" + ], + "osv_generated_from": "unknown" + }, + "details": "** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in forcedotcom SalesforceMobileSDK-Windows up to 4.x. It has been rated as critical. This issue affects the function ComputeCountSql of the file SalesforceSDK/SmartStore/Store/QuerySpec.cs. The manipulation leads to sql injection. Upgrading to version 5.0.0 is able to address this issue. The patch is named 83b3e91e0c1e84873a6d3ca3c5887eb5b4f5a3d8. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-217619. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.", + "id": "CVE-2016-15012", + "modified": "2025-04-08T20:30:50.208Z", + "published": "2023-01-07T12:59:27.772Z", + "references": [ + { + "type": "FIX", + "url": "https://github.com/forcedotcom/SalesforceMobileSDK-Windows/commit/83b3e91e0c1e84873a6d3ca3c5887eb5b4f5a3d8" + }, + { + "type": "FIX", + "url": "https://github.com/forcedotcom/SalesforceMobileSDK-Windows/releases/tag/v5.0.0" + }, + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-15012" + }, + { + "type": "REPORT", + "url": "https://vuldb.com/?ctiid.217619" + }, + { + "type": "ADVISORY", + "url": "https://vuldb.com/?id.217619" + } + ], + "schema_version": "1.7.3", + "severity": [ + { + "score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "type": "CVSS_V3" + } + ], + "summary": "forcedotcom SalesforceMobileSDK-Windows QuerySpec.cs ComputeCountSql sql injection" +} +{ + "affected": [ + { + "ranges": [ + { + "database_specific": { + "source": "AFFECTED_FIELD", + "versions": [ + { + "introduced": "0" + }, + { + "last_affected": "8.9.0" + }, + { + "last_affected": "8.8.0" + }, + { + "last_affected": "8.7.1" + }, + { + "last_affected": "8.7.0" + }, + { + "last_affected": "8.6.0" + }, + { + "last_affected": "8.5.0" + }, + { + "last_affected": "8.4.0" + }, + { + "last_affected": "8.3.0" + }, + { + "last_affected": "8.2.1" + }, + { + "last_affected": "8.2.0" + }, + { + "last_affected": "8.1.2" + }, + { + "last_affected": "8.1.1" + }, + { + "last_affected": "8.1.0" + }, + { + "last_affected": "8.0.1" + }, + { + "last_affected": "8.0.0" + }, + { + "last_affected": "7.88.1" + }, + { + "last_affected": "7.88.0" + }, + { + "last_affected": "7.87.0" + }, + { + "last_affected": "7.86.0" + }, + { + "last_affected": "7.85.0" + }, + { + "last_affected": "7.84.0" + }, + { + "last_affected": "7.83.1" + }, + { + "last_affected": "7.83.0" + }, + { + "last_affected": "7.82.0" + }, + { + "last_affected": "7.81.0" + }, + { + "last_affected": "7.80.0" + }, + { + "last_affected": "7.79.1" + }, + { + "last_affected": "7.79.0" + }, + { + "last_affected": "7.78.0" + }, + { + "last_affected": "7.77.0" + }, + { + "last_affected": "7.76.1" + }, + { + "last_affected": "7.76.0" + }, + { + "last_affected": "7.75.0" + }, + { + "last_affected": "7.74.0" + }, + { + "last_affected": "7.73.0" + }, + { + "last_affected": "7.72.0" + }, + { + "last_affected": "7.71.1" + }, + { + "last_affected": "7.71.0" + }, + { + "last_affected": "7.70.0" + }, + { + "last_affected": "7.69.1" + }, + { + "last_affected": "7.69.0" + }, + { + "last_affected": "7.68.0" + }, + { + "last_affected": "7.67.0" + }, + { + "last_affected": "7.66.0" + }, + { + "last_affected": "7.65.3" + }, + { + "last_affected": "7.65.2" + }, + { + "last_affected": "7.65.1" + }, + { + "last_affected": "7.65.0" + }, + { + "last_affected": "7.64.1" + }, + { + "last_affected": "7.64.0" + }, + { + "last_affected": "7.63.0" + }, + { + "last_affected": "7.62.0" + }, + { + "last_affected": "7.61.1" + }, + { + "last_affected": "7.61.0" + }, + { + "last_affected": "7.60.0" + }, + { + "last_affected": "7.59.0" + }, + { + "last_affected": "7.58.0" + }, + { + "last_affected": "7.57.0" + }, + { + "last_affected": "7.56.1" + }, + { + "last_affected": "7.56.0" + }, + { + "last_affected": "7.55.1" + }, + { + "last_affected": "7.55.0" + }, + { + "last_affected": "7.54.1" + }, + { + "last_affected": "7.54.0" + }, + { + "last_affected": "7.53.1" + }, + { + "last_affected": "7.53.0" + }, + { + "last_affected": "7.52.1" + }, + { + "last_affected": "7.52.0" + }, + { + "last_affected": "7.51.0" + }, + { + "last_affected": "7.50.3" + }, + { + "last_affected": "7.50.2" + }, + { + "last_affected": "7.50.1" + }, + { + "last_affected": "7.50.0" + }, + { + "last_affected": "7.49.1" + }, + { + "last_affected": "7.49.0" + }, + { + "last_affected": "7.48.0" + }, + { + "last_affected": "7.47.1" + }, + { + "last_affected": "7.47.0" + }, + { + "last_affected": "7.46.0" + }, + { + "last_affected": "7.45.0" + }, + { + "last_affected": "7.44.0" + }, + { + "last_affected": "7.43.0" + }, + { + "last_affected": "7.42.1" + }, + { + "last_affected": "7.42.0" + }, + { + "last_affected": "7.41.0" + }, + { + "last_affected": "7.40.0" + }, + { + "last_affected": "7.39.0" + }, + { + "last_affected": "7.38.0" + }, + { + "last_affected": "7.37.1" + }, + { + "last_affected": "7.37.0" + }, + { + "last_affected": "7.36.0" + }, + { + "last_affected": "7.35.0" + }, + { + "last_affected": "7.34.0" + }, + { + "last_affected": "7.33.0" + }, + { + "last_affected": "7.32.0" + } + ] + }, + "events": [ + { + "introduced": "0" + }, + { + "last_affected": "5040f7e94cd01decbe7ba8fdacbf489182d503dc" + }, + { + "last_affected": "fd567d4f06857f4fc8e2f64ea727b1318f76ad33" + }, + { + "last_affected": "de7b3e89218467159a7af72d58cea8425946e97d" + }, + { + "last_affected": "72cf468d459d29e5366e416c014faaaf281dfa2d" + }, + { + "last_affected": "5ce164e0e9290c96eb7d502173426c0a135ec008" + }, + { + "last_affected": "7161cb17c01dcff1dc5bf89a18437d9d729f1ecd" + }, + { + "last_affected": "172e54cda18412da73fd8eb4e444e8a5b371ca59" + }, + { + "last_affected": "6fa1d817e5b1a00d7d0c8168091877476b499317" + }, + { + "last_affected": "50490c0679fcd0e50bb3a8fbf2d9244845652cf0" + }, + { + "last_affected": "98044e81705dc24a56daaf3544f30c13f0fc3a31" + }, + { + "last_affected": "7ab9d43720bc34d9aa351c7ca683c1668ebf8335" + }, + { + "last_affected": "1561d0675208854b39066877b140780a965702fa" + }, + { + "last_affected": "a9f8fe28481fef7c28d85b4a12a3a35521408eaf" + }, + { + "last_affected": "b16d1fa8ee567b52c09a0f89940b07d8491b881d" + }, + { + "last_affected": "47ccaa4218c408e70671a2fa9caaa3caf8c1a877" + }, + { + "last_affected": "046209e561b7e9b5aab1aef7daebf29ee6e6e8c7" + }, + { + "last_affected": "3027611ca6d4cc5510d2d0fccc3e5a074e09a2fb" + }, + { + "last_affected": "c12fb3ddaf48e709a7a4deaa55ec485e4df163ee" + }, + { + "last_affected": "cd95ee9f771361acf241629d2fe5507e308082a2" + }, + { + "last_affected": "93d092867f0f2c78571983040ef75e078ee1a4c4" + }, + { + "last_affected": "45ac4d019475df03562fe0ac54eb67e1d1de0ca7" + }, + { + "last_affected": "462196e6b4a47f924293a0e26b8e9c23d37ac26f" + }, + { + "last_affected": "1669b17d3a1a1fd824308544ca0ec02a2a4f50ea" + }, + { + "last_affected": "64db5c575d9c5536bd273a890f50777ad1ca7c13" + }, + { + "last_affected": "801bd5138ce31aa0d906fa4e2eabfc599d74e793" + }, + { + "last_affected": "9e560d11aad028de74addc0d1edfefa5667884f4" + }, + { + "last_affected": "c7aef0a945f9b6fb6d3f91716a21dfe2f4ea635f" + }, + { + "last_affected": "8e82f2a04a238c54ba91e553e9a8452e6d405965" + }, + { + "last_affected": "bfbde883af33397943df68a3ae01847a634d33bf" + }, + { + "last_affected": "6b951a6928811507d493303b2878e848c077b471" + }, + { + "last_affected": "566b74a0e19b9aa610f4931e5bfd339bcf8e9147" + }, + { + "last_affected": "3266b35bbe21c68dea0dc7ccd991eb028e6d360c" + }, + { + "last_affected": "2f33be817cbce6ad7a36f27dd7ada9219f13584c" + }, + { + "last_affected": "e052859759b34d0e05ce0f17244873e5cd7b457b" + }, + { + "last_affected": "315ee3fe75dade912b48a21ceec9ccda0230d937" + }, + { + "last_affected": "0c9211798fc80d5c9cc9bcdc8e11eb485c9c1c5b" + }, + { + "last_affected": "5a1fc8d33808d7b22f57bdf9403cda7ff07b0670" + }, + { + "last_affected": "e9db32a09af03f27e86d1251a9e68e9b7486d371" + }, + { + "last_affected": "53cdc2c963e33bc0cc1a51ad2df79396202e07f8" + }, + { + "last_affected": "b81e0b07784dc4c1e8d0a86194b9d28776d071c0" + }, + { + "last_affected": "b8d1366852fd0034374c5de1e4968c7a224f77cc" + }, + { + "last_affected": "2cfac302fbeec68f1727cba3d1705e16f02220ad" + }, + { + "last_affected": "2e9b725f67d49a9d7a1f053fe52dd4920c9ab1ad" + }, + { + "last_affected": "9cd755e1d768bbf228e7c9faf223b7459f7e0105" + }, + { + "last_affected": "aa73eb47bc8583070734696b25b34ad54c2c1f5e" + }, + { + "last_affected": "72c2cac8f0ac3a89c21d00b6c6e36fe6c6a8e62b" + }, + { + "last_affected": "69248b58f649e35b09a126c12781353e3471f5c6" + }, + { + "last_affected": "885ce31401b6789c959131754b1e5ae518964072" + }, + { + "last_affected": "521bbbe29928f9bc1c61306df612e856d45cbe5a" + }, + { + "last_affected": "f3294d9d86e6a7915a967efff2842089b8b0d071" + }, + { + "last_affected": "4258dc02d86e7e4de9f795a1af3a0bc6732d4ab5" + }, + { + "last_affected": "196677150f711a96c38ed123e621f1d4e995b2e5" + }, + { + "last_affected": "432eb5f5c254ee8383b2522ce597c9219877923e" + }, + { + "last_affected": "eb8138405a3f747f2c236464932f72e918946f68" + }, + { + "last_affected": "cb013830383f1ccc9757aba36bc32df5ec281c02" + }, + { + "last_affected": "4d6bd91ab33328c6d27eddc32e064defc02dc4fd" + }, + { + "last_affected": "d6c21c8eec597a925d2b647cff3d58ac69de01a0" + }, + { + "last_affected": "62c07b5743490ce373910f469abc8cdc759bec2b" + }, + { + "last_affected": "c514af5a4f5ac3ce724065cc6a8e009373436f78" + }, + { + "last_affected": "3ea76790571c1f7cf1bed34fabffd3cc20ad3dd3" + }, + { + "last_affected": "8839c05fba1f8415eec17eff8ac60cc3a50eb51e" + }, + { + "last_affected": "2679562dc7685674998f2841811d361400ae0d19" + }, + { + "last_affected": "54b636f14546d3fde9f9c67c3b32701d78563161" + }, + { + "last_affected": "d957e2189fdc73cef0ff3d1fb58043d354754449" + }, + { + "last_affected": "25df50aa3392ecdbf2b8256b93b30558e8b3a810" + }, + { + "last_affected": "a7135ac3c3d825ec9f4919ee0212434e01e76b4c" + }, + { + "last_affected": "44b9b4d4f56d6f6de92c89636994c03984e9cd01" + }, + { + "last_affected": "95c717bbd9c327c38b4efcc37d5cda29b8ee2a36" + }, + { + "last_affected": "3c561c657c2f0e553b19115a506592a8bbd744bc" + }, + { + "last_affected": "8986c86e1ef297e95518ae4695339f2d64d913cf" + }, + { + "last_affected": "9ce6d0d52821c6e33506cb173f0e27c68014e60e" + }, + { + "last_affected": "f2cb3a01192d36395d16acec6cdb93446ca6fd45" + }, + { + "last_affected": "79e63a53bb9598af863b0afe49ad662795faeef4" + }, + { + "last_affected": "cf93a7b364a70b56150cf6ea77492b799ec02a45" + }, + { + "last_affected": "67fe54d918a3b42a24cb7f5db81514c10e239735" + }, + { + "last_affected": "9819cec61b00cc872136ea5faf469627b3b87e69" + }, + { + "last_affected": "8f995e2e0022292374fc99a2277069b08ad98b5c" + }, + { + "last_affected": "06bf874bbca0a5c600b210b5db920eff9f95f0d0" + }, + { + "last_affected": "e2ae32ff5f3ab6f0819590f61f248f17df12987f" + }, + { + "last_affected": "2c000d91f3c423cee0af44e8afc79b9d25a9e714" + }, + { + "last_affected": "1a7f66a3de2625d10f65415e6eb3e56067dc0555" + }, + { + "last_affected": "38e07886ed2792988217a2ffa482ce3a69ca92c2" + }, + { + "last_affected": "4feb6e6d035d5d66984957c8ca22bc9a05df527f" + }, + { + "last_affected": "22691f849ac959ffaa821a3ca7f746ee54bd5e52" + }, + { + "last_affected": "ff837422ee4ec7d6aea7750a40e30cba29db93e8" + }, + { + "last_affected": "9ce2d7001939b795b45a8ce7700d1a3dcde0475d" + }, + { + "last_affected": "303bfc1024d948a5ba134ccfc106f82c0b4fd675" + }, + { + "last_affected": "202aa9f7758636730299b86715d924f54468a908" + }, + { + "last_affected": "df5169fa35f31ebe10893f2a3416ec8e8d8faa20" + }, + { + "last_affected": "3fed9acaef45ac8b99ceecc38afbed3494e2d3ef" + }, + { + "last_affected": "4f041c9d6e61829310eb0715d8edb2a232478123" + }, + { + "last_affected": "2bf90d071016e279796e789f0ac223d635671a41" + }, + { + "last_affected": "0966b324d911423c81351fb12e9219f71cd63be8" + }, + { + "last_affected": "f77e89c5d20db09eaebf378ec036a7e796932810" + }, + { + "last_affected": "70812c2f32fc5734bcbbe572b9f61c380433ad6a" + } + ], + "repo": "https://github.com/curl/curl", + "type": "GIT" + } + ] + } + ], + "database_specific": { + "cna_assigner": "curl", + "osv_generated_from": "unknown" + }, + "details": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "id": "CVE-2024-7264", + "modified": "2025-11-03T22:32:51.400Z", + "published": "2024-07-31T08:08:14.585Z", + "references": [ + { + "type": "WEB", + "url": "http://www.openwall.com/lists/oss-security/2024/07/31/1" + }, + { + "type": "WEB", + "url": "https://curl.se/docs/CVE-2024-7264.html" + }, + { + "type": "WEB", + "url": "https://curl.se/docs/CVE-2024-7264.json" + }, + { + "type": "FIX", + "url": "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519" + }, + { + "type": "WEB", + "url": "https://hackerone.com/reports/2629968" + }, + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264" + }, + { + "type": "ADVISORY", + "url": "https://security.netapp.com/advisory/ntap-20240828-0008/" + }, + { + "type": "ADVISORY", + "url": "https://security.netapp.com/advisory/ntap-20241025-0006/" + }, + { + "type": "ADVISORY", + "url": "https://security.netapp.com/advisory/ntap-20241025-0010/" + } + ], + "schema_version": "1.7.3", + "severity": [ + { + "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "type": "CVSS_V3" + } + ], + "summary": "ASN.1 date parser overread" +} +{ + "affected": [ + { + "ranges": [ + { + "database_specific": { + "source": "AFFECTED_FIELD", + "versions": [ + { + "introduced": "1.7.0" + }, + { + "fixed": "1.18.4" + }, + { + "introduced": "1.19.0" + }, + { + "fixed": "1.20.3" + }, + { + "introduced": "1.21.0" + }, + { + "fixed": "1.23.1" + } + ] + }, + "events": [ + { + "introduced": "f64673580dfc649954eb744eb2734f2f118baa47" + }, + { + "fixed": "9241c3eddf4a6a218681b088d71f7191513e2376" + }, + { + "introduced": "674d77d4ef42bd99238521546b3b2cd60b26e50d" + }, + { + "fixed": "ba81945ffc2695b71f2bbcadbfb5e46ec55aaef3" + }, + { + "introduced": "50795e652ecb0747c8d048aeaa38a41dddb2da4b" + }, + { + "fixed": "1a997ffbd62334af2553775234e75ede2d7d949f" + } + ], + "repo": "https://github.com/tokio-rs/tokio", + "type": "GIT" + } + ] + } + ], + "aliases": [ + "GHSA-7rrj-xr53-82p7" + ], + "database_specific": { + "cna_assigner": "GitHub_M", + "cwe_ids": [ + "CWE-665" + ], + "osv_generated_from": "unknown" + }, + "details": "Tokio is a runtime for writing applications with Rust. Starting with version 1.7.0 and prior to versions 1.18.4, 1.20.3, and 1.23.1, when configuring a Windows named pipe server, setting `pipe_mode` will reset `reject_remote_clients` to `false`. If the application has previously configured `reject_remote_clients` to `true`, this effectively undoes the configuration. Remote clients may only access the named pipe if the named pipe's associated path is accessible via a publicly shared folder (SMB). Versions 1.23.1, 1.20.3, and 1.18.4 have been patched. The fix will also be present in all releases starting from version 1.24.0. Named pipes were introduced to Tokio in version 1.7.0, so releases older than 1.7.0 are not affected. As a workaround, ensure that `pipe_mode` is set first after initializing a `ServerOptions`.", + "id": "CVE-2023-22466", + "modified": "2025-03-10T21:32:32.950Z", + "published": "2023-01-04T21:47:09.400Z", + "references": [ + { + "type": "FIX", + "url": "https://github.com/tokio-rs/tokio/pull/5336" + }, + { + "type": "WEB", + "url": "https://github.com/tokio-rs/tokio/releases/tag/tokio-1.23.1" + }, + { + "type": "ADVISORY", + "url": "https://github.com/tokio-rs/tokio/security/advisories/GHSA-7rrj-xr53-82p7" + }, + { + "type": "WEB", + "url": "https://learn.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-createnamedpipea#pipe_reject_remote_clients" + }, + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-22466" + } + ], + "schema_version": "1.7.3", + "severity": [ + { + "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L", + "type": "CVSS_V3" + } + ], + "summary": "Tokio's reject_remote_clients configuration may get dropped when creating a Windows named pipe" +} +{ + "affected": [ + {} + ], + "database_specific": { + "cna_assigner": "mitre", + "osv_generated_from": "unknown" + }, + "details": "An integer overflow in the component hb-ot-shape-fallback.cc of Harfbuzz v4.3.0 allows attackers to cause a Denial of Service (DoS) via unspecified vectors.", + "id": "CVE-2022-33068", + "modified": "2024-08-03T08:01:19.054Z", + "published": "2022-06-22T13:24:42Z", + "references": [ + { + "type": "FIX", + "url": "https://github.com/harfbuzz/harfbuzz/commit/62e803b36173fd096d7ad460dd1d1db9be542593" + }, + { + "type": "REPORT", + "url": "https://github.com/harfbuzz/harfbuzz/issues/3557" + }, + { + "type": "ADVISORY", + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FQBJ24W6TXLSAQWCFW7IBGUMX4AJI3S4/" + }, + { + "type": "ADVISORY", + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QQMEXOVDL3T2UXKBCON7JSOCE646G7HG/" + }, + { + "type": "ADVISORY", + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W56WTC5IY4EIUHVUIHMCXA3BSBZLSZCI/" + }, + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-33068" + }, + { + "type": "ADVISORY", + "url": "https://security.gentoo.org/glsa/202209-11" + } + ], + "schema_version": "1.7.3" +} +{ + "affected": [ + {} + ], + "database_specific": { + "cna_assigner": "mitre", + "osv_generated_from": "unknown" + }, + "details": "FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the concat protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP request in which the URL string contains the first line of a local file.", + "id": "CVE-2016-1897", + "modified": "2024-08-05T23:10:39.912Z", + "published": "2016-01-15T02:00:00Z", + "references": [ + { + "type": "ARTICLE", + "url": "http://habrahabr.ru/company/mailru/blog/274855" + }, + { + "type": "ADVISORY", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00034.html" + }, + { + "type": "WEB", + "url": "http://security.stackexchange.com/questions/110644" + }, + { + "type": "ADVISORY", + "url": "http://www.debian.org/security/2016/dsa-3506" + }, + { + "type": "ARTICLE", + "url": "http://www.openwall.com/lists/oss-security/2016/01/14/1" + }, + { + "type": "ADVISORY", + "url": "http://www.securityfocus.com/bid/80501" + }, + { + "type": "ADVISORY", + "url": "http://www.securitytracker.com/id/1034932" + }, + { + "type": "ADVISORY", + "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.529036" + }, + { + "type": "ADVISORY", + "url": "http://www.ubuntu.com/usn/USN-2944-1" + }, + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1897" + }, + { + "type": "ADVISORY", + "url": "https://security.gentoo.org/glsa/201606-09" + }, + { + "type": "ADVISORY", + "url": "https://security.gentoo.org/glsa/201705-08" + }, + { + "type": "ADVISORY", + "url": "https://www.kb.cert.org/vuls/id/772447" + } + ], + "schema_version": "1.7.3" +} +{ + "affected": [ + {} + ], + "database_specific": { + "cna_assigner": "redhat", + "cwe_ids": [ + "CWE-122", + "CWE-131" + ], + "osv_generated_from": "unknown", + "unresolved_ranges": [ + { + "metadata": { + "source": "AFFECTED_FIELD" + }, + "versions": [ + { + "last_affected": "7.61.1" + } + ] + }, + { + "metadata": { + "source": "DESCRIPTION" + }, + "versions": [ + { + "fixed": "7.61.1" + } + ] + } + ] + }, + "details": "curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently used to iterate over the password and generate output into the allocated storage buffer. On systems with a 32 bit size_t, the math to calculate SUM triggers an integer overflow when the password length exceeds 2GB (2^31 bytes). This integer overflow usually causes a very small buffer to actually get allocated instead of the intended very huge one, making the use of that buffer end up in a heap buffer overflow. (This bug is almost identical to CVE-2017-8816.)", + "id": "CVE-2018-14618", + "modified": "2024-08-05T09:29:51.906Z", + "published": "2018-09-05T19:00:00Z", + "references": [ + { + "type": "ADVISORY", + "url": "http://www.securitytracker.com/id/1041605" + }, + { + "type": "ADVISORY", + "url": "https://access.redhat.com/errata/RHSA-2018:3558" + }, + { + "type": "ADVISORY", + "url": "https://access.redhat.com/errata/RHSA-2019:1880" + }, + { + "type": "REPORT", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14618" + }, + { + "type": "WEB", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf" + }, + { + "type": "WEB", + "url": "https://curl.haxx.se/docs/CVE-2018-14618.html" + }, + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14618" + }, + { + "type": "WEB", + "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0014" + }, + { + "type": "ADVISORY", + "url": "https://security.gentoo.org/glsa/201903-03" + }, + { + "type": "ADVISORY", + "url": "https://usn.ubuntu.com/3765-1/" + }, + { + "type": "ADVISORY", + "url": "https://usn.ubuntu.com/3765-2/" + }, + { + "type": "ADVISORY", + "url": "https://www.debian.org/security/2018/dsa-4286" + } + ], + "schema_version": "1.7.3", + "severity": [ + { + "score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", + "type": "CVSS_V3" + } + ] +} +{ + "affected": [ + {} + ], + "database_specific": { + "cna_assigner": "redhat", + "cwe_ids": [ + "CWE-200" + ], + "osv_generated_from": "unknown", + "unresolved_ranges": [ + { + "metadata": { + "source": "AFFECTED_FIELD" + }, + "versions": [ + { + "last_affected": "11 and 12" + } + ] + } + ] + }, + "details": "A flaw was found in RHDS 11 and RHDS 12. While browsing entries LDAP tries to decode the userPassword attribute instead of the userCertificate attribute which could lead into sensitive information leaked. An attacker with a local account where the cockpit-389-ds is running can list the processes and display the hashed passwords. The highest threat from this vulnerability is to data confidentiality.", + "id": "CVE-2023-1055", + "modified": "2025-03-11T14:02:59.854Z", + "published": "2023-02-27T00:00:00Z", + "references": [ + { + "type": "REPORT", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2173517#c0" + }, + { + "type": "ADVISORY", + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZOYQ5TCV6ZEPMDV4CSLK3KINAAO4SRI/" + }, + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1055" + } + ], + "schema_version": "1.7.3" +} +{ + "affected": [ + {} + ], + "database_specific": { + "cna_assigner": "redhat", + "cwe_ids": [ + "CWE-415" + ], + "osv_generated_from": "unknown", + "unresolved_ranges": [ + { + "metadata": { + "source": "AFFECTED_FIELD" + }, + "versions": [ + { + "last_affected": "0.1.0" + } + ] + } + ] + }, + "details": "A double-free vulnerability was found in libdwarf. In a multiply-corrupted DWARF object, libdwarf may try to dealloc(free) an allocation twice, potentially causing unpredictable and various results.", + "id": "CVE-2024-2002", + "modified": "2025-11-20T18:21:28.745Z", + "published": "2024-03-18T12:26:31.386Z", + "references": [ + { + "type": "WEB", + "url": "https://access.redhat.com/downloads/content/package-browser/" + }, + { + "type": "ADVISORY", + "url": "https://access.redhat.com/security/cve/CVE-2024-2002" + }, + { + "type": "REPORT", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267700" + }, + { + "type": "WEB", + "url": "https://github.com/davea42/libdwarf-code/" + }, + { + "type": "WEB", + "url": "https://github.com/davea42/libdwarf-code/blob/main/bugxml/data.txt" + }, + { + "type": "WEB", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGPVLSPIXR32J6FOAFTTIMYTUUXJICGW/" + }, + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2002" + } + ], + "schema_version": "1.7.3", + "severity": [ + { + "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "type": "CVSS_V3" + } + ], + "summary": "Libdwarf: crashes randomly on fuzzed object" +} +--- diff --git a/vulnfeeds/conversion/cve5/converter_test.go b/vulnfeeds/conversion/cve5/converter_test.go index 57d2042fd71..5e9c99032cc 100644 --- a/vulnfeeds/conversion/cve5/converter_test.go +++ b/vulnfeeds/conversion/cve5/converter_test.go @@ -588,3 +588,49 @@ func TestConvertAndExportCVEToOSV(t *testing.T) { }) } } + +func TestCVE5Snapshot(t *testing.T) { + testDir := "../../cmd/converters/cve/cve5/test" + files, err := os.ReadDir(testDir) + if err != nil { + t.Fatalf("Failed to read test directory %s: %v", testDir, err) + } + + var results []string + for _, file := range files { + if file.IsDir() || filepath.Ext(file.Name()) != ".json" { + continue + } + + path := filepath.Join(testDir, file.Name()) + content, err := os.ReadFile(path) + if err != nil { + t.Fatalf("Failed to read %s: %v", path, err) + } + + var cve models.CVE5 + err = json.Unmarshal(content, &cve) + if err != nil { + t.Fatalf("Failed to unmarshal %s: %v", path, err) + } + + vWriter := bytes.NewBuffer(nil) + mWriter := bytes.NewBuffer(nil) + _, err = ConvertAndExportCVEToOSV(cve, vWriter, mWriter, "") + if err != nil { + t.Fatalf("Failed to convert %s: %v", path, err) + } + + results = append(results, vWriter.String()) + } + + // Sort results for deterministic snapshot + sort.Strings(results) + + var keys []any + for _, r := range results { + keys = append(keys, r) + } + + snaps.MatchSnapshot(t, keys...) +} diff --git a/vulnfeeds/conversion/nvd/__snapshots__/converter_test.snap b/vulnfeeds/conversion/nvd/__snapshots__/converter_test.snap new file mode 100755 index 00000000000..836c9f97387 --- /dev/null +++ b/vulnfeeds/conversion/nvd/__snapshots__/converter_test.snap @@ -0,0 +1,1016 @@ + +[TestNVDSnapshot - 1] +{ + "aliases": [ + "GHSA-j7xp-4mg9-x28r" + ], + "database_specific": {}, + "details": "LobeChat is an open source chat application platform. Prior to version 2.0.0-next.193, `knowledgeBase.removeFilesFromKnowledgeBase` tRPC ep allows authenticated users to delete files from any knowledge base without verifying ownership. `userId` filter in the database query is commented out, so it's enabling attackers to delete other users' KB files if they know the knowledge base ID and file ID. While the vulnerability is confirmed, practical exploitation requires knowing target's KB ID and target's file ID. These IDs are random and not easily enumerable. However, IDs may leak through shared links, logs, referrer headers and so on. Missing authorization check is a critical security flaw regardless. Users should upgrade to version 2.0.0-next.193 to receive a patch.", + "id": "CVE-2026-23522", + "modified": "2026-01-26T15:05:39.840Z", + "published": "2026-01-19T17:15:50.590Z", + "references": [ + { + "type": "ADVISORY", + "url": "https://github.com/lobehub/lobe-chat/security/advisories/GHSA-j7xp-4mg9-x28r" + }, + { + "type": "FIX", + "url": "https://github.com/lobehub/lobe-chat/commit/2c1762b85acb84467ed5e799afe1499cd2f912e6" + } + ], + "severity": [ + { + "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", + "type": "CVSS_V3" + } + ] +} +{ + "aliases": [ + "GHSA-vfmv-f93v-37mw" + ], + "database_specific": { + "unresolved_ranges": [ + { + "metadata": { + "cpe": "cpe:2.3:a:gitea:gitea:*:*:*:*:*:-:*:*", + "source": "CPE_FIELD" + }, + "versions": [ + { + "fixed": "1.25.4" + } + ] + } + ] + }, + "details": "Gitea does not properly validate repository ownership when linking attachments to releases. An attachment uploaded to a private repository could potentially be linked to a release in a different public repository, making it accessible to unauthorized users.", + "id": "CVE-2026-20912", + "modified": "2026-01-29T22:03:58.330Z", + "published": "2026-01-22T22:16:19.297Z", + "references": [ + { + "type": "ADVISORY", + "url": "https://github.com/go-gitea/gitea/security/advisories/GHSA-vfmv-f93v-37mw" + }, + { + "type": "ADVISORY", + "url": "https://blog.gitea.com/release-of-1.25.4/" + }, + { + "type": "ADVISORY", + "url": "https://github.com/go-gitea/gitea/releases/tag/v1.25.4" + }, + { + "type": "FIX", + "url": "https://github.com/go-gitea/gitea/pull/36320" + }, + { + "type": "FIX", + "url": "https://github.com/go-gitea/gitea/pull/36355" + } + ], + "severity": [ + { + "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", + "type": "CVSS_V3" + } + ] +} +{ + "database_specific": { + "unresolved_ranges": [ + { + "metadata": { + "cpe": "cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ + { + "introduced": "7.32.0" + }, + { + "fixed": "8.9.1" + } + ] + } + ] + }, + "details": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "id": "CVE-2024-7264", + "modified": "2025-11-03T23:17:31.647Z", + "published": "2024-07-31T08:15:02.657Z", + "references": [ + { + "type": "ADVISORY", + "url": "https://security.netapp.com/advisory/ntap-20241025-0010/" + }, + { + "type": "ADVISORY", + "url": "https://curl.se/docs/CVE-2024-7264.html" + }, + { + "type": "ADVISORY", + "url": "https://curl.se/docs/CVE-2024-7264.json" + }, + { + "type": "ADVISORY", + "url": "https://security.netapp.com/advisory/ntap-20240828-0008/" + }, + { + "type": "ADVISORY", + "url": "https://security.netapp.com/advisory/ntap-20241025-0006/" + }, + { + "type": "REPORT", + "url": "https://hackerone.com/reports/2629968" + }, + { + "type": "FIX", + "url": "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519" + }, + { + "type": "ARTICLE", + "url": "http://www.openwall.com/lists/oss-security/2024/07/31/1" + } + ], + "severity": [ + { + "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "type": "CVSS_V3" + } + ] +} +{ + "database_specific": { + "unresolved_ranges": [ + { + "metadata": { + "cpe": "cpe:2.3:a:salesforce:mobile_software_development_kit:*:*:*:*:*:windows:*:*", + "source": "CPE_FIELD" + }, + "versions": [ + { + "fixed": "5.0.0" + } + ] + } + ] + }, + "details": "** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in forcedotcom SalesforceMobileSDK-Windows up to 4.x. It has been rated as critical. This issue affects the function ComputeCountSql of the file SalesforceSDK/SmartStore/Store/QuerySpec.cs. The manipulation leads to sql injection. Upgrading to version 5.0.0 is able to address this issue. The patch is named 83b3e91e0c1e84873a6d3ca3c5887eb5b4f5a3d8. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-217619. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.", + "id": "CVE-2016-15012", + "modified": "2024-11-21T02:45:29.557Z", + "published": "2023-01-07T13:15:09.530Z", + "references": [ + { + "type": "ADVISORY", + "url": "https://github.com/forcedotcom/SalesforceMobileSDK-Windows/releases/tag/v5.0.0" + }, + { + "type": "REPORT", + "url": "https://vuldb.com/?ctiid.217619" + }, + { + "type": "REPORT", + "url": "https://vuldb.com/?id.217619" + }, + { + "type": "FIX", + "url": "https://github.com/forcedotcom/SalesforceMobileSDK-Windows/commit/83b3e91e0c1e84873a6d3ca3c5887eb5b4f5a3d8" + } + ], + "severity": [ + { + "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "type": "CVSS_V3" + } + ] +} +{ + "database_specific": { + "unresolved_ranges": [ + { + "metadata": { + "cpes": [ + "cpe:2.3:a:ffmpeg:ffmpeg:2.0.1:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.0.2:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.0.3:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.0.4:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.0.5:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.0.6:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.0.7:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.0:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.1.1:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.1.2:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.1.3:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.1.4:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.1.5:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.1.6:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.1.7:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.1.8:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.1:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.2.10:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.2.11:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.2.12:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.2.13:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.2.14:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.2.15:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.2.16:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.2.1:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.2.2:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.2.3:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.2.4:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.2.5:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.2.6:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.2.7:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.2.8:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.2.9:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.2:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.3.1:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.3.2:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.3.3:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.3.4:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.3.5:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.3.6:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.3:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.4.10:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.4.11:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.4.12:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.4.1:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.4.2:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.4.3:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.4.4:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.4.5:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.4.6:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.4.7:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.4.8:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.4.9:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.4:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.5.2:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.5.3:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.5.4:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.5.5:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.5.6:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.5.7:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.5.8:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.5.9:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.5:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.6.2:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.6.3:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.6.4:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.6.5:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.6.6:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.6:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.7.1:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.7.2:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.7.3:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.7.4:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.7:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.8.1:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.8.2:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.8.3:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.8.4:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.8:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.8:dev:*:*:*:*:*:*", + "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", + "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" + ], + "source": "CPE_FIELD" + }, + "versions": [ + { + "last_affected": "2.0" + }, + { + "last_affected": "2.0.1" + }, + { + "last_affected": "2.0.2" + }, + { + "last_affected": "2.0.3" + }, + { + "last_affected": "2.0.4" + }, + { + "last_affected": "2.0.5" + }, + { + "last_affected": "2.0.6" + }, + { + "last_affected": "2.0.7" + }, + { + "last_affected": "2.1" + }, + { + "last_affected": "2.1.1" + }, + { + "last_affected": "2.1.2" + }, + { + "last_affected": "2.1.3" + }, + { + "last_affected": "2.1.4" + }, + { + "last_affected": "2.1.5" + }, + { + "last_affected": "2.1.6" + }, + { + "last_affected": "2.1.7" + }, + { + "last_affected": "2.1.8" + }, + { + "last_affected": "2.2" + }, + { + "last_affected": "2.2.1" + }, + { + "last_affected": "2.2.2" + }, + { + "last_affected": "2.2.3" + }, + { + "last_affected": "2.2.4" + }, + { + "last_affected": "2.2.5" + }, + { + "last_affected": "2.2.6" + }, + { + "last_affected": "2.2.7" + }, + { + "last_affected": "2.2.8" + }, + { + "last_affected": "2.2.9" + }, + { + "last_affected": "2.2.10" + }, + { + "last_affected": "2.2.11" + }, + { + "last_affected": "2.2.12" + }, + { + "last_affected": "2.2.13" + }, + { + "last_affected": "2.2.14" + }, + { + "last_affected": "2.2.15" + }, + { + "last_affected": "2.2.16" + }, + { + "last_affected": "2.3" + }, + { + "last_affected": "2.3.1" + }, + { + "last_affected": "2.3.2" + }, + { + "last_affected": "2.3.3" + }, + { + "last_affected": "2.3.4" + }, + { + "last_affected": "2.3.5" + }, + { + "last_affected": "2.3.6" + }, + { + "last_affected": "2.4" + }, + { + "last_affected": "2.4.1" + }, + { + "last_affected": "2.4.2" + }, + { + "last_affected": "2.4.3" + }, + { + "last_affected": "2.4.4" + }, + { + "last_affected": "2.4.5" + }, + { + "last_affected": "2.4.6" + }, + { + "last_affected": "2.4.7" + }, + { + "last_affected": "2.4.8" + }, + { + "last_affected": "2.4.9" + }, + { + "last_affected": "2.4.10" + }, + { + "last_affected": "2.4.11" + }, + { + "last_affected": "2.4.12" + }, + { + "last_affected": "2.5" + }, + { + "last_affected": "2.5.1" + }, + { + "last_affected": "2.5.2" + }, + { + "last_affected": "2.5.3" + }, + { + "last_affected": "2.5.4" + }, + { + "last_affected": "2.5.5" + }, + { + "last_affected": "2.5.6" + }, + { + "last_affected": "2.5.7" + }, + { + "last_affected": "2.5.8" + }, + { + "last_affected": "2.5.9" + }, + { + "last_affected": "2.6" + }, + { + "last_affected": "2.6.1" + }, + { + "last_affected": "2.6.2" + }, + { + "last_affected": "2.6.3" + }, + { + "last_affected": "2.6.4" + }, + { + "last_affected": "2.6.5" + }, + { + "last_affected": "2.6.6" + }, + { + "last_affected": "2.7" + }, + { + "last_affected": "2.7.1" + }, + { + "last_affected": "2.7.2" + }, + { + "last_affected": "2.7.3" + }, + { + "last_affected": "2.7.4" + }, + { + "last_affected": "2.8" + }, + { + "last_affected": "2.8-dev" + }, + { + "last_affected": "2.8.1" + }, + { + "last_affected": "2.8.2" + }, + { + "last_affected": "2.8.3" + }, + { + "last_affected": "2.8.4" + }, + { + "last_affected": "12.04" + }, + { + "last_affected": "42.1" + } + ] + } + ] + }, + "details": "FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the concat protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP request in which the URL string contains the first line of a local file.", + "id": "CVE-2016-1897", + "modified": "2025-04-12T10:46:40.837Z", + "published": "2016-01-15T03:59:23.063Z", + "references": [ + { + "type": "WEB", + "url": "http://www.openwall.com/lists/oss-security/2016/01/14/1" + }, + { + "type": "WEB", + "url": "http://www.securityfocus.com/bid/80501" + }, + { + "type": "WEB", + "url": "http://www.securitytracker.com/id/1034932" + }, + { + "type": "WEB", + "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.529036" + }, + { + "type": "WEB", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00034.html" + }, + { + "type": "WEB", + "url": "https://www.kb.cert.org/vuls/id/772447" + }, + { + "type": "ADVISORY", + "url": "http://www.debian.org/security/2016/dsa-3506" + }, + { + "type": "ADVISORY", + "url": "https://security.gentoo.org/glsa/201606-09" + }, + { + "type": "ADVISORY", + "url": "https://security.gentoo.org/glsa/201705-08" + }, + { + "type": "ADVISORY", + "url": "http://www.ubuntu.com/usn/USN-2944-1" + }, + { + "type": "EVIDENCE", + "url": "http://security.stackexchange.com/questions/110644" + }, + { + "type": "EVIDENCE", + "url": "http://habrahabr.ru/company/mailru/blog/274855" + } + ], + "severity": [ + { + "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "type": "CVSS_V3" + } + ] +} +{ + "database_specific": { + "unresolved_ranges": [ + { + "metadata": { + "cpes": [ + "cpe:2.3:a:google:protobuf-python:*:*:*:*:*:*:*:*" + ], + "source": "CPE_FIELD" + }, + "versions": [ + { + "fixed": "4.25.8" + }, + { + "introduced": "5.26.0" + }, + { + "fixed": "5.29.5" + }, + { + "introduced": "6.30.0" + }, + { + "fixed": "6.31.1" + } + ] + } + ] + }, + "details": "Any project that uses Protobuf Pure-Python backend to parse untrusted Protocol Buffers data containing an arbitrary number of recursive groups, recursive messages or a series of SGROUP tags can be corrupted by exceeding the Python recursion limit. This can result in a Denial of service by crashing the application with a RecursionError. We recommend upgrading to version =\u003e6.31.1 or beyond commit 17838beda2943d08b8a9d4df5b68f5f04f26d901", + "id": "CVE-2025-4565", + "modified": "2025-08-14T17:05:37.770Z", + "published": "2025-06-16T15:15:24.990Z", + "references": [ + { + "type": "FIX", + "url": "https://github.com/protocolbuffers/protobuf/commit/17838beda2943d08b8a9d4df5b68f5f04f26d901" + } + ], + "severity": [ + { + "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", + "type": "CVSS_V3" + } + ] +} +{ + "database_specific": { + "unresolved_ranges": [ + { + "metadata": { + "cpes": [ + "cpe:2.3:a:harfbuzz_project:harfbuzz:4.3.0:*:*:*:*:*:*:*", + "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", + "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*" + ], + "source": "CPE_FIELD" + }, + "versions": [ + { + "last_affected": "4.3.0" + }, + { + "last_affected": "35" + }, + { + "last_affected": "36" + } + ] + } + ] + }, + "details": "An integer overflow in the component hb-ot-shape-fallback.cc of Harfbuzz v4.3.0 allows attackers to cause a Denial of Service (DoS) via unspecified vectors.", + "id": "CVE-2022-33068", + "modified": "2024-11-21T07:07:30.140Z", + "published": "2022-06-23T17:15:14.350Z", + "references": [ + { + "type": "WEB", + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FQBJ24W6TXLSAQWCFW7IBGUMX4AJI3S4/" + }, + { + "type": "WEB", + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QQMEXOVDL3T2UXKBCON7JSOCE646G7HG/" + }, + { + "type": "WEB", + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W56WTC5IY4EIUHVUIHMCXA3BSBZLSZCI/" + }, + { + "type": "ADVISORY", + "url": "https://security.gentoo.org/glsa/202209-11" + }, + { + "type": "FIX", + "url": "https://github.com/harfbuzz/harfbuzz/commit/62e803b36173fd096d7ad460dd1d1db9be542593" + }, + { + "type": "FIX", + "url": "https://github.com/harfbuzz/harfbuzz/issues/3557" + } + ], + "severity": [ + { + "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "type": "CVSS_V3" + } + ] +} +{ + "database_specific": { + "unresolved_ranges": [ + { + "metadata": { + "cpes": [ + "cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*", + "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", + "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", + "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", + "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", + "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", + "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", + "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", + "cpe:2.3:o:redhat:enterprise_linux:7.4:*:*:*:*:*:*:*", + "cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*", + "cpe:2.3:o:redhat:enterprise_linux:7.6:*:*:*:*:*:*:*" + ], + "source": "CPE_FIELD" + }, + "versions": [ + { + "fixed": "7.61.1" + }, + { + "last_affected": "12.04" + }, + { + "last_affected": "14.04" + }, + { + "last_affected": "16.04" + }, + { + "last_affected": "18.04" + }, + { + "last_affected": "9.0" + }, + { + "last_affected": "6.0" + }, + { + "last_affected": "7.0" + }, + { + "last_affected": "7.4" + }, + { + "last_affected": "7.5" + }, + { + "last_affected": "7.6" + } + ] + } + ] + }, + "details": "curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently used to iterate over the password and generate output into the allocated storage buffer. On systems with a 32 bit size_t, the math to calculate SUM triggers an integer overflow when the password length exceeds 2GB (2^31 bytes). This integer overflow usually causes a very small buffer to actually get allocated instead of the intended very huge one, making the use of that buffer end up in a heap buffer overflow. (This bug is almost identical to CVE-2017-8816.)", + "id": "CVE-2018-14618", + "modified": "2024-11-21T03:49:26.003Z", + "published": "2018-09-05T19:29:00.420Z", + "references": [ + { + "type": "WEB", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf" + }, + { + "type": "ADVISORY", + "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0014" + }, + { + "type": "ADVISORY", + "url": "http://www.securitytracker.com/id/1041605" + }, + { + "type": "ADVISORY", + "url": "https://access.redhat.com/errata/RHSA-2019:1880" + }, + { + "type": "ADVISORY", + "url": "https://security.gentoo.org/glsa/201903-03" + }, + { + "type": "ADVISORY", + "url": "https://usn.ubuntu.com/3765-1/" + }, + { + "type": "ADVISORY", + "url": "https://usn.ubuntu.com/3765-2/" + }, + { + "type": "ADVISORY", + "url": "https://www.debian.org/security/2018/dsa-4286" + }, + { + "type": "ADVISORY", + "url": "https://access.redhat.com/errata/RHSA-2018:3558" + }, + { + "type": "ADVISORY", + "url": "https://curl.haxx.se/docs/CVE-2018-14618.html" + }, + { + "type": "REPORT", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14618" + } + ], + "severity": [ + { + "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "type": "CVSS_V3" + } + ] +} +{ + "database_specific": { + "unresolved_ranges": [ + { + "metadata": { + "cpes": [ + "cpe:2.3:a:libdwarf_project:libdwarf:*:*:*:*:*:*:*:*", + "cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*", + "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", + "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*" + ], + "source": "CPE_FIELD" + }, + "versions": [ + { + "introduced": "0.1.0" + }, + { + "fixed": "0.9.2" + }, + { + "last_affected": "7.0" + }, + { + "last_affected": "8.0" + }, + { + "last_affected": "40" + } + ] + } + ] + }, + "details": "A double-free vulnerability was found in libdwarf. In a multiply-corrupted DWARF object, libdwarf may try to dealloc(free) an allocation twice, potentially causing unpredictable and various results.", + "id": "CVE-2024-2002", + "modified": "2025-04-09T15:36:37.840Z", + "published": "2024-03-18T13:15:07.657Z", + "references": [ + { + "type": "ADVISORY", + "url": "https://access.redhat.com/security/cve/CVE-2024-2002" + }, + { + "type": "ADVISORY", + "url": "https://github.com/davea42/libdwarf-code/blob/main/bugxml/data.txt" + }, + { + "type": "REPORT", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267700" + }, + { + "type": "ARTICLE", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGPVLSPIXR32J6FOAFTTIMYTUUXJICGW/" + } + ], + "severity": [ + { + "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "type": "CVSS_V3" + } + ] +} +{ + "database_specific": { + "unresolved_ranges": [ + { + "metadata": { + "cpes": [ + "cpe:2.3:a:redhat:directory_server:11.5:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:directory_server:11.6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:directory_server:12.0:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:directory_server:12.1:*:*:*:*:*:*:*", + "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", + "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", + "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*" + ], + "source": "CPE_FIELD" + }, + "versions": [ + { + "last_affected": "11.5" + }, + { + "last_affected": "11.6" + }, + { + "last_affected": "12.0" + }, + { + "last_affected": "12.1" + }, + { + "last_affected": "36" + }, + { + "last_affected": "37" + }, + { + "last_affected": "38" + } + ] + } + ] + }, + "details": "A flaw was found in RHDS 11 and RHDS 12. While browsing entries LDAP tries to decode the userPassword attribute instead of the userCertificate attribute which could lead into sensitive information leaked. An attacker with a local account where the cockpit-389-ds is running can list the processes and display the hashed passwords. The highest threat from this vulnerability is to data confidentiality.", + "id": "CVE-2023-1055", + "modified": "2024-11-21T07:38:22.297Z", + "published": "2023-02-27T22:15:09.990Z", + "references": [ + { + "type": "WEB", + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZOYQ5TCV6ZEPMDV4CSLK3KINAAO4SRI/" + }, + { + "type": "REPORT", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2173517#c0" + } + ], + "severity": [ + { + "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "type": "CVSS_V3" + } + ] +} +{ + "database_specific": { + "unresolved_ranges": [ + { + "metadata": { + "cpes": [ + "cpe:2.3:a:tokio:tokio:*:*:*:*:*:rust:*:*" + ], + "source": "CPE_FIELD" + }, + "versions": [ + { + "introduced": "1.7.0" + }, + { + "fixed": "1.18.4" + }, + { + "introduced": "1.19.0" + }, + { + "fixed": "1.20.3" + }, + { + "introduced": "1.21.0" + }, + { + "fixed": "1.23.1" + } + ] + } + ] + }, + "details": "Tokio is a runtime for writing applications with Rust. Starting with version 1.7.0 and prior to versions 1.18.4, 1.20.3, and 1.23.1, when configuring a Windows named pipe server, setting `pipe_mode` will reset `reject_remote_clients` to `false`. If the application has previously configured `reject_remote_clients` to `true`, this effectively undoes the configuration. Remote clients may only access the named pipe if the named pipe's associated path is accessible via a publicly shared folder (SMB). Versions 1.23.1, 1.20.3, and 1.18.4 have been patched. The fix will also be present in all releases starting from version 1.24.0. Named pipes were introduced to Tokio in version 1.7.0, so releases older than 1.7.0 are not affected. As a workaround, ensure that `pipe_mode` is set first after initializing a `ServerOptions`.", + "id": "CVE-2023-22466", + "modified": "2024-11-21T07:44:51.683Z", + "published": "2023-01-04T22:15:09.267Z", + "references": [ + { + "type": "ADVISORY", + "url": "https://github.com/tokio-rs/tokio/releases/tag/tokio-1.23.1" + }, + { + "type": "ADVISORY", + "url": "https://github.com/tokio-rs/tokio/security/advisories/GHSA-7rrj-xr53-82p7" + }, + { + "type": "ADVISORY", + "url": "https://learn.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-createnamedpipea#pipe_reject_remote_clients" + }, + { + "type": "FIX", + "url": "https://github.com/tokio-rs/tokio/pull/5336" + } + ], + "related": [ + "GHSA-7rrj-xr53-82p7" + ], + "severity": [ + { + "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", + "type": "CVSS_V3" + } + ] +} +--- diff --git a/vulnfeeds/conversion/nvd/converter_test.go b/vulnfeeds/conversion/nvd/converter_test.go index 396d8ed5b8f..d31d3fed545 100644 --- a/vulnfeeds/conversion/nvd/converter_test.go +++ b/vulnfeeds/conversion/nvd/converter_test.go @@ -1,13 +1,17 @@ package nvd import ( + "encoding/json" "net/http" "os" "path/filepath" + "sort" "testing" + "github.com/gkampitakis/go-snaps/snaps" "github.com/go-git/go-git/v5/plumbing/transport/client" githttp "github.com/go-git/go-git/v5/plumbing/transport/http" + "github.com/google/osv/vulnfeeds/conversion" "github.com/google/osv/vulnfeeds/git" "github.com/google/osv/vulnfeeds/models" ) @@ -88,3 +92,62 @@ func TestCVEToOSV_429(t *testing.T) { } } } + +func TestNVDSnapshot(t *testing.T) { + testPath := "test.json" + file, err := os.Open(testPath) + + if err != nil { + t.Fatalf("Failed to open test data from %s: %v", testPath, err) + } + defer file.Close() + + var nvd models.CVEAPIJSON20Schema + err = json.NewDecoder(file).Decode(&nvd) + if err != nil { + t.Fatalf("Failed to decode %s: %v", testPath, err) + } + + cpeData := "cpe_testdata.json" + vpcache := conversion.NewVPRepoCache() + err = conversion.LoadCPEDictionary(vpcache, cpeData) + if err != nil { + t.Fatalf("Failed to decode %s: %v", cpeData, err) + } + + outDir := t.TempDir() + metrics := &models.ConversionMetrics{} + cache := &git.RepoTagsCache{} + + for _, vuln := range nvd.Vulnerabilities { + CVEToOSV(vuln.CVE, []string{}, cache, outDir, metrics, false, false) + } + + var fileContents []string + err = filepath.Walk(outDir, func(path string, info os.FileInfo, err error) error { + if err != nil { + return err + } + if !info.IsDir() && filepath.Ext(path) == ".json" { + content, err := os.ReadFile(path) + if err != nil { + return err + } + fileContents = append(fileContents, string(content)) + } + return nil + }) + if err != nil { + t.Fatalf("Failed to walk outDir: %v", err) + } + + // To make snapshot deterministic + sort.Strings(fileContents) + + var keys []any + for _, c := range fileContents { + keys = append(keys, c) + } + + snaps.MatchSnapshot(t, keys...) +} From c68f2b3081cc8729ad75c39692ab127514509a89 Mon Sep 17 00:00:00 2001 From: Jess Lowe Date: Fri, 27 Mar 2026 04:23:42 +0000 Subject: [PATCH 21/26] collect ranges by CPE --- vulnfeeds/conversion/common.go | 49 +++++++++++++++++----------------- 1 file changed, 25 insertions(+), 24 deletions(-) diff --git a/vulnfeeds/conversion/common.go b/vulnfeeds/conversion/common.go index 083671586e7..d626c722241 100644 --- a/vulnfeeds/conversion/common.go +++ b/vulnfeeds/conversion/common.go @@ -499,31 +499,37 @@ func CreateUnresolvedRanges(unresolvedRanges []models.RangeWithMetadata) *struct return nil } - rangesBySource := make(map[string][]models.RangeWithMetadata) - var sources []string + type key struct { + Source string + CPE string + } + + rangesByKey := make(map[key][]models.RangeWithMetadata) + var keys []key + for _, ur := range unresolvedRanges { - sourceStr := string(ur.Metadata.Source) - if _, ok := rangesBySource[sourceStr]; !ok { - sources = append(sources, sourceStr) + k := key{Source: string(ur.Metadata.Source), CPE: ur.Metadata.CPE} + if _, ok := rangesByKey[k]; !ok { + keys = append(keys, k) } - rangesBySource[sourceStr] = append(rangesBySource[sourceStr], ur) + rangesByKey[k] = append(rangesByKey[k], ur) } - slices.Sort(sources) + slices.SortFunc(keys, func(a, b key) int { + if a.Source != b.Source { + return strings.Compare(a.Source, b.Source) + } + return strings.Compare(a.CPE, b.CPE) + }) - listElements := make([]any, 0, len(sources)) + listElements := make([]any, 0, len(keys)) - for _, source := range sources { - ranges := rangesBySource[source] - cpes := []string{} + for _, k := range keys { + ranges := rangesByKey[k] unresolvedRangesMap := make(map[string]any) var events []*osvschema.Event - // Create a range from all those with CPEs for _, ur := range ranges { - if ur.Metadata.CPE != "" { - cpes = append(cpes, ur.Metadata.CPE) - } urEvents := ur.Range.GetEvents() for _, e := range urEvents { @@ -542,16 +548,11 @@ func CreateUnresolvedRanges(unresolvedRanges []models.RangeWithMetadata) *struct } metadata := make(map[string]any) - if len(cpes) > 1 { - slices.Sort(cpes) - cpes = slices.Compact(cpes) - metadata["cpes"] = cpes - } else if len(cpes) == 1 { - metadata["cpe"] = cpes[0] + if k.CPE != "" { + metadata["cpe"] = k.CPE } - - if source != "" { - metadata["source"] = source + if k.Source != "" { + metadata["source"] = k.Source } if len(metadata) > 0 { From 4f8c8281ff1a07103649fe9fe97f5e809e3aecd0 Mon Sep 17 00:00:00 2001 From: Jess Lowe Date: Sun, 29 Mar 2026 22:52:45 +0000 Subject: [PATCH 22/26] Update snaps --- .../__snapshots__/main_test.snap | 20 +- .../nvd/__snapshots__/converter_test.snap | 1598 ++++++++++++----- 2 files changed, 1166 insertions(+), 452 deletions(-) diff --git a/vulnfeeds/cmd/combine-to-osv/__snapshots__/main_test.snap b/vulnfeeds/cmd/combine-to-osv/__snapshots__/main_test.snap index cf9bab12ec1..e572a5829e3 100755 --- a/vulnfeeds/cmd/combine-to-osv/__snapshots__/main_test.snap +++ b/vulnfeeds/cmd/combine-to-osv/__snapshots__/main_test.snap @@ -1,13 +1,13 @@ [TestCombineDirsSnapshot - 1] -{"schema_version":"1.7.3", "id":"CVE-2016-15012", "published":"2023-01-07T12:59:27.772Z", "modified":"2025-04-08T20:30:50.208Z", "summary":"forcedotcom SalesforceMobileSDK-Windows QuerySpec.cs ComputeCountSql sql injection", "details":"** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in forcedotcom SalesforceMobileSDK-Windows up to 4.x. It has been rated as critical. This issue affects the function ComputeCountSql of the file SalesforceSDK/SmartStore/Store/QuerySpec.cs. The manipulation leads to sql injection. Upgrading to version 5.0.0 is able to address this issue. The patch is named 83b3e91e0c1e84873a6d3ca3c5887eb5b4f5a3d8. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-217619. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.", "affected":[{"ranges":[{"type":"GIT", "repo":"https://github.com/forcedotcom/salesforcemobilesdk-windows", "events":[{"introduced":"0"}, {"fixed":"83b3e91e0c1e84873a6d3ca3c5887eb5b4f5a3d8"}]}]}], "references":[{"type":"FIX", "url":"https://github.com/forcedotcom/SalesforceMobileSDK-Windows/commit/83b3e91e0c1e84873a6d3ca3c5887eb5b4f5a3d8"}, {"type":"FIX", "url":"https://github.com/forcedotcom/SalesforceMobileSDK-Windows/releases/tag/v5.0.0"}, {"type":"ADVISORY", "url":"https://nvd.nist.gov/vuln/detail/CVE-2016-15012"}, {"type":"REPORT", "url":"https://vuldb.com/?ctiid.217619"}, {"type":"ADVISORY", "url":"https://vuldb.com/?id.217619"}], "database_specific":{"cna_assigner":"VulDB", "cwe_ids":["CWE-89"], "osv_generated_from":"unknown"}, "severity":[{"type":"CVSS_V3", "score":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}]} -{"schema_version":"1.7.3", "id":"CVE-2016-1897", "published":"2016-01-15T02:00:00Z", "modified":"2025-04-12T10:46:40.837Z", "details":"FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the concat protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP request in which the URL string contains the first line of a local file.", "affected":[{"ranges":[{"type":"GIT", "repo":"https://github.com/ffmpeg/ffmpeg", "events":[{"introduced":"0"}, {"last_affected":"2b8b2ba19fe0ca6594cb09439b9ead2c328a79d8"}, {"last_affected":"acf511de34e0b79fff0183e06ed37f1aa8dc3d94"}, {"last_affected":"9d0bb7fc3991b030603acfe899e6f001e530c89a"}, {"last_affected":"b4552cc9b8c37410f754af5d34d24e7b8a9b4b0e"}, {"last_affected":"7de7bd4f563a1431bdac59dae5d8e930e71405e6"}, {"last_affected":"205e2264c3d5b1a16a4493b9281b9167d09c3505"}, {"last_affected":"3d91569c5e39f4062393fdb40b038e31df38473a"}, {"last_affected":"0caff57c42cac0f80152187473b1ee753aca8257"}, {"last_affected":"a37e42b3ee4226a4d2c69cd4eebf9c81e6df8ea5"}, {"last_affected":"9422cd85a081f6e084731e87eda3e8e4df9f6827"}, {"last_affected":"29353dd3f8159089ecf2fa0886f94f4cf32e75f2"}, {"last_affected":"eda6effcabcf9c238e4635eb058d72371336e09b"}, {"last_affected":"d3139c9733f1994fb86825e0d1fd2a5abf3be7b5"}, {"last_affected":"e7873dfccad595e9d8fc65217ebffcf3686e1d34"}, {"last_affected":"27172a5ca360e61a07ff16bf22f2ec91208f4e00"}, {"last_affected":"41802887eb647bee21238e0a575a7c4bbf954b86"}, {"last_affected":"68f89b8264d46d5812e710ca0f903d4d323ec899"}, {"last_affected":"6baf9c4406bcdf1015c9ec8bd6b8c4aef77624ac"}, {"last_affected":"e72c0a04664a9aab449b63135fe16ade51a99bb6"}, {"last_affected":"c2eb668617555cb8b8bcfb9796241ada9471ac65"}, {"last_affected":"f406bf3fa933be089bd76a95f75ea57b0942f8c5"}, {"last_affected":"e0a03d1f9cb18139ede8c3d0263a21828494c951"}, {"last_affected":"0edc79962641dd853cda187ee13b617701346061"}, {"last_affected":"1b99667005156cadc8d3ae0099ef5d244e598ac5"}, {"last_affected":"49fa398858df1a1e425740672de5fb4819b4d947"}, {"last_affected":"5df02760dd2f050b996f931fa7cdf8871bfa5d96"}, {"last_affected":"b05d3550407418aea53f2672463a8ebc8f75654e"}, {"last_affected":"969aee07e68c5930782bc46f2ac2391db55b8d1b"}, {"last_affected":"9f09bfe681259cfed7414f207c88f84c09d5b501"}, {"last_affected":"86a01362c0e46d155fbfc1ef19f5ba17af3ee69d"}, {"last_affected":"36cfee3adc70c6a78a07df4bb16349c4b0893ef4"}, {"last_affected":"bf0d2ee92c33d802907e829f99c26a46578ed679"}, {"last_affected":"1c14b09caf903f2e776dcd661085db49511bf531"}, {"last_affected":"051cd7dc5f42542753f809109d00ec3cf19eb337"}, {"last_affected":"3ec3f70ddb1b97fd6174ab3ca8617d8a1a6516ab"}, {"last_affected":"7c2d152f562ab089ecf8262438e2f8e9cb9c546f"}, {"last_affected":"b88de7b31a4a5c35d10b1392d2d86d93fc942b4c"}, {"last_affected":"bc259185cb69c6532232be4b2ad57a70ef7ed946"}, {"last_affected":"d005e2ecce5c8104679b39f2050a9d83e417d275"}, {"last_affected":"b44506c393b176dc396502ad262ac18bec52a110"}, {"last_affected":"db27f50e0658e91758e8a17fdcf390e6bc93c1d2"}, {"last_affected":"13a72d9b08c914c3d3c99be1053e9d5cda8baa88"}, {"last_affected":"e1ce4f805f31aecec83fc7c7ecaab623f3b6327f"}, {"last_affected":"d61454e7c1de48f6a9059ca98f55e6beb52a618c"}, {"last_affected":"043f32606046b1470218511ded151edfa7a126ee"}, {"last_affected":"dd2394754d8cee3717b3e198c83cc382674cf126"}, {"last_affected":"4afe2684d8f50b28ce6743c7ee999f3157c9857f"}, {"last_affected":"1fd7fb9036fcfb1620068014d8a52112067d2d59"}, {"last_affected":"3c63503792147a996997023694a3b45f27ab3f78"}, {"last_affected":"2c8c55195da97ee45fb0daf6d68c22b942e14ade"}, {"last_affected":"de7b74d2544d2cb5ff85db20a9853116ea72ed47"}, {"last_affected":"1047c286fa20c79dde8ddd7577a3b87cc1effdb7"}, {"last_affected":"0045969e411bcf946b2393e7bcb42032cb71a9a1"}, {"last_affected":"5e4ec87720a64cd969120af60e82cbd55454ab8e"}, {"last_affected":"da2186be81b5cb2d24da5671e25affbb8f09920d"}, {"last_affected":"2c01dd2ea5e39238261945185d2b30e11979cf4b"}, {"last_affected":"959ab06c68f8c74a0f31bcaf2692cbbdaf5702f6"}, {"last_affected":"07d508e4f55f6045b83df3346448b149faab5d7d"}, {"last_affected":"3429714f3d046f4e2235848a60b6f63bd084e01f"}, {"last_affected":"d0599a3516c5da31c7009af7574abbff360b9ce6"}, {"last_affected":"faac8e43315dae5818816bcebe52d11777b064b2"}, {"last_affected":"21d0ae829f72ec327aff31b0cb1af1261b56596c"}, {"last_affected":"1eb646ec9f87ed488f52561867e107eaee89e20c"}, {"last_affected":"d52b5f85f2837b0de9bdefe2a650d8d1b0e02ec1"}, {"last_affected":"f478bdabf2afcd5f709789347f8a3becc4ff17bc"}, {"last_affected":"b2c9cd36d34c4157af10342ad3476dd9260bbefe"}, {"last_affected":"04fd0250e1fd3fddcd7bc96c8ac95455f910637e"}, {"last_affected":"af5917698bd44f136fd0ff00a9e5f8b5f92f2d58"}, {"last_affected":"b17cec526214dff9d6ac1d97b70167d15a4e14d7"}, {"last_affected":"48d388b03336d01e0db9b729f9f82cbadf3af7bd"}, {"last_affected":"d6ce1cb14077891f3f6ac86cfd243835c92eb374"}, {"last_affected":"0bcb6ac150690d1b799982efabc11cab3420f3e3"}, {"last_affected":"620197d1ffea20e9168372c354438f1c1e926ecd"}, {"last_affected":"15466db69e60f486c44e4c3e680d27c951f125d7"}, {"last_affected":"93f3752b970cc7c9e1a360037fff1ddb9dcbb86e"}, {"last_affected":"26241af6f8b291eed42c597ffa2b32802331f813"}, {"last_affected":"58142a27ea96bf9246586a91a82db85e37646933"}, {"last_affected":"40934e0e9b632fa6c6ec22ac03b530625a027c79"}, {"last_affected":"c9b3451da3cf632424c07c35759c9ffbd537fa9e"}, {"last_affected":"644296e736ee219cd02f7b7d7b7b4c7c5a464217"}, {"last_affected":"644179e0d4155ae8f5ddd5c3f6bd003e2e13cf94"}], "database_specific":{"cpe":["cpe:2.3:a:ffmpeg:ffmpeg:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.1:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.1.8:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.10:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.11:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.12:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.13:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.14:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.15:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.16:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.3:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.4:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.4.9:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.4.10:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.4.11:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.4.12:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.5:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.5.4:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.5.6:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.5.7:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.5.8:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.5.9:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.6:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.6.6:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.7:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.7.4:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.8:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.8:dev:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.8.2:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.8.3:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.8.4:*:*:*:*:*:*:*"], "source":"CPE_FIELD", "versions":[{"introduced":"0"}, {"last_affected":"2.0"}, {"last_affected":"2.0.1"}, {"last_affected":"2.0.2"}, {"last_affected":"2.0.3"}, {"last_affected":"2.0.4"}, {"last_affected":"2.0.5"}, {"last_affected":"2.0.6"}, {"last_affected":"2.0.7"}, {"last_affected":"2.1"}, {"last_affected":"2.1.1"}, {"last_affected":"2.1.2"}, {"last_affected":"2.1.3"}, {"last_affected":"2.1.4"}, {"last_affected":"2.1.5"}, {"last_affected":"2.1.6"}, {"last_affected":"2.1.7"}, {"last_affected":"2.1.8"}, {"last_affected":"2.2"}, {"last_affected":"2.2.1"}, {"last_affected":"2.2.2"}, {"last_affected":"2.2.3"}, {"last_affected":"2.2.4"}, {"last_affected":"2.2.5"}, {"last_affected":"2.2.6"}, {"last_affected":"2.2.7"}, {"last_affected":"2.2.8"}, {"last_affected":"2.2.9"}, {"last_affected":"2.2.10"}, {"last_affected":"2.2.11"}, {"last_affected":"2.2.12"}, {"last_affected":"2.2.13"}, {"last_affected":"2.2.14"}, {"last_affected":"2.2.15"}, {"last_affected":"2.2.16"}, {"last_affected":"2.3"}, {"last_affected":"2.3.1"}, {"last_affected":"2.3.2"}, {"last_affected":"2.3.3"}, {"last_affected":"2.3.4"}, {"last_affected":"2.3.5"}, {"last_affected":"2.3.6"}, {"last_affected":"2.4"}, {"last_affected":"2.4.1"}, {"last_affected":"2.4.2"}, {"last_affected":"2.4.3"}, {"last_affected":"2.4.4"}, {"last_affected":"2.4.5"}, {"last_affected":"2.4.6"}, {"last_affected":"2.4.7"}, {"last_affected":"2.4.8"}, {"last_affected":"2.4.9"}, {"last_affected":"2.4.10"}, {"last_affected":"2.4.11"}, {"last_affected":"2.4.12"}, {"last_affected":"2.5"}, {"last_affected":"2.5.1"}, {"last_affected":"2.5.2"}, {"last_affected":"2.5.3"}, {"last_affected":"2.5.4"}, {"last_affected":"2.5.5"}, {"last_affected":"2.5.6"}, {"last_affected":"2.5.7"}, {"last_affected":"2.5.8"}, {"last_affected":"2.5.9"}, {"last_affected":"2.6"}, {"last_affected":"2.6.1"}, {"last_affected":"2.6.2"}, {"last_affected":"2.6.3"}, {"last_affected":"2.6.4"}, {"last_affected":"2.6.5"}, {"last_affected":"2.6.6"}, {"last_affected":"2.7"}, {"last_affected":"2.7.1"}, {"last_affected":"2.7.2"}, {"last_affected":"2.7.3"}, {"last_affected":"2.7.4"}, {"last_affected":"2.8"}, {"last_affected":"2.8-dev"}, {"last_affected":"2.8.1"}, {"last_affected":"2.8.2"}, {"last_affected":"2.8.3"}, {"last_affected":"2.8.4"}]}}]}], "references":[{"type":"ARTICLE", "url":"http://habrahabr.ru/company/mailru/blog/274855"}, {"type":"ADVISORY", "url":"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00034.html"}, {"type":"WEB", "url":"http://security.stackexchange.com/questions/110644"}, {"type":"ADVISORY", "url":"http://www.debian.org/security/2016/dsa-3506"}, {"type":"ARTICLE", "url":"http://www.openwall.com/lists/oss-security/2016/01/14/1"}, {"type":"ADVISORY", "url":"http://www.securityfocus.com/bid/80501"}, {"type":"ADVISORY", "url":"http://www.securitytracker.com/id/1034932"}, {"type":"ADVISORY", "url":"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.529036"}, {"type":"ADVISORY", "url":"http://www.ubuntu.com/usn/USN-2944-1"}, {"type":"ADVISORY", "url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1897"}, {"type":"ADVISORY", "url":"https://security.gentoo.org/glsa/201606-09"}, {"type":"ADVISORY", "url":"https://security.gentoo.org/glsa/201705-08"}, {"type":"ADVISORY", "url":"https://www.kb.cert.org/vuls/id/772447"}], "database_specific":{"cna_assigner":"mitre", "osv_generated_from":"unknown"}} -{"schema_version":"1.7.3", "id":"CVE-2018-14618", "published":"2018-09-05T19:00:00Z", "modified":"2024-11-21T03:49:26.003Z", "details":"curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently used to iterate over the password and generate output into the allocated storage buffer. On systems with a 32 bit size_t, the math to calculate SUM triggers an integer overflow when the password length exceeds 2GB (2^31 bytes). This integer overflow usually causes a very small buffer to actually get allocated instead of the intended very huge one, making the use of that buffer end up in a heap buffer overflow. (This bug is almost identical to CVE-2017-8816.)", "affected":[{"ranges":[{"type":"GIT", "repo":"https://github.com/curl/curl", "events":[{"introduced":"0"}, {"fixed":"432eb5f5c254ee8383b2522ce597c9219877923e"}, {"last_affected":"52707f959058c148c8a5ef4e81d0599780a1c014"}, {"last_affected":"ac98c73b04aec60683ec2094f3c311485f08d6ab"}], "database_specific":{"cpe":["cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:7.6:*:*:*:*:*:*:*"], "source":"CPE_FIELD", "versions":[{"introduced":"0"}, {"fixed":"7.61.1"}, {"last_affected":"7.5"}, {"last_affected":"7.6"}]}}]}], "references":[{"type":"ADVISORY", "url":"http://www.securitytracker.com/id/1041605"}, {"type":"ADVISORY", "url":"https://access.redhat.com/errata/RHSA-2018:3558"}, {"type":"ADVISORY", "url":"https://access.redhat.com/errata/RHSA-2019:1880"}, {"type":"REPORT", "url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14618"}, {"type":"WEB", "url":"https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf"}, {"type":"WEB", "url":"https://curl.haxx.se/docs/CVE-2018-14618.html"}, {"type":"ADVISORY", "url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14618"}, {"type":"WEB", "url":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0014"}, {"type":"ADVISORY", "url":"https://security.gentoo.org/glsa/201903-03"}, {"type":"ADVISORY", "url":"https://usn.ubuntu.com/3765-1/"}, {"type":"ADVISORY", "url":"https://usn.ubuntu.com/3765-2/"}, {"type":"ADVISORY", "url":"https://www.debian.org/security/2018/dsa-4286"}], "database_specific":{"cna_assigner":"redhat", "cwe_ids":["CWE-122", "CWE-131"], "osv_generated_from":"unknown", "unresolved_ranges":[{"metadata":{"source":"AFFECTED_FIELD"}, "versions":[{"last_affected":"7.61.1"}]}, {"metadata":{"source":"DESCRIPTION"}, "versions":[{"fixed":"7.61.1"}]}]}, "severity":[{"type":"CVSS_V3", "score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}]} -{"schema_version":"1.7.3", "id":"CVE-2022-33068", "published":"2022-06-22T13:24:42Z", "modified":"2024-11-21T07:07:30.140Z", "details":"An integer overflow in the component hb-ot-shape-fallback.cc of Harfbuzz v4.3.0 allows attackers to cause a Denial of Service (DoS) via unspecified vectors.", "affected":[{"ranges":[{"type":"GIT", "repo":"https://github.com/harfbuzz/harfbuzz", "events":[{"introduced":"0"}, {"last_affected":"aee123fc83388b8f5acfb301d87bd92eccc5b843"}, {"fixed":"62e803b36173fd096d7ad460dd1d1db9be542593"}], "database_specific":{"cpe":"cpe:2.3:a:harfbuzz_project:harfbuzz:4.3.0:*:*:*:*:*:*:*", "source":["CPE_FIELD", "REFERENCES"], "versions":[{"introduced":"0"}, {"last_affected":"4.3.0"}]}}]}], "references":[{"type":"FIX", "url":"https://github.com/harfbuzz/harfbuzz/commit/62e803b36173fd096d7ad460dd1d1db9be542593"}, {"type":"REPORT", "url":"https://github.com/harfbuzz/harfbuzz/issues/3557"}, {"type":"ADVISORY", "url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FQBJ24W6TXLSAQWCFW7IBGUMX4AJI3S4/"}, {"type":"ADVISORY", "url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QQMEXOVDL3T2UXKBCON7JSOCE646G7HG/"}, {"type":"ADVISORY", "url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W56WTC5IY4EIUHVUIHMCXA3BSBZLSZCI/"}, {"type":"ADVISORY", "url":"https://nvd.nist.gov/vuln/detail/CVE-2022-33068"}, {"type":"ADVISORY", "url":"https://security.gentoo.org/glsa/202209-11"}], "database_specific":{"cna_assigner":"mitre", "osv_generated_from":"unknown"}} -{"schema_version":"1.7.3", "id":"CVE-2023-22466", "published":"2023-01-04T21:47:09.400Z", "modified":"2025-03-10T21:32:32.950Z", "aliases":["GHSA-7rrj-xr53-82p7"], "summary":"Tokio's reject_remote_clients configuration may get dropped when creating a Windows named pipe", "details":"Tokio is a runtime for writing applications with Rust. Starting with version 1.7.0 and prior to versions 1.18.4, 1.20.3, and 1.23.1, when configuring a Windows named pipe server, setting `pipe_mode` will reset `reject_remote_clients` to `false`. If the application has previously configured `reject_remote_clients` to `true`, this effectively undoes the configuration. Remote clients may only access the named pipe if the named pipe's associated path is accessible via a publicly shared folder (SMB). Versions 1.23.1, 1.20.3, and 1.18.4 have been patched. The fix will also be present in all releases starting from version 1.24.0. Named pipes were introduced to Tokio in version 1.7.0, so releases older than 1.7.0 are not affected. As a workaround, ensure that `pipe_mode` is set first after initializing a `ServerOptions`.", "affected":[{"ranges":[{"type":"GIT", "repo":"https://github.com/tokio-rs/tokio", "events":[{"introduced":"50795e652ecb0747c8d048aeaa38a41dddb2da4b"}, {"fixed":"1a997ffbd62334af2553775234e75ede2d7d949f"}]}]}], "references":[{"type":"FIX", "url":"https://github.com/tokio-rs/tokio/pull/5336"}, {"type":"WEB", "url":"https://github.com/tokio-rs/tokio/releases/tag/tokio-1.23.1"}, {"type":"ADVISORY", "url":"https://github.com/tokio-rs/tokio/security/advisories/GHSA-7rrj-xr53-82p7"}, {"type":"WEB", "url":"https://learn.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-createnamedpipea#pipe_reject_remote_clients"}, {"type":"ADVISORY", "url":"https://nvd.nist.gov/vuln/detail/CVE-2023-22466"}], "database_specific":{"cna_assigner":"GitHub_M", "cwe_ids":["CWE-665"], "osv_generated_from":"unknown"}, "severity":[{"type":"CVSS_V3", "score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L"}]} -{"schema_version":"1.7.3", "id":"CVE-2024-2002", "published":"2024-03-18T12:26:31.386Z", "modified":"2025-11-20T18:21:28.745Z", "summary":"Libdwarf: crashes randomly on fuzzed object", "details":"A double-free vulnerability was found in libdwarf. In a multiply-corrupted DWARF object, libdwarf may try to dealloc(free) an allocation twice, potentially causing unpredictable and various results.", "affected":[{"ranges":[{"type":"GIT", "repo":"https://github.com/davea42/libdwarf-code", "events":[{"introduced":"0"}, {"fixed":"5e43a5ab73cb00c8a46660b361366a8c9c3c93c9"}], "database_specific":{"cpe":"cpe:2.3:a:libdwarf_project:libdwarf:*:*:*:*:*:*:*:*", "source":"CPE_FIELD", "versions":[{"introduced":"0.1.0"}, {"fixed":"0.9.2"}]}}]}], "references":[{"type":"WEB", "url":"https://access.redhat.com/downloads/content/package-browser/"}, {"type":"ADVISORY", "url":"https://access.redhat.com/security/cve/CVE-2024-2002"}, {"type":"REPORT", "url":"https://bugzilla.redhat.com/show_bug.cgi?id=2267700"}, {"type":"WEB", "url":"https://github.com/davea42/libdwarf-code/"}, {"type":"WEB", "url":"https://github.com/davea42/libdwarf-code/blob/main/bugxml/data.txt"}, {"type":"WEB", "url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGPVLSPIXR32J6FOAFTTIMYTUUXJICGW/"}, {"type":"ADVISORY", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-2002"}], "database_specific":{"cna_assigner":"redhat", "cwe_ids":["CWE-415"], "osv_generated_from":"unknown", "unresolved_ranges":[{"metadata":{"source":"AFFECTED_FIELD"}, "versions":[{"last_affected":"0.1.0"}]}]}, "severity":[{"type":"CVSS_V3", "score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]} -{"schema_version":"1.7.3", "id":"CVE-2024-7264", "published":"2024-07-31T08:08:14.585Z", "modified":"2025-11-03T23:17:31.647Z", "summary":"ASN.1 date parser overread", "details":"libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "affected":[{"ranges":[{"type":"GIT", "repo":"https://github.com/curl/curl", "events":[{"introduced":"70812c2f32fc5734bcbbe572b9f61c380433ad6a"}, {"fixed":"27959ecce75cdb2809c0bdb3286e60e08fadb519"}]}]}], "references":[{"type":"WEB", "url":"http://www.openwall.com/lists/oss-security/2024/07/31/1"}, {"type":"WEB", "url":"https://curl.se/docs/CVE-2024-7264.html"}, {"type":"WEB", "url":"https://curl.se/docs/CVE-2024-7264.json"}, {"type":"FIX", "url":"https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519"}, {"type":"WEB", "url":"https://hackerone.com/reports/2629968"}, {"type":"ADVISORY", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-7264"}, {"type":"ADVISORY", "url":"https://security.netapp.com/advisory/ntap-20240828-0008/"}, {"type":"ADVISORY", "url":"https://security.netapp.com/advisory/ntap-20241025-0006/"}, {"type":"ADVISORY", "url":"https://security.netapp.com/advisory/ntap-20241025-0010/"}], "database_specific":{"cna_assigner":"curl", "osv_generated_from":"unknown"}, "severity":[{"type":"CVSS_V3", "score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}]} -{"schema_version":"1.7.3", "id":"CVE-2025-4565", "published":"2025-06-16T14:50:40.906Z", "modified":"2025-08-14T17:05:37.770Z", "summary":"Unbounded recursion in Python Protobuf", "details":"Any project that uses Protobuf Pure-Python backend to parse untrusted Protocol Buffers data containing an arbitrary number of recursive groups, recursive messages or a series of SGROUP tags can be corrupted by exceeding the Python recursion limit. This can result in a Denial of service by crashing the application with a RecursionError. We recommend upgrading to version =>6.31.1 or beyond commit 17838beda2943d08b8a9d4df5b68f5f04f26d901", "affected":[{"ranges":[{"type":"GIT", "repo":"https://github.com/protocolbuffers/protobuf", "events":[{"introduced":"d295af5c3002c08e1bfd9d7f9e175d0a4d015f1e"}, {"fixed":"74211c0dfc2777318ab53c2cd2c317a2ef9012de"}]}]}], "references":[{"type":"WEB", "url":"https://github.com/protocolbuffers/protobuf/"}, {"type":"FIX", "url":"https://github.com/protocolbuffers/protobuf/commit/17838beda2943d08b8a9d4df5b68f5f04f26d901"}, {"type":"ADVISORY", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-4565"}, {"type":"PACKAGE", "url":"https://pypi.org/project/protobuf/"}], "database_specific":{"cna_assigner":"Google", "cwe_ids":["CWE-674"], "osv_generated_from":"unknown"}, "severity":[{"type":"CVSS_V4", "score":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"}]} -{"schema_version":"1.7.3", "id":"CVE-2026-20912", "published":"2026-01-22T22:01:52.026Z", "modified":"2026-01-29T22:03:58.330Z", "aliases":["GHSA-vfmv-f93v-37mw"], "summary":"Gitea: Cross-Repository Authorization Bypass via Release Attachment Linking Leads to Private Attachment Disclosure", "details":"Gitea does not properly validate repository ownership when linking attachments to releases. An attachment uploaded to a private repository could potentially be linked to a release in a different public repository, making it accessible to unauthorized users.", "affected":[{"ranges":[{"type":"GIT", "repo":"https://github.com/go-gitea/gitea", "events":[{"introduced":"0"}, {"fixed":"369830bada2fd8826a5135cb2fc66660a9bef708"}]}]}], "references":[{"type":"ADVISORY", "url":"https://blog.gitea.com/release-of-1.25.4/"}, {"type":"FIX", "url":"https://github.com/go-gitea/gitea/pull/36320"}, {"type":"FIX", "url":"https://github.com/go-gitea/gitea/pull/36355"}, {"type":"ADVISORY", "url":"https://github.com/go-gitea/gitea/releases/tag/v1.25.4"}, {"type":"ADVISORY", "url":"https://github.com/go-gitea/gitea/security/advisories/GHSA-vfmv-f93v-37mw"}, {"type":"ADVISORY", "url":"https://nvd.nist.gov/vuln/detail/CVE-2026-20912"}], "database_specific":{"cna_assigner":"Gitea", "cwe_ids":["CWE-284", "CWE-639"], "osv_generated_from":"unknown"}, "severity":[{"type":"CVSS_V3", "score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"}]} -{"schema_version":"1.7.3", "id":"CVE-2026-23522", "published":"2026-01-19T16:53:32.371Z", "modified":"2026-01-26T15:05:39.840Z", "aliases":["GHSA-j7xp-4mg9-x28r"], "summary":"Lobe Chat has IDOR in Knowledge Base File Removal that Allows Cross User File Deletion", "details":"LobeChat is an open source chat application platform. Prior to version 2.0.0-next.193, `knowledgeBase.removeFilesFromKnowledgeBase` tRPC ep allows authenticated users to delete files from any knowledge base without verifying ownership. `userId` filter in the database query is commented out, so it's enabling attackers to delete other users' KB files if they know the knowledge base ID and file ID. While the vulnerability is confirmed, practical exploitation requires knowing target's KB ID and target's file ID. These IDs are random and not easily enumerable. However, IDs may leak through shared links, logs, referrer headers and so on. Missing authorization check is a critical security flaw regardless. Users should upgrade to version 2.0.0-next.193 to receive a patch.", "affected":[{"ranges":[{"type":"GIT", "repo":"https://github.com/lobehub/lobehub", "events":[{"introduced":"0"}, {"fixed":"eeda4f90af57368584fa97250cbb0d5bf0a5e16e"}]}]}], "references":[{"type":"FIX", "url":"https://github.com/lobehub/lobe-chat/commit/2c1762b85acb84467ed5e799afe1499cd2f912e6"}, {"type":"ADVISORY", "url":"https://github.com/lobehub/lobe-chat/security/advisories/GHSA-j7xp-4mg9-x28r"}, {"type":"ADVISORY", "url":"https://nvd.nist.gov/vuln/detail/CVE-2026-23522"}], "database_specific":{"cna_assigner":"GitHub_M", "cwe_ids":["CWE-284", "CWE-639", "CWE-862", "CWE-915"], "osv_generated_from":"unknown"}, "severity":[{"type":"CVSS_V3", "score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}]} +{"schema_version":"1.7.3", "id":"CVE-2016-15012", "published":"2023-01-07T12:59:27.772Z", "modified":"2025-04-08T20:30:50.208Z", "summary":"forcedotcom SalesforceMobileSDK-Windows QuerySpec.cs ComputeCountSql sql injection", "details":"** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in forcedotcom SalesforceMobileSDK-Windows up to 4.x. It has been rated as critical. This issue affects the function ComputeCountSql of the file SalesforceSDK/SmartStore/Store/QuerySpec.cs. The manipulation leads to sql injection. Upgrading to version 5.0.0 is able to address this issue. The patch is named 83b3e91e0c1e84873a6d3ca3c5887eb5b4f5a3d8. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-217619. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.", "affected":[{"ranges":[{"type":"GIT", "repo":"https://github.com/forcedotcom/salesforcemobilesdk-windows", "events":[{"introduced":"0"}, {"fixed":"83b3e91e0c1e84873a6d3ca3c5887eb5b4f5a3d8"}]}]}], "references":[{"type":"ADVISORY", "url":"https://nvd.nist.gov/vuln/detail/CVE-2016-15012"}, {"type":"ADVISORY", "url":"https://vuldb.com/?id.217619"}, {"type":"REPORT", "url":"https://vuldb.com/?ctiid.217619"}, {"type":"FIX", "url":"https://github.com/forcedotcom/SalesforceMobileSDK-Windows/commit/83b3e91e0c1e84873a6d3ca3c5887eb5b4f5a3d8"}, {"type":"FIX", "url":"https://github.com/forcedotcom/SalesforceMobileSDK-Windows/releases/tag/v5.0.0"}], "database_specific":{"cna_assigner":"VulDB", "cwe_ids":["CWE-89"], "osv_generated_from":"unknown"}, "severity":[{"type":"CVSS_V3", "score":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}]} +{"schema_version":"1.7.3", "id":"CVE-2016-1897", "published":"2016-01-15T02:00:00Z", "modified":"2025-04-12T10:46:40.837Z", "details":"FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the concat protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP request in which the URL string contains the first line of a local file.", "affected":[{"ranges":[{"type":"GIT", "repo":"https://github.com/ffmpeg/ffmpeg", "events":[{"introduced":"0"}, {"last_affected":"2b8b2ba19fe0ca6594cb09439b9ead2c328a79d8"}, {"last_affected":"acf511de34e0b79fff0183e06ed37f1aa8dc3d94"}, {"last_affected":"9d0bb7fc3991b030603acfe899e6f001e530c89a"}, {"last_affected":"b4552cc9b8c37410f754af5d34d24e7b8a9b4b0e"}, {"last_affected":"7de7bd4f563a1431bdac59dae5d8e930e71405e6"}, {"last_affected":"205e2264c3d5b1a16a4493b9281b9167d09c3505"}, {"last_affected":"3d91569c5e39f4062393fdb40b038e31df38473a"}, {"last_affected":"0caff57c42cac0f80152187473b1ee753aca8257"}, {"last_affected":"a37e42b3ee4226a4d2c69cd4eebf9c81e6df8ea5"}, {"last_affected":"9422cd85a081f6e084731e87eda3e8e4df9f6827"}, {"last_affected":"29353dd3f8159089ecf2fa0886f94f4cf32e75f2"}, {"last_affected":"eda6effcabcf9c238e4635eb058d72371336e09b"}, {"last_affected":"d3139c9733f1994fb86825e0d1fd2a5abf3be7b5"}, {"last_affected":"e7873dfccad595e9d8fc65217ebffcf3686e1d34"}, {"last_affected":"27172a5ca360e61a07ff16bf22f2ec91208f4e00"}, {"last_affected":"41802887eb647bee21238e0a575a7c4bbf954b86"}, {"last_affected":"68f89b8264d46d5812e710ca0f903d4d323ec899"}, {"last_affected":"6baf9c4406bcdf1015c9ec8bd6b8c4aef77624ac"}, {"last_affected":"e72c0a04664a9aab449b63135fe16ade51a99bb6"}, {"last_affected":"c2eb668617555cb8b8bcfb9796241ada9471ac65"}, {"last_affected":"f406bf3fa933be089bd76a95f75ea57b0942f8c5"}, {"last_affected":"e0a03d1f9cb18139ede8c3d0263a21828494c951"}, {"last_affected":"0edc79962641dd853cda187ee13b617701346061"}, {"last_affected":"1b99667005156cadc8d3ae0099ef5d244e598ac5"}, {"last_affected":"49fa398858df1a1e425740672de5fb4819b4d947"}, {"last_affected":"5df02760dd2f050b996f931fa7cdf8871bfa5d96"}, {"last_affected":"b05d3550407418aea53f2672463a8ebc8f75654e"}, {"last_affected":"969aee07e68c5930782bc46f2ac2391db55b8d1b"}, {"last_affected":"9f09bfe681259cfed7414f207c88f84c09d5b501"}, {"last_affected":"86a01362c0e46d155fbfc1ef19f5ba17af3ee69d"}, {"last_affected":"36cfee3adc70c6a78a07df4bb16349c4b0893ef4"}, {"last_affected":"bf0d2ee92c33d802907e829f99c26a46578ed679"}, {"last_affected":"1c14b09caf903f2e776dcd661085db49511bf531"}, {"last_affected":"051cd7dc5f42542753f809109d00ec3cf19eb337"}, {"last_affected":"3ec3f70ddb1b97fd6174ab3ca8617d8a1a6516ab"}, {"last_affected":"7c2d152f562ab089ecf8262438e2f8e9cb9c546f"}, {"last_affected":"b88de7b31a4a5c35d10b1392d2d86d93fc942b4c"}, {"last_affected":"bc259185cb69c6532232be4b2ad57a70ef7ed946"}, {"last_affected":"d005e2ecce5c8104679b39f2050a9d83e417d275"}, {"last_affected":"b44506c393b176dc396502ad262ac18bec52a110"}, {"last_affected":"db27f50e0658e91758e8a17fdcf390e6bc93c1d2"}, {"last_affected":"13a72d9b08c914c3d3c99be1053e9d5cda8baa88"}, {"last_affected":"e1ce4f805f31aecec83fc7c7ecaab623f3b6327f"}, {"last_affected":"d61454e7c1de48f6a9059ca98f55e6beb52a618c"}, {"last_affected":"043f32606046b1470218511ded151edfa7a126ee"}, {"last_affected":"dd2394754d8cee3717b3e198c83cc382674cf126"}, {"last_affected":"4afe2684d8f50b28ce6743c7ee999f3157c9857f"}, {"last_affected":"1fd7fb9036fcfb1620068014d8a52112067d2d59"}, {"last_affected":"3c63503792147a996997023694a3b45f27ab3f78"}, {"last_affected":"2c8c55195da97ee45fb0daf6d68c22b942e14ade"}, {"last_affected":"de7b74d2544d2cb5ff85db20a9853116ea72ed47"}, {"last_affected":"1047c286fa20c79dde8ddd7577a3b87cc1effdb7"}, {"last_affected":"0045969e411bcf946b2393e7bcb42032cb71a9a1"}, {"last_affected":"5e4ec87720a64cd969120af60e82cbd55454ab8e"}, {"last_affected":"da2186be81b5cb2d24da5671e25affbb8f09920d"}, {"last_affected":"2c01dd2ea5e39238261945185d2b30e11979cf4b"}, {"last_affected":"959ab06c68f8c74a0f31bcaf2692cbbdaf5702f6"}, {"last_affected":"07d508e4f55f6045b83df3346448b149faab5d7d"}, {"last_affected":"3429714f3d046f4e2235848a60b6f63bd084e01f"}, {"last_affected":"d0599a3516c5da31c7009af7574abbff360b9ce6"}, {"last_affected":"faac8e43315dae5818816bcebe52d11777b064b2"}, {"last_affected":"21d0ae829f72ec327aff31b0cb1af1261b56596c"}, {"last_affected":"1eb646ec9f87ed488f52561867e107eaee89e20c"}, {"last_affected":"d52b5f85f2837b0de9bdefe2a650d8d1b0e02ec1"}, {"last_affected":"f478bdabf2afcd5f709789347f8a3becc4ff17bc"}, {"last_affected":"b2c9cd36d34c4157af10342ad3476dd9260bbefe"}, {"last_affected":"04fd0250e1fd3fddcd7bc96c8ac95455f910637e"}, {"last_affected":"af5917698bd44f136fd0ff00a9e5f8b5f92f2d58"}, {"last_affected":"b17cec526214dff9d6ac1d97b70167d15a4e14d7"}, {"last_affected":"48d388b03336d01e0db9b729f9f82cbadf3af7bd"}, {"last_affected":"d6ce1cb14077891f3f6ac86cfd243835c92eb374"}, {"last_affected":"0bcb6ac150690d1b799982efabc11cab3420f3e3"}, {"last_affected":"620197d1ffea20e9168372c354438f1c1e926ecd"}, {"last_affected":"15466db69e60f486c44e4c3e680d27c951f125d7"}, {"last_affected":"93f3752b970cc7c9e1a360037fff1ddb9dcbb86e"}, {"last_affected":"26241af6f8b291eed42c597ffa2b32802331f813"}, {"last_affected":"58142a27ea96bf9246586a91a82db85e37646933"}, {"last_affected":"40934e0e9b632fa6c6ec22ac03b530625a027c79"}, {"last_affected":"c9b3451da3cf632424c07c35759c9ffbd537fa9e"}, {"last_affected":"644296e736ee219cd02f7b7d7b7b4c7c5a464217"}, {"last_affected":"644179e0d4155ae8f5ddd5c3f6bd003e2e13cf94"}], "database_specific":{"cpe":["cpe:2.3:a:ffmpeg:ffmpeg:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.1:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.1.8:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.10:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.11:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.12:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.13:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.14:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.15:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.16:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.3:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.4:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.4.9:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.4.10:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.4.11:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.4.12:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.5:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.5.4:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.5.6:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.5.7:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.5.8:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.5.9:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.6:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.6.6:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.7:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.7.4:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.8:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.8:dev:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.8.2:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.8.3:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.8.4:*:*:*:*:*:*:*"], "source":"CPE_FIELD", "versions":[{"introduced":"0"}, {"last_affected":"2.0"}, {"last_affected":"2.0.1"}, {"last_affected":"2.0.2"}, {"last_affected":"2.0.3"}, {"last_affected":"2.0.4"}, {"last_affected":"2.0.5"}, {"last_affected":"2.0.6"}, {"last_affected":"2.0.7"}, {"last_affected":"2.1"}, {"last_affected":"2.1.1"}, {"last_affected":"2.1.2"}, {"last_affected":"2.1.3"}, {"last_affected":"2.1.4"}, {"last_affected":"2.1.5"}, {"last_affected":"2.1.6"}, {"last_affected":"2.1.7"}, {"last_affected":"2.1.8"}, {"last_affected":"2.2"}, {"last_affected":"2.2.1"}, {"last_affected":"2.2.2"}, {"last_affected":"2.2.3"}, {"last_affected":"2.2.4"}, {"last_affected":"2.2.5"}, {"last_affected":"2.2.6"}, {"last_affected":"2.2.7"}, {"last_affected":"2.2.8"}, {"last_affected":"2.2.9"}, {"last_affected":"2.2.10"}, {"last_affected":"2.2.11"}, {"last_affected":"2.2.12"}, {"last_affected":"2.2.13"}, {"last_affected":"2.2.14"}, {"last_affected":"2.2.15"}, {"last_affected":"2.2.16"}, {"last_affected":"2.3"}, {"last_affected":"2.3.1"}, {"last_affected":"2.3.2"}, {"last_affected":"2.3.3"}, {"last_affected":"2.3.4"}, {"last_affected":"2.3.5"}, {"last_affected":"2.3.6"}, {"last_affected":"2.4"}, {"last_affected":"2.4.1"}, {"last_affected":"2.4.2"}, {"last_affected":"2.4.3"}, {"last_affected":"2.4.4"}, {"last_affected":"2.4.5"}, {"last_affected":"2.4.6"}, {"last_affected":"2.4.7"}, {"last_affected":"2.4.8"}, {"last_affected":"2.4.9"}, {"last_affected":"2.4.10"}, {"last_affected":"2.4.11"}, {"last_affected":"2.4.12"}, {"last_affected":"2.5"}, {"last_affected":"2.5.1"}, {"last_affected":"2.5.2"}, {"last_affected":"2.5.3"}, {"last_affected":"2.5.4"}, {"last_affected":"2.5.5"}, {"last_affected":"2.5.6"}, {"last_affected":"2.5.7"}, {"last_affected":"2.5.8"}, {"last_affected":"2.5.9"}, {"last_affected":"2.6"}, {"last_affected":"2.6.1"}, {"last_affected":"2.6.2"}, {"last_affected":"2.6.3"}, {"last_affected":"2.6.4"}, {"last_affected":"2.6.5"}, {"last_affected":"2.6.6"}, {"last_affected":"2.7"}, {"last_affected":"2.7.1"}, {"last_affected":"2.7.2"}, {"last_affected":"2.7.3"}, {"last_affected":"2.7.4"}, {"last_affected":"2.8"}, {"last_affected":"2.8-dev"}, {"last_affected":"2.8.1"}, {"last_affected":"2.8.2"}, {"last_affected":"2.8.3"}, {"last_affected":"2.8.4"}]}}]}], "references":[{"type":"WEB", "url":"http://security.stackexchange.com/questions/110644"}, {"type":"ADVISORY", "url":"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00034.html"}, {"type":"ADVISORY", "url":"http://www.debian.org/security/2016/dsa-3506"}, {"type":"ADVISORY", "url":"http://www.securityfocus.com/bid/80501"}, {"type":"ADVISORY", "url":"http://www.securitytracker.com/id/1034932"}, {"type":"ADVISORY", "url":"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.529036"}, {"type":"ADVISORY", "url":"http://www.ubuntu.com/usn/USN-2944-1"}, {"type":"ADVISORY", "url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1897"}, {"type":"ADVISORY", "url":"https://security.gentoo.org/glsa/201606-09"}, {"type":"ADVISORY", "url":"https://security.gentoo.org/glsa/201705-08"}, {"type":"ADVISORY", "url":"https://www.kb.cert.org/vuls/id/772447"}, {"type":"ARTICLE", "url":"http://habrahabr.ru/company/mailru/blog/274855"}, {"type":"ARTICLE", "url":"http://www.openwall.com/lists/oss-security/2016/01/14/1"}], "database_specific":{"cna_assigner":"mitre", "osv_generated_from":"unknown"}} +{"schema_version":"1.7.3", "id":"CVE-2018-14618", "published":"2018-09-05T19:00:00Z", "modified":"2024-11-21T03:49:26.003Z", "details":"curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently used to iterate over the password and generate output into the allocated storage buffer. On systems with a 32 bit size_t, the math to calculate SUM triggers an integer overflow when the password length exceeds 2GB (2^31 bytes). This integer overflow usually causes a very small buffer to actually get allocated instead of the intended very huge one, making the use of that buffer end up in a heap buffer overflow. (This bug is almost identical to CVE-2017-8816.)", "affected":[{"ranges":[{"type":"GIT", "repo":"https://github.com/curl/curl", "events":[{"introduced":"0"}, {"fixed":"432eb5f5c254ee8383b2522ce597c9219877923e"}, {"last_affected":"52707f959058c148c8a5ef4e81d0599780a1c014"}, {"last_affected":"ac98c73b04aec60683ec2094f3c311485f08d6ab"}], "database_specific":{"cpe":["cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:7.6:*:*:*:*:*:*:*"], "source":"CPE_FIELD", "versions":[{"introduced":"0"}, {"fixed":"7.61.1"}, {"last_affected":"7.5"}, {"last_affected":"7.6"}]}}]}], "references":[{"type":"WEB", "url":"https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf"}, {"type":"WEB", "url":"https://curl.haxx.se/docs/CVE-2018-14618.html"}, {"type":"WEB", "url":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0014"}, {"type":"ADVISORY", "url":"http://www.securitytracker.com/id/1041605"}, {"type":"ADVISORY", "url":"https://access.redhat.com/errata/RHSA-2018:3558"}, {"type":"ADVISORY", "url":"https://access.redhat.com/errata/RHSA-2019:1880"}, {"type":"ADVISORY", "url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14618"}, {"type":"ADVISORY", "url":"https://security.gentoo.org/glsa/201903-03"}, {"type":"ADVISORY", "url":"https://usn.ubuntu.com/3765-1/"}, {"type":"ADVISORY", "url":"https://usn.ubuntu.com/3765-2/"}, {"type":"ADVISORY", "url":"https://www.debian.org/security/2018/dsa-4286"}, {"type":"REPORT", "url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14618"}], "database_specific":{"cna_assigner":"redhat", "cwe_ids":["CWE-122", "CWE-131"], "osv_generated_from":"unknown", "unresolved_ranges":[{"metadata":{"source":"AFFECTED_FIELD"}, "versions":[{"last_affected":"7.61.1"}]}, {"metadata":{"source":"DESCRIPTION"}, "versions":[{"fixed":"7.61.1"}]}]}, "severity":[{"type":"CVSS_V3", "score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}]} +{"schema_version":"1.7.3", "id":"CVE-2022-33068", "published":"2022-06-22T13:24:42Z", "modified":"2024-11-21T07:07:30.140Z", "details":"An integer overflow in the component hb-ot-shape-fallback.cc of Harfbuzz v4.3.0 allows attackers to cause a Denial of Service (DoS) via unspecified vectors.", "affected":[{"ranges":[{"type":"GIT", "repo":"https://github.com/harfbuzz/harfbuzz", "events":[{"introduced":"0"}, {"last_affected":"aee123fc83388b8f5acfb301d87bd92eccc5b843"}, {"fixed":"62e803b36173fd096d7ad460dd1d1db9be542593"}], "database_specific":{"cpe":"cpe:2.3:a:harfbuzz_project:harfbuzz:4.3.0:*:*:*:*:*:*:*", "source":["CPE_FIELD", "REFERENCES"], "versions":[{"introduced":"0"}, {"last_affected":"4.3.0"}]}}]}], "references":[{"type":"ADVISORY", "url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FQBJ24W6TXLSAQWCFW7IBGUMX4AJI3S4/"}, {"type":"ADVISORY", "url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QQMEXOVDL3T2UXKBCON7JSOCE646G7HG/"}, {"type":"ADVISORY", "url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W56WTC5IY4EIUHVUIHMCXA3BSBZLSZCI/"}, {"type":"ADVISORY", "url":"https://nvd.nist.gov/vuln/detail/CVE-2022-33068"}, {"type":"ADVISORY", "url":"https://security.gentoo.org/glsa/202209-11"}, {"type":"REPORT", "url":"https://github.com/harfbuzz/harfbuzz/issues/3557"}, {"type":"FIX", "url":"https://github.com/harfbuzz/harfbuzz/commit/62e803b36173fd096d7ad460dd1d1db9be542593"}], "database_specific":{"cna_assigner":"mitre", "osv_generated_from":"unknown"}} +{"schema_version":"1.7.3", "id":"CVE-2023-22466", "published":"2023-01-04T21:47:09.400Z", "modified":"2025-03-10T21:32:32.950Z", "aliases":["GHSA-7rrj-xr53-82p7"], "summary":"Tokio's reject_remote_clients configuration may get dropped when creating a Windows named pipe", "details":"Tokio is a runtime for writing applications with Rust. Starting with version 1.7.0 and prior to versions 1.18.4, 1.20.3, and 1.23.1, when configuring a Windows named pipe server, setting `pipe_mode` will reset `reject_remote_clients` to `false`. If the application has previously configured `reject_remote_clients` to `true`, this effectively undoes the configuration. Remote clients may only access the named pipe if the named pipe's associated path is accessible via a publicly shared folder (SMB). Versions 1.23.1, 1.20.3, and 1.18.4 have been patched. The fix will also be present in all releases starting from version 1.24.0. Named pipes were introduced to Tokio in version 1.7.0, so releases older than 1.7.0 are not affected. As a workaround, ensure that `pipe_mode` is set first after initializing a `ServerOptions`.", "affected":[{"ranges":[{"type":"GIT", "repo":"https://github.com/tokio-rs/tokio", "events":[{"introduced":"50795e652ecb0747c8d048aeaa38a41dddb2da4b"}, {"fixed":"1a997ffbd62334af2553775234e75ede2d7d949f"}]}]}], "references":[{"type":"WEB", "url":"https://github.com/tokio-rs/tokio/releases/tag/tokio-1.23.1"}, {"type":"WEB", "url":"https://learn.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-createnamedpipea#pipe_reject_remote_clients"}, {"type":"ADVISORY", "url":"https://github.com/tokio-rs/tokio/security/advisories/GHSA-7rrj-xr53-82p7"}, {"type":"ADVISORY", "url":"https://nvd.nist.gov/vuln/detail/CVE-2023-22466"}, {"type":"FIX", "url":"https://github.com/tokio-rs/tokio/pull/5336"}], "database_specific":{"cna_assigner":"GitHub_M", "cwe_ids":["CWE-665"], "osv_generated_from":"unknown"}, "severity":[{"type":"CVSS_V3", "score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L"}]} +{"schema_version":"1.7.3", "id":"CVE-2024-2002", "published":"2024-03-18T12:26:31.386Z", "modified":"2025-11-20T18:21:28.745Z", "summary":"Libdwarf: crashes randomly on fuzzed object", "details":"A double-free vulnerability was found in libdwarf. In a multiply-corrupted DWARF object, libdwarf may try to dealloc(free) an allocation twice, potentially causing unpredictable and various results.", "affected":[{"ranges":[{"type":"GIT", "repo":"https://github.com/davea42/libdwarf-code", "events":[{"introduced":"0"}, {"fixed":"5e43a5ab73cb00c8a46660b361366a8c9c3c93c9"}], "database_specific":{"cpe":"cpe:2.3:a:libdwarf_project:libdwarf:*:*:*:*:*:*:*:*", "source":"CPE_FIELD", "versions":[{"introduced":"0.1.0"}, {"fixed":"0.9.2"}]}}]}], "references":[{"type":"WEB", "url":"https://access.redhat.com/downloads/content/package-browser/"}, {"type":"WEB", "url":"https://github.com/davea42/libdwarf-code/"}, {"type":"WEB", "url":"https://github.com/davea42/libdwarf-code/blob/main/bugxml/data.txt"}, {"type":"WEB", "url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGPVLSPIXR32J6FOAFTTIMYTUUXJICGW/"}, {"type":"ADVISORY", "url":"https://access.redhat.com/security/cve/CVE-2024-2002"}, {"type":"ADVISORY", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-2002"}, {"type":"REPORT", "url":"https://bugzilla.redhat.com/show_bug.cgi?id=2267700"}], "database_specific":{"cna_assigner":"redhat", "cwe_ids":["CWE-415"], "osv_generated_from":"unknown", "unresolved_ranges":[{"metadata":{"source":"AFFECTED_FIELD"}, "versions":[{"last_affected":"0.1.0"}]}]}, "severity":[{"type":"CVSS_V3", "score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]} +{"schema_version":"1.7.3", "id":"CVE-2024-7264", "published":"2024-07-31T08:08:14.585Z", "modified":"2025-11-03T23:17:31.647Z", "summary":"ASN.1 date parser overread", "details":"libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "affected":[{"ranges":[{"type":"GIT", "repo":"https://github.com/curl/curl", "events":[{"introduced":"70812c2f32fc5734bcbbe572b9f61c380433ad6a"}, {"fixed":"27959ecce75cdb2809c0bdb3286e60e08fadb519"}]}]}], "references":[{"type":"WEB", "url":"http://www.openwall.com/lists/oss-security/2024/07/31/1"}, {"type":"WEB", "url":"https://curl.se/docs/CVE-2024-7264.html"}, {"type":"WEB", "url":"https://curl.se/docs/CVE-2024-7264.json"}, {"type":"WEB", "url":"https://hackerone.com/reports/2629968"}, {"type":"ADVISORY", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-7264"}, {"type":"ADVISORY", "url":"https://security.netapp.com/advisory/ntap-20240828-0008/"}, {"type":"ADVISORY", "url":"https://security.netapp.com/advisory/ntap-20241025-0006/"}, {"type":"ADVISORY", "url":"https://security.netapp.com/advisory/ntap-20241025-0010/"}, {"type":"FIX", "url":"https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519"}], "database_specific":{"cna_assigner":"curl", "osv_generated_from":"unknown"}, "severity":[{"type":"CVSS_V3", "score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}]} +{"schema_version":"1.7.3", "id":"CVE-2025-4565", "published":"2025-06-16T14:50:40.906Z", "modified":"2025-08-14T17:05:37.770Z", "summary":"Unbounded recursion in Python Protobuf", "details":"Any project that uses Protobuf Pure-Python backend to parse untrusted Protocol Buffers data containing an arbitrary number of recursive groups, recursive messages or a series of SGROUP tags can be corrupted by exceeding the Python recursion limit. This can result in a Denial of service by crashing the application with a RecursionError. We recommend upgrading to version =>6.31.1 or beyond commit 17838beda2943d08b8a9d4df5b68f5f04f26d901", "affected":[{"ranges":[{"type":"GIT", "repo":"https://github.com/protocolbuffers/protobuf", "events":[{"introduced":"d295af5c3002c08e1bfd9d7f9e175d0a4d015f1e"}, {"fixed":"74211c0dfc2777318ab53c2cd2c317a2ef9012de"}]}]}], "references":[{"type":"WEB", "url":"https://github.com/protocolbuffers/protobuf/"}, {"type":"ADVISORY", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-4565"}, {"type":"FIX", "url":"https://github.com/protocolbuffers/protobuf/commit/17838beda2943d08b8a9d4df5b68f5f04f26d901"}, {"type":"PACKAGE", "url":"https://pypi.org/project/protobuf/"}], "database_specific":{"cna_assigner":"Google", "cwe_ids":["CWE-674"], "osv_generated_from":"unknown"}, "severity":[{"type":"CVSS_V4", "score":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"}]} +{"schema_version":"1.7.3", "id":"CVE-2026-20912", "published":"2026-01-22T22:01:52.026Z", "modified":"2026-01-29T22:03:58.330Z", "aliases":["GHSA-vfmv-f93v-37mw"], "summary":"Gitea: Cross-Repository Authorization Bypass via Release Attachment Linking Leads to Private Attachment Disclosure", "details":"Gitea does not properly validate repository ownership when linking attachments to releases. An attachment uploaded to a private repository could potentially be linked to a release in a different public repository, making it accessible to unauthorized users.", "affected":[{"ranges":[{"type":"GIT", "repo":"https://github.com/go-gitea/gitea", "events":[{"introduced":"0"}, {"fixed":"369830bada2fd8826a5135cb2fc66660a9bef708"}]}]}], "references":[{"type":"ADVISORY", "url":"https://blog.gitea.com/release-of-1.25.4/"}, {"type":"ADVISORY", "url":"https://github.com/go-gitea/gitea/releases/tag/v1.25.4"}, {"type":"ADVISORY", "url":"https://github.com/go-gitea/gitea/security/advisories/GHSA-vfmv-f93v-37mw"}, {"type":"ADVISORY", "url":"https://nvd.nist.gov/vuln/detail/CVE-2026-20912"}, {"type":"FIX", "url":"https://github.com/go-gitea/gitea/pull/36320"}, {"type":"FIX", "url":"https://github.com/go-gitea/gitea/pull/36355"}], "database_specific":{"cna_assigner":"Gitea", "cwe_ids":["CWE-284", "CWE-639"], "osv_generated_from":"unknown"}, "severity":[{"type":"CVSS_V3", "score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"}]} +{"schema_version":"1.7.3", "id":"CVE-2026-23522", "published":"2026-01-19T16:53:32.371Z", "modified":"2026-01-26T15:05:39.840Z", "aliases":["GHSA-j7xp-4mg9-x28r"], "summary":"Lobe Chat has IDOR in Knowledge Base File Removal that Allows Cross User File Deletion", "details":"LobeChat is an open source chat application platform. Prior to version 2.0.0-next.193, `knowledgeBase.removeFilesFromKnowledgeBase` tRPC ep allows authenticated users to delete files from any knowledge base without verifying ownership. `userId` filter in the database query is commented out, so it's enabling attackers to delete other users' KB files if they know the knowledge base ID and file ID. While the vulnerability is confirmed, practical exploitation requires knowing target's KB ID and target's file ID. These IDs are random and not easily enumerable. However, IDs may leak through shared links, logs, referrer headers and so on. Missing authorization check is a critical security flaw regardless. Users should upgrade to version 2.0.0-next.193 to receive a patch.", "affected":[{"ranges":[{"type":"GIT", "repo":"https://github.com/lobehub/lobehub", "events":[{"introduced":"0"}, {"fixed":"eeda4f90af57368584fa97250cbb0d5bf0a5e16e"}]}]}], "references":[{"type":"ADVISORY", "url":"https://github.com/lobehub/lobe-chat/security/advisories/GHSA-j7xp-4mg9-x28r"}, {"type":"ADVISORY", "url":"https://nvd.nist.gov/vuln/detail/CVE-2026-23522"}, {"type":"FIX", "url":"https://github.com/lobehub/lobe-chat/commit/2c1762b85acb84467ed5e799afe1499cd2f912e6"}], "database_specific":{"cna_assigner":"GitHub_M", "cwe_ids":["CWE-284", "CWE-639", "CWE-862", "CWE-915"], "osv_generated_from":"unknown"}, "severity":[{"type":"CVSS_V3", "score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}]} --- diff --git a/vulnfeeds/conversion/nvd/__snapshots__/converter_test.snap b/vulnfeeds/conversion/nvd/__snapshots__/converter_test.snap index 836c9f97387..bd7c958d395 100755 --- a/vulnfeeds/conversion/nvd/__snapshots__/converter_test.snap +++ b/vulnfeeds/conversion/nvd/__snapshots__/converter_test.snap @@ -52,15 +52,15 @@ "references": [ { "type": "ADVISORY", - "url": "https://github.com/go-gitea/gitea/security/advisories/GHSA-vfmv-f93v-37mw" + "url": "https://blog.gitea.com/release-of-1.25.4/" }, { "type": "ADVISORY", - "url": "https://blog.gitea.com/release-of-1.25.4/" + "url": "https://github.com/go-gitea/gitea/releases/tag/v1.25.4" }, { "type": "ADVISORY", - "url": "https://github.com/go-gitea/gitea/releases/tag/v1.25.4" + "url": "https://github.com/go-gitea/gitea/security/advisories/GHSA-vfmv-f93v-37mw" }, { "type": "FIX", @@ -83,453 +83,923 @@ "unresolved_ranges": [ { "metadata": { - "cpe": "cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*", + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.0.1:*:*:*:*:*:*:*", "source": "CPE_FIELD" }, "versions": [ { - "introduced": "7.32.0" - }, - { - "fixed": "8.9.1" + "last_affected": "2.0.1" } ] - } - ] - }, - "details": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", - "id": "CVE-2024-7264", - "modified": "2025-11-03T23:17:31.647Z", - "published": "2024-07-31T08:15:02.657Z", - "references": [ - { - "type": "ADVISORY", - "url": "https://security.netapp.com/advisory/ntap-20241025-0010/" - }, - { - "type": "ADVISORY", - "url": "https://curl.se/docs/CVE-2024-7264.html" - }, - { - "type": "ADVISORY", - "url": "https://curl.se/docs/CVE-2024-7264.json" - }, - { - "type": "ADVISORY", - "url": "https://security.netapp.com/advisory/ntap-20240828-0008/" - }, - { - "type": "ADVISORY", - "url": "https://security.netapp.com/advisory/ntap-20241025-0006/" - }, - { - "type": "REPORT", - "url": "https://hackerone.com/reports/2629968" - }, - { - "type": "FIX", - "url": "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519" - }, - { - "type": "ARTICLE", - "url": "http://www.openwall.com/lists/oss-security/2024/07/31/1" - } - ], - "severity": [ - { - "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", - "type": "CVSS_V3" - } - ] -} -{ - "database_specific": { - "unresolved_ranges": [ + }, { "metadata": { - "cpe": "cpe:2.3:a:salesforce:mobile_software_development_kit:*:*:*:*:*:windows:*:*", + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.0.2:*:*:*:*:*:*:*", "source": "CPE_FIELD" }, "versions": [ { - "fixed": "5.0.0" + "last_affected": "2.0.2" } ] - } - ] - }, - "details": "** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in forcedotcom SalesforceMobileSDK-Windows up to 4.x. It has been rated as critical. This issue affects the function ComputeCountSql of the file SalesforceSDK/SmartStore/Store/QuerySpec.cs. The manipulation leads to sql injection. Upgrading to version 5.0.0 is able to address this issue. The patch is named 83b3e91e0c1e84873a6d3ca3c5887eb5b4f5a3d8. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-217619. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.", - "id": "CVE-2016-15012", - "modified": "2024-11-21T02:45:29.557Z", - "published": "2023-01-07T13:15:09.530Z", - "references": [ - { - "type": "ADVISORY", - "url": "https://github.com/forcedotcom/SalesforceMobileSDK-Windows/releases/tag/v5.0.0" - }, - { - "type": "REPORT", - "url": "https://vuldb.com/?ctiid.217619" - }, - { - "type": "REPORT", - "url": "https://vuldb.com/?id.217619" - }, - { - "type": "FIX", - "url": "https://github.com/forcedotcom/SalesforceMobileSDK-Windows/commit/83b3e91e0c1e84873a6d3ca3c5887eb5b4f5a3d8" - } - ], - "severity": [ - { - "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", - "type": "CVSS_V3" - } - ] -} -{ - "database_specific": { - "unresolved_ranges": [ + }, { "metadata": { - "cpes": [ - "cpe:2.3:a:ffmpeg:ffmpeg:2.0.1:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.0.2:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.0.3:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.0.4:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.0.5:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.0.6:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.0.7:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.0:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.1.1:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.1.2:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.1.3:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.1.4:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.1.5:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.1.6:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.1.7:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.1.8:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.1:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.2.10:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.2.11:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.2.12:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.2.13:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.2.14:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.2.15:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.2.16:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.2.1:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.2.2:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.2.3:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.2.4:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.2.5:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.2.6:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.2.7:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.2.8:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.2.9:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.2:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.3.1:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.3.2:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.3.3:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.3.4:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.3.5:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.3.6:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.3:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.4.10:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.4.11:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.4.12:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.4.1:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.4.2:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.4.3:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.4.4:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.4.5:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.4.6:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.4.7:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.4.8:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.4.9:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.4:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.5.1:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.5.2:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.5.3:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.5.4:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.5.5:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.5.6:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.5.7:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.5.8:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.5.9:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.5:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.6.1:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.6.2:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.6.3:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.6.4:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.6.5:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.6.6:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.6:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.7.1:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.7.2:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.7.3:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.7.4:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.7:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.8.1:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.8.2:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.8.3:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.8.4:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.8:*:*:*:*:*:*:*", - "cpe:2.3:a:ffmpeg:ffmpeg:2.8:dev:*:*:*:*:*:*", - "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", - "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" - ], + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.0.3:*:*:*:*:*:*:*", "source": "CPE_FIELD" }, "versions": [ - { - "last_affected": "2.0" - }, - { - "last_affected": "2.0.1" - }, - { - "last_affected": "2.0.2" - }, { "last_affected": "2.0.3" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.0.4:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "2.0.4" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.0.5:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "2.0.5" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.0.6:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "2.0.6" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.0.7:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "2.0.7" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.0:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { - "last_affected": "2.1" - }, + "last_affected": "2.0" + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.1.1:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "2.1.1" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.1.2:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "2.1.2" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.1.3:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "2.1.3" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.1.4:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "2.1.4" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.1.5:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "2.1.5" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.1.6:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "2.1.6" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.1.7:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "2.1.7" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.1.8:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "2.1.8" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.1:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { - "last_affected": "2.2" - }, + "last_affected": "2.1" + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.10:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { - "last_affected": "2.2.1" - }, + "last_affected": "2.2.10" + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.11:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { - "last_affected": "2.2.2" - }, + "last_affected": "2.2.11" + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.12:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { - "last_affected": "2.2.3" - }, + "last_affected": "2.2.12" + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.13:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { - "last_affected": "2.2.4" - }, + "last_affected": "2.2.13" + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.14:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { - "last_affected": "2.2.5" - }, + "last_affected": "2.2.14" + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.15:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { - "last_affected": "2.2.6" - }, + "last_affected": "2.2.15" + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.16:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { - "last_affected": "2.2.7" - }, + "last_affected": "2.2.16" + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.1:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { - "last_affected": "2.2.8" - }, + "last_affected": "2.2.1" + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.2:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { - "last_affected": "2.2.9" - }, + "last_affected": "2.2.2" + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.3:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { - "last_affected": "2.2.10" - }, + "last_affected": "2.2.3" + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.4:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { - "last_affected": "2.2.11" - }, + "last_affected": "2.2.4" + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.5:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { - "last_affected": "2.2.12" - }, + "last_affected": "2.2.5" + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.6:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { - "last_affected": "2.2.13" - }, + "last_affected": "2.2.6" + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.7:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { - "last_affected": "2.2.14" - }, + "last_affected": "2.2.7" + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.8:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { - "last_affected": "2.2.15" - }, + "last_affected": "2.2.8" + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.9:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { - "last_affected": "2.2.16" - }, + "last_affected": "2.2.9" + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.2:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { - "last_affected": "2.3" - }, + "last_affected": "2.2" + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.3.1:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "2.3.1" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.3.2:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "2.3.2" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.3.3:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "2.3.3" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.3.4:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "2.3.4" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.3.5:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "2.3.5" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.3.6:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "2.3.6" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.3:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { - "last_affected": "2.4" - }, + "last_affected": "2.3" + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.4.10:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ + { + "last_affected": "2.4.10" + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.4.11:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ + { + "last_affected": "2.4.11" + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.4.12:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ + { + "last_affected": "2.4.12" + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.4.1:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "2.4.1" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.4.2:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "2.4.2" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.4.3:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "2.4.3" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.4.4:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "2.4.4" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.4.5:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "2.4.5" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.4.6:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "2.4.6" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.4.7:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "2.4.7" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.4.8:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "2.4.8" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.4.9:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "2.4.9" - }, - { - "last_affected": "2.4.10" - }, - { - "last_affected": "2.4.11" - }, - { - "last_affected": "2.4.12" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.4:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { - "last_affected": "2.5" - }, + "last_affected": "2.4" + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.5.1:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "2.5.1" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.5.2:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "2.5.2" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.5.3:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "2.5.3" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.5.4:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "2.5.4" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.5.5:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "2.5.5" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.5.6:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "2.5.6" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.5.7:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "2.5.7" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.5.8:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "2.5.8" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.5.9:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "2.5.9" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.5:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { - "last_affected": "2.6" - }, + "last_affected": "2.5" + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.6.1:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "2.6.1" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.6.2:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "2.6.2" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.6.3:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "2.6.3" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.6.4:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "2.6.4" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.6.5:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "2.6.5" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.6.6:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "2.6.6" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.6:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { - "last_affected": "2.7" - }, + "last_affected": "2.6" + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.7.1:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "2.7.1" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.7.2:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "2.7.2" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.7.3:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "2.7.3" - }, - { - "last_affected": "2.7.4" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.7.4:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { - "last_affected": "2.8" - }, + "last_affected": "2.7.4" + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.7:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { - "last_affected": "2.8-dev" - }, + "last_affected": "2.7" + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.8.1:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "2.8.1" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.8.2:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "2.8.2" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.8.3:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "2.8.3" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.8.4:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "2.8.4" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.8:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ + { + "last_affected": "2.8" + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:ffmpeg:ffmpeg:2.8:dev:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ + { + "last_affected": "2.8-dev" + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "12.04" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "42.1" } @@ -542,6 +1012,10 @@ "modified": "2025-04-12T10:46:40.837Z", "published": "2016-01-15T03:59:23.063Z", "references": [ + { + "type": "WEB", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00034.html" + }, { "type": "WEB", "url": "http://www.openwall.com/lists/oss-security/2016/01/14/1" @@ -558,10 +1032,6 @@ "type": "WEB", "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.529036" }, - { - "type": "WEB", - "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00034.html" - }, { "type": "WEB", "url": "https://www.kb.cert.org/vuls/id/772447" @@ -572,23 +1042,23 @@ }, { "type": "ADVISORY", - "url": "https://security.gentoo.org/glsa/201606-09" + "url": "http://www.ubuntu.com/usn/USN-2944-1" }, { "type": "ADVISORY", - "url": "https://security.gentoo.org/glsa/201705-08" + "url": "https://security.gentoo.org/glsa/201606-09" }, { "type": "ADVISORY", - "url": "http://www.ubuntu.com/usn/USN-2944-1" + "url": "https://security.gentoo.org/glsa/201705-08" }, { "type": "EVIDENCE", - "url": "http://security.stackexchange.com/questions/110644" + "url": "http://habrahabr.ru/company/mailru/blog/274855" }, { "type": "EVIDENCE", - "url": "http://habrahabr.ru/company/mailru/blog/274855" + "url": "http://security.stackexchange.com/questions/110644" } ], "severity": [ @@ -603,9 +1073,7 @@ "unresolved_ranges": [ { "metadata": { - "cpes": [ - "cpe:2.3:a:google:protobuf-python:*:*:*:*:*:*:*:*" - ], + "cpe": "cpe:2.3:a:google:protobuf-python:*:*:*:*:*:*:*:*", "source": "CPE_FIELD" }, "versions": [ @@ -650,60 +1118,255 @@ "unresolved_ranges": [ { "metadata": { - "cpes": [ - "cpe:2.3:a:harfbuzz_project:harfbuzz:4.3.0:*:*:*:*:*:*:*", - "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", - "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*" - ], + "cpe": "cpe:2.3:a:harfbuzz_project:harfbuzz:4.3.0:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ + { + "last_affected": "4.3.0" + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ + { + "last_affected": "35" + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ + { + "last_affected": "36" + } + ] + } + ] + }, + "details": "An integer overflow in the component hb-ot-shape-fallback.cc of Harfbuzz v4.3.0 allows attackers to cause a Denial of Service (DoS) via unspecified vectors.", + "id": "CVE-2022-33068", + "modified": "2024-11-21T07:07:30.140Z", + "published": "2022-06-23T17:15:14.350Z", + "references": [ + { + "type": "WEB", + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FQBJ24W6TXLSAQWCFW7IBGUMX4AJI3S4/" + }, + { + "type": "WEB", + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QQMEXOVDL3T2UXKBCON7JSOCE646G7HG/" + }, + { + "type": "WEB", + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W56WTC5IY4EIUHVUIHMCXA3BSBZLSZCI/" + }, + { + "type": "ADVISORY", + "url": "https://security.gentoo.org/glsa/202209-11" + }, + { + "type": "FIX", + "url": "https://github.com/harfbuzz/harfbuzz/commit/62e803b36173fd096d7ad460dd1d1db9be542593" + }, + { + "type": "FIX", + "url": "https://github.com/harfbuzz/harfbuzz/issues/3557" + } + ], + "severity": [ + { + "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "type": "CVSS_V3" + } + ] +} +{ + "database_specific": { + "unresolved_ranges": [ + { + "metadata": { + "cpe": "cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ + { + "fixed": "7.61.1" + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ + { + "last_affected": "12.04" + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ + { + "last_affected": "14.04" + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ + { + "last_affected": "16.04" + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ + { + "last_affected": "18.04" + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ + { + "last_affected": "9.0" + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ + { + "last_affected": "6.0" + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ + { + "last_affected": "7.0" + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:o:redhat:enterprise_linux:7.4:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ + { + "last_affected": "7.4" + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ + { + "last_affected": "7.5" + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:o:redhat:enterprise_linux:7.6:*:*:*:*:*:*:*", "source": "CPE_FIELD" }, "versions": [ { - "last_affected": "4.3.0" - }, - { - "last_affected": "35" - }, - { - "last_affected": "36" + "last_affected": "7.6" } ] } ] }, - "details": "An integer overflow in the component hb-ot-shape-fallback.cc of Harfbuzz v4.3.0 allows attackers to cause a Denial of Service (DoS) via unspecified vectors.", - "id": "CVE-2022-33068", - "modified": "2024-11-21T07:07:30.140Z", - "published": "2022-06-23T17:15:14.350Z", + "details": "curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently used to iterate over the password and generate output into the allocated storage buffer. On systems with a 32 bit size_t, the math to calculate SUM triggers an integer overflow when the password length exceeds 2GB (2^31 bytes). This integer overflow usually causes a very small buffer to actually get allocated instead of the intended very huge one, making the use of that buffer end up in a heap buffer overflow. (This bug is almost identical to CVE-2017-8816.)", + "id": "CVE-2018-14618", + "modified": "2024-11-21T03:49:26.003Z", + "published": "2018-09-05T19:29:00.420Z", "references": [ { "type": "WEB", - "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FQBJ24W6TXLSAQWCFW7IBGUMX4AJI3S4/" + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf" }, { - "type": "WEB", - "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QQMEXOVDL3T2UXKBCON7JSOCE646G7HG/" + "type": "ADVISORY", + "url": "http://www.securitytracker.com/id/1041605" }, { - "type": "WEB", - "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W56WTC5IY4EIUHVUIHMCXA3BSBZLSZCI/" + "type": "ADVISORY", + "url": "https://access.redhat.com/errata/RHSA-2018:3558" }, { "type": "ADVISORY", - "url": "https://security.gentoo.org/glsa/202209-11" + "url": "https://access.redhat.com/errata/RHSA-2019:1880" }, { - "type": "FIX", - "url": "https://github.com/harfbuzz/harfbuzz/commit/62e803b36173fd096d7ad460dd1d1db9be542593" + "type": "ADVISORY", + "url": "https://curl.haxx.se/docs/CVE-2018-14618.html" }, { - "type": "FIX", - "url": "https://github.com/harfbuzz/harfbuzz/issues/3557" + "type": "ADVISORY", + "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0014" + }, + { + "type": "ADVISORY", + "url": "https://security.gentoo.org/glsa/201903-03" + }, + { + "type": "ADVISORY", + "url": "https://usn.ubuntu.com/3765-1/" + }, + { + "type": "ADVISORY", + "url": "https://usn.ubuntu.com/3765-2/" + }, + { + "type": "ADVISORY", + "url": "https://www.debian.org/security/2018/dsa-4286" + }, + { + "type": "REPORT", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14618" } ], "severity": [ { - "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "type": "CVSS_V3" } ] @@ -713,112 +1376,61 @@ "unresolved_ranges": [ { "metadata": { - "cpes": [ - "cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*", - "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", - "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", - "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", - "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", - "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", - "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", - "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", - "cpe:2.3:o:redhat:enterprise_linux:7.4:*:*:*:*:*:*:*", - "cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*", - "cpe:2.3:o:redhat:enterprise_linux:7.6:*:*:*:*:*:*:*" - ], + "cpe": "cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*", "source": "CPE_FIELD" }, "versions": [ { - "fixed": "7.61.1" - }, - { - "last_affected": "12.04" - }, - { - "last_affected": "14.04" - }, - { - "last_affected": "16.04" - }, - { - "last_affected": "18.04" - }, - { - "last_affected": "9.0" - }, - { - "last_affected": "6.0" - }, - { - "last_affected": "7.0" - }, - { - "last_affected": "7.4" - }, - { - "last_affected": "7.5" + "introduced": "7.32.0" }, { - "last_affected": "7.6" + "fixed": "8.9.1" } ] } ] }, - "details": "curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently used to iterate over the password and generate output into the allocated storage buffer. On systems with a 32 bit size_t, the math to calculate SUM triggers an integer overflow when the password length exceeds 2GB (2^31 bytes). This integer overflow usually causes a very small buffer to actually get allocated instead of the intended very huge one, making the use of that buffer end up in a heap buffer overflow. (This bug is almost identical to CVE-2017-8816.)", - "id": "CVE-2018-14618", - "modified": "2024-11-21T03:49:26.003Z", - "published": "2018-09-05T19:29:00.420Z", + "details": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "id": "CVE-2024-7264", + "modified": "2025-11-03T23:17:31.647Z", + "published": "2024-07-31T08:15:02.657Z", "references": [ - { - "type": "WEB", - "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf" - }, - { - "type": "ADVISORY", - "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0014" - }, - { - "type": "ADVISORY", - "url": "http://www.securitytracker.com/id/1041605" - }, { "type": "ADVISORY", - "url": "https://access.redhat.com/errata/RHSA-2019:1880" + "url": "https://curl.se/docs/CVE-2024-7264.html" }, { "type": "ADVISORY", - "url": "https://security.gentoo.org/glsa/201903-03" + "url": "https://curl.se/docs/CVE-2024-7264.json" }, { "type": "ADVISORY", - "url": "https://usn.ubuntu.com/3765-1/" + "url": "https://security.netapp.com/advisory/ntap-20240828-0008/" }, { "type": "ADVISORY", - "url": "https://usn.ubuntu.com/3765-2/" + "url": "https://security.netapp.com/advisory/ntap-20241025-0006/" }, { "type": "ADVISORY", - "url": "https://www.debian.org/security/2018/dsa-4286" + "url": "https://security.netapp.com/advisory/ntap-20241025-0010/" }, { - "type": "ADVISORY", - "url": "https://access.redhat.com/errata/RHSA-2018:3558" + "type": "REPORT", + "url": "https://hackerone.com/reports/2629968" }, { - "type": "ADVISORY", - "url": "https://curl.haxx.se/docs/CVE-2018-14618.html" + "type": "FIX", + "url": "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519" }, { - "type": "REPORT", - "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14618" + "type": "ARTICLE", + "url": "http://www.openwall.com/lists/oss-security/2024/07/31/1" } ], "severity": [ { - "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", "type": "CVSS_V3" } ] @@ -828,12 +1440,7 @@ "unresolved_ranges": [ { "metadata": { - "cpes": [ - "cpe:2.3:a:libdwarf_project:libdwarf:*:*:*:*:*:*:*:*", - "cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*", - "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", - "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*" - ], + "cpe": "cpe:2.3:a:libdwarf_project:libdwarf:*:*:*:*:*:*:*:*", "source": "CPE_FIELD" }, "versions": [ @@ -842,15 +1449,39 @@ }, { "fixed": "0.9.2" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ + { + "last_affected": "40" + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "7.0" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "8.0" - }, - { - "last_affected": "40" } ] } @@ -890,36 +1521,76 @@ "unresolved_ranges": [ { "metadata": { - "cpes": [ - "cpe:2.3:a:redhat:directory_server:11.5:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:directory_server:11.6:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:directory_server:12.0:*:*:*:*:*:*:*", - "cpe:2.3:a:redhat:directory_server:12.1:*:*:*:*:*:*:*", - "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", - "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", - "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*" - ], + "cpe": "cpe:2.3:a:redhat:directory_server:11.5:*:*:*:*:*:*:*", "source": "CPE_FIELD" }, "versions": [ { "last_affected": "11.5" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:redhat:directory_server:11.6:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "11.6" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:redhat:directory_server:12.0:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "12.0" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:redhat:directory_server:12.1:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "12.1" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "36" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "37" - }, + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ { "last_affected": "38" } @@ -953,9 +1624,52 @@ "unresolved_ranges": [ { "metadata": { - "cpes": [ - "cpe:2.3:a:tokio:tokio:*:*:*:*:*:rust:*:*" - ], + "cpe": "cpe:2.3:a:salesforce:mobile_software_development_kit:*:*:*:*:*:windows:*:*", + "source": "CPE_FIELD" + }, + "versions": [ + { + "fixed": "5.0.0" + } + ] + } + ] + }, + "details": "** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in forcedotcom SalesforceMobileSDK-Windows up to 4.x. It has been rated as critical. This issue affects the function ComputeCountSql of the file SalesforceSDK/SmartStore/Store/QuerySpec.cs. The manipulation leads to sql injection. Upgrading to version 5.0.0 is able to address this issue. The patch is named 83b3e91e0c1e84873a6d3ca3c5887eb5b4f5a3d8. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-217619. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.", + "id": "CVE-2016-15012", + "modified": "2024-11-21T02:45:29.557Z", + "published": "2023-01-07T13:15:09.530Z", + "references": [ + { + "type": "ADVISORY", + "url": "https://github.com/forcedotcom/SalesforceMobileSDK-Windows/releases/tag/v5.0.0" + }, + { + "type": "REPORT", + "url": "https://vuldb.com/?ctiid.217619" + }, + { + "type": "REPORT", + "url": "https://vuldb.com/?id.217619" + }, + { + "type": "FIX", + "url": "https://github.com/forcedotcom/SalesforceMobileSDK-Windows/commit/83b3e91e0c1e84873a6d3ca3c5887eb5b4f5a3d8" + } + ], + "severity": [ + { + "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "type": "CVSS_V3" + } + ] +} +{ + "database_specific": { + "unresolved_ranges": [ + { + "metadata": { + "cpe": "cpe:2.3:a:tokio:tokio:*:*:*:*:*:rust:*:*", "source": "CPE_FIELD" }, "versions": [ From eb2afdd501d4bf35ad5a9d256619af567b8371e9 Mon Sep 17 00:00:00 2001 From: Jess Lowe Date: Sun, 29 Mar 2026 23:22:20 +0000 Subject: [PATCH 23/26] Add testdata --- vulnfeeds/conversion/nvd/cpe_testdata.json | 24 + vulnfeeds/conversion/nvd/test.json | 2964 ++++++++++++++++++ vulnfeeds/test_data/cve5/CVE-2016-15012.json | 216 ++ vulnfeeds/test_data/cve5/CVE-2016-1897.json | 379 +++ vulnfeeds/test_data/cve5/CVE-2018-14618.json | 396 +++ vulnfeeds/test_data/cve5/CVE-2022-33068.json | 246 ++ vulnfeeds/test_data/cve5/CVE-2023-1055.json | 122 + vulnfeeds/test_data/cve5/CVE-2023-22466.json | 189 ++ vulnfeeds/test_data/cve5/CVE-2024-2002.json | 219 ++ vulnfeeds/test_data/cve5/CVE-2024-7264.json | 725 +++++ vulnfeeds/test_data/cve5/CVE-2025-4565.json | 206 ++ vulnfeeds/test_data/cve5/CVE-2026-20912.json | 160 + vulnfeeds/test_data/cve5/CVE-2026-23522.json | 155 + 13 files changed, 6001 insertions(+) create mode 100644 vulnfeeds/conversion/nvd/cpe_testdata.json create mode 100644 vulnfeeds/conversion/nvd/test.json create mode 100644 vulnfeeds/test_data/cve5/CVE-2016-15012.json create mode 100644 vulnfeeds/test_data/cve5/CVE-2016-1897.json create mode 100644 vulnfeeds/test_data/cve5/CVE-2018-14618.json create mode 100644 vulnfeeds/test_data/cve5/CVE-2022-33068.json create mode 100644 vulnfeeds/test_data/cve5/CVE-2023-1055.json create mode 100644 vulnfeeds/test_data/cve5/CVE-2023-22466.json create mode 100644 vulnfeeds/test_data/cve5/CVE-2024-2002.json create mode 100644 vulnfeeds/test_data/cve5/CVE-2024-7264.json create mode 100644 vulnfeeds/test_data/cve5/CVE-2025-4565.json create mode 100644 vulnfeeds/test_data/cve5/CVE-2026-20912.json create mode 100644 vulnfeeds/test_data/cve5/CVE-2026-23522.json diff --git a/vulnfeeds/conversion/nvd/cpe_testdata.json b/vulnfeeds/conversion/nvd/cpe_testdata.json new file mode 100644 index 00000000000..324a7af0f97 --- /dev/null +++ b/vulnfeeds/conversion/nvd/cpe_testdata.json @@ -0,0 +1,24 @@ +{ + "ffmpeg:ffmpeg": [ + "https://github.com/ffmpeg/ffmpeg" + ], + "google:protobuf-python": [ + "https://github.com/protocolbuffers/protobuf" + ], + "harfbuzz_project:harfbuzz": [ + "https://github.com/behdad/harfbuzz", + "https://github.com/harfbuzz/harfbuzz" + ], + "haxx:curl": [ + "https://github.com/curl/curl" + ], + "haxx:libcurl": [ + "https://github.com/curl/curl" + ], + "libdwarf_project:libdwarf": [ + "https://github.com/davea42/libdwarf-code" + ], + "tokio:tokio": [ + "https://github.com/tokio-rs/tokio" + ] +} \ No newline at end of file diff --git a/vulnfeeds/conversion/nvd/test.json b/vulnfeeds/conversion/nvd/test.json new file mode 100644 index 00000000000..f17e721a0dc --- /dev/null +++ b/vulnfeeds/conversion/nvd/test.json @@ -0,0 +1,2964 @@ +{ + "resultsPerPage": 1, + "startIndex": 0, + "totalResults": 1, + "format": "NVD_CVE", + "version": "2.0", + "timestamp": "2026-01-29T23:19:29.408", + "vulnerabilities": [ + { + "cve": { + "id": "CVE-2026-20912", + "sourceIdentifier": "88ee5874-cf24-4952-aea0-31affedb7ff2", + "published": "2026-01-22T22:16:19.297", + "lastModified": "2026-01-29T22:03:58.330", + "vulnStatus": "Analyzed", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Gitea does not properly validate repository ownership when linking attachments to releases. An attachment uploaded to a private repository could potentially be linked to a release in a different public repository, making it accessible to unauthorized users." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", + "baseScore": 9.1, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.2 + } + ] + }, + "weaknesses": [ + { + "source": "88ee5874-cf24-4952-aea0-31affedb7ff2", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-284" + }, + { + "lang": "en", + "value": "CWE-639" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:gitea:gitea:*:*:*:*:*:-:*:*", + "versionEndExcluding": "1.25.4", + "matchCriteriaId": "DFCB7D74-331D-4582-AB41-113A25BE8FAA" + } + ] + } + ] + } + ], + "references": [ + { + "url": "https://blog.gitea.com/release-of-1.25.4/", + "source": "88ee5874-cf24-4952-aea0-31affedb7ff2", + "tags": [ + "Release Notes" + ] + }, + { + "url": "https://github.com/go-gitea/gitea/pull/36320", + "source": "88ee5874-cf24-4952-aea0-31affedb7ff2", + "tags": [ + "Issue Tracking", + "Patch" + ] + }, + { + "url": "https://github.com/go-gitea/gitea/pull/36355", + "source": "88ee5874-cf24-4952-aea0-31affedb7ff2", + "tags": [ + "Issue Tracking", + "Patch" + ] + }, + { + "url": "https://github.com/go-gitea/gitea/releases/tag/v1.25.4", + "source": "88ee5874-cf24-4952-aea0-31affedb7ff2", + "tags": [ + "Release Notes" + ] + }, + { + "url": "https://github.com/go-gitea/gitea/security/advisories/GHSA-vfmv-f93v-37mw", + "source": "88ee5874-cf24-4952-aea0-31affedb7ff2", + "tags": [ + "Broken Link" + ] + } + ] + } + }, + { + "cve": { + "id": "CVE-2023-22466", + "sourceIdentifier": "security-advisories@github.com", + "published": "2023-01-04T22:15:09.267", + "lastModified": "2024-11-21T07:44:51.683", + "vulnStatus": "Modified", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Tokio is a runtime for writing applications with Rust. Starting with version 1.7.0 and prior to versions 1.18.4, 1.20.3, and 1.23.1, when configuring a Windows named pipe server, setting `pipe_mode` will reset `reject_remote_clients` to `false`. If the application has previously configured `reject_remote_clients` to `true`, this effectively undoes the configuration. Remote clients may only access the named pipe if the named pipe's associated path is accessible via a publicly shared folder (SMB). Versions 1.23.1, 1.20.3, and 1.18.4 have been patched. The fix will also be present in all releases starting from version 1.24.0. Named pipes were introduced to Tokio in version 1.7.0, so releases older than 1.7.0 are not affected. As a workaround, ensure that `pipe_mode` is set first after initializing a `ServerOptions`." + }, + { + "lang": "es", + "value": "Tokio es un runtime para escribir aplicaciones con Rust. A partir de la versi\u00f3n 1.7.0 y anteriores a las versiones 1.18.4, 1.20.3 y 1.23.1, al configurar un servidor de canalizaci\u00f3n con nombre de Windows, configurar `pipe_mode` restablecer\u00e1 `reject_remote_clients` a `false`. Si la aplicaci\u00f3n ha configurado previamente `reject_remote_clients` en `true`, esto efectivamente deshace la configuraci\u00f3n. Los clientes remotos solo pueden acceder a la canalizaci\u00f3n con nombre si se puede acceder a la ruta asociada a la canalizaci\u00f3n con nombre a trav\u00e9s de una carpeta compartida p\u00fablicamente (SMB). Se han parcheado las versiones 1.23.1, 1.20.3 y 1.18.4. La soluci\u00f3n tambi\u00e9n estar\u00e1 presente en todas las versiones a partir de la versi\u00f3n 1.24.0. Las canalizaciones con nombre se introdujeron en Tokio en la versi\u00f3n 1.7.0, por lo que las versiones anteriores a 1.7.0 no se ven afectadas. Como workaround, aseg\u00farese de que `pipe_mode` est\u00e9 configurado primero despu\u00e9s de inicializar `ServerOptions`." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 2.5 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-665" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tokio:tokio:*:*:*:*:*:rust:*:*", + "versionStartIncluding": "1.7.0", + "versionEndExcluding": "1.18.4", + "matchCriteriaId": "443488FE-C04F-4785-A677-914F87E2C6FD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tokio:tokio:*:*:*:*:*:rust:*:*", + "versionStartIncluding": "1.19.0", + "versionEndExcluding": "1.20.3", + "matchCriteriaId": "ECF2500F-3709-4738-BA16-38406FB5BB4F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tokio:tokio:*:*:*:*:*:rust:*:*", + "versionStartIncluding": "1.21.0", + "versionEndExcluding": "1.23.1", + "matchCriteriaId": "A4BA373F-B995-4308-9583-2E9B4546B16C" + } + ] + } + ] + } + ], + "references": [ + { + "url": "https://github.com/tokio-rs/tokio/pull/5336", + "source": "security-advisories@github.com", + "tags": [ + "Patch", + "Third Party Advisory" + ] + }, + { + "url": "https://github.com/tokio-rs/tokio/releases/tag/tokio-1.23.1", + "source": "security-advisories@github.com", + "tags": [ + "Release Notes", + "Third Party Advisory" + ] + }, + { + "url": "https://github.com/tokio-rs/tokio/security/advisories/GHSA-7rrj-xr53-82p7", + "source": "security-advisories@github.com", + "tags": [ + "Mitigation", + "Third Party Advisory" + ] + }, + { + "url": "https://learn.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-createnamedpipea#pipe_reject_remote_clients", + "source": "security-advisories@github.com", + "tags": [ + "Technical Description", + "Third Party Advisory" + ] + }, + { + "url": "https://github.com/tokio-rs/tokio/pull/5336", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch", + "Third Party Advisory" + ] + }, + { + "url": "https://github.com/tokio-rs/tokio/releases/tag/tokio-1.23.1", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Release Notes", + "Third Party Advisory" + ] + }, + { + "url": "https://github.com/tokio-rs/tokio/security/advisories/GHSA-7rrj-xr53-82p7", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Mitigation", + "Third Party Advisory" + ] + }, + { + "url": "https://learn.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-createnamedpipea#pipe_reject_remote_clients", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Technical Description", + "Third Party Advisory" + ] + } + ] + } + }, + { + "cve": { + "id": "CVE-2026-23522", + "sourceIdentifier": "security-advisories@github.com", + "published": "2026-01-19T17:15:50.590", + "lastModified": "2026-01-26T15:05:39.840", + "vulnStatus": "Awaiting Analysis", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "LobeChat is an open source chat application platform. Prior to version 2.0.0-next.193, `knowledgeBase.removeFilesFromKnowledgeBase` tRPC ep allows authenticated users to delete files from any knowledge base without verifying ownership. `userId` filter in the database query is commented out, so it's enabling attackers to delete other users' KB files if they know the knowledge base ID and file ID. While the vulnerability is confirmed, practical exploitation requires knowing target's KB ID and target's file ID. These IDs are random and not easily enumerable. However, IDs may leak through shared links, logs, referrer headers and so on. Missing authorization check is a critical security flaw regardless. Users should upgrade to version 2.0.0-next.193 to receive a patch." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "security-advisories@github.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", + "baseScore": 3.7, + "baseSeverity": "LOW", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.2, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "security-advisories@github.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-284" + }, + { + "lang": "en", + "value": "CWE-639" + }, + { + "lang": "en", + "value": "CWE-862" + }, + { + "lang": "en", + "value": "CWE-915" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/lobehub/lobe-chat/commit/2c1762b85acb84467ed5e799afe1499cd2f912e6", + "source": "security-advisories@github.com" + }, + { + "url": "https://github.com/lobehub/lobe-chat/security/advisories/GHSA-j7xp-4mg9-x28r", + "source": "security-advisories@github.com" + } + ] + } + }, + { + "cve": { + "id": "CVE-2025-4565", + "sourceIdentifier": "cve-coordination@google.com", + "published": "2025-06-16T15:15:24.990", + "lastModified": "2025-08-14T17:05:37.770", + "vulnStatus": "Analyzed", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "Any project that uses Protobuf Pure-Python backend to parse untrusted Protocol Buffers data containing an arbitrary number of recursive groups, recursive messages or a series of SGROUP tags can be corrupted by exceeding the Python recursion limit. This can result in a Denial of service by crashing the application with a RecursionError. We recommend upgrading to version =>6.31.1 or beyond commit 17838beda2943d08b8a9d4df5b68f5f04f26d901" + }, + { + "lang": "es", + "value": "Cualquier proyecto que utilice el backend Protobuf Pure-Python para analizar datos de Protocol Buffers no confiables que contengan un n\u00famero arbitrario de grupos recursivos, mensajes recursivos o una serie de etiquetas SGROUP puede corromperse al exceder el l\u00edmite de recursi\u00f3n de Python. Esto puede provocar una denegaci\u00f3n de servicio (DSP) que bloquea la aplicaci\u00f3n con un RecursionError. Recomendamos actualizar a la versi\u00f3n 6.31.1 o posterior (commit 17838beda2943d08b8a9d4df5b68f5f04f26d901)." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cve-coordination@google.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 8.2, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "PRESENT", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "NONE", + "vulnIntegrityImpact": "NONE", + "vulnAvailabilityImpact": "HIGH", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 1.4 + } + ] + }, + "weaknesses": [ + { + "source": "cve-coordination@google.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-674" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:google:protobuf-python:*:*:*:*:*:*:*:*", + "versionEndExcluding": "4.25.8", + "matchCriteriaId": "9CE770F3-A719-45B8-83F5-3AAC15F92BAB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:google:protobuf-python:*:*:*:*:*:*:*:*", + "versionStartIncluding": "5.26.0", + "versionEndExcluding": "5.29.5", + "matchCriteriaId": "4665132F-1171-4C9B-929C-A17B18C48346" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:google:protobuf-python:*:*:*:*:*:*:*:*", + "versionStartIncluding": "6.30.0", + "versionEndExcluding": "6.31.1", + "matchCriteriaId": "4DE9676C-D5FF-4775-95B6-254BBE420757" + } + ] + } + ] + } + ], + "references": [ + { + "url": "https://github.com/protocolbuffers/protobuf/commit/17838beda2943d08b8a9d4df5b68f5f04f26d901", + "source": "cve-coordination@google.com", + "tags": [ + "Patch" + ] + } + ] + } + }, + { + "cve": { + "id": "CVE-2018-14618", + "sourceIdentifier": "secalert@redhat.com", + "published": "2018-09-05T19:29:00.420", + "lastModified": "2024-11-21T03:49:26.003", + "vulnStatus": "Modified", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently used to iterate over the password and generate output into the allocated storage buffer. On systems with a 32 bit size_t, the math to calculate SUM triggers an integer overflow when the password length exceeds 2GB (2^31 bytes). This integer overflow usually causes a very small buffer to actually get allocated instead of the intended very huge one, making the use of that buffer end up in a heap buffer overflow. (This bug is almost identical to CVE-2017-8816.)" + }, + { + "lang": "es", + "value": "curl en versiones anteriores a la 7.61.1 es vulnerable a un desbordamiento de b\u00fafer en el c\u00f3digo de autenticaci\u00f3n NTLM. La funci\u00f3n interna Curl_ntlm_core_mk_nt_hash multiplica la longitud de la contrase\u00f1a por dos (SUM) para adivinar qu\u00e9 tama\u00f1o debe tener la zona de almacenamiento temporal que se va a asignar desde la memoria din\u00e1mica (heap). El valor de longitud se emplea a continuaci\u00f3n para iterar sobre la contrase\u00f1a y generar una salida en el b\u00fafer de almacenamiento asignado. En sistemas con un size_t de 32 bits, la matem\u00e1tica para calcular SUM desencadena un desbordamiento de enteros cuando la contrase\u00f1a excede los 2 GB (2^31 bytes). Este desbordamiento de enteros suele provocar que un b\u00fafer muy peque\u00f1o se asigne en lugar del planeado (uno muy grande), por lo que su uso termina con un desbordamiento de b\u00fafer basado en memoria din\u00e1mica (heap). (Este error es casi id\u00e9ntico a CVE-2017-8816)." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "secalert@redhat.com", + "type": "Secondary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.6, + "impactScore": 5.9 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ], + "cvssMetricV2": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", + "baseScore": 10, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "COMPLETE", + "integrityImpact": "COMPLETE", + "availabilityImpact": "COMPLETE" + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 10, + "impactScore": 10, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "secalert@redhat.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-122" + }, + { + "lang": "en", + "value": "CWE-131" + } + ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-190" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*", + "versionEndExcluding": "7.61.1", + "matchCriteriaId": "52ABFC88-7FDA-4850-BAAB-EAEBAA132B1A" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", + "matchCriteriaId": "8D305F7A-D159-4716-AB26-5E38BB5CD991" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", + "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", + "matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", + "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", + "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", + "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", + "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux:7.4:*:*:*:*:*:*:*", + "matchCriteriaId": "041F9200-4C01-4187-AE34-240E8277B54D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*", + "matchCriteriaId": "4EB48767-F095-444F-9E05-D9AC345AB803" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux:7.6:*:*:*:*:*:*:*", + "matchCriteriaId": "5F6FA12B-504C-4DBF-A32E-0548557AA2ED" + } + ] + } + ] + } + ], + "references": [ + { + "url": "http://www.securitytracker.com/id/1041605", + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] + }, + { + "url": "https://access.redhat.com/errata/RHSA-2018:3558", + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory" + ] + }, + { + "url": "https://access.redhat.com/errata/RHSA-2019:1880", + "source": "secalert@redhat.com" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14618", + "source": "secalert@redhat.com", + "tags": [ + "Issue Tracking" + ] + }, + { + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf", + "source": "secalert@redhat.com" + }, + { + "url": "https://curl.haxx.se/docs/CVE-2018-14618.html", + "source": "secalert@redhat.com", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0014", + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory" + ] + }, + { + "url": "https://security.gentoo.org/glsa/201903-03", + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory" + ] + }, + { + "url": "https://usn.ubuntu.com/3765-1/", + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory" + ] + }, + { + "url": "https://usn.ubuntu.com/3765-2/", + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory" + ] + }, + { + "url": "https://www.debian.org/security/2018/dsa-4286", + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory" + ] + }, + { + "url": "http://www.securitytracker.com/id/1041605", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory", + "VDB Entry" + ] + }, + { + "url": "https://access.redhat.com/errata/RHSA-2018:3558", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] + }, + { + "url": "https://access.redhat.com/errata/RHSA-2019:1880", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14618", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Issue Tracking" + ] + }, + { + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://curl.haxx.se/docs/CVE-2018-14618.html", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0014", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] + }, + { + "url": "https://security.gentoo.org/glsa/201903-03", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] + }, + { + "url": "https://usn.ubuntu.com/3765-1/", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] + }, + { + "url": "https://usn.ubuntu.com/3765-2/", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] + }, + { + "url": "https://www.debian.org/security/2018/dsa-4286", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] + } + ] + } + }, + { + "cve": { + "id": "CVE-2023-1055", + "sourceIdentifier": "secalert@redhat.com", + "published": "2023-02-27T22:15:09.990", + "lastModified": "2024-11-21T07:38:22.297", + "vulnStatus": "Modified", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A flaw was found in RHDS 11 and RHDS 12. While browsing entries LDAP tries to decode the userPassword attribute instead of the userCertificate attribute which could lead into sensitive information leaked. An attacker with a local account where the cockpit-389-ds is running can list the processes and display the hashed passwords. The highest threat from this vulnerability is to data confidentiality." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "secalert@redhat.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + } + ] + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-295" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:redhat:directory_server:11.5:*:*:*:*:*:*:*", + "matchCriteriaId": "5532B7A4-A873-4639-B8D4-B6A65CFCFB3A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:redhat:directory_server:11.6:*:*:*:*:*:*:*", + "matchCriteriaId": "151CA15F-B090-4767-A1B0-03CBE45A7B75" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:redhat:directory_server:12.0:*:*:*:*:*:*:*", + "matchCriteriaId": "A3DAF61A-58A9-41A6-A4DC-64148055B0C1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:redhat:directory_server:12.1:*:*:*:*:*:*:*", + "matchCriteriaId": "F8C6D6E7-66A9-4F10-B38D-5D6832CD4D77" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", + "matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", + "matchCriteriaId": "E30D0E6F-4AE8-4284-8716-991DFA48CC5D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", + "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9" + } + ] + } + ] + } + ], + "references": [ + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2173517#c0", + "source": "secalert@redhat.com", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZOYQ5TCV6ZEPMDV4CSLK3KINAAO4SRI/", + "source": "secalert@redhat.com" + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2173517#c0", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Issue Tracking", + "Vendor Advisory" + ] + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZOYQ5TCV6ZEPMDV4CSLK3KINAAO4SRI/", + "source": "af854a3a-2127-422b-91ae-364da2661108" + } + ] + } + }, + { + "cve": { + "id": "CVE-2024-7264", + "sourceIdentifier": "2499f714-1537-4658-8207-48ae4bb9eae9", + "published": "2024-07-31T08:15:02.657", + "lastModified": "2025-11-03T23:17:31.647", + "vulnStatus": "Modified", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used." + }, + { + "lang": "es", + "value": "El c\u00f3digo del analizador ASN1 de libcurl tiene la funci\u00f3n `GTime2str()`, que se utiliza para analizar un campo de tiempo generalizado ASN.1. Si se proporciona un campo sint\u00e1cticamente incorrecto, el analizador puede terminar usando -1 para la longitud de la *time fraction*, lo que lleva a que se ejecute una `strlen()` en un puntero a un \u00e1rea de b\u00fafer de almacenamiento din\u00e1mico que no est\u00e1 (intencionadamente) terminada en nulo. Este fallo probablemente lleve a un bloqueo, pero tambi\u00e9n puede llevar a que se devuelvan contenidos del mont\u00f3n a la aplicaci\u00f3n cuando se utiliza [CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html)." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.6 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 6.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-125" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*", + "versionStartIncluding": "7.32.0", + "versionEndExcluding": "8.9.1", + "matchCriteriaId": "A578587B-41C6-48AE-B389-54B89C7116A4" + } + ] + } + ] + } + ], + "references": [ + { + "url": "http://www.openwall.com/lists/oss-security/2024/07/31/1", + "source": "2499f714-1537-4658-8207-48ae4bb9eae9", + "tags": [ + "Mailing List" + ] + }, + { + "url": "https://curl.se/docs/CVE-2024-7264.html", + "source": "2499f714-1537-4658-8207-48ae4bb9eae9", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://curl.se/docs/CVE-2024-7264.json", + "source": "2499f714-1537-4658-8207-48ae4bb9eae9", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://hackerone.com/reports/2629968", + "source": "2499f714-1537-4658-8207-48ae4bb9eae9", + "tags": [ + "Exploit", + "Issue Tracking", + "Permissions Required", + "Third Party Advisory" + ] + }, + { + "url": "http://www.openwall.com/lists/oss-security/2024/07/31/1", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Mailing List" + ] + }, + { + "url": "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://security.netapp.com/advisory/ntap-20240828-0008/", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://security.netapp.com/advisory/ntap-20241025-0006/", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://security.netapp.com/advisory/ntap-20241025-0010/", + "source": "af854a3a-2127-422b-91ae-364da2661108" + } + ] + } + }, + { + "cve": { + "id": "CVE-2022-33068", + "sourceIdentifier": "cve@mitre.org", + "published": "2022-06-23T17:15:14.350", + "lastModified": "2024-11-21T07:07:30.140", + "vulnStatus": "Modified", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "An integer overflow in the component hb-ot-shape-fallback.cc of Harfbuzz v4.3.0 allows attackers to cause a Denial of Service (DoS) via unspecified vectors." + }, + { + "lang": "es", + "value": "Un desbordamiento de enteros en el componente hb-ot-shape-fallback.cc de Harfbuzz versi\u00f3n v4.3.0, permite a atacantes causar una Denegaci\u00f3n de Servicio (DoS) por medio de vectores no especificados" + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ], + "cvssMetricV2": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:M/Au:N/C:N/I:N/A:P", + "baseScore": 4.3, + "accessVector": "NETWORK", + "accessComplexity": "MEDIUM", + "authentication": "NONE", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "PARTIAL" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.6, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": true + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-190" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:harfbuzz_project:harfbuzz:4.3.0:*:*:*:*:*:*:*", + "matchCriteriaId": "4A67E5B9-F189-4A12-9BA2-D9135C21AD24" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", + "matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", + "matchCriteriaId": "5C675112-476C-4D7C-BCB9-A2FB2D0BC9FD" + } + ] + } + ] + } + ], + "references": [ + { + "url": "https://github.com/harfbuzz/harfbuzz/commit/62e803b36173fd096d7ad460dd1d1db9be542593", + "source": "cve@mitre.org", + "tags": [ + "Patch", + "Third Party Advisory" + ] + }, + { + "url": "https://github.com/harfbuzz/harfbuzz/issues/3557", + "source": "cve@mitre.org", + "tags": [ + "Exploit", + "Issue Tracking", + "Patch", + "Third Party Advisory" + ] + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FQBJ24W6TXLSAQWCFW7IBGUMX4AJI3S4/", + "source": "cve@mitre.org" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QQMEXOVDL3T2UXKBCON7JSOCE646G7HG/", + "source": "cve@mitre.org" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W56WTC5IY4EIUHVUIHMCXA3BSBZLSZCI/", + "source": "cve@mitre.org" + }, + { + "url": "https://security.gentoo.org/glsa/202209-11", + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] + }, + { + "url": "https://github.com/harfbuzz/harfbuzz/commit/62e803b36173fd096d7ad460dd1d1db9be542593", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch", + "Third Party Advisory" + ] + }, + { + "url": "https://github.com/harfbuzz/harfbuzz/issues/3557", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit", + "Issue Tracking", + "Patch", + "Third Party Advisory" + ] + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FQBJ24W6TXLSAQWCFW7IBGUMX4AJI3S4/", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QQMEXOVDL3T2UXKBCON7JSOCE646G7HG/", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W56WTC5IY4EIUHVUIHMCXA3BSBZLSZCI/", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://security.gentoo.org/glsa/202209-11", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] + } + ] + } + }, + { + "cve": { + "id": "CVE-2016-1897", + "sourceIdentifier": "cve@mitre.org", + "published": "2016-01-15T03:59:23.063", + "lastModified": "2025-04-12T10:46:40.837", + "vulnStatus": "Deferred", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the concat protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP request in which the URL string contains the first line of a local file." + }, + { + "lang": "es", + "value": "FFmpeg 2.x permite a atacantes remotos llevar a cabo ataques de origen cruzado y leer archivos arbitrarios usando el protocolo concat en un archivo HTTP Live Streaming (HLS) M3U8, dando lugar a una petici\u00f3n HTTP externa en la que la cadena URL contiene la primera l\u00ednea de un archivo local." + } + ], + "metrics": { + "cvssMetricV30": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.0", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "LOCAL", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 1.8, + "impactScore": 3.6 + } + ], + "cvssMetricV2": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", + "baseScore": 4.3, + "accessVector": "NETWORK", + "accessComplexity": "MEDIUM", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.6, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": true + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-200" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.0:*:*:*:*:*:*:*", + "matchCriteriaId": "A1337F5B-E9D9-4335-9E05-50018E59E530" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.0.1:*:*:*:*:*:*:*", + "matchCriteriaId": "0B27C609-E4B4-41CD-B228-38267AA3A8AB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.0.2:*:*:*:*:*:*:*", + "matchCriteriaId": "C97DBEE2-AF4E-4C2D-A185-F2A1B965D9DA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.0.3:*:*:*:*:*:*:*", + "matchCriteriaId": "FDEDAA24-D9E0-4384-B193-0C8814E4FDD6" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.0.4:*:*:*:*:*:*:*", + "matchCriteriaId": "40B0C71E-341A-434A-90AE-326097AC85E4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.0.5:*:*:*:*:*:*:*", + "matchCriteriaId": "E83D73FF-E6F6-4399-B721-6C6275C52B55" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.0.6:*:*:*:*:*:*:*", + "matchCriteriaId": "B07481C8-7CEB-4B81-B8E0-FF45DAA28870" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.0.7:*:*:*:*:*:*:*", + "matchCriteriaId": "F9E69881-F5C7-4BB3-8BEB-C3C85CCD4B93" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.1:*:*:*:*:*:*:*", + "matchCriteriaId": "B70C00A9-3562-45AB-B494-3BA91B6AFC3E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.1.1:*:*:*:*:*:*:*", + "matchCriteriaId": "A30389D2-2873-4F15-B249-066B6D37AC23" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.1.2:*:*:*:*:*:*:*", + "matchCriteriaId": "0487928D-6630-4E23-BBA5-BED0A0F156B1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.1.3:*:*:*:*:*:*:*", + "matchCriteriaId": "C3088131-C48D-463B-8709-78A90EDE1FA4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.1.4:*:*:*:*:*:*:*", + "matchCriteriaId": "DADF01E6-CB58-4593-B444-A59232EE83CB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.1.5:*:*:*:*:*:*:*", + "matchCriteriaId": "06442F70-22B4-49E5-B25B-92E03973B57E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.1.6:*:*:*:*:*:*:*", + "matchCriteriaId": "6E8FDCEA-336D-4BC9-AE93-9A0CCE443AC8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.1.7:*:*:*:*:*:*:*", + "matchCriteriaId": "B5505E58-DF70-4408-A347-FBB74D119566" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.1.8:*:*:*:*:*:*:*", + "matchCriteriaId": "5D406D9D-A51A-4EE6-88BF-279422A4DBA4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.2:*:*:*:*:*:*:*", + "matchCriteriaId": "9B08A7BE-7C98-4659-808F-86A8EB4676D2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.1:*:*:*:*:*:*:*", + "matchCriteriaId": "4BF38DD1-2604-41AD-975A-56CC24767799" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.2:*:*:*:*:*:*:*", + "matchCriteriaId": "C76392F6-6992-4B67-97BA-607A091DDA6B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.3:*:*:*:*:*:*:*", + "matchCriteriaId": "BB396E84-FE69-4E19-9937-B82A63D347AF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.4:*:*:*:*:*:*:*", + "matchCriteriaId": "CE9CF7C7-3730-43EC-B63E-B004D979E57A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.5:*:*:*:*:*:*:*", + "matchCriteriaId": "889B2130-CB88-487B-92FB-959DB44B8E34" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.6:*:*:*:*:*:*:*", + "matchCriteriaId": "F9BE4879-972C-45EA-8253-46E5BE98FFA9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.7:*:*:*:*:*:*:*", + "matchCriteriaId": "653411BA-9F0B-4BFC-8A42-6576E956F96D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.8:*:*:*:*:*:*:*", + "matchCriteriaId": "268DAF2F-4484-4212-AEB0-F9A10596F874" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.9:*:*:*:*:*:*:*", + "matchCriteriaId": "BCD7A424-DA4D-4508-B4EB-14A1BA65E596" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.10:*:*:*:*:*:*:*", + "matchCriteriaId": "C190A7C8-2DAE-4F72-A620-9D184CBF10B1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.11:*:*:*:*:*:*:*", + "matchCriteriaId": "6E8764DC-1C01-4C3E-A7AC-C8AF69F944E1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.12:*:*:*:*:*:*:*", + "matchCriteriaId": "C7A45FBF-A89E-4F1C-B397-AB2A53DB805C" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.13:*:*:*:*:*:*:*", + "matchCriteriaId": "78B3B781-7DEC-475C-A429-11D1B2F69CD2" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.14:*:*:*:*:*:*:*", + "matchCriteriaId": "1FDCCDDC-6CDA-4D3B-BB4C-C370C69EB1C9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.15:*:*:*:*:*:*:*", + "matchCriteriaId": "63209CD1-2710-462C-9AEC-A9DE2B41A7B1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.2.16:*:*:*:*:*:*:*", + "matchCriteriaId": "336CB8D4-EBE0-4E34-9F71-DD0FEA8A99C3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.3:*:*:*:*:*:*:*", + "matchCriteriaId": "207DF654-326E-43A9-A5EC-BC239BF30422" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.3.1:*:*:*:*:*:*:*", + "matchCriteriaId": "8794F8C5-A639-4C89-8C51-87787B29833F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.3.2:*:*:*:*:*:*:*", + "matchCriteriaId": "5B50AB2A-FA23-4BB0-AA21-724E770ADEFB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.3.3:*:*:*:*:*:*:*", + "matchCriteriaId": "94BC4C82-371C-4B80-A615-AE0F15F1D6CA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.3.4:*:*:*:*:*:*:*", + "matchCriteriaId": "D0E114D7-1323-4965-9680-8638ACDFF20B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.3.5:*:*:*:*:*:*:*", + "matchCriteriaId": "A7BBF39F-668E-4771-99A0-F008B18B03F5" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.3.6:*:*:*:*:*:*:*", + "matchCriteriaId": "8CC929DD-566D-4906-8960-7BCFA7EE0384" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.4:*:*:*:*:*:*:*", + "matchCriteriaId": "C3E41754-D2AB-4DE1-9ED9-A88F5E28ABFF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.4.1:*:*:*:*:*:*:*", + "matchCriteriaId": "14D1738D-D85A-4650-9DAB-C626E7F52812" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.4.2:*:*:*:*:*:*:*", + "matchCriteriaId": "A91B8DD5-FB80-47E7-8AF3-57D72CD4D034" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.4.3:*:*:*:*:*:*:*", + "matchCriteriaId": "A1ADB969-FA62-4238-83DF-D5703603A9FE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.4.4:*:*:*:*:*:*:*", + "matchCriteriaId": "2D51D915-0FAF-449F-825B-1F2B1F9BAF00" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.4.5:*:*:*:*:*:*:*", + "matchCriteriaId": "19772D67-FAE5-4178-815D-4F511AE0411E" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.4.6:*:*:*:*:*:*:*", + "matchCriteriaId": "2A6097F4-A8D1-4070-A4B2-8479421C15DB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.4.7:*:*:*:*:*:*:*", + "matchCriteriaId": "8BBBBB2E-F454-44F7-8131-BFF852BC6DE0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.4.8:*:*:*:*:*:*:*", + "matchCriteriaId": "BE75C995-BCB6-4F46-AE8C-B86FBF2702E3" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.4.9:*:*:*:*:*:*:*", + "matchCriteriaId": "291E07BD-70C0-403B-ACB3-B49D2DED59C8" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.4.10:*:*:*:*:*:*:*", + "matchCriteriaId": "3FA5BAC2-C23B-4D4E-8CA1-57780761AC35" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.4.11:*:*:*:*:*:*:*", + "matchCriteriaId": "B0AE997C-54E3-4619-A269-E96E79164C0A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.4.12:*:*:*:*:*:*:*", + "matchCriteriaId": "7D13C0AC-8AB4-49E1-8A5C-98DCA6F01D08" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.5:*:*:*:*:*:*:*", + "matchCriteriaId": "F19A0139-AF47-434F-AFE9-ECC003675537" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.5.1:*:*:*:*:*:*:*", + "matchCriteriaId": "DF38E5B7-AB89-418E-B507-3D660FE753C4" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.5.2:*:*:*:*:*:*:*", + "matchCriteriaId": "C5249D4A-D8D9-4B89-96B6-E957A2210750" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.5.3:*:*:*:*:*:*:*", + "matchCriteriaId": "29619AAD-6792-4B38-8DFB-706BEACA46F1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.5.4:*:*:*:*:*:*:*", + "matchCriteriaId": "88FEC8E4-6B53-459E-B257-BEE424463592" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.5.5:*:*:*:*:*:*:*", + "matchCriteriaId": "8A0A20D5-EAFD-4B79-818A-B834E9A11C2B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.5.6:*:*:*:*:*:*:*", + "matchCriteriaId": "045AD46C-4D1E-42C9-9CFB-7924B58AE55F" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.5.7:*:*:*:*:*:*:*", + "matchCriteriaId": "1A56E5B7-2C52-49F0-8EB1-8A090ACBF1FA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.5.8:*:*:*:*:*:*:*", + "matchCriteriaId": "3B412DEE-9257-4588-83F2-F8DAC3F7E1DE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.5.9:*:*:*:*:*:*:*", + "matchCriteriaId": "35121E51-84B8-4725-B027-AE381CA1C9F1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.6:*:*:*:*:*:*:*", + "matchCriteriaId": "DDCDF3E1-280C-4539-80F8-3B131461FDF1" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.6.1:*:*:*:*:*:*:*", + "matchCriteriaId": "CBE52F27-7AEC-40AB-9349-4C3E0E4743BF" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.6.2:*:*:*:*:*:*:*", + "matchCriteriaId": "01917E14-8DB6-43FE-A7B9-02C87308F09B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.6.3:*:*:*:*:*:*:*", + "matchCriteriaId": "6D3C37FF-6B21-409F-AC19-6C2F2F429109" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.6.4:*:*:*:*:*:*:*", + "matchCriteriaId": "3EE84614-E84C-496D-933C-5BEFD385451B" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.6.5:*:*:*:*:*:*:*", + "matchCriteriaId": "59F6842E-041C-4076-8A2F-170DB783CC6A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.6.6:*:*:*:*:*:*:*", + "matchCriteriaId": "E3B53136-92CB-45D4-8CA8-589D332AEBDE" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.7:*:*:*:*:*:*:*", + "matchCriteriaId": "4876E244-8F7F-4EF2-B7D9-5146BCF02F59" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.7.1:*:*:*:*:*:*:*", + "matchCriteriaId": "8D3F7BF7-D609-44B1-9536-4A07DC149824" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.7.2:*:*:*:*:*:*:*", + "matchCriteriaId": "CBD5E478-1654-4A75-904D-8453DDC680A0" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.7.3:*:*:*:*:*:*:*", + "matchCriteriaId": "AF3C0E7A-533F-4AD7-BD0C-B91C0139790A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.7.4:*:*:*:*:*:*:*", + "matchCriteriaId": "150B1880-BFC3-42C4-B6A3-B96C67CD671D" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.8:*:*:*:*:*:*:*", + "matchCriteriaId": "DAA8F265-CE4D-46FE-9871-FDD4D6738DAB" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.8:dev:*:*:*:*:*:*", + "matchCriteriaId": "756A3888-E151-4FEA-8D14-F45F3192BCBA" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.8.1:*:*:*:*:*:*:*", + "matchCriteriaId": "AA3F5FAA-AD9E-4FC1-B91C-E9A561E95173" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.8.2:*:*:*:*:*:*:*", + "matchCriteriaId": "18A269C0-FE0F-4178-8195-955D373D9055" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.8.3:*:*:*:*:*:*:*", + "matchCriteriaId": "CCA6A474-DA24-4510-8AAA-5DF2E85B4D88" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:a:ffmpeg:ffmpeg:2.8.4:*:*:*:*:*:*:*", + "matchCriteriaId": "0D124F06-CF7E-4549-82EC-D0EC0B73D146" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", + "matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*", + "matchCriteriaId": "4863BE36-D16A-4D75-90D9-FD76DB5B48B7" + } + ] + } + ] + } + ], + "references": [ + { + "url": "http://habrahabr.ru/company/mailru/blog/274855", + "source": "cve@mitre.org", + "tags": [ + "Exploit" + ] + }, + { + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00034.html", + "source": "cve@mitre.org" + }, + { + "url": "http://security.stackexchange.com/questions/110644", + "source": "cve@mitre.org", + "tags": [ + "Exploit" + ] + }, + { + "url": "http://www.debian.org/security/2016/dsa-3506", + "source": "cve@mitre.org" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2016/01/14/1", + "source": "cve@mitre.org" + }, + { + "url": "http://www.securityfocus.com/bid/80501", + "source": "cve@mitre.org" + }, + { + "url": "http://www.securitytracker.com/id/1034932", + "source": "cve@mitre.org" + }, + { + "url": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.529036", + "source": "cve@mitre.org" + }, + { + "url": "http://www.ubuntu.com/usn/USN-2944-1", + "source": "cve@mitre.org" + }, + { + "url": "https://security.gentoo.org/glsa/201606-09", + "source": "cve@mitre.org" + }, + { + "url": "https://security.gentoo.org/glsa/201705-08", + "source": "cve@mitre.org" + }, + { + "url": "https://www.kb.cert.org/vuls/id/772447", + "source": "cve@mitre.org" + }, + { + "url": "http://habrahabr.ru/company/mailru/blog/274855", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit" + ] + }, + { + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00034.html", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "http://security.stackexchange.com/questions/110644", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Exploit" + ] + }, + { + "url": "http://www.debian.org/security/2016/dsa-3506", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2016/01/14/1", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "http://www.securityfocus.com/bid/80501", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "http://www.securitytracker.com/id/1034932", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.529036", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "http://www.ubuntu.com/usn/USN-2944-1", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://security.gentoo.org/glsa/201606-09", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://security.gentoo.org/glsa/201705-08", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://www.kb.cert.org/vuls/id/772447", + "source": "af854a3a-2127-422b-91ae-364da2661108" + } + ] + } + }, + { + "cve": { + "id": "CVE-2016-15012", + "sourceIdentifier": "cna@vuldb.com", + "published": "2023-01-07T13:15:09.530", + "lastModified": "2024-11-21T02:45:29.557", + "vulnStatus": "Modified", + "cveTags": [ + { + "sourceIdentifier": "cna@vuldb.com", + "tags": [ + "unsupported-when-assigned" + ] + } + ], + "descriptions": [ + { + "lang": "en", + "value": "** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in forcedotcom SalesforceMobileSDK-Windows up to 4.x. It has been rated as critical. This issue affects the function ComputeCountSql of the file SalesforceSDK/SmartStore/Store/QuerySpec.cs. The manipulation leads to sql injection. Upgrading to version 5.0.0 is able to address this issue. The patch is named 83b3e91e0c1e84873a6d3ca3c5887eb5b4f5a3d8. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-217619. NOTE: This vulnerability only affects products that are no longer supported by the maintainer." + }, + { + "lang": "es", + "value": "** NO SOPORTADO CUANDO SE ASIGN\u00d3 ** Se encontr\u00f3 una vulnerabilidad en forceotcom SalesforceMobileSDK-Windows hasta 4.x. Ha sido declarada como cr\u00edtica. Este problema afecta la funci\u00f3n ComputeCountSql del archivo SalesforceSDK/SmartStore/Store/QuerySpec.cs. La manipulaci\u00f3n conduce a la inyecci\u00f3n de SQL. La actualizaci\u00f3n a la versi\u00f3n 5.0.0 puede solucionar este problema. El parche se llama 83b3e91e0c1e84873a6d3ca3c5887eb5b4f5a3d8. Se recomienda actualizar el componente afectado. El identificador asociado de esta vulnerabilidad es VDB-217619. NOTA: Esta vulnerabilidad solo afecta a productos que ya no son compatibles con el fabricante." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "attackVector": "ADJACENT_NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 2.1, + "impactScore": 3.4 + }, + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 5.9 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P", + "baseScore": 5.2, + "accessVector": "ADJACENT_NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 5.1, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:salesforce:mobile_software_development_kit:*:*:*:*:*:windows:*:*", + "versionEndExcluding": "5.0.0", + "matchCriteriaId": "8E100174-3CB8-4DC3-8592-458066A3927C" + } + ] + } + ] + } + ], + "references": [ + { + "url": "https://github.com/forcedotcom/SalesforceMobileSDK-Windows/commit/83b3e91e0c1e84873a6d3ca3c5887eb5b4f5a3d8", + "source": "cna@vuldb.com", + "tags": [ + "Patch", + "Third Party Advisory" + ] + }, + { + "url": "https://github.com/forcedotcom/SalesforceMobileSDK-Windows/releases/tag/v5.0.0", + "source": "cna@vuldb.com", + "tags": [ + "Release Notes", + "Third Party Advisory" + ] + }, + { + "url": "https://vuldb.com/?ctiid.217619", + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] + }, + { + "url": "https://vuldb.com/?id.217619", + "source": "cna@vuldb.com", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] + }, + { + "url": "https://github.com/forcedotcom/SalesforceMobileSDK-Windows/commit/83b3e91e0c1e84873a6d3ca3c5887eb5b4f5a3d8", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Patch", + "Third Party Advisory" + ] + }, + { + "url": "https://github.com/forcedotcom/SalesforceMobileSDK-Windows/releases/tag/v5.0.0", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Release Notes", + "Third Party Advisory" + ] + }, + { + "url": "https://vuldb.com/?ctiid.217619", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] + }, + { + "url": "https://vuldb.com/?id.217619", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Permissions Required", + "Third Party Advisory" + ] + } + ] + } + }, + { + "cve": { + "id": "CVE-2024-2002", + "sourceIdentifier": "secalert@redhat.com", + "published": "2024-03-18T13:15:07.657", + "lastModified": "2025-04-09T15:36:37.840", + "vulnStatus": "Analyzed", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A double-free vulnerability was found in libdwarf. In a multiply-corrupted DWARF object, libdwarf may try to dealloc(free) an allocation twice, potentially causing unpredictable and various results." + }, + { + "lang": "es", + "value": "Se encontr\u00f3 una vulnerabilidad de doble liberaci\u00f3n en libdwarf. En un objeto DWARF multicorrupto, libdwarf puede intentar desasignar (liberar) una asignaci\u00f3n dos veces, lo que podr\u00eda provocar resultados diversos e impredecibles." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "secalert@redhat.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "availabilityImpact": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "secalert@redhat.com", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-415" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:libdwarf_project:libdwarf:*:*:*:*:*:*:*:*", + "versionStartIncluding": "0.1.0", + "versionEndExcluding": "0.9.2", + "matchCriteriaId": "6E3517E3-6D61-4C81-A11A-D7A4C48CE19E" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", + "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", + "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*", + "matchCriteriaId": "CA277A6C-83EC-4536-9125-97B84C4FAF59" + } + ] + } + ] + } + ], + "references": [ + { + "url": "https://access.redhat.com/security/cve/CVE-2024-2002", + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory" + ] + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267700", + "source": "secalert@redhat.com", + "tags": [ + "Issue Tracking" + ] + }, + { + "url": "https://github.com/davea42/libdwarf-code/blob/main/bugxml/data.txt", + "source": "secalert@redhat.com", + "tags": [ + "Third Party Advisory" + ] + }, + { + "url": "https://access.redhat.com/security/cve/CVE-2024-2002", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267700", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Issue Tracking" + ] + }, + { + "url": "https://github.com/davea42/libdwarf-code/blob/main/bugxml/data.txt", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGPVLSPIXR32J6FOAFTTIMYTUUXJICGW/", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Mailing List" + ] + } + ] + } + }, + { + "cve": { + "id": "CVE-2024-31497", + "sourceIdentifier": "cve@mitre.org", + "published": "2024-04-15T20:15:11.077", + "lastModified": "2025-11-04T22:16:00.673", + "vulnStatus": "Modified", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user's NIST P-521 secret key via a quick attack in approximately 60 signatures. This is especially important in a scenario where an adversary is able to read messages signed by PuTTY or Pageant. The required set of signed messages may be publicly readable because they are stored in a public Git service that supports use of SSH for commit signing, and the signatures were made by Pageant through an agent-forwarding mechanism. In other words, an adversary may already have enough signature information to compromise a victim's private key, even if there is no further use of vulnerable PuTTY versions. After a key compromise, an adversary may be able to conduct supply-chain attacks on software maintained in Git. A second, independent scenario is that the adversary is an operator of an SSH server to which the victim authenticates (for remote login or file copy), even though this server is not fully trusted by the victim, and the victim uses the same private key for SSH connections to other services operated by other entities. Here, the rogue server operator (who would otherwise have no way to determine the victim's private key) can derive the victim's private key, and then use it for unauthorized access to those other services. If the other services include Git services, then again it may be possible to conduct supply-chain attacks on software maintained in Git. This also affects, for example, FileZilla before 3.67.0, WinSCP before 6.3.3, TortoiseGit before 2.15.0.1, and TortoiseSVN through 1.14.6." + }, + { + "lang": "es", + "value": "En PuTTY 0.68 a 0.80 antes de 0.81, la generaci\u00f3n nonce ECDSA sesgada permite a un atacante recuperar la clave secreta NIST P-521 de un usuario mediante un ataque r\u00e1pido en aproximadamente 60 firmas. Esto es especialmente importante en un escenario en el que un adversario puede leer mensajes firmados por PuTTY o Pageant. El conjunto requerido de mensajes firmados puede ser legible p\u00fablicamente porque est\u00e1n almacenados en un servicio p\u00fablico Git que admite el uso de SSH para la firma de confirmaci\u00f3n, y Pageant realiz\u00f3 las firmas a trav\u00e9s de un mecanismo de reenv\u00edo de agentes. En otras palabras, es posible que un adversario ya tenga suficiente informaci\u00f3n de firma para comprometer la clave privada de una v\u00edctima, incluso si no se utilizan m\u00e1s versiones vulnerables de PuTTY. Despu\u00e9s de un compromiso clave, un adversario puede realizar ataques a la cadena de suministro del software mantenido en Git. Un segundo escenario independiente es que el adversario sea un operador de un servidor SSH en el que la v\u00edctima se autentica (para inicio de sesi\u00f3n remoto o copia de archivos), aunque la v\u00edctima no conf\u00ede plenamente en este servidor y la v\u00edctima utilice la misma clave privada. para conexiones SSH a otros servicios operados por otras entidades. Aqu\u00ed, el operador del servidor fraudulento (que de otro modo no tendr\u00eda forma de determinar la clave privada de la v\u00edctima) puede obtener la clave privada de la v\u00edctima y luego usarla para acceder no autorizado a esos otros servicios. Si los otros servicios incluyen servicios Git, nuevamente es posible realizar ataques a la cadena de suministro del software mantenido en Git. Esto tambi\u00e9n afecta, por ejemplo, a FileZilla anterior a 3.67.0, WinSCP anterior a 6.3.3, TortoiseGit anterior a 2.15.0.1 y TortoiseSVN hasta 1.14.6." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 5.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.2, + "impactScore": 3.6 + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", + "baseScore": 5.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.2, + "impactScore": 3.6 + } + ] + }, + "weaknesses": [ + { + "source": "nvd@nist.gov", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-338" + } + ] + }, + { + "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "type": "Secondary", + "description": [ + { + "lang": "en", + "value": "CWE-338" + } + ] + } + ], + "configurations": [ + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*", + "versionStartIncluding": "0.68", + "versionEndExcluding": "0.81", + "matchCriteriaId": "E0D6294C-4365-4187-8053-35F3AAC5229F" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:filezilla-project:filezilla_client:*:*:*:*:*:*:*:*", + "versionEndExcluding": "3.67.0", + "matchCriteriaId": "A0E9886A-527F-444B-AFB3-33CF777182CC" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:winscp:winscp:*:*:*:*:*:*:*:*", + "versionEndExcluding": "6.3.3", + "matchCriteriaId": "5DA80FE9-039E-4BF4-AC16-6E65FFAB22A2" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tortoisegit:tortoisegit:*:*:*:*:*:*:*:*", + "versionEndExcluding": "2.15.0.1", + "matchCriteriaId": "A1C171EB-2081-44AC-9017-B3BA3A88B10A" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:a:tigris:tortoisesvn:*:*:*:*:*:*:*:*", + "versionEndExcluding": "1.14.6", + "matchCriteriaId": "26F28A31-E86D-43C1-8043-2B8ECD723AF7" + } + ] + } + ] + }, + { + "nodes": [ + { + "operator": "OR", + "negate": false, + "cpeMatch": [ + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", + "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*", + "matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646" + }, + { + "vulnerable": true, + "criteria": "cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*", + "matchCriteriaId": "CA277A6C-83EC-4536-9125-97B84C4FAF59" + } + ] + } + ] + } + ], + "references": [ + { + "url": "http://www.openwall.com/lists/oss-security/2024/04/15/6", + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275183", + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking" + ] + }, + { + "url": "https://bugzilla.suse.com/show_bug.cgi?id=1222864", + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking" + ] + }, + { + "url": "https://docs.ccv.brown.edu/oscar/connecting-to-oscar/ssh/ssh-agent-forwarding/key-generation-and-agent-forwarding-with-putty", + "source": "cve@mitre.org", + "tags": [ + "Product" + ] + }, + { + "url": "https://filezilla-project.org/versions.php", + "source": "cve@mitre.org", + "tags": [ + "Release Notes" + ] + }, + { + "url": "https://git.tartarus.org/?h=c193fe9848f50a88a4089aac647fecc31ae96d27&p=simon/putty.git", + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Patch" + ] + }, + { + "url": "https://github.com/advisories/GHSA-6p4c-r453-8743", + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] + }, + { + "url": "https://github.com/daedalus/BreakingECDSAwithLLL", + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00014.html", + "source": "cve@mitre.org" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZS3B37GNGWOOV7QU7B7JFK76U4TOP4V/", + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MMHILY2K7HQGQRHOC375KRRG2M6625RD/", + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PUOTQVGC4DISVHQGSPUYGXO6TLDK65LA/", + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WFDZBV7ZCAZ6AH3VCQ34SSY7L3J7VZXZ/", + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WMJH7M663BVO3SY6MFAW2FAZWLLXAPRQ/", + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] + }, + { + "url": "https://news.ycombinator.com/item?id=40044665", + "source": "cve@mitre.org", + "tags": [ + "Issue Tracking" + ] + }, + { + "url": "https://security-tracker.debian.org/tracker/CVE-2024-31497", + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] + }, + { + "url": "https://securityonline.info/cve-2024-31497-critical-putty-vulnerability-exposes-private-keys-immediate-action-required/", + "source": "cve@mitre.org", + "tags": [ + "Press/Media Coverage" + ] + }, + { + "url": "https://tartarus.org/~simon/putty-snapshots/htmldoc/Chapter9.html#pageant-forward", + "source": "cve@mitre.org", + "tags": [ + "Product" + ] + }, + { + "url": "https://tortoisegit.org", + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] + }, + { + "url": "https://twitter.com/CCBalert/status/1780229237569470549", + "source": "cve@mitre.org", + "tags": [ + "Press/Media Coverage" + ] + }, + { + "url": "https://twitter.com/lambdafu/status/1779969509522133272", + "source": "cve@mitre.org", + "tags": [ + "Press/Media Coverage" + ] + }, + { + "url": "https://winscp.net/eng/news.php", + "source": "cve@mitre.org", + "tags": [ + "Third Party Advisory" + ] + }, + { + "url": "https://www.bleepingcomputer.com/news/security/putty-ssh-client-flaw-allows-recovery-of-cryptographic-private-keys/", + "source": "cve@mitre.org", + "tags": [ + "Press/Media Coverage" + ] + }, + { + "url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", + "source": "cve@mitre.org", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] + }, + { + "url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html", + "source": "cve@mitre.org", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://www.openwall.com/lists/oss-security/2024/04/15/6", + "source": "cve@mitre.org", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] + }, + { + "url": "https://www.reddit.com/r/sysadmin/comments/1c4wmoj/putty_vulnerability_affecting_v068_to_v08/", + "source": "cve@mitre.org", + "tags": [ + "Press/Media Coverage" + ] + }, + { + "url": "http://www.openwall.com/lists/oss-security/2024/04/15/6", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275183", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Issue Tracking" + ] + }, + { + "url": "https://bugzilla.suse.com/show_bug.cgi?id=1222864", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Issue Tracking" + ] + }, + { + "url": "https://docs.ccv.brown.edu/oscar/connecting-to-oscar/ssh/ssh-agent-forwarding/key-generation-and-agent-forwarding-with-putty", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Product" + ] + }, + { + "url": "https://filezilla-project.org/versions.php", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Release Notes" + ] + }, + { + "url": "https://git.tartarus.org/?h=c193fe9848f50a88a4089aac647fecc31ae96d27&p=simon/putty.git", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Mailing List", + "Patch" + ] + }, + { + "url": "https://github.com/advisories/GHSA-6p4c-r453-8743", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] + }, + { + "url": "https://github.com/daedalus/BreakingECDSAwithLLL", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] + }, + { + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00014.html", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZS3B37GNGWOOV7QU7B7JFK76U4TOP4V/", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MMHILY2K7HQGQRHOC375KRRG2M6625RD/", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PUOTQVGC4DISVHQGSPUYGXO6TLDK65LA/", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WFDZBV7ZCAZ6AH3VCQ34SSY7L3J7VZXZ/", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WMJH7M663BVO3SY6MFAW2FAZWLLXAPRQ/", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZS3B37GNGWOOV7QU7B7JFK76U4TOP4V/", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MMHILY2K7HQGQRHOC375KRRG2M6625RD/", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PUOTQVGC4DISVHQGSPUYGXO6TLDK65LA/", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WMJH7M663BVO3SY6MFAW2FAZWLLXAPRQ/", + "source": "af854a3a-2127-422b-91ae-364da2661108" + }, + { + "url": "https://news.ycombinator.com/item?id=40044665", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Issue Tracking" + ] + }, + { + "url": "https://security-tracker.debian.org/tracker/CVE-2024-31497", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] + }, + { + "url": "https://securityonline.info/cve-2024-31497-critical-putty-vulnerability-exposes-private-keys-immediate-action-required/", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Press/Media Coverage" + ] + }, + { + "url": "https://tartarus.org/~simon/putty-snapshots/htmldoc/Chapter9.html#pageant-forward", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Product" + ] + }, + { + "url": "https://tortoisegit.org", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] + }, + { + "url": "https://twitter.com/CCBalert/status/1780229237569470549", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Press/Media Coverage" + ] + }, + { + "url": "https://twitter.com/lambdafu/status/1779969509522133272", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Press/Media Coverage" + ] + }, + { + "url": "https://winscp.net/eng/news.php", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Third Party Advisory" + ] + }, + { + "url": "https://www.bleepingcomputer.com/news/security/putty-ssh-client-flaw-allows-recovery-of-cryptographic-private-keys/", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Press/Media Coverage" + ] + }, + { + "url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Release Notes", + "Vendor Advisory" + ] + }, + { + "url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Vendor Advisory" + ] + }, + { + "url": "https://www.openwall.com/lists/oss-security/2024/04/15/6", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Mailing List", + "Third Party Advisory" + ] + }, + { + "url": "https://www.reddit.com/r/sysadmin/comments/1c4wmoj/putty_vulnerability_affecting_v068_to_v08/", + "source": "af854a3a-2127-422b-91ae-364da2661108", + "tags": [ + "Press/Media Coverage" + ] + }, + { + "url": "https://www.vicarius.io/vsociety/posts/understanding-a-critical-vulnerability-in-putty-biased-ecdsa-nonce-generation-revealing-nist-p-521-private-keys-cve-2024-31497", + "source": "af854a3a-2127-422b-91ae-364da2661108" + } + ] + } + } + ] +} \ No newline at end of file diff --git a/vulnfeeds/test_data/cve5/CVE-2016-15012.json b/vulnfeeds/test_data/cve5/CVE-2016-15012.json new file mode 100644 index 00000000000..33468df25aa --- /dev/null +++ b/vulnfeeds/test_data/cve5/CVE-2016-15012.json @@ -0,0 +1,216 @@ +{ + "dataType": "CVE_RECORD", + "dataVersion": "5.1", + "cveMetadata": { + "cveId": "CVE-2016-15012", + "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", + "state": "PUBLISHED", + "assignerShortName": "VulDB", + "dateReserved": "2023-01-07T12:58:28.056Z", + "datePublished": "2023-01-07T12:59:27.772Z", + "dateUpdated": "2025-04-08T20:30:50.208Z" + }, + "containers": { + "cna": { + "providerMetadata": { + "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", + "shortName": "VulDB", + "dateUpdated": "2023-10-20T09:57:28.877Z" + }, + "title": "forcedotcom SalesforceMobileSDK-Windows QuerySpec.cs ComputeCountSql sql injection", + "problemTypes": [ + { + "descriptions": [ + { + "type": "CWE", + "cweId": "CWE-89", + "lang": "en", + "description": "CWE-89 SQL Injection" + } + ] + } + ], + "affected": [ + { + "vendor": "forcedotcom", + "product": "SalesforceMobileSDK-Windows", + "versions": [ + { + "version": "4.x", + "status": "affected" + } + ] + } + ], + "descriptions": [ + { + "lang": "en", + "value": "** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in forcedotcom SalesforceMobileSDK-Windows up to 4.x. It has been rated as critical. This issue affects the function ComputeCountSql of the file SalesforceSDK/SmartStore/Store/QuerySpec.cs. The manipulation leads to sql injection. Upgrading to version 5.0.0 is able to address this issue. The patch is named 83b3e91e0c1e84873a6d3ca3c5887eb5b4f5a3d8. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-217619. NOTE: This vulnerability only affects products that are no longer supported by the maintainer." + }, + { + "lang": "de", + "value": "Eine Schwachstelle wurde in forcedotcom SalesforceMobileSDK-Windows bis 4.x ausgemacht. Sie wurde als kritisch eingestuft. Hierbei geht es um die Funktion ComputeCountSql der Datei SalesforceSDK/SmartStore/Store/QuerySpec.cs. Mittels Manipulieren mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Ein Aktualisieren auf die Version 5.0.0 vermag dieses Problem zu lösen. Der Patch wird als 83b3e91e0c1e84873a6d3ca3c5887eb5b4f5a3d8 bezeichnet. Als bestmögliche Massnahme wird das Einspielen eines Upgrades empfohlen." + } + ], + "metrics": [ + { + "cvssV3_1": { + "version": "3.1", + "baseScore": 5.5, + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + } + }, + { + "cvssV3_0": { + "version": "3.0", + "baseScore": 5.5, + "vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + } + }, + { + "cvssV2_0": { + "version": "2.0", + "baseScore": 5.2, + "vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P" + } + } + ], + "timeline": [ + { + "time": "2023-01-07T00:00:00.000Z", + "lang": "en", + "value": "Advisory disclosed" + }, + { + "time": "2023-01-07T00:00:00.000Z", + "lang": "en", + "value": "CVE reserved" + }, + { + "time": "2023-01-07T01:00:00.000Z", + "lang": "en", + "value": "VulDB entry created" + }, + { + "time": "2023-01-29T23:05:36.000Z", + "lang": "en", + "value": "VulDB entry last update" + } + ], + "credits": [ + { + "lang": "en", + "value": "VulDB GitHub Commit Analyzer", + "type": "tool" + } + ], + "references": [ + { + "url": "https://vuldb.com/?id.217619", + "tags": [ + "vdb-entry", + "technical-description" + ] + }, + { + "url": "https://vuldb.com/?ctiid.217619", + "tags": [ + "signature", + "permissions-required" + ] + }, + { + "url": "https://github.com/forcedotcom/SalesforceMobileSDK-Windows/commit/83b3e91e0c1e84873a6d3ca3c5887eb5b4f5a3d8", + "tags": [ + "patch" + ] + }, + { + "url": "https://github.com/forcedotcom/SalesforceMobileSDK-Windows/releases/tag/v5.0.0", + "tags": [ + "patch" + ] + } + ], + "tags": [ + "unsupported-when-assigned" + ] + }, + "adp": [ + { + "providerMetadata": { + "orgId": "af854a3a-2127-422b-91ae-364da2661108", + "shortName": "CVE", + "dateUpdated": "2024-08-06T03:47:34.640Z" + }, + "title": "CVE Program Container", + "references": [ + { + "url": "https://vuldb.com/?id.217619", + "tags": [ + "vdb-entry", + "technical-description", + "x_transferred" + ] + }, + { + "url": "https://vuldb.com/?ctiid.217619", + "tags": [ + "signature", + "permissions-required", + "x_transferred" + ] + }, + { + "url": "https://github.com/forcedotcom/SalesforceMobileSDK-Windows/commit/83b3e91e0c1e84873a6d3ca3c5887eb5b4f5a3d8", + "tags": [ + "patch", + "x_transferred" + ] + }, + { + "url": "https://github.com/forcedotcom/SalesforceMobileSDK-Windows/releases/tag/v5.0.0", + "tags": [ + "patch", + "x_transferred" + ] + } + ] + }, + { + "metrics": [ + { + "other": { + "type": "ssvc", + "content": { + "timestamp": "2025-04-08T20:30:04.355647Z", + "id": "CVE-2016-15012", + "options": [ + { + "Exploitation": "none" + }, + { + "Automatable": "yes" + }, + { + "Technical Impact": "total" + } + ], + "role": "CISA Coordinator", + "version": "2.0.3" + } + } + } + ], + "title": "CISA ADP Vulnrichment", + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2025-04-08T20:30:50.208Z" + } + } + ] + } +} \ No newline at end of file diff --git a/vulnfeeds/test_data/cve5/CVE-2016-1897.json b/vulnfeeds/test_data/cve5/CVE-2016-1897.json new file mode 100644 index 00000000000..ce1ef670cc9 --- /dev/null +++ b/vulnfeeds/test_data/cve5/CVE-2016-1897.json @@ -0,0 +1,379 @@ +{ + "containers": { + "cna": { + "affected": [ + { + "product": "n/a", + "vendor": "n/a", + "versions": [ + { + "status": "affected", + "version": "n/a" + } + ] + } + ], + "datePublic": "2016-01-14T00:00:00.000Z", + "descriptions": [ + { + "lang": "en", + "value": "FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the concat protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP request in which the URL string contains the first line of a local file." + } + ], + "problemTypes": [ + { + "descriptions": [ + { + "description": "n/a", + "lang": "en", + "type": "text" + } + ] + } + ], + "providerMetadata": { + "dateUpdated": "2017-06-30T16:57:01.000Z", + "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", + "shortName": "mitre" + }, + "references": [ + { + "tags": [ + "x_refsource_MISC" + ], + "url": "http://security.stackexchange.com/questions/110644" + }, + { + "name": "openSUSE-SU-2016:0243", + "tags": [ + "vendor-advisory", + "x_refsource_SUSE" + ], + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00034.html" + }, + { + "name": "1034932", + "tags": [ + "vdb-entry", + "x_refsource_SECTRACK" + ], + "url": "http://www.securitytracker.com/id/1034932" + }, + { + "name": "GLSA-201705-08", + "tags": [ + "vendor-advisory", + "x_refsource_GENTOO" + ], + "url": "https://security.gentoo.org/glsa/201705-08" + }, + { + "name": "80501", + "tags": [ + "vdb-entry", + "x_refsource_BID" + ], + "url": "http://www.securityfocus.com/bid/80501" + }, + { + "name": "USN-2944-1", + "tags": [ + "vendor-advisory", + "x_refsource_UBUNTU" + ], + "url": "http://www.ubuntu.com/usn/USN-2944-1" + }, + { + "name": "[oss-security] 20160114 Re: Fwd: FFmpeg: stealing local files with HLS+concat", + "tags": [ + "mailing-list", + "x_refsource_MLIST" + ], + "url": "http://www.openwall.com/lists/oss-security/2016/01/14/1" + }, + { + "name": "SSA:2016-034-02", + "tags": [ + "vendor-advisory", + "x_refsource_SLACKWARE" + ], + "url": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.529036" + }, + { + "name": "DSA-3506", + "tags": [ + "vendor-advisory", + "x_refsource_DEBIAN" + ], + "url": "http://www.debian.org/security/2016/dsa-3506" + }, + { + "tags": [ + "x_refsource_MISC" + ], + "url": "http://habrahabr.ru/company/mailru/blog/274855" + }, + { + "name": "GLSA-201606-09", + "tags": [ + "vendor-advisory", + "x_refsource_GENTOO" + ], + "url": "https://security.gentoo.org/glsa/201606-09" + }, + { + "name": "VU#772447", + "tags": [ + "third-party-advisory", + "x_refsource_CERT-VN" + ], + "url": "https://www.kb.cert.org/vuls/id/772447" + } + ], + "x_legacyV4Record": { + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2016-1897", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the concat protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP request in which the URL string contains the first line of a local file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "http://security.stackexchange.com/questions/110644", + "refsource": "MISC", + "url": "http://security.stackexchange.com/questions/110644" + }, + { + "name": "openSUSE-SU-2016:0243", + "refsource": "SUSE", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00034.html" + }, + { + "name": "1034932", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1034932" + }, + { + "name": "GLSA-201705-08", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201705-08" + }, + { + "name": "80501", + "refsource": "BID", + "url": "http://www.securityfocus.com/bid/80501" + }, + { + "name": "USN-2944-1", + "refsource": "UBUNTU", + "url": "http://www.ubuntu.com/usn/USN-2944-1" + }, + { + "name": "[oss-security] 20160114 Re: Fwd: FFmpeg: stealing local files with HLS+concat", + "refsource": "MLIST", + "url": "http://www.openwall.com/lists/oss-security/2016/01/14/1" + }, + { + "name": "SSA:2016-034-02", + "refsource": "SLACKWARE", + "url": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.529036" + }, + { + "name": "DSA-3506", + "refsource": "DEBIAN", + "url": "http://www.debian.org/security/2016/dsa-3506" + }, + { + "name": "http://habrahabr.ru/company/mailru/blog/274855", + "refsource": "MISC", + "url": "http://habrahabr.ru/company/mailru/blog/274855" + }, + { + "name": "GLSA-201606-09", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201606-09" + }, + { + "name": "VU#772447", + "refsource": "CERT-VN", + "url": "https://www.kb.cert.org/vuls/id/772447" + } + ] + } + } + }, + "adp": [ + { + "providerMetadata": { + "orgId": "af854a3a-2127-422b-91ae-364da2661108", + "shortName": "CVE", + "dateUpdated": "2024-08-05T23:10:39.912Z" + }, + "title": "CVE Program Container", + "references": [ + { + "tags": [ + "x_refsource_MISC", + "x_transferred" + ], + "url": "http://security.stackexchange.com/questions/110644" + }, + { + "name": "openSUSE-SU-2016:0243", + "tags": [ + "vendor-advisory", + "x_refsource_SUSE", + "x_transferred" + ], + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00034.html" + }, + { + "name": "1034932", + "tags": [ + "vdb-entry", + "x_refsource_SECTRACK", + "x_transferred" + ], + "url": "http://www.securitytracker.com/id/1034932" + }, + { + "name": "GLSA-201705-08", + "tags": [ + "vendor-advisory", + "x_refsource_GENTOO", + "x_transferred" + ], + "url": "https://security.gentoo.org/glsa/201705-08" + }, + { + "name": "80501", + "tags": [ + "vdb-entry", + "x_refsource_BID", + "x_transferred" + ], + "url": "http://www.securityfocus.com/bid/80501" + }, + { + "name": "USN-2944-1", + "tags": [ + "vendor-advisory", + "x_refsource_UBUNTU", + "x_transferred" + ], + "url": "http://www.ubuntu.com/usn/USN-2944-1" + }, + { + "name": "[oss-security] 20160114 Re: Fwd: FFmpeg: stealing local files with HLS+concat", + "tags": [ + "mailing-list", + "x_refsource_MLIST", + "x_transferred" + ], + "url": "http://www.openwall.com/lists/oss-security/2016/01/14/1" + }, + { + "name": "SSA:2016-034-02", + "tags": [ + "vendor-advisory", + "x_refsource_SLACKWARE", + "x_transferred" + ], + "url": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.529036" + }, + { + "name": "DSA-3506", + "tags": [ + "vendor-advisory", + "x_refsource_DEBIAN", + "x_transferred" + ], + "url": "http://www.debian.org/security/2016/dsa-3506" + }, + { + "tags": [ + "x_refsource_MISC", + "x_transferred" + ], + "url": "http://habrahabr.ru/company/mailru/blog/274855" + }, + { + "name": "GLSA-201606-09", + "tags": [ + "vendor-advisory", + "x_refsource_GENTOO", + "x_transferred" + ], + "url": "https://security.gentoo.org/glsa/201606-09" + }, + { + "name": "VU#772447", + "tags": [ + "third-party-advisory", + "x_refsource_CERT-VN", + "x_transferred" + ], + "url": "https://www.kb.cert.org/vuls/id/772447" + } + ] + } + ] + }, + "cveMetadata": { + "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", + "assignerShortName": "mitre", + "cveId": "CVE-2016-1897", + "datePublished": "2016-01-15T02:00:00.000Z", + "dateReserved": "2016-01-14T00:00:00.000Z", + "dateUpdated": "2024-08-05T23:10:39.912Z", + "state": "PUBLISHED" + }, + "dataType": "CVE_RECORD", + "dataVersion": "5.1" +} \ No newline at end of file diff --git a/vulnfeeds/test_data/cve5/CVE-2018-14618.json b/vulnfeeds/test_data/cve5/CVE-2018-14618.json new file mode 100644 index 00000000000..7200576ddc4 --- /dev/null +++ b/vulnfeeds/test_data/cve5/CVE-2018-14618.json @@ -0,0 +1,396 @@ +{ + "containers": { + "cna": { + "affected": [ + { + "product": "curl", + "vendor": "[UNKNOWN]", + "versions": [ + { + "status": "affected", + "version": "7.61.1" + } + ] + } + ], + "datePublic": "2018-09-05T00:00:00.000Z", + "descriptions": [ + { + "lang": "en", + "value": "curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently used to iterate over the password and generate output into the allocated storage buffer. On systems with a 32 bit size_t, the math to calculate SUM triggers an integer overflow when the password length exceeds 2GB (2^31 bytes). This integer overflow usually causes a very small buffer to actually get allocated instead of the intended very huge one, making the use of that buffer end up in a heap buffer overflow. (This bug is almost identical to CVE-2017-8816.)" + } + ], + "metrics": [ + { + "cvssV3_0": { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } + } + ], + "problemTypes": [ + { + "descriptions": [ + { + "cweId": "CWE-131", + "description": "CWE-131", + "lang": "en", + "type": "CWE" + } + ] + }, + { + "descriptions": [ + { + "cweId": "CWE-122", + "description": "CWE-122", + "lang": "en", + "type": "CWE" + } + ] + } + ], + "providerMetadata": { + "dateUpdated": "2019-07-29T18:06:14.000Z", + "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", + "shortName": "redhat" + }, + "references": [ + { + "tags": [ + "x_refsource_CONFIRM" + ], + "url": "https://curl.haxx.se/docs/CVE-2018-14618.html" + }, + { + "name": "GLSA-201903-03", + "tags": [ + "vendor-advisory", + "x_refsource_GENTOO" + ], + "url": "https://security.gentoo.org/glsa/201903-03" + }, + { + "name": "USN-3765-1", + "tags": [ + "vendor-advisory", + "x_refsource_UBUNTU" + ], + "url": "https://usn.ubuntu.com/3765-1/" + }, + { + "name": "RHSA-2018:3558", + "tags": [ + "vendor-advisory", + "x_refsource_REDHAT" + ], + "url": "https://access.redhat.com/errata/RHSA-2018:3558" + }, + { + "tags": [ + "x_refsource_CONFIRM" + ], + "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0014" + }, + { + "name": "DSA-4286", + "tags": [ + "vendor-advisory", + "x_refsource_DEBIAN" + ], + "url": "https://www.debian.org/security/2018/dsa-4286" + }, + { + "name": "1041605", + "tags": [ + "vdb-entry", + "x_refsource_SECTRACK" + ], + "url": "http://www.securitytracker.com/id/1041605" + }, + { + "name": "USN-3765-2", + "tags": [ + "vendor-advisory", + "x_refsource_UBUNTU" + ], + "url": "https://usn.ubuntu.com/3765-2/" + }, + { + "tags": [ + "x_refsource_CONFIRM" + ], + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14618" + }, + { + "tags": [ + "x_refsource_CONFIRM" + ], + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf" + }, + { + "name": "RHSA-2019:1880", + "tags": [ + "vendor-advisory", + "x_refsource_REDHAT" + ], + "url": "https://access.redhat.com/errata/RHSA-2019:1880" + } + ], + "x_legacyV4Record": { + "CVE_data_meta": { + "ASSIGNER": "secalert@redhat.com", + "ID": "CVE-2018-14618", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "curl", + "version": { + "version_data": [ + { + "version_value": "7.61.1" + } + ] + } + } + ] + }, + "vendor_name": "[UNKNOWN]" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently used to iterate over the password and generate output into the allocated storage buffer. On systems with a 32 bit size_t, the math to calculate SUM triggers an integer overflow when the password length exceeds 2GB (2^31 bytes). This integer overflow usually causes a very small buffer to actually get allocated instead of the intended very huge one, making the use of that buffer end up in a heap buffer overflow. (This bug is almost identical to CVE-2017-8816.)" + } + ] + }, + "impact": { + "cvss": [ + [ + { + "vectorString": "7.5/CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", + "version": "3.0" + } + ] + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-131" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "CWE-122" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://curl.haxx.se/docs/CVE-2018-14618.html", + "refsource": "CONFIRM", + "url": "https://curl.haxx.se/docs/CVE-2018-14618.html" + }, + { + "name": "GLSA-201903-03", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/201903-03" + }, + { + "name": "USN-3765-1", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3765-1/" + }, + { + "name": "RHSA-2018:3558", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2018:3558" + }, + { + "name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0014", + "refsource": "CONFIRM", + "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0014" + }, + { + "name": "DSA-4286", + "refsource": "DEBIAN", + "url": "https://www.debian.org/security/2018/dsa-4286" + }, + { + "name": "1041605", + "refsource": "SECTRACK", + "url": "http://www.securitytracker.com/id/1041605" + }, + { + "name": "USN-3765-2", + "refsource": "UBUNTU", + "url": "https://usn.ubuntu.com/3765-2/" + }, + { + "name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14618", + "refsource": "CONFIRM", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14618" + }, + { + "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf", + "refsource": "CONFIRM", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf" + }, + { + "name": "RHSA-2019:1880", + "refsource": "REDHAT", + "url": "https://access.redhat.com/errata/RHSA-2019:1880" + } + ] + } + } + }, + "adp": [ + { + "providerMetadata": { + "orgId": "af854a3a-2127-422b-91ae-364da2661108", + "shortName": "CVE", + "dateUpdated": "2024-08-05T09:29:51.906Z" + }, + "title": "CVE Program Container", + "references": [ + { + "tags": [ + "x_refsource_CONFIRM", + "x_transferred" + ], + "url": "https://curl.haxx.se/docs/CVE-2018-14618.html" + }, + { + "name": "GLSA-201903-03", + "tags": [ + "vendor-advisory", + "x_refsource_GENTOO", + "x_transferred" + ], + "url": "https://security.gentoo.org/glsa/201903-03" + }, + { + "name": "USN-3765-1", + "tags": [ + "vendor-advisory", + "x_refsource_UBUNTU", + "x_transferred" + ], + "url": "https://usn.ubuntu.com/3765-1/" + }, + { + "name": "RHSA-2018:3558", + "tags": [ + "vendor-advisory", + "x_refsource_REDHAT", + "x_transferred" + ], + "url": "https://access.redhat.com/errata/RHSA-2018:3558" + }, + { + "tags": [ + "x_refsource_CONFIRM", + "x_transferred" + ], + "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0014" + }, + { + "name": "DSA-4286", + "tags": [ + "vendor-advisory", + "x_refsource_DEBIAN", + "x_transferred" + ], + "url": "https://www.debian.org/security/2018/dsa-4286" + }, + { + "name": "1041605", + "tags": [ + "vdb-entry", + "x_refsource_SECTRACK", + "x_transferred" + ], + "url": "http://www.securitytracker.com/id/1041605" + }, + { + "name": "USN-3765-2", + "tags": [ + "vendor-advisory", + "x_refsource_UBUNTU", + "x_transferred" + ], + "url": "https://usn.ubuntu.com/3765-2/" + }, + { + "tags": [ + "x_refsource_CONFIRM", + "x_transferred" + ], + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14618" + }, + { + "tags": [ + "x_refsource_CONFIRM", + "x_transferred" + ], + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf" + }, + { + "name": "RHSA-2019:1880", + "tags": [ + "vendor-advisory", + "x_refsource_REDHAT", + "x_transferred" + ], + "url": "https://access.redhat.com/errata/RHSA-2019:1880" + } + ] + } + ] + }, + "cveMetadata": { + "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", + "assignerShortName": "redhat", + "cveId": "CVE-2018-14618", + "datePublished": "2018-09-05T19:00:00.000Z", + "dateReserved": "2018-07-27T00:00:00.000Z", + "dateUpdated": "2024-08-05T09:29:51.906Z", + "state": "PUBLISHED" + }, + "dataType": "CVE_RECORD", + "dataVersion": "5.1" +} \ No newline at end of file diff --git a/vulnfeeds/test_data/cve5/CVE-2022-33068.json b/vulnfeeds/test_data/cve5/CVE-2022-33068.json new file mode 100644 index 00000000000..f6ac848a552 --- /dev/null +++ b/vulnfeeds/test_data/cve5/CVE-2022-33068.json @@ -0,0 +1,246 @@ +{ + "containers": { + "cna": { + "affected": [ + { + "product": "n/a", + "vendor": "n/a", + "versions": [ + { + "status": "affected", + "version": "n/a" + } + ] + } + ], + "descriptions": [ + { + "lang": "en", + "value": "An integer overflow in the component hb-ot-shape-fallback.cc of Harfbuzz v4.3.0 allows attackers to cause a Denial of Service (DoS) via unspecified vectors." + } + ], + "problemTypes": [ + { + "descriptions": [ + { + "description": "n/a", + "lang": "en", + "type": "text" + } + ] + } + ], + "providerMetadata": { + "dateUpdated": "2022-09-25T15:06:57.000Z", + "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", + "shortName": "mitre" + }, + "references": [ + { + "tags": [ + "x_refsource_MISC" + ], + "url": "https://github.com/harfbuzz/harfbuzz/issues/3557" + }, + { + "tags": [ + "x_refsource_MISC" + ], + "url": "https://github.com/harfbuzz/harfbuzz/commit/62e803b36173fd096d7ad460dd1d1db9be542593" + }, + { + "name": "FEDORA-2022-a32f9488a0", + "tags": [ + "vendor-advisory", + "x_refsource_FEDORA" + ], + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FQBJ24W6TXLSAQWCFW7IBGUMX4AJI3S4/" + }, + { + "name": "FEDORA-2022-ac58de6e98", + "tags": [ + "vendor-advisory", + "x_refsource_FEDORA" + ], + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QQMEXOVDL3T2UXKBCON7JSOCE646G7HG/" + }, + { + "name": "FEDORA-2022-ced8f872b1", + "tags": [ + "vendor-advisory", + "x_refsource_FEDORA" + ], + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W56WTC5IY4EIUHVUIHMCXA3BSBZLSZCI/" + }, + { + "name": "GLSA-202209-11", + "tags": [ + "vendor-advisory", + "x_refsource_GENTOO" + ], + "url": "https://security.gentoo.org/glsa/202209-11" + } + ], + "x_legacyV4Record": { + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2022-33068", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An integer overflow in the component hb-ot-shape-fallback.cc of Harfbuzz v4.3.0 allows attackers to cause a Denial of Service (DoS) via unspecified vectors." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/harfbuzz/harfbuzz/issues/3557", + "refsource": "MISC", + "url": "https://github.com/harfbuzz/harfbuzz/issues/3557" + }, + { + "name": "https://github.com/harfbuzz/harfbuzz/commit/62e803b36173fd096d7ad460dd1d1db9be542593", + "refsource": "MISC", + "url": "https://github.com/harfbuzz/harfbuzz/commit/62e803b36173fd096d7ad460dd1d1db9be542593" + }, + { + "name": "FEDORA-2022-a32f9488a0", + "refsource": "FEDORA", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/FQBJ24W6TXLSAQWCFW7IBGUMX4AJI3S4/" + }, + { + "name": "FEDORA-2022-ac58de6e98", + "refsource": "FEDORA", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QQMEXOVDL3T2UXKBCON7JSOCE646G7HG/" + }, + { + "name": "FEDORA-2022-ced8f872b1", + "refsource": "FEDORA", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/W56WTC5IY4EIUHVUIHMCXA3BSBZLSZCI/" + }, + { + "name": "GLSA-202209-11", + "refsource": "GENTOO", + "url": "https://security.gentoo.org/glsa/202209-11" + } + ] + } + } + }, + "adp": [ + { + "providerMetadata": { + "orgId": "af854a3a-2127-422b-91ae-364da2661108", + "shortName": "CVE", + "dateUpdated": "2024-08-03T08:01:19.054Z" + }, + "title": "CVE Program Container", + "references": [ + { + "tags": [ + "x_refsource_MISC", + "x_transferred" + ], + "url": "https://github.com/harfbuzz/harfbuzz/issues/3557" + }, + { + "tags": [ + "x_refsource_MISC", + "x_transferred" + ], + "url": "https://github.com/harfbuzz/harfbuzz/commit/62e803b36173fd096d7ad460dd1d1db9be542593" + }, + { + "name": "FEDORA-2022-a32f9488a0", + "tags": [ + "vendor-advisory", + "x_refsource_FEDORA", + "x_transferred" + ], + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FQBJ24W6TXLSAQWCFW7IBGUMX4AJI3S4/" + }, + { + "name": "FEDORA-2022-ac58de6e98", + "tags": [ + "vendor-advisory", + "x_refsource_FEDORA", + "x_transferred" + ], + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QQMEXOVDL3T2UXKBCON7JSOCE646G7HG/" + }, + { + "name": "FEDORA-2022-ced8f872b1", + "tags": [ + "vendor-advisory", + "x_refsource_FEDORA", + "x_transferred" + ], + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W56WTC5IY4EIUHVUIHMCXA3BSBZLSZCI/" + }, + { + "name": "GLSA-202209-11", + "tags": [ + "vendor-advisory", + "x_refsource_GENTOO", + "x_transferred" + ], + "url": "https://security.gentoo.org/glsa/202209-11" + } + ] + } + ] + }, + "cveMetadata": { + "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", + "assignerShortName": "mitre", + "cveId": "CVE-2022-33068", + "datePublished": "2022-06-22T13:24:42.000Z", + "dateReserved": "2022-06-13T00:00:00.000Z", + "dateUpdated": "2024-08-03T08:01:19.054Z", + "state": "PUBLISHED" + }, + "dataType": "CVE_RECORD", + "dataVersion": "5.1" +} \ No newline at end of file diff --git a/vulnfeeds/test_data/cve5/CVE-2023-1055.json b/vulnfeeds/test_data/cve5/CVE-2023-1055.json new file mode 100644 index 00000000000..926d9889e9f --- /dev/null +++ b/vulnfeeds/test_data/cve5/CVE-2023-1055.json @@ -0,0 +1,122 @@ +{ + "dataType": "CVE_RECORD", + "dataVersion": "5.1", + "cveMetadata": { + "state": "PUBLISHED", + "cveId": "CVE-2023-1055", + "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", + "assignerShortName": "redhat", + "dateUpdated": "2025-03-11T14:02:59.854Z", + "dateReserved": "2023-02-27T00:00:00.000Z", + "datePublished": "2023-02-27T00:00:00.000Z" + }, + "containers": { + "cna": { + "providerMetadata": { + "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", + "shortName": "redhat", + "dateUpdated": "2023-07-26T00:00:00.000Z" + }, + "descriptions": [ + { + "lang": "en", + "value": "A flaw was found in RHDS 11 and RHDS 12. While browsing entries LDAP tries to decode the userPassword attribute instead of the userCertificate attribute which could lead into sensitive information leaked. An attacker with a local account where the cockpit-389-ds is running can list the processes and display the hashed passwords. The highest threat from this vulnerability is to data confidentiality." + } + ], + "affected": [ + { + "vendor": "n/a", + "product": "Red Hat Directory Server", + "versions": [ + { + "version": "11 and 12", + "status": "affected" + } + ] + } + ], + "references": [ + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2173517#c0" + }, + { + "name": "FEDORA-2023-c92be0dfa0", + "tags": [ + "vendor-advisory" + ], + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZOYQ5TCV6ZEPMDV4CSLK3KINAAO4SRI/" + } + ], + "problemTypes": [ + { + "descriptions": [ + { + "type": "CWE", + "lang": "en", + "description": "CWE-200", + "cweId": "CWE-200" + } + ] + } + ] + }, + "adp": [ + { + "providerMetadata": { + "orgId": "af854a3a-2127-422b-91ae-364da2661108", + "shortName": "CVE", + "dateUpdated": "2024-08-02T05:32:46.360Z" + }, + "title": "CVE Program Container", + "references": [ + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2173517#c0", + "tags": [ + "x_transferred" + ] + }, + { + "name": "FEDORA-2023-c92be0dfa0", + "tags": [ + "vendor-advisory", + "x_transferred" + ], + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZOYQ5TCV6ZEPMDV4CSLK3KINAAO4SRI/" + } + ] + }, + { + "metrics": [ + { + "other": { + "type": "ssvc", + "content": { + "timestamp": "2025-03-11T14:02:37.150328Z", + "id": "CVE-2023-1055", + "options": [ + { + "Exploitation": "none" + }, + { + "Automatable": "no" + }, + { + "Technical Impact": "partial" + } + ], + "role": "CISA Coordinator", + "version": "2.0.3" + } + } + } + ], + "title": "CISA ADP Vulnrichment", + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2025-03-11T14:02:59.854Z" + } + } + ] + } +} \ No newline at end of file diff --git a/vulnfeeds/test_data/cve5/CVE-2023-22466.json b/vulnfeeds/test_data/cve5/CVE-2023-22466.json new file mode 100644 index 00000000000..a6623a458f6 --- /dev/null +++ b/vulnfeeds/test_data/cve5/CVE-2023-22466.json @@ -0,0 +1,189 @@ +{ + "dataType": "CVE_RECORD", + "dataVersion": "5.1", + "cveMetadata": { + "cveId": "CVE-2023-22466", + "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", + "state": "PUBLISHED", + "assignerShortName": "GitHub_M", + "dateReserved": "2022-12-29T03:00:40.879Z", + "datePublished": "2023-01-04T21:47:09.400Z", + "dateUpdated": "2025-03-10T21:32:32.950Z" + }, + "containers": { + "cna": { + "title": "Tokio's reject_remote_clients configuration may get dropped when creating a Windows named pipe", + "problemTypes": [ + { + "descriptions": [ + { + "cweId": "CWE-665", + "lang": "en", + "description": "CWE-665: Improper Initialization", + "type": "CWE" + } + ] + } + ], + "metrics": [ + { + "cvssV3_1": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L", + "version": "3.1" + } + } + ], + "references": [ + { + "name": "https://github.com/tokio-rs/tokio/security/advisories/GHSA-7rrj-xr53-82p7", + "tags": [ + "x_refsource_CONFIRM" + ], + "url": "https://github.com/tokio-rs/tokio/security/advisories/GHSA-7rrj-xr53-82p7" + }, + { + "name": "https://github.com/tokio-rs/tokio/pull/5336", + "tags": [ + "x_refsource_MISC" + ], + "url": "https://github.com/tokio-rs/tokio/pull/5336" + }, + { + "name": "https://github.com/tokio-rs/tokio/releases/tag/tokio-1.23.1", + "tags": [ + "x_refsource_MISC" + ], + "url": "https://github.com/tokio-rs/tokio/releases/tag/tokio-1.23.1" + }, + { + "name": "https://learn.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-createnamedpipea#pipe_reject_remote_clients", + "tags": [ + "x_refsource_MISC" + ], + "url": "https://learn.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-createnamedpipea#pipe_reject_remote_clients" + } + ], + "affected": [ + { + "vendor": "tokio-rs", + "product": "tokio", + "versions": [ + { + "version": ">= 1.7.0, < 1.18.4", + "status": "affected" + }, + { + "version": ">= 1.19.0, < 1.20.3", + "status": "affected" + }, + { + "version": ">= 1.21.0, < 1.23.1", + "status": "affected" + } + ] + } + ], + "providerMetadata": { + "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", + "shortName": "GitHub_M", + "dateUpdated": "2023-01-04T21:47:09.400Z" + }, + "descriptions": [ + { + "lang": "en", + "value": "Tokio is a runtime for writing applications with Rust. Starting with version 1.7.0 and prior to versions 1.18.4, 1.20.3, and 1.23.1, when configuring a Windows named pipe server, setting `pipe_mode` will reset `reject_remote_clients` to `false`. If the application has previously configured `reject_remote_clients` to `true`, this effectively undoes the configuration. Remote clients may only access the named pipe if the named pipe's associated path is accessible via a publicly shared folder (SMB). Versions 1.23.1, 1.20.3, and 1.18.4 have been patched. The fix will also be present in all releases starting from version 1.24.0. Named pipes were introduced to Tokio in version 1.7.0, so releases older than 1.7.0 are not affected. As a workaround, ensure that `pipe_mode` is set first after initializing a `ServerOptions`." + } + ], + "source": { + "advisory": "GHSA-7rrj-xr53-82p7", + "discovery": "UNKNOWN" + } + }, + "adp": [ + { + "providerMetadata": { + "orgId": "af854a3a-2127-422b-91ae-364da2661108", + "shortName": "CVE", + "dateUpdated": "2024-08-02T10:13:48.445Z" + }, + "title": "CVE Program Container", + "references": [ + { + "name": "https://github.com/tokio-rs/tokio/security/advisories/GHSA-7rrj-xr53-82p7", + "tags": [ + "x_refsource_CONFIRM", + "x_transferred" + ], + "url": "https://github.com/tokio-rs/tokio/security/advisories/GHSA-7rrj-xr53-82p7" + }, + { + "name": "https://github.com/tokio-rs/tokio/pull/5336", + "tags": [ + "x_refsource_MISC", + "x_transferred" + ], + "url": "https://github.com/tokio-rs/tokio/pull/5336" + }, + { + "name": "https://github.com/tokio-rs/tokio/releases/tag/tokio-1.23.1", + "tags": [ + "x_refsource_MISC", + "x_transferred" + ], + "url": "https://github.com/tokio-rs/tokio/releases/tag/tokio-1.23.1" + }, + { + "name": "https://learn.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-createnamedpipea#pipe_reject_remote_clients", + "tags": [ + "x_refsource_MISC", + "x_transferred" + ], + "url": "https://learn.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-createnamedpipea#pipe_reject_remote_clients" + } + ] + }, + { + "metrics": [ + { + "other": { + "type": "ssvc", + "content": { + "timestamp": "2025-03-10T21:00:36.854340Z", + "id": "CVE-2023-22466", + "options": [ + { + "Exploitation": "none" + }, + { + "Automatable": "no" + }, + { + "Technical Impact": "partial" + } + ], + "role": "CISA Coordinator", + "version": "2.0.3" + } + } + } + ], + "title": "CISA ADP Vulnrichment", + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2025-03-10T21:32:32.950Z" + } + } + ] + } +} \ No newline at end of file diff --git a/vulnfeeds/test_data/cve5/CVE-2024-2002.json b/vulnfeeds/test_data/cve5/CVE-2024-2002.json new file mode 100644 index 00000000000..4a49a6eab70 --- /dev/null +++ b/vulnfeeds/test_data/cve5/CVE-2024-2002.json @@ -0,0 +1,219 @@ +{ + "dataType": "CVE_RECORD", + "dataVersion": "5.2", + "cveMetadata": { + "cveId": "CVE-2024-2002", + "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", + "state": "PUBLISHED", + "assignerShortName": "redhat", + "dateReserved": "2024-02-29T08:38:25.706Z", + "datePublished": "2024-03-18T12:26:31.386Z", + "dateUpdated": "2025-11-20T18:21:28.745Z" + }, + "containers": { + "cna": { + "title": "Libdwarf: crashes randomly on fuzzed object", + "metrics": [ + { + "other": { + "content": { + "value": "Moderate", + "namespace": "https://access.redhat.com/security/updates/classification/" + }, + "type": "Red Hat severity rating" + } + }, + { + "cvssV3_1": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" + }, + "format": "CVSS" + } + ], + "descriptions": [ + { + "lang": "en", + "value": "A double-free vulnerability was found in libdwarf. In a multiply-corrupted DWARF object, libdwarf may try to dealloc(free) an allocation twice, potentially causing unpredictable and various results." + } + ], + "affected": [ + { + "versions": [ + { + "status": "affected", + "version": "0.1.0" + }, + { + "status": "unaffected", + "version": "0.9.2" + } + ], + "packageName": "libdwarf", + "collectionURL": "https://github.com/davea42/libdwarf-code/", + "defaultStatus": "unaffected" + }, + { + "vendor": "Red Hat", + "product": "Red Hat Enterprise Linux 7", + "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", + "packageName": "libdwarf", + "defaultStatus": "unknown", + "cpes": [ + "cpe:/o:redhat:enterprise_linux:7" + ] + }, + { + "vendor": "Red Hat", + "product": "Red Hat Enterprise Linux 8", + "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", + "packageName": "libdwarf", + "defaultStatus": "unaffected", + "cpes": [ + "cpe:/o:redhat:enterprise_linux:8" + ] + } + ], + "references": [ + { + "url": "https://access.redhat.com/security/cve/CVE-2024-2002", + "tags": [ + "vdb-entry", + "x_refsource_REDHAT" + ] + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267700", + "name": "RHBZ#2267700", + "tags": [ + "issue-tracking", + "x_refsource_REDHAT" + ] + }, + { + "url": "https://github.com/davea42/libdwarf-code/blob/main/bugxml/data.txt" + } + ], + "datePublic": "2024-02-17T00:00:00.000Z", + "problemTypes": [ + { + "descriptions": [ + { + "cweId": "CWE-415", + "description": "Double Free", + "lang": "en", + "type": "CWE" + } + ] + } + ], + "x_redhatCweChain": "CWE-415: Double Free", + "workarounds": [ + { + "lang": "en", + "value": "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability." + } + ], + "timeline": [ + { + "lang": "en", + "time": "2024-03-04T00:00:00.000Z", + "value": "Reported to Red Hat." + }, + { + "lang": "en", + "time": "2024-02-17T00:00:00.000Z", + "value": "Made public." + } + ], + "providerMetadata": { + "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", + "shortName": "redhat", + "dateUpdated": "2025-11-20T18:21:28.745Z" + } + }, + "adp": [ + { + "providerMetadata": { + "orgId": "af854a3a-2127-422b-91ae-364da2661108", + "shortName": "CVE", + "dateUpdated": "2024-08-01T18:56:22.520Z" + }, + "title": "CVE Program Container", + "references": [ + { + "url": "https://access.redhat.com/security/cve/CVE-2024-2002", + "tags": [ + "vdb-entry", + "x_refsource_REDHAT", + "x_transferred" + ] + }, + { + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267700", + "name": "RHBZ#2267700", + "tags": [ + "issue-tracking", + "x_refsource_REDHAT", + "x_transferred" + ] + }, + { + "url": "https://github.com/davea42/libdwarf-code/blob/main/bugxml/data.txt", + "tags": [ + "x_transferred" + ] + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGPVLSPIXR32J6FOAFTTIMYTUUXJICGW/", + "tags": [ + "x_transferred" + ] + } + ] + }, + { + "metrics": [ + { + "other": { + "type": "ssvc", + "content": { + "timestamp": "2024-08-28T15:05:19.693453Z", + "id": "CVE-2024-2002", + "options": [ + { + "Exploitation": "none" + }, + { + "Automatable": "no" + }, + { + "Technical Impact": "total" + } + ], + "role": "CISA Coordinator", + "version": "2.0.3" + } + } + } + ], + "title": "CISA ADP Vulnrichment", + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2024-08-28T15:05:38.930Z" + } + } + ] + } +} \ No newline at end of file diff --git a/vulnfeeds/test_data/cve5/CVE-2024-7264.json b/vulnfeeds/test_data/cve5/CVE-2024-7264.json new file mode 100644 index 00000000000..28835f93052 --- /dev/null +++ b/vulnfeeds/test_data/cve5/CVE-2024-7264.json @@ -0,0 +1,725 @@ +{ + "dataType": "CVE_RECORD", + "cveMetadata": { + "cveId": "CVE-2024-7264", + "assignerOrgId": "2499f714-1537-4658-8207-48ae4bb9eae9", + "state": "PUBLISHED", + "assignerShortName": "curl", + "dateReserved": "2024-07-30T08:04:22.389Z", + "datePublished": "2024-07-31T08:08:14.585Z", + "dateUpdated": "2025-11-03T22:32:51.400Z" + }, + "containers": { + "cna": { + "title": "ASN.1 date parser overread", + "descriptions": [ + { + "lang": "en", + "value": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used." + } + ], + "providerMetadata": { + "orgId": "2499f714-1537-4658-8207-48ae4bb9eae9", + "shortName": "curl", + "dateUpdated": "2024-07-31T08:10:08.639Z" + }, + "problemTypes": [ + { + "descriptions": [ + { + "lang": "en", + "description": "CWE-125 Out-of-bounds Read" + } + ] + } + ], + "affected": [ + { + "vendor": "curl", + "product": "curl", + "versions": [ + { + "version": "8.9.0", + "status": "affected", + "lessThanOrEqual": "8.9.0", + "versionType": "semver" + }, + { + "version": "8.8.0", + "status": "affected", + "lessThanOrEqual": "8.8.0", + "versionType": "semver" + }, + { + "version": "8.7.1", + "status": "affected", + "lessThanOrEqual": "8.7.1", + "versionType": "semver" + }, + { + "version": "8.7.0", + "status": "affected", + "lessThanOrEqual": "8.7.0", + "versionType": "semver" + }, + { + "version": "8.6.0", + "status": "affected", + "lessThanOrEqual": "8.6.0", + "versionType": "semver" + }, + { + "version": "8.5.0", + "status": "affected", + "lessThanOrEqual": "8.5.0", + "versionType": "semver" + }, + { + "version": "8.4.0", + "status": "affected", + "lessThanOrEqual": "8.4.0", + "versionType": "semver" + }, + { + "version": "8.3.0", + "status": "affected", + "lessThanOrEqual": "8.3.0", + "versionType": "semver" + }, + { + "version": "8.2.1", + "status": "affected", + "lessThanOrEqual": "8.2.1", + "versionType": "semver" + }, + { + "version": "8.2.0", + "status": "affected", + "lessThanOrEqual": "8.2.0", + "versionType": "semver" + }, + { + "version": "8.1.2", + "status": "affected", + "lessThanOrEqual": "8.1.2", + "versionType": "semver" + }, + { + "version": "8.1.1", + "status": "affected", + "lessThanOrEqual": "8.1.1", + "versionType": "semver" + }, + { + "version": "8.1.0", + "status": "affected", + "lessThanOrEqual": "8.1.0", + "versionType": "semver" + }, + { + "version": "8.0.1", + "status": "affected", + "lessThanOrEqual": "8.0.1", + "versionType": "semver" + }, + { + "version": "8.0.0", + "status": "affected", + "lessThanOrEqual": "8.0.0", + "versionType": "semver" + }, + { + "version": "7.88.1", + "status": "affected", + "lessThanOrEqual": "7.88.1", + "versionType": "semver" + }, + { + "version": "7.88.0", + "status": "affected", + "lessThanOrEqual": "7.88.0", + "versionType": "semver" + }, + { + "version": "7.87.0", + "status": "affected", + "lessThanOrEqual": "7.87.0", + "versionType": "semver" + }, + { + "version": "7.86.0", + "status": "affected", + "lessThanOrEqual": "7.86.0", + "versionType": "semver" + }, + { + "version": "7.85.0", + "status": "affected", + "lessThanOrEqual": "7.85.0", + "versionType": "semver" + }, + { + "version": "7.84.0", + "status": "affected", + "lessThanOrEqual": "7.84.0", + "versionType": "semver" + }, + { + "version": "7.83.1", + "status": "affected", + "lessThanOrEqual": "7.83.1", + "versionType": "semver" + }, + { + "version": "7.83.0", + "status": "affected", + "lessThanOrEqual": "7.83.0", + "versionType": "semver" + }, + { + "version": "7.82.0", + "status": "affected", + "lessThanOrEqual": "7.82.0", + "versionType": "semver" + }, + { + "version": "7.81.0", + "status": "affected", + "lessThanOrEqual": "7.81.0", + "versionType": "semver" + }, + { + "version": "7.80.0", + "status": "affected", + "lessThanOrEqual": "7.80.0", + "versionType": "semver" + }, + { + "version": "7.79.1", + "status": "affected", + "lessThanOrEqual": "7.79.1", + "versionType": "semver" + }, + { + "version": "7.79.0", + "status": "affected", + "lessThanOrEqual": "7.79.0", + "versionType": "semver" + }, + { + "version": "7.78.0", + "status": "affected", + "lessThanOrEqual": "7.78.0", + "versionType": "semver" + }, + { + "version": "7.77.0", + "status": "affected", + "lessThanOrEqual": "7.77.0", + "versionType": "semver" + }, + { + "version": "7.76.1", + "status": "affected", + "lessThanOrEqual": "7.76.1", + "versionType": "semver" + }, + { + "version": "7.76.0", + "status": "affected", + "lessThanOrEqual": "7.76.0", + "versionType": "semver" + }, + { + "version": "7.75.0", + "status": "affected", + "lessThanOrEqual": "7.75.0", + "versionType": "semver" + }, + { + "version": "7.74.0", + "status": "affected", + "lessThanOrEqual": "7.74.0", + "versionType": "semver" + }, + { + "version": "7.73.0", + "status": "affected", + "lessThanOrEqual": "7.73.0", + "versionType": "semver" + }, + { + "version": "7.72.0", + "status": "affected", + "lessThanOrEqual": "7.72.0", + "versionType": "semver" + }, + { + "version": "7.71.1", + "status": "affected", + "lessThanOrEqual": "7.71.1", + "versionType": "semver" + }, + { + "version": "7.71.0", + "status": "affected", + "lessThanOrEqual": "7.71.0", + "versionType": "semver" + }, + { + "version": "7.70.0", + "status": "affected", + "lessThanOrEqual": "7.70.0", + "versionType": "semver" + }, + { + "version": "7.69.1", + "status": "affected", + "lessThanOrEqual": "7.69.1", + "versionType": "semver" + }, + { + "version": "7.69.0", + "status": "affected", + "lessThanOrEqual": "7.69.0", + "versionType": "semver" + }, + { + "version": "7.68.0", + "status": "affected", + "lessThanOrEqual": "7.68.0", + "versionType": "semver" + }, + { + "version": "7.67.0", + "status": "affected", + "lessThanOrEqual": "7.67.0", + "versionType": "semver" + }, + { + "version": "7.66.0", + "status": "affected", + "lessThanOrEqual": "7.66.0", + "versionType": "semver" + }, + { + "version": "7.65.3", + "status": "affected", + "lessThanOrEqual": "7.65.3", + "versionType": "semver" + }, + { + "version": "7.65.2", + "status": "affected", + "lessThanOrEqual": "7.65.2", + "versionType": "semver" + }, + { + "version": "7.65.1", + "status": "affected", + "lessThanOrEqual": "7.65.1", + "versionType": "semver" + }, + { + "version": "7.65.0", + "status": "affected", + "lessThanOrEqual": "7.65.0", + "versionType": "semver" + }, + { + "version": "7.64.1", + "status": "affected", + "lessThanOrEqual": "7.64.1", + "versionType": "semver" + }, + { + "version": "7.64.0", + "status": "affected", + "lessThanOrEqual": "7.64.0", + "versionType": "semver" + }, + { + "version": "7.63.0", + "status": "affected", + "lessThanOrEqual": "7.63.0", + "versionType": "semver" + }, + { + "version": "7.62.0", + "status": "affected", + "lessThanOrEqual": "7.62.0", + "versionType": "semver" + }, + { + "version": "7.61.1", + "status": "affected", + "lessThanOrEqual": "7.61.1", + "versionType": "semver" + }, + { + "version": "7.61.0", + "status": "affected", + "lessThanOrEqual": "7.61.0", + "versionType": "semver" + }, + { + "version": "7.60.0", + "status": "affected", + "lessThanOrEqual": "7.60.0", + "versionType": "semver" + }, + { + "version": "7.59.0", + "status": "affected", + "lessThanOrEqual": "7.59.0", + "versionType": "semver" + }, + { + "version": "7.58.0", + "status": "affected", + "lessThanOrEqual": "7.58.0", + "versionType": "semver" + }, + { + "version": "7.57.0", + "status": "affected", + "lessThanOrEqual": "7.57.0", + "versionType": "semver" + }, + { + "version": "7.56.1", + "status": "affected", + "lessThanOrEqual": "7.56.1", + "versionType": "semver" + }, + { + "version": "7.56.0", + "status": "affected", + "lessThanOrEqual": "7.56.0", + "versionType": "semver" + }, + { + "version": "7.55.1", + "status": "affected", + "lessThanOrEqual": "7.55.1", + "versionType": "semver" + }, + { + "version": "7.55.0", + "status": "affected", + "lessThanOrEqual": "7.55.0", + "versionType": "semver" + }, + { + "version": "7.54.1", + "status": "affected", + "lessThanOrEqual": "7.54.1", + "versionType": "semver" + }, + { + "version": "7.54.0", + "status": "affected", + "lessThanOrEqual": "7.54.0", + "versionType": "semver" + }, + { + "version": "7.53.1", + "status": "affected", + "lessThanOrEqual": "7.53.1", + "versionType": "semver" + }, + { + "version": "7.53.0", + "status": "affected", + "lessThanOrEqual": "7.53.0", + "versionType": "semver" + }, + { + "version": "7.52.1", + "status": "affected", + "lessThanOrEqual": "7.52.1", + "versionType": "semver" + }, + { + "version": "7.52.0", + "status": "affected", + "lessThanOrEqual": "7.52.0", + "versionType": "semver" + }, + { + "version": "7.51.0", + "status": "affected", + "lessThanOrEqual": "7.51.0", + "versionType": "semver" + }, + { + "version": "7.50.3", + "status": "affected", + "lessThanOrEqual": "7.50.3", + "versionType": "semver" + }, + { + "version": "7.50.2", + "status": "affected", + "lessThanOrEqual": "7.50.2", + "versionType": "semver" + }, + { + "version": "7.50.1", + "status": "affected", + "lessThanOrEqual": "7.50.1", + "versionType": "semver" + }, + { + "version": "7.50.0", + "status": "affected", + "lessThanOrEqual": "7.50.0", + "versionType": "semver" + }, + { + "version": "7.49.1", + "status": "affected", + "lessThanOrEqual": "7.49.1", + "versionType": "semver" + }, + { + "version": "7.49.0", + "status": "affected", + "lessThanOrEqual": "7.49.0", + "versionType": "semver" + }, + { + "version": "7.48.0", + "status": "affected", + "lessThanOrEqual": "7.48.0", + "versionType": "semver" + }, + { + "version": "7.47.1", + "status": "affected", + "lessThanOrEqual": "7.47.1", + "versionType": "semver" + }, + { + "version": "7.47.0", + "status": "affected", + "lessThanOrEqual": "7.47.0", + "versionType": "semver" + }, + { + "version": "7.46.0", + "status": "affected", + "lessThanOrEqual": "7.46.0", + "versionType": "semver" + }, + { + "version": "7.45.0", + "status": "affected", + "lessThanOrEqual": "7.45.0", + "versionType": "semver" + }, + { + "version": "7.44.0", + "status": "affected", + "lessThanOrEqual": "7.44.0", + "versionType": "semver" + }, + { + "version": "7.43.0", + "status": "affected", + "lessThanOrEqual": "7.43.0", + "versionType": "semver" + }, + { + "version": "7.42.1", + "status": "affected", + "lessThanOrEqual": "7.42.1", + "versionType": "semver" + }, + { + "version": "7.42.0", + "status": "affected", + "lessThanOrEqual": "7.42.0", + "versionType": "semver" + }, + { + "version": "7.41.0", + "status": "affected", + "lessThanOrEqual": "7.41.0", + "versionType": "semver" + }, + { + "version": "7.40.0", + "status": "affected", + "lessThanOrEqual": "7.40.0", + "versionType": "semver" + }, + { + "version": "7.39.0", + "status": "affected", + "lessThanOrEqual": "7.39.0", + "versionType": "semver" + }, + { + "version": "7.38.0", + "status": "affected", + "lessThanOrEqual": "7.38.0", + "versionType": "semver" + }, + { + "version": "7.37.1", + "status": "affected", + "lessThanOrEqual": "7.37.1", + "versionType": "semver" + }, + { + "version": "7.37.0", + "status": "affected", + "lessThanOrEqual": "7.37.0", + "versionType": "semver" + }, + { + "version": "7.36.0", + "status": "affected", + "lessThanOrEqual": "7.36.0", + "versionType": "semver" + }, + { + "version": "7.35.0", + "status": "affected", + "lessThanOrEqual": "7.35.0", + "versionType": "semver" + }, + { + "version": "7.34.0", + "status": "affected", + "lessThanOrEqual": "7.34.0", + "versionType": "semver" + }, + { + "version": "7.33.0", + "status": "affected", + "lessThanOrEqual": "7.33.0", + "versionType": "semver" + }, + { + "version": "7.32.0", + "status": "affected", + "lessThanOrEqual": "7.32.0", + "versionType": "semver" + } + ], + "defaultStatus": "unaffected" + } + ], + "references": [ + { + "url": "https://curl.se/docs/CVE-2024-7264.json", + "name": "json" + }, + { + "url": "https://curl.se/docs/CVE-2024-7264.html", + "name": "www" + }, + { + "url": "https://hackerone.com/reports/2629968", + "name": "issue" + }, + { + "url": "http://www.openwall.com/lists/oss-security/2024/07/31/1" + } + ], + "credits": [ + { + "lang": "en", + "value": "Dov Murik (Transmit Security)", + "type": "finder" + }, + { + "lang": "en", + "value": "Stefan Eissing", + "type": "remediation developer" + } + ] + }, + "adp": [ + { + "title": "CVE Program Container", + "references": [ + { + "url": "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519" + }, + { + "tags": [ + "x_transferred" + ], + "url": "http://www.openwall.com/lists/oss-security/2024/07/31/1" + }, + { + "url": "https://security.netapp.com/advisory/ntap-20240828-0008/" + }, + { + "url": "https://security.netapp.com/advisory/ntap-20241025-0010/" + }, + { + "url": "https://security.netapp.com/advisory/ntap-20241025-0006/" + } + ], + "providerMetadata": { + "orgId": "af854a3a-2127-422b-91ae-364da2661108", + "shortName": "CVE", + "dateUpdated": "2025-11-03T22:32:51.400Z" + } + }, + { + "metrics": [ + { + "cvssV3_1": { + "scope": "UNCHANGED", + "version": "3.1", + "baseScore": 6.3, + "attackVector": "NETWORK", + "baseSeverity": "MEDIUM", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "integrityImpact": "LOW", + "userInteraction": "NONE", + "attackComplexity": "LOW", + "availabilityImpact": "LOW", + "privilegesRequired": "LOW", + "confidentialityImpact": "LOW" + } + }, + { + "other": { + "type": "ssvc", + "content": { + "timestamp": "2024-08-01T20:05:41.315706Z", + "id": "CVE-2024-7264", + "options": [ + { + "Exploitation": "none" + }, + { + "Automatable": "no" + }, + { + "Technical Impact": "partial" + } + ], + "role": "CISA Coordinator", + "version": "2.0.3" + } + } + } + ], + "title": "CISA ADP Vulnrichment", + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2024-10-30T19:41:40.489Z" + } + } + ] + }, + "dataVersion": "5.2" +} \ No newline at end of file diff --git a/vulnfeeds/test_data/cve5/CVE-2025-4565.json b/vulnfeeds/test_data/cve5/CVE-2025-4565.json new file mode 100644 index 00000000000..608a48a18e1 --- /dev/null +++ b/vulnfeeds/test_data/cve5/CVE-2025-4565.json @@ -0,0 +1,206 @@ +{ + "dataType": "CVE_RECORD", + "dataVersion": "5.1", + "cveMetadata": { + "cveId": "CVE-2025-4565", + "assignerOrgId": "14ed7db2-1595-443d-9d34-6215bf890778", + "state": "PUBLISHED", + "assignerShortName": "Google", + "dateReserved": "2025-05-12T05:48:12.941Z", + "datePublished": "2025-06-16T14:50:40.906Z", + "dateUpdated": "2025-06-16T15:39:18.263Z" + }, + "containers": { + "cna": { + "affected": [ + { + "collectionURL": "https://github.com/protocolbuffers/protobuf/", + "defaultStatus": "unaffected", + "packageName": "protobuf", + "product": "Python-Protobuf", + "programFiles": [ + "python/google/protobuf/internal/decoder.py" + ], + "repo": "https://github.com/protocolbuffers/protobuf/", + "vendor": "protocolbuffers", + "versions": [ + { + "lessThan": "4.25.8", + "status": "affected", + "version": "0", + "versionType": "semver" + }, + { + "lessThan": "5.29.5", + "status": "affected", + "version": "0", + "versionType": "semver" + }, + { + "lessThan": "6.31.1", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ] + }, + { + "collectionURL": "https://pypi.org/project/protobuf/", + "defaultStatus": "unaffected", + "product": "Python-Protobuf", + "repo": "https://pypi.org/project/protobuf/", + "vendor": "protocolbuffers", + "versions": [ + { + "lessThan": "4.25.8", + "status": "affected", + "version": "0", + "versionType": "semver" + }, + { + "lessThan": "5.29.5", + "status": "affected", + "version": "0", + "versionType": "semver" + }, + { + "lessThan": "6.31.1", + "status": "affected", + "version": "0", + "versionType": "semver" + } + ] + } + ], + "credits": [ + { + "lang": "en", + "type": "finder", + "value": "Alexis Challande - Trail of Bits Ecosystem Security Team" + } + ], + "datePublic": "2025-05-12T22:00:00.000Z", + "descriptions": [ + { + "lang": "en", + "supportingMedia": [ + { + "base64": false, + "type": "text/html", + "value": "Any project that uses Protobuf Pure-Python backend to parse untrusted Protocol Buffers data containing an arbitrary number of recursive groups, recursive messages or a series of SGROUP tags can be corrupted by exceeding the Python recursion limit. This can result in a Denial of service by crashing the application with a RecursionError. We recommend upgrading to version =>6.31.1 or beyond commit 17838beda2943d08b8a9d4df5b68f5f04f26d901
" + } + ], + "value": "Any project that uses Protobuf Pure-Python backend to parse untrusted Protocol Buffers data containing an arbitrary number of recursive groups, recursive messages or a series of SGROUP tags can be corrupted by exceeding the Python recursion limit. This can result in a Denial of service by crashing the application with a RecursionError. We recommend upgrading to version =>6.31.1 or beyond commit 17838beda2943d08b8a9d4df5b68f5f04f26d901" + } + ], + "impacts": [ + { + "capecId": "CAPEC-130", + "descriptions": [ + { + "lang": "en", + "value": "CAPEC-130 Excessive Allocation" + } + ] + } + ], + "metrics": [ + { + "cvssV4_0": { + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "attackComplexity": "LOW", + "attackRequirements": "PRESENT", + "attackVector": "NETWORK", + "baseScore": 8.2, + "baseSeverity": "HIGH", + "privilegesRequired": "NONE", + "providerUrgency": "NOT_DEFINED", + "subAvailabilityImpact": "NONE", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "userInteraction": "NONE", + "valueDensity": "NOT_DEFINED", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", + "version": "4.0", + "vulnAvailabilityImpact": "HIGH", + "vulnConfidentialityImpact": "NONE", + "vulnIntegrityImpact": "NONE", + "vulnerabilityResponseEffort": "NOT_DEFINED" + }, + "format": "CVSS", + "scenarios": [ + { + "lang": "en", + "value": "GENERAL" + } + ] + } + ], + "problemTypes": [ + { + "descriptions": [ + { + "cweId": "CWE-674", + "description": "CWE-674 Uncontrolled Recursion", + "lang": "en", + "type": "CWE" + } + ] + } + ], + "providerMetadata": { + "orgId": "14ed7db2-1595-443d-9d34-6215bf890778", + "shortName": "Google", + "dateUpdated": "2025-06-16T14:50:40.906Z" + }, + "references": [ + { + "url": "https://github.com/protocolbuffers/protobuf/commit/17838beda2943d08b8a9d4df5b68f5f04f26d901" + } + ], + "source": { + "discovery": "EXTERNAL" + }, + "title": "Unbounded recursion in Python Protobuf", + "x_generator": { + "engine": "Vulnogram 0.2.0" + } + }, + "adp": [ + { + "metrics": [ + { + "other": { + "type": "ssvc", + "content": { + "timestamp": "2025-06-16T15:38:57.654894Z", + "id": "CVE-2025-4565", + "options": [ + { + "Exploitation": "none" + }, + { + "Automatable": "yes" + }, + { + "Technical Impact": "partial" + } + ], + "role": "CISA Coordinator", + "version": "2.0.3" + } + } + } + ], + "title": "CISA ADP Vulnrichment", + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2025-06-16T15:39:18.263Z" + } + } + ] + } +} \ No newline at end of file diff --git a/vulnfeeds/test_data/cve5/CVE-2026-20912.json b/vulnfeeds/test_data/cve5/CVE-2026-20912.json new file mode 100644 index 00000000000..f269bd6c127 --- /dev/null +++ b/vulnfeeds/test_data/cve5/CVE-2026-20912.json @@ -0,0 +1,160 @@ +{ + "dataType": "CVE_RECORD", + "dataVersion": "5.2", + "cveMetadata": { + "cveId": "CVE-2026-20912", + "assignerOrgId": "88ee5874-cf24-4952-aea0-31affedb7ff2", + "state": "PUBLISHED", + "assignerShortName": "Gitea", + "dateReserved": "2026-01-08T23:02:37.548Z", + "datePublished": "2026-01-22T22:01:52.026Z", + "dateUpdated": "2026-01-23T21:53:41.649Z" + }, + "containers": { + "cna": { + "affected": [ + { + "vendor": "Gitea", + "product": "Gitea Open Source Git Server", + "versions": [ + { + "version": "0", + "lessThanOrEqual": "1.25.3", + "status": "affected", + "versionType": "semver" + } + ], + "defaultStatus": "unaffected" + } + ], + "descriptions": [ + { + "lang": "en", + "value": "Gitea does not properly validate repository ownership when linking attachments to releases. An attachment uploaded to a private repository could potentially be linked to a release in a different public repository, making it accessible to unauthorized users." + } + ], + "problemTypes": [ + { + "descriptions": [ + { + "cweId": "CWE-284", + "description": "CWE-284: Improper Access Control", + "lang": "en", + "type": "CWE" + } + ] + }, + { + "descriptions": [ + { + "cweId": "CWE-639", + "description": "CWE-639: Authorization Bypass Through User-Controlled Key", + "lang": "en", + "type": "CWE" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/go-gitea/gitea/security/advisories/GHSA-vfmv-f93v-37mw", + "name": "GitHub Security Advisory", + "tags": [ + "vendor-advisory" + ] + }, + { + "url": "https://github.com/go-gitea/gitea/pull/36320", + "name": "GitHub Pull Request #36320", + "tags": [ + "patch" + ] + }, + { + "url": "https://github.com/go-gitea/gitea/pull/36355", + "name": "GitHub Pull Request #36355", + "tags": [ + "patch" + ] + }, + { + "url": "https://github.com/go-gitea/gitea/releases/tag/v1.25.4", + "name": "Gitea v1.25.4 Release", + "tags": [ + "release-notes" + ] + }, + { + "url": "https://blog.gitea.com/release-of-1.25.4/", + "name": "Gitea v1.25.4 Release Blog Post", + "tags": [ + "release-notes" + ] + } + ], + "credits": [ + { + "lang": "en", + "value": "spingARbor", + "type": "reporter" + } + ], + "title": "Gitea: Cross-Repository Authorization Bypass via Release Attachment Linking Leads to Private Attachment Disclosure", + "providerMetadata": { + "orgId": "88ee5874-cf24-4952-aea0-31affedb7ff2", + "shortName": "Gitea", + "dateUpdated": "2026-01-22T22:01:52.026Z" + } + }, + "adp": [ + { + "metrics": [ + { + "cvssV3_1": { + "scope": "UNCHANGED", + "version": "3.1", + "baseScore": 9.1, + "attackVector": "NETWORK", + "baseSeverity": "CRITICAL", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", + "integrityImpact": "HIGH", + "userInteraction": "NONE", + "attackComplexity": "LOW", + "availabilityImpact": "NONE", + "privilegesRequired": "NONE", + "confidentialityImpact": "HIGH" + } + }, + { + "other": { + "type": "ssvc", + "content": { + "timestamp": "2026-01-23T17:51:12.073308Z", + "id": "CVE-2026-20912", + "options": [ + { + "Exploitation": "none" + }, + { + "Automatable": "yes" + }, + { + "Technical Impact": "total" + } + ], + "role": "CISA Coordinator", + "version": "2.0.3" + } + } + } + ], + "title": "CISA ADP Vulnrichment", + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2026-01-23T21:53:41.649Z" + } + } + ] + } +} \ No newline at end of file diff --git a/vulnfeeds/test_data/cve5/CVE-2026-23522.json b/vulnfeeds/test_data/cve5/CVE-2026-23522.json new file mode 100644 index 00000000000..85e5c3aee72 --- /dev/null +++ b/vulnfeeds/test_data/cve5/CVE-2026-23522.json @@ -0,0 +1,155 @@ +{ + "dataType": "CVE_RECORD", + "dataVersion": "5.2", + "cveMetadata": { + "cveId": "CVE-2026-23522", + "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", + "state": "PUBLISHED", + "assignerShortName": "GitHub_M", + "dateReserved": "2026-01-13T18:22:43.980Z", + "datePublished": "2026-01-19T16:53:32.371Z", + "dateUpdated": "2026-01-20T21:35:39.441Z" + }, + "containers": { + "cna": { + "title": "Lobe Chat has IDOR in Knowledge Base File Removal that Allows Cross User File Deletion", + "problemTypes": [ + { + "descriptions": [ + { + "cweId": "CWE-284", + "lang": "en", + "description": "CWE-284: Improper Access Control", + "type": "CWE" + } + ] + }, + { + "descriptions": [ + { + "cweId": "CWE-639", + "lang": "en", + "description": "CWE-639: Authorization Bypass Through User-Controlled Key", + "type": "CWE" + } + ] + }, + { + "descriptions": [ + { + "cweId": "CWE-862", + "lang": "en", + "description": "CWE-862: Missing Authorization", + "type": "CWE" + } + ] + }, + { + "descriptions": [ + { + "cweId": "CWE-915", + "lang": "en", + "description": "CWE-915: Improperly Controlled Modification of Dynamically-Determined Object Attributes", + "type": "CWE" + } + ] + } + ], + "metrics": [ + { + "cvssV3_1": { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 3.7, + "baseSeverity": "LOW", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", + "version": "3.1" + } + } + ], + "references": [ + { + "name": "https://github.com/lobehub/lobe-chat/security/advisories/GHSA-j7xp-4mg9-x28r", + "tags": [ + "x_refsource_CONFIRM" + ], + "url": "https://github.com/lobehub/lobe-chat/security/advisories/GHSA-j7xp-4mg9-x28r" + }, + { + "name": "https://github.com/lobehub/lobe-chat/commit/2c1762b85acb84467ed5e799afe1499cd2f912e6", + "tags": [ + "x_refsource_MISC" + ], + "url": "https://github.com/lobehub/lobe-chat/commit/2c1762b85acb84467ed5e799afe1499cd2f912e6" + } + ], + "affected": [ + { + "vendor": "lobehub", + "product": "lobe-chat", + "versions": [ + { + "version": "< 2.0.0-next.193", + "status": "affected" + } + ] + } + ], + "providerMetadata": { + "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", + "shortName": "GitHub_M", + "dateUpdated": "2026-01-19T16:53:32.371Z" + }, + "descriptions": [ + { + "lang": "en", + "value": "LobeChat is an open source chat application platform. Prior to version 2.0.0-next.193, `knowledgeBase.removeFilesFromKnowledgeBase` tRPC ep allows authenticated users to delete files from any knowledge base without verifying ownership. `userId` filter in the database query is commented out, so it's enabling attackers to delete other users' KB files if they know the knowledge base ID and file ID. While the vulnerability is confirmed, practical exploitation requires knowing target's KB ID and target's file ID. These IDs are random and not easily enumerable. However, IDs may leak through shared links, logs, referrer headers and so on. Missing authorization check is a critical security flaw regardless. Users should upgrade to version 2.0.0-next.193 to receive a patch." + } + ], + "source": { + "advisory": "GHSA-j7xp-4mg9-x28r", + "discovery": "UNKNOWN" + } + }, + "adp": [ + { + "metrics": [ + { + "other": { + "type": "ssvc", + "content": { + "timestamp": "2026-01-20T21:35:33.327391Z", + "id": "CVE-2026-23522", + "options": [ + { + "Exploitation": "poc" + }, + { + "Automatable": "no" + }, + { + "Technical Impact": "partial" + } + ], + "role": "CISA Coordinator", + "version": "2.0.3" + } + } + } + ], + "title": "CISA ADP Vulnrichment", + "providerMetadata": { + "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", + "shortName": "CISA-ADP", + "dateUpdated": "2026-01-20T21:35:39.441Z" + } + } + ] + } +} \ No newline at end of file From b2baf769c5993b65f118d4709ba0cc5245a553f0 Mon Sep 17 00:00:00 2001 From: Jess Lowe Date: Sun, 29 Mar 2026 23:23:33 +0000 Subject: [PATCH 24/26] fix lint + update snaps --- .../__snapshots__/main_test.snap | 20 +- vulnfeeds/cmd/combine-to-osv/main_test.go | 4 +- vulnfeeds/conversion/common.go | 4 +- vulnfeeds/conversion/cve5/converter_test.go | 6 +- .../nvd/__snapshots__/converter_test.snap | 240 ++++++++++++++++++ vulnfeeds/conversion/nvd/converter_test.go | 3 +- 6 files changed, 259 insertions(+), 18 deletions(-) diff --git a/vulnfeeds/cmd/combine-to-osv/__snapshots__/main_test.snap b/vulnfeeds/cmd/combine-to-osv/__snapshots__/main_test.snap index e572a5829e3..446ce343573 100755 --- a/vulnfeeds/cmd/combine-to-osv/__snapshots__/main_test.snap +++ b/vulnfeeds/cmd/combine-to-osv/__snapshots__/main_test.snap @@ -1,13 +1,13 @@ [TestCombineDirsSnapshot - 1] -{"schema_version":"1.7.3", "id":"CVE-2016-15012", "published":"2023-01-07T12:59:27.772Z", "modified":"2025-04-08T20:30:50.208Z", "summary":"forcedotcom SalesforceMobileSDK-Windows QuerySpec.cs ComputeCountSql sql injection", "details":"** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in forcedotcom SalesforceMobileSDK-Windows up to 4.x. It has been rated as critical. This issue affects the function ComputeCountSql of the file SalesforceSDK/SmartStore/Store/QuerySpec.cs. The manipulation leads to sql injection. Upgrading to version 5.0.0 is able to address this issue. The patch is named 83b3e91e0c1e84873a6d3ca3c5887eb5b4f5a3d8. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-217619. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.", "affected":[{"ranges":[{"type":"GIT", "repo":"https://github.com/forcedotcom/salesforcemobilesdk-windows", "events":[{"introduced":"0"}, {"fixed":"83b3e91e0c1e84873a6d3ca3c5887eb5b4f5a3d8"}]}]}], "references":[{"type":"ADVISORY", "url":"https://nvd.nist.gov/vuln/detail/CVE-2016-15012"}, {"type":"ADVISORY", "url":"https://vuldb.com/?id.217619"}, {"type":"REPORT", "url":"https://vuldb.com/?ctiid.217619"}, {"type":"FIX", "url":"https://github.com/forcedotcom/SalesforceMobileSDK-Windows/commit/83b3e91e0c1e84873a6d3ca3c5887eb5b4f5a3d8"}, {"type":"FIX", "url":"https://github.com/forcedotcom/SalesforceMobileSDK-Windows/releases/tag/v5.0.0"}], "database_specific":{"cna_assigner":"VulDB", "cwe_ids":["CWE-89"], "osv_generated_from":"unknown"}, "severity":[{"type":"CVSS_V3", "score":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}]} -{"schema_version":"1.7.3", "id":"CVE-2016-1897", "published":"2016-01-15T02:00:00Z", "modified":"2025-04-12T10:46:40.837Z", "details":"FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the concat protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP request in which the URL string contains the first line of a local file.", "affected":[{"ranges":[{"type":"GIT", "repo":"https://github.com/ffmpeg/ffmpeg", "events":[{"introduced":"0"}, {"last_affected":"2b8b2ba19fe0ca6594cb09439b9ead2c328a79d8"}, {"last_affected":"acf511de34e0b79fff0183e06ed37f1aa8dc3d94"}, {"last_affected":"9d0bb7fc3991b030603acfe899e6f001e530c89a"}, {"last_affected":"b4552cc9b8c37410f754af5d34d24e7b8a9b4b0e"}, {"last_affected":"7de7bd4f563a1431bdac59dae5d8e930e71405e6"}, {"last_affected":"205e2264c3d5b1a16a4493b9281b9167d09c3505"}, {"last_affected":"3d91569c5e39f4062393fdb40b038e31df38473a"}, {"last_affected":"0caff57c42cac0f80152187473b1ee753aca8257"}, {"last_affected":"a37e42b3ee4226a4d2c69cd4eebf9c81e6df8ea5"}, {"last_affected":"9422cd85a081f6e084731e87eda3e8e4df9f6827"}, {"last_affected":"29353dd3f8159089ecf2fa0886f94f4cf32e75f2"}, {"last_affected":"eda6effcabcf9c238e4635eb058d72371336e09b"}, {"last_affected":"d3139c9733f1994fb86825e0d1fd2a5abf3be7b5"}, {"last_affected":"e7873dfccad595e9d8fc65217ebffcf3686e1d34"}, {"last_affected":"27172a5ca360e61a07ff16bf22f2ec91208f4e00"}, {"last_affected":"41802887eb647bee21238e0a575a7c4bbf954b86"}, {"last_affected":"68f89b8264d46d5812e710ca0f903d4d323ec899"}, {"last_affected":"6baf9c4406bcdf1015c9ec8bd6b8c4aef77624ac"}, {"last_affected":"e72c0a04664a9aab449b63135fe16ade51a99bb6"}, {"last_affected":"c2eb668617555cb8b8bcfb9796241ada9471ac65"}, {"last_affected":"f406bf3fa933be089bd76a95f75ea57b0942f8c5"}, {"last_affected":"e0a03d1f9cb18139ede8c3d0263a21828494c951"}, {"last_affected":"0edc79962641dd853cda187ee13b617701346061"}, {"last_affected":"1b99667005156cadc8d3ae0099ef5d244e598ac5"}, {"last_affected":"49fa398858df1a1e425740672de5fb4819b4d947"}, {"last_affected":"5df02760dd2f050b996f931fa7cdf8871bfa5d96"}, {"last_affected":"b05d3550407418aea53f2672463a8ebc8f75654e"}, {"last_affected":"969aee07e68c5930782bc46f2ac2391db55b8d1b"}, {"last_affected":"9f09bfe681259cfed7414f207c88f84c09d5b501"}, {"last_affected":"86a01362c0e46d155fbfc1ef19f5ba17af3ee69d"}, {"last_affected":"36cfee3adc70c6a78a07df4bb16349c4b0893ef4"}, {"last_affected":"bf0d2ee92c33d802907e829f99c26a46578ed679"}, {"last_affected":"1c14b09caf903f2e776dcd661085db49511bf531"}, {"last_affected":"051cd7dc5f42542753f809109d00ec3cf19eb337"}, {"last_affected":"3ec3f70ddb1b97fd6174ab3ca8617d8a1a6516ab"}, {"last_affected":"7c2d152f562ab089ecf8262438e2f8e9cb9c546f"}, {"last_affected":"b88de7b31a4a5c35d10b1392d2d86d93fc942b4c"}, {"last_affected":"bc259185cb69c6532232be4b2ad57a70ef7ed946"}, {"last_affected":"d005e2ecce5c8104679b39f2050a9d83e417d275"}, {"last_affected":"b44506c393b176dc396502ad262ac18bec52a110"}, {"last_affected":"db27f50e0658e91758e8a17fdcf390e6bc93c1d2"}, {"last_affected":"13a72d9b08c914c3d3c99be1053e9d5cda8baa88"}, {"last_affected":"e1ce4f805f31aecec83fc7c7ecaab623f3b6327f"}, {"last_affected":"d61454e7c1de48f6a9059ca98f55e6beb52a618c"}, {"last_affected":"043f32606046b1470218511ded151edfa7a126ee"}, {"last_affected":"dd2394754d8cee3717b3e198c83cc382674cf126"}, {"last_affected":"4afe2684d8f50b28ce6743c7ee999f3157c9857f"}, {"last_affected":"1fd7fb9036fcfb1620068014d8a52112067d2d59"}, {"last_affected":"3c63503792147a996997023694a3b45f27ab3f78"}, {"last_affected":"2c8c55195da97ee45fb0daf6d68c22b942e14ade"}, {"last_affected":"de7b74d2544d2cb5ff85db20a9853116ea72ed47"}, {"last_affected":"1047c286fa20c79dde8ddd7577a3b87cc1effdb7"}, {"last_affected":"0045969e411bcf946b2393e7bcb42032cb71a9a1"}, {"last_affected":"5e4ec87720a64cd969120af60e82cbd55454ab8e"}, {"last_affected":"da2186be81b5cb2d24da5671e25affbb8f09920d"}, {"last_affected":"2c01dd2ea5e39238261945185d2b30e11979cf4b"}, {"last_affected":"959ab06c68f8c74a0f31bcaf2692cbbdaf5702f6"}, {"last_affected":"07d508e4f55f6045b83df3346448b149faab5d7d"}, {"last_affected":"3429714f3d046f4e2235848a60b6f63bd084e01f"}, {"last_affected":"d0599a3516c5da31c7009af7574abbff360b9ce6"}, {"last_affected":"faac8e43315dae5818816bcebe52d11777b064b2"}, {"last_affected":"21d0ae829f72ec327aff31b0cb1af1261b56596c"}, {"last_affected":"1eb646ec9f87ed488f52561867e107eaee89e20c"}, {"last_affected":"d52b5f85f2837b0de9bdefe2a650d8d1b0e02ec1"}, {"last_affected":"f478bdabf2afcd5f709789347f8a3becc4ff17bc"}, {"last_affected":"b2c9cd36d34c4157af10342ad3476dd9260bbefe"}, {"last_affected":"04fd0250e1fd3fddcd7bc96c8ac95455f910637e"}, {"last_affected":"af5917698bd44f136fd0ff00a9e5f8b5f92f2d58"}, {"last_affected":"b17cec526214dff9d6ac1d97b70167d15a4e14d7"}, {"last_affected":"48d388b03336d01e0db9b729f9f82cbadf3af7bd"}, {"last_affected":"d6ce1cb14077891f3f6ac86cfd243835c92eb374"}, {"last_affected":"0bcb6ac150690d1b799982efabc11cab3420f3e3"}, {"last_affected":"620197d1ffea20e9168372c354438f1c1e926ecd"}, {"last_affected":"15466db69e60f486c44e4c3e680d27c951f125d7"}, {"last_affected":"93f3752b970cc7c9e1a360037fff1ddb9dcbb86e"}, {"last_affected":"26241af6f8b291eed42c597ffa2b32802331f813"}, {"last_affected":"58142a27ea96bf9246586a91a82db85e37646933"}, {"last_affected":"40934e0e9b632fa6c6ec22ac03b530625a027c79"}, {"last_affected":"c9b3451da3cf632424c07c35759c9ffbd537fa9e"}, {"last_affected":"644296e736ee219cd02f7b7d7b7b4c7c5a464217"}, {"last_affected":"644179e0d4155ae8f5ddd5c3f6bd003e2e13cf94"}], "database_specific":{"cpe":["cpe:2.3:a:ffmpeg:ffmpeg:2.0:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.0.1:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.0.2:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.0.3:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.0.4:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.0.5:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.0.6:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.0.7:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.1:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.1.2:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.1.3:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.1.4:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.1.5:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.1.6:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.1.7:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.1.8:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.2:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.3:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.4:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.5:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.6:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.7:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.8:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.9:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.10:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.11:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.12:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.13:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.14:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.15:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.2.16:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.3:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.3.2:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.3.3:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.3.4:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.3.5:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.3.6:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.4:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.4.3:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.4.4:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.4.5:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.4.6:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.4.7:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.4.8:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.4.9:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.4.10:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.4.11:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.4.12:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.5:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.5.3:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.5.4:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.5.5:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.5.6:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.5.7:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.5.8:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.5.9:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.6:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.6.2:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.6.3:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.6.4:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.6.5:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.6.6:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.7:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.7.4:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.8:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.8:dev:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.8.2:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.8.3:*:*:*:*:*:*:*", "cpe:2.3:a:ffmpeg:ffmpeg:2.8.4:*:*:*:*:*:*:*"], "source":"CPE_FIELD", "versions":[{"introduced":"0"}, {"last_affected":"2.0"}, {"last_affected":"2.0.1"}, {"last_affected":"2.0.2"}, {"last_affected":"2.0.3"}, {"last_affected":"2.0.4"}, {"last_affected":"2.0.5"}, {"last_affected":"2.0.6"}, {"last_affected":"2.0.7"}, {"last_affected":"2.1"}, {"last_affected":"2.1.1"}, {"last_affected":"2.1.2"}, {"last_affected":"2.1.3"}, {"last_affected":"2.1.4"}, {"last_affected":"2.1.5"}, {"last_affected":"2.1.6"}, {"last_affected":"2.1.7"}, {"last_affected":"2.1.8"}, {"last_affected":"2.2"}, {"last_affected":"2.2.1"}, {"last_affected":"2.2.2"}, {"last_affected":"2.2.3"}, {"last_affected":"2.2.4"}, {"last_affected":"2.2.5"}, {"last_affected":"2.2.6"}, {"last_affected":"2.2.7"}, {"last_affected":"2.2.8"}, {"last_affected":"2.2.9"}, {"last_affected":"2.2.10"}, {"last_affected":"2.2.11"}, {"last_affected":"2.2.12"}, {"last_affected":"2.2.13"}, {"last_affected":"2.2.14"}, {"last_affected":"2.2.15"}, {"last_affected":"2.2.16"}, {"last_affected":"2.3"}, {"last_affected":"2.3.1"}, {"last_affected":"2.3.2"}, {"last_affected":"2.3.3"}, {"last_affected":"2.3.4"}, {"last_affected":"2.3.5"}, {"last_affected":"2.3.6"}, {"last_affected":"2.4"}, {"last_affected":"2.4.1"}, {"last_affected":"2.4.2"}, {"last_affected":"2.4.3"}, {"last_affected":"2.4.4"}, {"last_affected":"2.4.5"}, {"last_affected":"2.4.6"}, {"last_affected":"2.4.7"}, {"last_affected":"2.4.8"}, {"last_affected":"2.4.9"}, {"last_affected":"2.4.10"}, {"last_affected":"2.4.11"}, {"last_affected":"2.4.12"}, {"last_affected":"2.5"}, {"last_affected":"2.5.1"}, {"last_affected":"2.5.2"}, {"last_affected":"2.5.3"}, {"last_affected":"2.5.4"}, {"last_affected":"2.5.5"}, {"last_affected":"2.5.6"}, {"last_affected":"2.5.7"}, {"last_affected":"2.5.8"}, {"last_affected":"2.5.9"}, {"last_affected":"2.6"}, {"last_affected":"2.6.1"}, {"last_affected":"2.6.2"}, {"last_affected":"2.6.3"}, {"last_affected":"2.6.4"}, {"last_affected":"2.6.5"}, {"last_affected":"2.6.6"}, {"last_affected":"2.7"}, {"last_affected":"2.7.1"}, {"last_affected":"2.7.2"}, {"last_affected":"2.7.3"}, {"last_affected":"2.7.4"}, {"last_affected":"2.8"}, {"last_affected":"2.8-dev"}, {"last_affected":"2.8.1"}, {"last_affected":"2.8.2"}, {"last_affected":"2.8.3"}, {"last_affected":"2.8.4"}]}}]}], "references":[{"type":"WEB", "url":"http://security.stackexchange.com/questions/110644"}, {"type":"ADVISORY", "url":"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00034.html"}, {"type":"ADVISORY", "url":"http://www.debian.org/security/2016/dsa-3506"}, {"type":"ADVISORY", "url":"http://www.securityfocus.com/bid/80501"}, {"type":"ADVISORY", "url":"http://www.securitytracker.com/id/1034932"}, {"type":"ADVISORY", "url":"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.529036"}, {"type":"ADVISORY", "url":"http://www.ubuntu.com/usn/USN-2944-1"}, {"type":"ADVISORY", "url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1897"}, {"type":"ADVISORY", "url":"https://security.gentoo.org/glsa/201606-09"}, {"type":"ADVISORY", "url":"https://security.gentoo.org/glsa/201705-08"}, {"type":"ADVISORY", "url":"https://www.kb.cert.org/vuls/id/772447"}, {"type":"ARTICLE", "url":"http://habrahabr.ru/company/mailru/blog/274855"}, {"type":"ARTICLE", "url":"http://www.openwall.com/lists/oss-security/2016/01/14/1"}], "database_specific":{"cna_assigner":"mitre", "osv_generated_from":"unknown"}} -{"schema_version":"1.7.3", "id":"CVE-2018-14618", "published":"2018-09-05T19:00:00Z", "modified":"2024-11-21T03:49:26.003Z", "details":"curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently used to iterate over the password and generate output into the allocated storage buffer. On systems with a 32 bit size_t, the math to calculate SUM triggers an integer overflow when the password length exceeds 2GB (2^31 bytes). This integer overflow usually causes a very small buffer to actually get allocated instead of the intended very huge one, making the use of that buffer end up in a heap buffer overflow. (This bug is almost identical to CVE-2017-8816.)", "affected":[{"ranges":[{"type":"GIT", "repo":"https://github.com/curl/curl", "events":[{"introduced":"0"}, {"fixed":"432eb5f5c254ee8383b2522ce597c9219877923e"}, {"last_affected":"52707f959058c148c8a5ef4e81d0599780a1c014"}, {"last_affected":"ac98c73b04aec60683ec2094f3c311485f08d6ab"}], "database_specific":{"cpe":["cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:7.6:*:*:*:*:*:*:*"], "source":"CPE_FIELD", "versions":[{"introduced":"0"}, {"fixed":"7.61.1"}, {"last_affected":"7.5"}, {"last_affected":"7.6"}]}}]}], "references":[{"type":"WEB", "url":"https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf"}, {"type":"WEB", "url":"https://curl.haxx.se/docs/CVE-2018-14618.html"}, {"type":"WEB", "url":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0014"}, {"type":"ADVISORY", "url":"http://www.securitytracker.com/id/1041605"}, {"type":"ADVISORY", "url":"https://access.redhat.com/errata/RHSA-2018:3558"}, {"type":"ADVISORY", "url":"https://access.redhat.com/errata/RHSA-2019:1880"}, {"type":"ADVISORY", "url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14618"}, {"type":"ADVISORY", "url":"https://security.gentoo.org/glsa/201903-03"}, {"type":"ADVISORY", "url":"https://usn.ubuntu.com/3765-1/"}, {"type":"ADVISORY", "url":"https://usn.ubuntu.com/3765-2/"}, {"type":"ADVISORY", "url":"https://www.debian.org/security/2018/dsa-4286"}, {"type":"REPORT", "url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14618"}], "database_specific":{"cna_assigner":"redhat", "cwe_ids":["CWE-122", "CWE-131"], "osv_generated_from":"unknown", "unresolved_ranges":[{"metadata":{"source":"AFFECTED_FIELD"}, "versions":[{"last_affected":"7.61.1"}]}, {"metadata":{"source":"DESCRIPTION"}, "versions":[{"fixed":"7.61.1"}]}]}, "severity":[{"type":"CVSS_V3", "score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}]} -{"schema_version":"1.7.3", "id":"CVE-2022-33068", "published":"2022-06-22T13:24:42Z", "modified":"2024-11-21T07:07:30.140Z", "details":"An integer overflow in the component hb-ot-shape-fallback.cc of Harfbuzz v4.3.0 allows attackers to cause a Denial of Service (DoS) via unspecified vectors.", "affected":[{"ranges":[{"type":"GIT", "repo":"https://github.com/harfbuzz/harfbuzz", "events":[{"introduced":"0"}, {"last_affected":"aee123fc83388b8f5acfb301d87bd92eccc5b843"}, {"fixed":"62e803b36173fd096d7ad460dd1d1db9be542593"}], "database_specific":{"cpe":"cpe:2.3:a:harfbuzz_project:harfbuzz:4.3.0:*:*:*:*:*:*:*", "source":["CPE_FIELD", "REFERENCES"], "versions":[{"introduced":"0"}, {"last_affected":"4.3.0"}]}}]}], "references":[{"type":"ADVISORY", "url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FQBJ24W6TXLSAQWCFW7IBGUMX4AJI3S4/"}, {"type":"ADVISORY", "url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QQMEXOVDL3T2UXKBCON7JSOCE646G7HG/"}, {"type":"ADVISORY", "url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W56WTC5IY4EIUHVUIHMCXA3BSBZLSZCI/"}, {"type":"ADVISORY", "url":"https://nvd.nist.gov/vuln/detail/CVE-2022-33068"}, {"type":"ADVISORY", "url":"https://security.gentoo.org/glsa/202209-11"}, {"type":"REPORT", "url":"https://github.com/harfbuzz/harfbuzz/issues/3557"}, {"type":"FIX", "url":"https://github.com/harfbuzz/harfbuzz/commit/62e803b36173fd096d7ad460dd1d1db9be542593"}], "database_specific":{"cna_assigner":"mitre", "osv_generated_from":"unknown"}} -{"schema_version":"1.7.3", "id":"CVE-2023-22466", "published":"2023-01-04T21:47:09.400Z", "modified":"2025-03-10T21:32:32.950Z", "aliases":["GHSA-7rrj-xr53-82p7"], "summary":"Tokio's reject_remote_clients configuration may get dropped when creating a Windows named pipe", "details":"Tokio is a runtime for writing applications with Rust. Starting with version 1.7.0 and prior to versions 1.18.4, 1.20.3, and 1.23.1, when configuring a Windows named pipe server, setting `pipe_mode` will reset `reject_remote_clients` to `false`. If the application has previously configured `reject_remote_clients` to `true`, this effectively undoes the configuration. Remote clients may only access the named pipe if the named pipe's associated path is accessible via a publicly shared folder (SMB). Versions 1.23.1, 1.20.3, and 1.18.4 have been patched. The fix will also be present in all releases starting from version 1.24.0. Named pipes were introduced to Tokio in version 1.7.0, so releases older than 1.7.0 are not affected. As a workaround, ensure that `pipe_mode` is set first after initializing a `ServerOptions`.", "affected":[{"ranges":[{"type":"GIT", "repo":"https://github.com/tokio-rs/tokio", "events":[{"introduced":"50795e652ecb0747c8d048aeaa38a41dddb2da4b"}, {"fixed":"1a997ffbd62334af2553775234e75ede2d7d949f"}]}]}], "references":[{"type":"WEB", "url":"https://github.com/tokio-rs/tokio/releases/tag/tokio-1.23.1"}, {"type":"WEB", "url":"https://learn.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-createnamedpipea#pipe_reject_remote_clients"}, {"type":"ADVISORY", "url":"https://github.com/tokio-rs/tokio/security/advisories/GHSA-7rrj-xr53-82p7"}, {"type":"ADVISORY", "url":"https://nvd.nist.gov/vuln/detail/CVE-2023-22466"}, {"type":"FIX", "url":"https://github.com/tokio-rs/tokio/pull/5336"}], "database_specific":{"cna_assigner":"GitHub_M", "cwe_ids":["CWE-665"], "osv_generated_from":"unknown"}, "severity":[{"type":"CVSS_V3", "score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L"}]} -{"schema_version":"1.7.3", "id":"CVE-2024-2002", "published":"2024-03-18T12:26:31.386Z", "modified":"2025-11-20T18:21:28.745Z", "summary":"Libdwarf: crashes randomly on fuzzed object", "details":"A double-free vulnerability was found in libdwarf. In a multiply-corrupted DWARF object, libdwarf may try to dealloc(free) an allocation twice, potentially causing unpredictable and various results.", "affected":[{"ranges":[{"type":"GIT", "repo":"https://github.com/davea42/libdwarf-code", "events":[{"introduced":"0"}, {"fixed":"5e43a5ab73cb00c8a46660b361366a8c9c3c93c9"}], "database_specific":{"cpe":"cpe:2.3:a:libdwarf_project:libdwarf:*:*:*:*:*:*:*:*", "source":"CPE_FIELD", "versions":[{"introduced":"0.1.0"}, {"fixed":"0.9.2"}]}}]}], "references":[{"type":"WEB", "url":"https://access.redhat.com/downloads/content/package-browser/"}, {"type":"WEB", "url":"https://github.com/davea42/libdwarf-code/"}, {"type":"WEB", "url":"https://github.com/davea42/libdwarf-code/blob/main/bugxml/data.txt"}, {"type":"WEB", "url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGPVLSPIXR32J6FOAFTTIMYTUUXJICGW/"}, {"type":"ADVISORY", "url":"https://access.redhat.com/security/cve/CVE-2024-2002"}, {"type":"ADVISORY", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-2002"}, {"type":"REPORT", "url":"https://bugzilla.redhat.com/show_bug.cgi?id=2267700"}], "database_specific":{"cna_assigner":"redhat", "cwe_ids":["CWE-415"], "osv_generated_from":"unknown", "unresolved_ranges":[{"metadata":{"source":"AFFECTED_FIELD"}, "versions":[{"last_affected":"0.1.0"}]}]}, "severity":[{"type":"CVSS_V3", "score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]} -{"schema_version":"1.7.3", "id":"CVE-2024-7264", "published":"2024-07-31T08:08:14.585Z", "modified":"2025-11-03T23:17:31.647Z", "summary":"ASN.1 date parser overread", "details":"libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", "affected":[{"ranges":[{"type":"GIT", "repo":"https://github.com/curl/curl", "events":[{"introduced":"70812c2f32fc5734bcbbe572b9f61c380433ad6a"}, {"fixed":"27959ecce75cdb2809c0bdb3286e60e08fadb519"}]}]}], "references":[{"type":"WEB", "url":"http://www.openwall.com/lists/oss-security/2024/07/31/1"}, {"type":"WEB", "url":"https://curl.se/docs/CVE-2024-7264.html"}, {"type":"WEB", "url":"https://curl.se/docs/CVE-2024-7264.json"}, {"type":"WEB", "url":"https://hackerone.com/reports/2629968"}, {"type":"ADVISORY", "url":"https://nvd.nist.gov/vuln/detail/CVE-2024-7264"}, {"type":"ADVISORY", "url":"https://security.netapp.com/advisory/ntap-20240828-0008/"}, {"type":"ADVISORY", "url":"https://security.netapp.com/advisory/ntap-20241025-0006/"}, {"type":"ADVISORY", "url":"https://security.netapp.com/advisory/ntap-20241025-0010/"}, {"type":"FIX", "url":"https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519"}], "database_specific":{"cna_assigner":"curl", "osv_generated_from":"unknown"}, "severity":[{"type":"CVSS_V3", "score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}]} -{"schema_version":"1.7.3", "id":"CVE-2025-4565", "published":"2025-06-16T14:50:40.906Z", "modified":"2025-08-14T17:05:37.770Z", "summary":"Unbounded recursion in Python Protobuf", "details":"Any project that uses Protobuf Pure-Python backend to parse untrusted Protocol Buffers data containing an arbitrary number of recursive groups, recursive messages or a series of SGROUP tags can be corrupted by exceeding the Python recursion limit. This can result in a Denial of service by crashing the application with a RecursionError. We recommend upgrading to version =>6.31.1 or beyond commit 17838beda2943d08b8a9d4df5b68f5f04f26d901", "affected":[{"ranges":[{"type":"GIT", "repo":"https://github.com/protocolbuffers/protobuf", "events":[{"introduced":"d295af5c3002c08e1bfd9d7f9e175d0a4d015f1e"}, {"fixed":"74211c0dfc2777318ab53c2cd2c317a2ef9012de"}]}]}], "references":[{"type":"WEB", "url":"https://github.com/protocolbuffers/protobuf/"}, {"type":"ADVISORY", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-4565"}, {"type":"FIX", "url":"https://github.com/protocolbuffers/protobuf/commit/17838beda2943d08b8a9d4df5b68f5f04f26d901"}, {"type":"PACKAGE", "url":"https://pypi.org/project/protobuf/"}], "database_specific":{"cna_assigner":"Google", "cwe_ids":["CWE-674"], "osv_generated_from":"unknown"}, "severity":[{"type":"CVSS_V4", "score":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"}]} -{"schema_version":"1.7.3", "id":"CVE-2026-20912", "published":"2026-01-22T22:01:52.026Z", "modified":"2026-01-29T22:03:58.330Z", "aliases":["GHSA-vfmv-f93v-37mw"], "summary":"Gitea: Cross-Repository Authorization Bypass via Release Attachment Linking Leads to Private Attachment Disclosure", "details":"Gitea does not properly validate repository ownership when linking attachments to releases. An attachment uploaded to a private repository could potentially be linked to a release in a different public repository, making it accessible to unauthorized users.", "affected":[{"ranges":[{"type":"GIT", "repo":"https://github.com/go-gitea/gitea", "events":[{"introduced":"0"}, {"fixed":"369830bada2fd8826a5135cb2fc66660a9bef708"}]}]}], "references":[{"type":"ADVISORY", "url":"https://blog.gitea.com/release-of-1.25.4/"}, {"type":"ADVISORY", "url":"https://github.com/go-gitea/gitea/releases/tag/v1.25.4"}, {"type":"ADVISORY", "url":"https://github.com/go-gitea/gitea/security/advisories/GHSA-vfmv-f93v-37mw"}, {"type":"ADVISORY", "url":"https://nvd.nist.gov/vuln/detail/CVE-2026-20912"}, {"type":"FIX", "url":"https://github.com/go-gitea/gitea/pull/36320"}, {"type":"FIX", "url":"https://github.com/go-gitea/gitea/pull/36355"}], "database_specific":{"cna_assigner":"Gitea", "cwe_ids":["CWE-284", "CWE-639"], "osv_generated_from":"unknown"}, "severity":[{"type":"CVSS_V3", "score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"}]} -{"schema_version":"1.7.3", "id":"CVE-2026-23522", "published":"2026-01-19T16:53:32.371Z", "modified":"2026-01-26T15:05:39.840Z", "aliases":["GHSA-j7xp-4mg9-x28r"], "summary":"Lobe Chat has IDOR in Knowledge Base File Removal that Allows Cross User File Deletion", "details":"LobeChat is an open source chat application platform. Prior to version 2.0.0-next.193, `knowledgeBase.removeFilesFromKnowledgeBase` tRPC ep allows authenticated users to delete files from any knowledge base without verifying ownership. `userId` filter in the database query is commented out, so it's enabling attackers to delete other users' KB files if they know the knowledge base ID and file ID. While the vulnerability is confirmed, practical exploitation requires knowing target's KB ID and target's file ID. These IDs are random and not easily enumerable. However, IDs may leak through shared links, logs, referrer headers and so on. Missing authorization check is a critical security flaw regardless. Users should upgrade to version 2.0.0-next.193 to receive a patch.", "affected":[{"ranges":[{"type":"GIT", "repo":"https://github.com/lobehub/lobehub", "events":[{"introduced":"0"}, {"fixed":"eeda4f90af57368584fa97250cbb0d5bf0a5e16e"}]}]}], "references":[{"type":"ADVISORY", "url":"https://github.com/lobehub/lobe-chat/security/advisories/GHSA-j7xp-4mg9-x28r"}, {"type":"ADVISORY", "url":"https://nvd.nist.gov/vuln/detail/CVE-2026-23522"}, {"type":"FIX", "url":"https://github.com/lobehub/lobe-chat/commit/2c1762b85acb84467ed5e799afe1499cd2f912e6"}], "database_specific":{"cna_assigner":"GitHub_M", "cwe_ids":["CWE-284", "CWE-639", "CWE-862", "CWE-915"], "osv_generated_from":"unknown"}, "severity":[{"type":"CVSS_V3", "score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}]} +{"schema_version":"1.7.3","id":"CVE-2016-15012","published":"2023-01-07T12:59:27.772Z","modified":"2025-04-08T20:30:50.208Z","summary":"forcedotcom SalesforceMobileSDK-Windows QuerySpec.cs ComputeCountSql sql injection","details":"** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in forcedotcom SalesforceMobileSDK-Windows up to 4.x. It has been rated as critical. This issue affects the function ComputeCountSql of the file SalesforceSDK/SmartStore/Store/QuerySpec.cs. The manipulation leads to sql injection. Upgrading to version 5.0.0 is able to address this issue. The patch is named 83b3e91e0c1e84873a6d3ca3c5887eb5b4f5a3d8. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-217619. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.","affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/forcedotcom/salesforcemobilesdk-windows","events":[{"introduced":"0"},{"fixed":"83b3e91e0c1e84873a6d3ca3c5887eb5b4f5a3d8"}]}]}],"references":[{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2016-15012"},{"type":"ADVISORY","url":"https://vuldb.com/?id.217619"},{"type":"REPORT","url":"https://vuldb.com/?ctiid.217619"},{"type":"FIX","url":"https://github.com/forcedotcom/SalesforceMobileSDK-Windows/commit/83b3e91e0c1e84873a6d3ca3c5887eb5b4f5a3d8"},{"type":"FIX","url":"https://github.com/forcedotcom/SalesforceMobileSDK-Windows/releases/tag/v5.0.0"}],"database_specific":{"cna_assigner":"VulDB","cwe_ids":["CWE-89"],"osv_generated_from":"unknown"},"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}]} +{"schema_version":"1.7.3","id":"CVE-2016-1897","published":"2016-01-15T02:00:00Z","modified":"2025-04-12T10:46:40.837Z","details":"FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the concat protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP request in which the URL string contains the first line of a local file.","affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/ffmpeg/ffmpeg","events":[{"introduced":"0"},{"last_affected":"2b8b2ba19fe0ca6594cb09439b9ead2c328a79d8"},{"last_affected":"acf511de34e0b79fff0183e06ed37f1aa8dc3d94"},{"last_affected":"9d0bb7fc3991b030603acfe899e6f001e530c89a"},{"last_affected":"b4552cc9b8c37410f754af5d34d24e7b8a9b4b0e"},{"last_affected":"7de7bd4f563a1431bdac59dae5d8e930e71405e6"},{"last_affected":"205e2264c3d5b1a16a4493b9281b9167d09c3505"},{"last_affected":"3d91569c5e39f4062393fdb40b038e31df38473a"},{"last_affected":"0caff57c42cac0f80152187473b1ee753aca8257"},{"last_affected":"a37e42b3ee4226a4d2c69cd4eebf9c81e6df8ea5"},{"last_affected":"9422cd85a081f6e084731e87eda3e8e4df9f6827"},{"last_affected":"29353dd3f8159089ecf2fa0886f94f4cf32e75f2"},{"last_affected":"eda6effcabcf9c238e4635eb058d72371336e09b"},{"last_affected":"d3139c9733f1994fb86825e0d1fd2a5abf3be7b5"},{"last_affected":"e7873dfccad595e9d8fc65217ebffcf3686e1d34"},{"last_affected":"27172a5ca360e61a07ff16bf22f2ec91208f4e00"},{"last_affected":"41802887eb647bee21238e0a575a7c4bbf954b86"},{"last_affected":"68f89b8264d46d5812e710ca0f903d4d323ec899"},{"last_affected":"6baf9c4406bcdf1015c9ec8bd6b8c4aef77624ac"},{"last_affected":"e72c0a04664a9aab449b63135fe16ade51a99bb6"},{"last_affected":"c2eb668617555cb8b8bcfb9796241ada9471ac65"},{"last_affected":"f406bf3fa933be089bd76a95f75ea57b0942f8c5"},{"last_affected":"e0a03d1f9cb18139ede8c3d0263a21828494c951"},{"last_affected":"0edc79962641dd853cda187ee13b617701346061"},{"last_affected":"1b99667005156cadc8d3ae0099ef5d244e598ac5"},{"last_affected":"49fa398858df1a1e425740672de5fb4819b4d947"},{"last_affected":"5df02760dd2f050b996f931fa7cdf8871bfa5d96"},{"last_affected":"b05d3550407418aea53f2672463a8ebc8f75654e"},{"last_affected":"969aee07e68c5930782bc46f2ac2391db55b8d1b"},{"last_affected":"9f09bfe681259cfed7414f207c88f84c09d5b501"},{"last_affected":"86a01362c0e46d155fbfc1ef19f5ba17af3ee69d"},{"last_affected":"36cfee3adc70c6a78a07df4bb16349c4b0893ef4"},{"last_affected":"bf0d2ee92c33d802907e829f99c26a46578ed679"},{"last_affected":"1c14b09caf903f2e776dcd661085db49511bf531"},{"last_affected":"051cd7dc5f42542753f809109d00ec3cf19eb337"},{"last_affected":"3ec3f70ddb1b97fd6174ab3ca8617d8a1a6516ab"},{"last_affected":"7c2d152f562ab089ecf8262438e2f8e9cb9c546f"},{"last_affected":"b88de7b31a4a5c35d10b1392d2d86d93fc942b4c"},{"last_affected":"bc259185cb69c6532232be4b2ad57a70ef7ed946"},{"last_affected":"d005e2ecce5c8104679b39f2050a9d83e417d275"},{"last_affected":"b44506c393b176dc396502ad262ac18bec52a110"},{"last_affected":"db27f50e0658e91758e8a17fdcf390e6bc93c1d2"},{"last_affected":"13a72d9b08c914c3d3c99be1053e9d5cda8baa88"},{"last_affected":"e1ce4f805f31aecec83fc7c7ecaab623f3b6327f"},{"last_affected":"d61454e7c1de48f6a9059ca98f55e6beb52a618c"},{"last_affected":"043f32606046b1470218511ded151edfa7a126ee"},{"last_affected":"dd2394754d8cee3717b3e198c83cc382674cf126"},{"last_affected":"4afe2684d8f50b28ce6743c7ee999f3157c9857f"},{"last_affected":"1fd7fb9036fcfb1620068014d8a52112067d2d59"},{"last_affected":"3c63503792147a996997023694a3b45f27ab3f78"},{"last_affected":"2c8c55195da97ee45fb0daf6d68c22b942e14ade"},{"last_affected":"de7b74d2544d2cb5ff85db20a9853116ea72ed47"},{"last_affected":"1047c286fa20c79dde8ddd7577a3b87cc1effdb7"},{"last_affected":"0045969e411bcf946b2393e7bcb42032cb71a9a1"},{"last_affected":"5e4ec87720a64cd969120af60e82cbd55454ab8e"},{"last_affected":"da2186be81b5cb2d24da5671e25affbb8f09920d"},{"last_affected":"2c01dd2ea5e39238261945185d2b30e11979cf4b"},{"last_affected":"959ab06c68f8c74a0f31bcaf2692cbbdaf5702f6"},{"last_affected":"07d508e4f55f6045b83df3346448b149faab5d7d"},{"last_affected":"3429714f3d046f4e2235848a60b6f63bd084e01f"},{"last_affected":"d0599a3516c5da31c7009af7574abbff360b9ce6"},{"last_affected":"faac8e43315dae5818816bcebe52d11777b064b2"},{"last_affected":"21d0ae829f72ec327aff31b0cb1af1261b56596c"},{"last_affected":"1eb646ec9f87ed488f52561867e107eaee89e20c"},{"last_affected":"d52b5f85f2837b0de9bdefe2a650d8d1b0e02ec1"},{"last_affected":"f478bdabf2afcd5f709789347f8a3becc4ff17bc"},{"last_affected":"b2c9cd36d34c4157af10342ad3476dd9260bbefe"},{"last_affected":"04fd0250e1fd3fddcd7bc96c8ac95455f910637e"},{"last_affected":"af5917698bd44f136fd0ff00a9e5f8b5f92f2d58"},{"last_affected":"b17cec526214dff9d6ac1d97b70167d15a4e14d7"},{"last_affected":"48d388b03336d01e0db9b729f9f82cbadf3af7bd"},{"last_affected":"d6ce1cb14077891f3f6ac86cfd243835c92eb374"},{"last_affected":"0bcb6ac150690d1b799982efabc11cab3420f3e3"},{"last_affected":"620197d1ffea20e9168372c354438f1c1e926ecd"},{"last_affected":"15466db69e60f486c44e4c3e680d27c951f125d7"},{"last_affected":"93f3752b970cc7c9e1a360037fff1ddb9dcbb86e"},{"last_affected":"26241af6f8b291eed42c597ffa2b32802331f813"},{"last_affected":"58142a27ea96bf9246586a91a82db85e37646933"},{"last_affected":"40934e0e9b632fa6c6ec22ac03b530625a027c79"},{"last_affected":"c9b3451da3cf632424c07c35759c9ffbd537fa9e"},{"last_affected":"644296e736ee219cd02f7b7d7b7b4c7c5a464217"},{"last_affected":"644179e0d4155ae8f5ddd5c3f6bd003e2e13cf94"}],"database_specific":{"cpe":["cpe:2.3:a:ffmpeg:ffmpeg:2.0:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.0.1:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.0.2:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.0.3:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.0.4:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.0.5:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.0.6:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.0.7:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.1:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.1.1:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.1.2:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.1.3:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.1.4:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.1.5:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.1.6:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.1.7:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.1.8:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.2:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.2.1:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.2.2:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.2.3:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.2.4:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.2.5:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.2.6:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.2.7:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.2.8:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.2.9:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.2.10:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.2.11:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.2.12:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.2.13:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.2.14:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.2.15:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.2.16:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.3:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.3.1:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.3.2:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.3.3:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.3.4:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.3.5:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.3.6:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.4:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.4.1:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.4.2:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.4.3:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.4.4:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.4.5:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.4.6:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.4.7:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.4.8:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.4.9:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.4.10:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.4.11:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.4.12:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.5:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.5.1:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.5.2:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.5.3:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.5.4:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.5.5:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.5.6:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.5.7:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.5.8:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.5.9:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.6:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.6.1:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.6.2:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.6.3:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.6.4:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.6.5:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.6.6:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.7:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.7.1:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.7.2:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.7.3:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.7.4:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.8:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.8:dev:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.8.1:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.8.2:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.8.3:*:*:*:*:*:*:*","cpe:2.3:a:ffmpeg:ffmpeg:2.8.4:*:*:*:*:*:*:*"],"source":"CPE_FIELD","versions":[{"introduced":"0"},{"last_affected":"2.0"},{"last_affected":"2.0.1"},{"last_affected":"2.0.2"},{"last_affected":"2.0.3"},{"last_affected":"2.0.4"},{"last_affected":"2.0.5"},{"last_affected":"2.0.6"},{"last_affected":"2.0.7"},{"last_affected":"2.1"},{"last_affected":"2.1.1"},{"last_affected":"2.1.2"},{"last_affected":"2.1.3"},{"last_affected":"2.1.4"},{"last_affected":"2.1.5"},{"last_affected":"2.1.6"},{"last_affected":"2.1.7"},{"last_affected":"2.1.8"},{"last_affected":"2.2"},{"last_affected":"2.2.1"},{"last_affected":"2.2.2"},{"last_affected":"2.2.3"},{"last_affected":"2.2.4"},{"last_affected":"2.2.5"},{"last_affected":"2.2.6"},{"last_affected":"2.2.7"},{"last_affected":"2.2.8"},{"last_affected":"2.2.9"},{"last_affected":"2.2.10"},{"last_affected":"2.2.11"},{"last_affected":"2.2.12"},{"last_affected":"2.2.13"},{"last_affected":"2.2.14"},{"last_affected":"2.2.15"},{"last_affected":"2.2.16"},{"last_affected":"2.3"},{"last_affected":"2.3.1"},{"last_affected":"2.3.2"},{"last_affected":"2.3.3"},{"last_affected":"2.3.4"},{"last_affected":"2.3.5"},{"last_affected":"2.3.6"},{"last_affected":"2.4"},{"last_affected":"2.4.1"},{"last_affected":"2.4.2"},{"last_affected":"2.4.3"},{"last_affected":"2.4.4"},{"last_affected":"2.4.5"},{"last_affected":"2.4.6"},{"last_affected":"2.4.7"},{"last_affected":"2.4.8"},{"last_affected":"2.4.9"},{"last_affected":"2.4.10"},{"last_affected":"2.4.11"},{"last_affected":"2.4.12"},{"last_affected":"2.5"},{"last_affected":"2.5.1"},{"last_affected":"2.5.2"},{"last_affected":"2.5.3"},{"last_affected":"2.5.4"},{"last_affected":"2.5.5"},{"last_affected":"2.5.6"},{"last_affected":"2.5.7"},{"last_affected":"2.5.8"},{"last_affected":"2.5.9"},{"last_affected":"2.6"},{"last_affected":"2.6.1"},{"last_affected":"2.6.2"},{"last_affected":"2.6.3"},{"last_affected":"2.6.4"},{"last_affected":"2.6.5"},{"last_affected":"2.6.6"},{"last_affected":"2.7"},{"last_affected":"2.7.1"},{"last_affected":"2.7.2"},{"last_affected":"2.7.3"},{"last_affected":"2.7.4"},{"last_affected":"2.8"},{"last_affected":"2.8-dev"},{"last_affected":"2.8.1"},{"last_affected":"2.8.2"},{"last_affected":"2.8.3"},{"last_affected":"2.8.4"}]}}]}],"references":[{"type":"WEB","url":"http://security.stackexchange.com/questions/110644"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00034.html"},{"type":"ADVISORY","url":"http://www.debian.org/security/2016/dsa-3506"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/80501"},{"type":"ADVISORY","url":"http://www.securitytracker.com/id/1034932"},{"type":"ADVISORY","url":"http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.529036"},{"type":"ADVISORY","url":"http://www.ubuntu.com/usn/USN-2944-1"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2016-1897"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201606-09"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201705-08"},{"type":"ADVISORY","url":"https://www.kb.cert.org/vuls/id/772447"},{"type":"ARTICLE","url":"http://habrahabr.ru/company/mailru/blog/274855"},{"type":"ARTICLE","url":"http://www.openwall.com/lists/oss-security/2016/01/14/1"}],"database_specific":{"cna_assigner":"mitre","osv_generated_from":"unknown"}} +{"schema_version":"1.7.3","id":"CVE-2018-14618","published":"2018-09-05T19:00:00Z","modified":"2024-11-21T03:49:26.003Z","details":"curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently used to iterate over the password and generate output into the allocated storage buffer. On systems with a 32 bit size_t, the math to calculate SUM triggers an integer overflow when the password length exceeds 2GB (2^31 bytes). This integer overflow usually causes a very small buffer to actually get allocated instead of the intended very huge one, making the use of that buffer end up in a heap buffer overflow. (This bug is almost identical to CVE-2017-8816.)","affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/curl/curl","events":[{"introduced":"0"},{"fixed":"432eb5f5c254ee8383b2522ce597c9219877923e"},{"last_affected":"52707f959058c148c8a5ef4e81d0599780a1c014"},{"last_affected":"ac98c73b04aec60683ec2094f3c311485f08d6ab"}],"database_specific":{"cpe":["cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*","cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*","cpe:2.3:o:redhat:enterprise_linux:7.6:*:*:*:*:*:*:*"],"source":"CPE_FIELD","versions":[{"introduced":"0"},{"fixed":"7.61.1"},{"last_affected":"7.5"},{"last_affected":"7.6"}]}}]}],"references":[{"type":"WEB","url":"https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf"},{"type":"WEB","url":"https://curl.haxx.se/docs/CVE-2018-14618.html"},{"type":"WEB","url":"https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0014"},{"type":"ADVISORY","url":"http://www.securitytracker.com/id/1041605"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2018:3558"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2019:1880"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2018-14618"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201903-03"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3765-1/"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3765-2/"},{"type":"ADVISORY","url":"https://www.debian.org/security/2018/dsa-4286"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14618"}],"database_specific":{"cna_assigner":"redhat","cwe_ids":["CWE-122","CWE-131"],"osv_generated_from":"unknown","unresolved_ranges":[{"metadata":{"source":"AFFECTED_FIELD"},"versions":[{"last_affected":"7.61.1"}]},{"metadata":{"source":"DESCRIPTION"},"versions":[{"fixed":"7.61.1"}]}]},"severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}]} +{"schema_version":"1.7.3","id":"CVE-2022-33068","published":"2022-06-22T13:24:42Z","modified":"2024-11-21T07:07:30.140Z","details":"An integer overflow in the component hb-ot-shape-fallback.cc of Harfbuzz v4.3.0 allows attackers to cause a Denial of Service (DoS) via unspecified vectors.","affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/harfbuzz/harfbuzz","events":[{"introduced":"0"},{"last_affected":"aee123fc83388b8f5acfb301d87bd92eccc5b843"},{"fixed":"62e803b36173fd096d7ad460dd1d1db9be542593"}],"database_specific":{"cpe":"cpe:2.3:a:harfbuzz_project:harfbuzz:4.3.0:*:*:*:*:*:*:*","source":["CPE_FIELD","REFERENCES"],"versions":[{"introduced":"0"},{"last_affected":"4.3.0"}]}}]}],"references":[{"type":"ADVISORY","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FQBJ24W6TXLSAQWCFW7IBGUMX4AJI3S4/"},{"type":"ADVISORY","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QQMEXOVDL3T2UXKBCON7JSOCE646G7HG/"},{"type":"ADVISORY","url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W56WTC5IY4EIUHVUIHMCXA3BSBZLSZCI/"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2022-33068"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/202209-11"},{"type":"REPORT","url":"https://github.com/harfbuzz/harfbuzz/issues/3557"},{"type":"FIX","url":"https://github.com/harfbuzz/harfbuzz/commit/62e803b36173fd096d7ad460dd1d1db9be542593"}],"database_specific":{"cna_assigner":"mitre","osv_generated_from":"unknown"}} +{"schema_version":"1.7.3","id":"CVE-2023-22466","published":"2023-01-04T21:47:09.400Z","modified":"2025-03-10T21:32:32.950Z","aliases":["GHSA-7rrj-xr53-82p7"],"summary":"Tokio's reject_remote_clients configuration may get dropped when creating a Windows named pipe","details":"Tokio is a runtime for writing applications with Rust. Starting with version 1.7.0 and prior to versions 1.18.4, 1.20.3, and 1.23.1, when configuring a Windows named pipe server, setting `pipe_mode` will reset `reject_remote_clients` to `false`. If the application has previously configured `reject_remote_clients` to `true`, this effectively undoes the configuration. Remote clients may only access the named pipe if the named pipe's associated path is accessible via a publicly shared folder (SMB). Versions 1.23.1, 1.20.3, and 1.18.4 have been patched. The fix will also be present in all releases starting from version 1.24.0. Named pipes were introduced to Tokio in version 1.7.0, so releases older than 1.7.0 are not affected. As a workaround, ensure that `pipe_mode` is set first after initializing a `ServerOptions`.","affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/tokio-rs/tokio","events":[{"introduced":"50795e652ecb0747c8d048aeaa38a41dddb2da4b"},{"fixed":"1a997ffbd62334af2553775234e75ede2d7d949f"}]}]}],"references":[{"type":"WEB","url":"https://github.com/tokio-rs/tokio/releases/tag/tokio-1.23.1"},{"type":"WEB","url":"https://learn.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-createnamedpipea#pipe_reject_remote_clients"},{"type":"ADVISORY","url":"https://github.com/tokio-rs/tokio/security/advisories/GHSA-7rrj-xr53-82p7"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-22466"},{"type":"FIX","url":"https://github.com/tokio-rs/tokio/pull/5336"}],"database_specific":{"cna_assigner":"GitHub_M","cwe_ids":["CWE-665"],"osv_generated_from":"unknown"},"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L"}]} +{"schema_version":"1.7.3","id":"CVE-2024-2002","published":"2024-03-18T12:26:31.386Z","modified":"2025-11-20T18:21:28.745Z","summary":"Libdwarf: crashes randomly on fuzzed object","details":"A double-free vulnerability was found in libdwarf. In a multiply-corrupted DWARF object, libdwarf may try to dealloc(free) an allocation twice, potentially causing unpredictable and various results.","affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/davea42/libdwarf-code","events":[{"introduced":"0"},{"fixed":"5e43a5ab73cb00c8a46660b361366a8c9c3c93c9"}],"database_specific":{"cpe":"cpe:2.3:a:libdwarf_project:libdwarf:*:*:*:*:*:*:*:*","source":"CPE_FIELD","versions":[{"introduced":"0.1.0"},{"fixed":"0.9.2"}]}}]}],"references":[{"type":"WEB","url":"https://access.redhat.com/downloads/content/package-browser/"},{"type":"WEB","url":"https://github.com/davea42/libdwarf-code/"},{"type":"WEB","url":"https://github.com/davea42/libdwarf-code/blob/main/bugxml/data.txt"},{"type":"WEB","url":"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGPVLSPIXR32J6FOAFTTIMYTUUXJICGW/"},{"type":"ADVISORY","url":"https://access.redhat.com/security/cve/CVE-2024-2002"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-2002"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2267700"}],"database_specific":{"cna_assigner":"redhat","cwe_ids":["CWE-415"],"osv_generated_from":"unknown","unresolved_ranges":[{"metadata":{"source":"AFFECTED_FIELD"},"versions":[{"last_affected":"0.1.0"}]}]},"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]} +{"schema_version":"1.7.3","id":"CVE-2024-7264","published":"2024-07-31T08:08:14.585Z","modified":"2025-11-03T23:17:31.647Z","summary":"ASN.1 date parser overread","details":"libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.","affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/curl/curl","events":[{"introduced":"70812c2f32fc5734bcbbe572b9f61c380433ad6a"},{"fixed":"27959ecce75cdb2809c0bdb3286e60e08fadb519"}]}]}],"references":[{"type":"WEB","url":"http://www.openwall.com/lists/oss-security/2024/07/31/1"},{"type":"WEB","url":"https://curl.se/docs/CVE-2024-7264.html"},{"type":"WEB","url":"https://curl.se/docs/CVE-2024-7264.json"},{"type":"WEB","url":"https://hackerone.com/reports/2629968"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2024-7264"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20240828-0008/"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20241025-0006/"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20241025-0010/"},{"type":"FIX","url":"https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519"}],"database_specific":{"cna_assigner":"curl","osv_generated_from":"unknown"},"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"}]} +{"schema_version":"1.7.3","id":"CVE-2025-4565","published":"2025-06-16T14:50:40.906Z","modified":"2025-08-14T17:05:37.770Z","summary":"Unbounded recursion in Python Protobuf","details":"Any project that uses Protobuf Pure-Python backend to parse untrusted Protocol Buffers data containing an arbitrary number of recursive groups, recursive messages or a series of SGROUP tags can be corrupted by exceeding the Python recursion limit. This can result in a Denial of service by crashing the application with a RecursionError. We recommend upgrading to version =>6.31.1 or beyond commit 17838beda2943d08b8a9d4df5b68f5f04f26d901","affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/protocolbuffers/protobuf","events":[{"introduced":"d295af5c3002c08e1bfd9d7f9e175d0a4d015f1e"},{"fixed":"74211c0dfc2777318ab53c2cd2c317a2ef9012de"}]}]}],"references":[{"type":"WEB","url":"https://github.com/protocolbuffers/protobuf/"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-4565"},{"type":"FIX","url":"https://github.com/protocolbuffers/protobuf/commit/17838beda2943d08b8a9d4df5b68f5f04f26d901"},{"type":"PACKAGE","url":"https://pypi.org/project/protobuf/"}],"database_specific":{"cna_assigner":"Google","cwe_ids":["CWE-674"],"osv_generated_from":"unknown"},"severity":[{"type":"CVSS_V4","score":"CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"}]} +{"schema_version":"1.7.3","id":"CVE-2026-20912","published":"2026-01-22T22:01:52.026Z","modified":"2026-01-29T22:03:58.330Z","aliases":["GHSA-vfmv-f93v-37mw"],"summary":"Gitea: Cross-Repository Authorization Bypass via Release Attachment Linking Leads to Private Attachment Disclosure","details":"Gitea does not properly validate repository ownership when linking attachments to releases. An attachment uploaded to a private repository could potentially be linked to a release in a different public repository, making it accessible to unauthorized users.","affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/go-gitea/gitea","events":[{"introduced":"0"},{"fixed":"369830bada2fd8826a5135cb2fc66660a9bef708"}]}]}],"references":[{"type":"ADVISORY","url":"https://blog.gitea.com/release-of-1.25.4/"},{"type":"ADVISORY","url":"https://github.com/go-gitea/gitea/releases/tag/v1.25.4"},{"type":"ADVISORY","url":"https://github.com/go-gitea/gitea/security/advisories/GHSA-vfmv-f93v-37mw"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-20912"},{"type":"FIX","url":"https://github.com/go-gitea/gitea/pull/36320"},{"type":"FIX","url":"https://github.com/go-gitea/gitea/pull/36355"}],"database_specific":{"cna_assigner":"Gitea","cwe_ids":["CWE-284","CWE-639"],"osv_generated_from":"unknown"},"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N"}]} +{"schema_version":"1.7.3","id":"CVE-2026-23522","published":"2026-01-19T16:53:32.371Z","modified":"2026-01-26T15:05:39.840Z","aliases":["GHSA-j7xp-4mg9-x28r"],"summary":"Lobe Chat has IDOR in Knowledge Base File Removal that Allows Cross User File Deletion","details":"LobeChat is an open source chat application platform. Prior to version 2.0.0-next.193, `knowledgeBase.removeFilesFromKnowledgeBase` tRPC ep allows authenticated users to delete files from any knowledge base without verifying ownership. `userId` filter in the database query is commented out, so it's enabling attackers to delete other users' KB files if they know the knowledge base ID and file ID. While the vulnerability is confirmed, practical exploitation requires knowing target's KB ID and target's file ID. These IDs are random and not easily enumerable. However, IDs may leak through shared links, logs, referrer headers and so on. Missing authorization check is a critical security flaw regardless. Users should upgrade to version 2.0.0-next.193 to receive a patch.","affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/lobehub/lobehub","events":[{"introduced":"0"},{"fixed":"eeda4f90af57368584fa97250cbb0d5bf0a5e16e"}]}]}],"references":[{"type":"ADVISORY","url":"https://github.com/lobehub/lobe-chat/security/advisories/GHSA-j7xp-4mg9-x28r"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2026-23522"},{"type":"FIX","url":"https://github.com/lobehub/lobe-chat/commit/2c1762b85acb84467ed5e799afe1499cd2f912e6"}],"database_specific":{"cna_assigner":"GitHub_M","cwe_ids":["CWE-284","CWE-639","CWE-862","CWE-915"],"osv_generated_from":"unknown"},"severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N"}]} --- diff --git a/vulnfeeds/cmd/combine-to-osv/main_test.go b/vulnfeeds/cmd/combine-to-osv/main_test.go index ee099b59340..c386eee532b 100644 --- a/vulnfeeds/cmd/combine-to-osv/main_test.go +++ b/vulnfeeds/cmd/combine-to-osv/main_test.go @@ -449,13 +449,13 @@ func TestCombineDirsSnapshot(t *testing.T) { combined := combineIntoOSV(cve5osv, nvdosvCopy, nil) // Sort by ID to ensure deterministic snapshot - var keys []string + keys := make([]string, 0, len(combined)) for k := range combined { keys = append(keys, string(k)) } sort.Strings(keys) - var output []string + output := make([]string, 0, len(keys)) for _, k := range keys { v := combined[models.CVEID(k)] file, err := protojson.Marshal(v) diff --git a/vulnfeeds/conversion/common.go b/vulnfeeds/conversion/common.go index d626c722241..0396e4ecbf6 100644 --- a/vulnfeeds/conversion/common.go +++ b/vulnfeeds/conversion/common.go @@ -519,6 +519,7 @@ func CreateUnresolvedRanges(unresolvedRanges []models.RangeWithMetadata) *struct if a.Source != b.Source { return strings.Compare(a.Source, b.Source) } + return strings.Compare(a.CPE, b.CPE) }) @@ -627,7 +628,6 @@ func ProcessRanges(ranges []models.RangeWithMetadata, repos []string, metrics *m return r, un, sR } - func LoadCPEDictionary(productToRepo *VPRepoCache, f string) error { data, err := os.ReadFile(f) if err != nil { @@ -641,4 +641,4 @@ func LoadCPEDictionary(productToRepo *VPRepoCache, f string) error { productToRepo.Initialize(tempMap) return nil -} \ No newline at end of file +} diff --git a/vulnfeeds/conversion/cve5/converter_test.go b/vulnfeeds/conversion/cve5/converter_test.go index ee04fdecb84..a6ae340e580 100644 --- a/vulnfeeds/conversion/cve5/converter_test.go +++ b/vulnfeeds/conversion/cve5/converter_test.go @@ -590,13 +590,13 @@ func TestConvertAndExportCVEToOSV(t *testing.T) { } func TestCVE5Snapshot(t *testing.T) { - testDir := "../../cmd/converters/cve/cve5/test" + testDir := "../../test_data/cve5" files, err := os.ReadDir(testDir) if err != nil { t.Fatalf("Failed to read test directory %s: %v", testDir, err) } - var results []string + results := make([]string, 0, len(files)) for _, file := range files { if file.IsDir() || filepath.Ext(file.Name()) != ".json" { continue @@ -627,7 +627,7 @@ func TestCVE5Snapshot(t *testing.T) { // Sort results for deterministic snapshot sort.Strings(results) - var keys []any + keys := make([]any, 0, len(results)) for _, r := range results { keys = append(keys, r) } diff --git a/vulnfeeds/conversion/nvd/__snapshots__/converter_test.snap b/vulnfeeds/conversion/nvd/__snapshots__/converter_test.snap index bd7c958d395..a29f9d4e706 100755 --- a/vulnfeeds/conversion/nvd/__snapshots__/converter_test.snap +++ b/vulnfeeds/conversion/nvd/__snapshots__/converter_test.snap @@ -1068,6 +1068,246 @@ } ] } +{ + "database_specific": { + "unresolved_ranges": [ + { + "metadata": { + "cpe": "cpe:2.3:a:filezilla-project:filezilla_client:*:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ + { + "fixed": "3.67.0" + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ + { + "introduced": "0.68" + }, + { + "fixed": "0.81" + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:tigris:tortoisesvn:*:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ + { + "fixed": "1.14.6" + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:tortoisegit:tortoisegit:*:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ + { + "fixed": "2.15.0.1" + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:a:winscp:winscp:*:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ + { + "fixed": "6.3.3" + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ + { + "last_affected": "38" + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ + { + "last_affected": "39" + } + ] + }, + { + "metadata": { + "cpe": "cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*", + "source": "CPE_FIELD" + }, + "versions": [ + { + "last_affected": "40" + } + ] + } + ] + }, + "details": "In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user's NIST P-521 secret key via a quick attack in approximately 60 signatures. This is especially important in a scenario where an adversary is able to read messages signed by PuTTY or Pageant. The required set of signed messages may be publicly readable because they are stored in a public Git service that supports use of SSH for commit signing, and the signatures were made by Pageant through an agent-forwarding mechanism. In other words, an adversary may already have enough signature information to compromise a victim's private key, even if there is no further use of vulnerable PuTTY versions. After a key compromise, an adversary may be able to conduct supply-chain attacks on software maintained in Git. A second, independent scenario is that the adversary is an operator of an SSH server to which the victim authenticates (for remote login or file copy), even though this server is not fully trusted by the victim, and the victim uses the same private key for SSH connections to other services operated by other entities. Here, the rogue server operator (who would otherwise have no way to determine the victim's private key) can derive the victim's private key, and then use it for unauthorized access to those other services. If the other services include Git services, then again it may be possible to conduct supply-chain attacks on software maintained in Git. This also affects, for example, FileZilla before 3.67.0, WinSCP before 6.3.3, TortoiseGit before 2.15.0.1, and TortoiseSVN through 1.14.6.", + "id": "CVE-2024-31497", + "modified": "2025-11-04T22:16:00.673Z", + "published": "2024-04-15T20:15:11.077Z", + "references": [ + { + "type": "WEB", + "url": "https://docs.ccv.brown.edu/oscar/connecting-to-oscar/ssh/ssh-agent-forwarding/key-generation-and-agent-forwarding-with-putty" + }, + { + "type": "WEB", + "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00014.html" + }, + { + "type": "WEB", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZS3B37GNGWOOV7QU7B7JFK76U4TOP4V/" + }, + { + "type": "WEB", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MMHILY2K7HQGQRHOC375KRRG2M6625RD/" + }, + { + "type": "WEB", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PUOTQVGC4DISVHQGSPUYGXO6TLDK65LA/" + }, + { + "type": "WEB", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WMJH7M663BVO3SY6MFAW2FAZWLLXAPRQ/" + }, + { + "type": "WEB", + "url": "https://securityonline.info/cve-2024-31497-critical-putty-vulnerability-exposes-private-keys-immediate-action-required/" + }, + { + "type": "WEB", + "url": "https://tartarus.org/~simon/putty-snapshots/htmldoc/Chapter9.html#pageant-forward" + }, + { + "type": "WEB", + "url": "https://twitter.com/CCBalert/status/1780229237569470549" + }, + { + "type": "WEB", + "url": "https://twitter.com/lambdafu/status/1779969509522133272" + }, + { + "type": "WEB", + "url": "https://www.bleepingcomputer.com/news/security/putty-ssh-client-flaw-allows-recovery-of-cryptographic-private-keys/" + }, + { + "type": "WEB", + "url": "https://www.reddit.com/r/sysadmin/comments/1c4wmoj/putty_vulnerability_affecting_v068_to_v08/" + }, + { + "type": "WEB", + "url": "https://www.vicarius.io/vsociety/posts/understanding-a-critical-vulnerability-in-putty-biased-ecdsa-nonce-generation-revealing-nist-p-521-private-keys-cve-2024-31497" + }, + { + "type": "ADVISORY", + "url": "http://www.openwall.com/lists/oss-security/2024/04/15/6" + }, + { + "type": "ADVISORY", + "url": "https://filezilla-project.org/versions.php" + }, + { + "type": "ADVISORY", + "url": "https://github.com/advisories/GHSA-6p4c-r453-8743" + }, + { + "type": "ADVISORY", + "url": "https://github.com/daedalus/BreakingECDSAwithLLL" + }, + { + "type": "ADVISORY", + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZS3B37GNGWOOV7QU7B7JFK76U4TOP4V/" + }, + { + "type": "ADVISORY", + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MMHILY2K7HQGQRHOC375KRRG2M6625RD/" + }, + { + "type": "ADVISORY", + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PUOTQVGC4DISVHQGSPUYGXO6TLDK65LA/" + }, + { + "type": "ADVISORY", + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WFDZBV7ZCAZ6AH3VCQ34SSY7L3J7VZXZ/" + }, + { + "type": "ADVISORY", + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WMJH7M663BVO3SY6MFAW2FAZWLLXAPRQ/" + }, + { + "type": "ADVISORY", + "url": "https://security-tracker.debian.org/tracker/CVE-2024-31497" + }, + { + "type": "ADVISORY", + "url": "https://tortoisegit.org" + }, + { + "type": "ADVISORY", + "url": "https://winscp.net/eng/news.php" + }, + { + "type": "ADVISORY", + "url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html" + }, + { + "type": "ADVISORY", + "url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html" + }, + { + "type": "ADVISORY", + "url": "https://www.openwall.com/lists/oss-security/2024/04/15/6" + }, + { + "type": "REPORT", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275183" + }, + { + "type": "REPORT", + "url": "https://bugzilla.suse.com/show_bug.cgi?id=1222864" + }, + { + "type": "REPORT", + "url": "https://news.ycombinator.com/item?id=40044665" + }, + { + "type": "FIX", + "url": "https://git.tartarus.org/?h=c193fe9848f50a88a4089aac647fecc31ae96d27\u0026p=simon/putty.git" + } + ], + "related": [ + "GHSA-6p4c-r453-8743" + ], + "severity": [ + { + "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", + "type": "CVSS_V3" + } + ] +} { "database_specific": { "unresolved_ranges": [ diff --git a/vulnfeeds/conversion/nvd/converter_test.go b/vulnfeeds/conversion/nvd/converter_test.go index 582ed279180..1604f1686ac 100644 --- a/vulnfeeds/conversion/nvd/converter_test.go +++ b/vulnfeeds/conversion/nvd/converter_test.go @@ -139,6 +139,7 @@ func TestNVDSnapshot(t *testing.T) { } fileContents = append(fileContents, string(content)) } + return nil }) if err != nil { @@ -148,7 +149,7 @@ func TestNVDSnapshot(t *testing.T) { // To make snapshot deterministic sort.Strings(fileContents) - var keys []any + keys := make([]any, 0, len(fileContents)) for _, c := range fileContents { keys = append(keys, c) } From 6643a1b2f577c82cf16d849c0c4883ca597d98ac Mon Sep 17 00:00:00 2001 From: Jess Lowe Date: Mon, 30 Mar 2026 02:45:01 +0000 Subject: [PATCH 25/26] add more relevant files --- .../cve5/GitHub_M/CVE-2023-22466.json | 99 +++ .../cve5/GitHub_M/CVE-2026-23522.json | 70 ++ .../cve5/Gitea/CVE-2026-20912.json | 80 +++ .../cve5/Google/CVE-2025-4565.json | 80 +++ .../cve5/VulDB/CVE-2016-15012.json | 72 ++ .../cve5/curl/CVE-2024-7264.json | 649 ++++++++++++++++++ .../cve5/mitre/CVE-2016-1897.json | 68 ++ .../cve5/mitre/CVE-2022-33068.json | 44 ++ .../cve5/redhat/CVE-2018-14618.json | 96 +++ .../cve5/redhat/CVE-2023-1055.json | 43 ++ .../cve5/redhat/CVE-2024-2002.json | 66 ++ 11 files changed, 1367 insertions(+) create mode 100644 vulnfeeds/cmd/combine-to-osv/cve5/GitHub_M/CVE-2023-22466.json create mode 100644 vulnfeeds/cmd/combine-to-osv/cve5/GitHub_M/CVE-2026-23522.json create mode 100644 vulnfeeds/cmd/combine-to-osv/cve5/Gitea/CVE-2026-20912.json create mode 100644 vulnfeeds/cmd/combine-to-osv/cve5/Google/CVE-2025-4565.json create mode 100644 vulnfeeds/cmd/combine-to-osv/cve5/VulDB/CVE-2016-15012.json create mode 100644 vulnfeeds/cmd/combine-to-osv/cve5/curl/CVE-2024-7264.json create mode 100644 vulnfeeds/cmd/combine-to-osv/cve5/mitre/CVE-2016-1897.json create mode 100644 vulnfeeds/cmd/combine-to-osv/cve5/mitre/CVE-2022-33068.json create mode 100644 vulnfeeds/cmd/combine-to-osv/cve5/redhat/CVE-2018-14618.json create mode 100644 vulnfeeds/cmd/combine-to-osv/cve5/redhat/CVE-2023-1055.json create mode 100644 vulnfeeds/cmd/combine-to-osv/cve5/redhat/CVE-2024-2002.json diff --git a/vulnfeeds/cmd/combine-to-osv/cve5/GitHub_M/CVE-2023-22466.json b/vulnfeeds/cmd/combine-to-osv/cve5/GitHub_M/CVE-2023-22466.json new file mode 100644 index 00000000000..b9bca46d033 --- /dev/null +++ b/vulnfeeds/cmd/combine-to-osv/cve5/GitHub_M/CVE-2023-22466.json @@ -0,0 +1,99 @@ +{ + "affected": [ + { + "ranges": [ + { + "database_specific": { + "source": "AFFECTED_FIELD", + "versions": [ + { + "introduced": "1.7.0" + }, + { + "fixed": "1.18.4" + }, + { + "introduced": "1.19.0" + }, + { + "fixed": "1.20.3" + }, + { + "introduced": "1.21.0" + }, + { + "fixed": "1.23.1" + } + ] + }, + "events": [ + { + "introduced": "f64673580dfc649954eb744eb2734f2f118baa47" + }, + { + "fixed": "9241c3eddf4a6a218681b088d71f7191513e2376" + }, + { + "introduced": "674d77d4ef42bd99238521546b3b2cd60b26e50d" + }, + { + "fixed": "ba81945ffc2695b71f2bbcadbfb5e46ec55aaef3" + }, + { + "introduced": "50795e652ecb0747c8d048aeaa38a41dddb2da4b" + }, + { + "fixed": "1a997ffbd62334af2553775234e75ede2d7d949f" + } + ], + "repo": "https://github.com/tokio-rs/tokio", + "type": "GIT" + } + ] + } + ], + "aliases": [ + "GHSA-7rrj-xr53-82p7" + ], + "database_specific": { + "cna_assigner": "GitHub_M", + "cwe_ids": [ + "CWE-665" + ], + "osv_generated_from": "unknown" + }, + "details": "Tokio is a runtime for writing applications with Rust. Starting with version 1.7.0 and prior to versions 1.18.4, 1.20.3, and 1.23.1, when configuring a Windows named pipe server, setting `pipe_mode` will reset `reject_remote_clients` to `false`. If the application has previously configured `reject_remote_clients` to `true`, this effectively undoes the configuration. Remote clients may only access the named pipe if the named pipe's associated path is accessible via a publicly shared folder (SMB). Versions 1.23.1, 1.20.3, and 1.18.4 have been patched. The fix will also be present in all releases starting from version 1.24.0. Named pipes were introduced to Tokio in version 1.7.0, so releases older than 1.7.0 are not affected. As a workaround, ensure that `pipe_mode` is set first after initializing a `ServerOptions`.", + "id": "CVE-2023-22466", + "modified": "2025-03-10T21:32:32.950Z", + "published": "2023-01-04T21:47:09.400Z", + "references": [ + { + "type": "FIX", + "url": "https://github.com/tokio-rs/tokio/pull/5336" + }, + { + "type": "WEB", + "url": "https://github.com/tokio-rs/tokio/releases/tag/tokio-1.23.1" + }, + { + "type": "ADVISORY", + "url": "https://github.com/tokio-rs/tokio/security/advisories/GHSA-7rrj-xr53-82p7" + }, + { + "type": "WEB", + "url": "https://learn.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-createnamedpipea#pipe_reject_remote_clients" + }, + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-22466" + } + ], + "schema_version": "1.7.3", + "severity": [ + { + "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:L", + "type": "CVSS_V3" + } + ], + "summary": "Tokio's reject_remote_clients configuration may get dropped when creating a Windows named pipe" +} \ No newline at end of file diff --git a/vulnfeeds/cmd/combine-to-osv/cve5/GitHub_M/CVE-2026-23522.json b/vulnfeeds/cmd/combine-to-osv/cve5/GitHub_M/CVE-2026-23522.json new file mode 100644 index 00000000000..1eaebc62647 --- /dev/null +++ b/vulnfeeds/cmd/combine-to-osv/cve5/GitHub_M/CVE-2026-23522.json @@ -0,0 +1,70 @@ +{ + "affected": [ + { + "ranges": [ + { + "database_specific": { + "source": "AFFECTED_FIELD", + "versions": [ + { + "introduced": "0" + }, + { + "fixed": "2.0.0-next.193" + } + ] + }, + "events": [ + { + "introduced": "0" + }, + { + "fixed": "eeda4f90af57368584fa97250cbb0d5bf0a5e16e" + } + ], + "repo": "https://github.com/lobehub/lobehub", + "type": "GIT" + } + ] + } + ], + "aliases": [ + "GHSA-j7xp-4mg9-x28r" + ], + "database_specific": { + "cna_assigner": "GitHub_M", + "cwe_ids": [ + "CWE-284", + "CWE-639", + "CWE-862", + "CWE-915" + ], + "osv_generated_from": "unknown" + }, + "details": "LobeChat is an open source chat application platform. Prior to version 2.0.0-next.193, `knowledgeBase.removeFilesFromKnowledgeBase` tRPC ep allows authenticated users to delete files from any knowledge base without verifying ownership. `userId` filter in the database query is commented out, so it's enabling attackers to delete other users' KB files if they know the knowledge base ID and file ID. While the vulnerability is confirmed, practical exploitation requires knowing target's KB ID and target's file ID. These IDs are random and not easily enumerable. However, IDs may leak through shared links, logs, referrer headers and so on. Missing authorization check is a critical security flaw regardless. Users should upgrade to version 2.0.0-next.193 to receive a patch.", + "id": "CVE-2026-23522", + "modified": "2026-01-20T21:35:39.441Z", + "published": "2026-01-19T16:53:32.371Z", + "references": [ + { + "type": "FIX", + "url": "https://github.com/lobehub/lobe-chat/commit/2c1762b85acb84467ed5e799afe1499cd2f912e6" + }, + { + "type": "ADVISORY", + "url": "https://github.com/lobehub/lobe-chat/security/advisories/GHSA-j7xp-4mg9-x28r" + }, + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-23522" + } + ], + "schema_version": "1.7.3", + "severity": [ + { + "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", + "type": "CVSS_V3" + } + ], + "summary": "Lobe Chat has IDOR in Knowledge Base File Removal that Allows Cross User File Deletion" +} \ No newline at end of file diff --git a/vulnfeeds/cmd/combine-to-osv/cve5/Gitea/CVE-2026-20912.json b/vulnfeeds/cmd/combine-to-osv/cve5/Gitea/CVE-2026-20912.json new file mode 100644 index 00000000000..fb180cecf12 --- /dev/null +++ b/vulnfeeds/cmd/combine-to-osv/cve5/Gitea/CVE-2026-20912.json @@ -0,0 +1,80 @@ +{ + "affected": [ + { + "ranges": [ + { + "database_specific": { + "source": "AFFECTED_FIELD", + "versions": [ + { + "introduced": "0" + }, + { + "last_affected": "1.25.3" + } + ] + }, + "events": [ + { + "introduced": "0" + }, + { + "last_affected": "9a7cfd8620989d9de6dc4ca0c95d9fd42c1768ed" + } + ], + "repo": "https://github.com/go-gitea/gitea", + "type": "GIT" + } + ] + } + ], + "aliases": [ + "GHSA-vfmv-f93v-37mw" + ], + "database_specific": { + "cna_assigner": "Gitea", + "cwe_ids": [ + "CWE-284", + "CWE-639" + ], + "osv_generated_from": "unknown" + }, + "details": "Gitea does not properly validate repository ownership when linking attachments to releases. An attachment uploaded to a private repository could potentially be linked to a release in a different public repository, making it accessible to unauthorized users.", + "id": "CVE-2026-20912", + "modified": "2026-01-23T21:53:41.649Z", + "published": "2026-01-22T22:01:52.026Z", + "references": [ + { + "type": "ADVISORY", + "url": "https://blog.gitea.com/release-of-1.25.4/" + }, + { + "type": "FIX", + "url": "https://github.com/go-gitea/gitea/pull/36320" + }, + { + "type": "FIX", + "url": "https://github.com/go-gitea/gitea/pull/36355" + }, + { + "type": "ADVISORY", + "url": "https://github.com/go-gitea/gitea/releases/tag/v1.25.4" + }, + { + "type": "ADVISORY", + "url": "https://github.com/go-gitea/gitea/security/advisories/GHSA-vfmv-f93v-37mw" + }, + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-20912" + } + ], + "schema_version": "1.7.3", + "severity": [ + { + "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", + "type": "CVSS_V3" + } + ], + "summary": "Gitea: Cross-Repository Authorization Bypass via Release Attachment Linking Leads to Private Attachment Disclosure" +} \ No newline at end of file diff --git a/vulnfeeds/cmd/combine-to-osv/cve5/Google/CVE-2025-4565.json b/vulnfeeds/cmd/combine-to-osv/cve5/Google/CVE-2025-4565.json new file mode 100644 index 00000000000..34263a58ca1 --- /dev/null +++ b/vulnfeeds/cmd/combine-to-osv/cve5/Google/CVE-2025-4565.json @@ -0,0 +1,80 @@ +{ + "affected": [ + { + "ranges": [ + { + "database_specific": { + "source": "AFFECTED_FIELD", + "versions": [ + { + "introduced": "0" + }, + { + "fixed": "4.25.8" + }, + { + "fixed": "5.29.5" + }, + { + "fixed": "6.31.1" + } + ] + }, + "events": [ + { + "introduced": "0" + }, + { + "fixed": "a4cbdd3ed0042e8f9b9c30e8b0634096d9532809" + }, + { + "fixed": "f5de0a0495faa63b4186fc767324f8b9a7bf4fc4" + }, + { + "fixed": "74211c0dfc2777318ab53c2cd2c317a2ef9012de" + } + ], + "repo": "https://github.com/protocolbuffers/protobuf", + "type": "GIT" + } + ] + } + ], + "database_specific": { + "cna_assigner": "Google", + "cwe_ids": [ + "CWE-674" + ], + "osv_generated_from": "unknown" + }, + "details": "Any project that uses Protobuf Pure-Python backend to parse untrusted Protocol Buffers data containing an arbitrary number of recursive groups, recursive messages or a series of SGROUP tags can be corrupted by exceeding the Python recursion limit. This can result in a Denial of service by crashing the application with a RecursionError. We recommend upgrading to version =\u003e6.31.1 or beyond commit 17838beda2943d08b8a9d4df5b68f5f04f26d901", + "id": "CVE-2025-4565", + "modified": "2025-06-16T15:39:18.263Z", + "published": "2025-06-16T14:50:40.906Z", + "references": [ + { + "type": "WEB", + "url": "https://github.com/protocolbuffers/protobuf/" + }, + { + "type": "FIX", + "url": "https://github.com/protocolbuffers/protobuf/commit/17838beda2943d08b8a9d4df5b68f5f04f26d901" + }, + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-4565" + }, + { + "type": "PACKAGE", + "url": "https://pypi.org/project/protobuf/" + } + ], + "schema_version": "1.7.3", + "severity": [ + { + "score": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N", + "type": "CVSS_V4" + } + ], + "summary": "Unbounded recursion in Python Protobuf" +} \ No newline at end of file diff --git a/vulnfeeds/cmd/combine-to-osv/cve5/VulDB/CVE-2016-15012.json b/vulnfeeds/cmd/combine-to-osv/cve5/VulDB/CVE-2016-15012.json new file mode 100644 index 00000000000..c22ec6d427b --- /dev/null +++ b/vulnfeeds/cmd/combine-to-osv/cve5/VulDB/CVE-2016-15012.json @@ -0,0 +1,72 @@ +{ + "affected": [ + { + "ranges": [ + { + "database_specific": { + "source": "AFFECTED_FIELD", + "versions": [ + { + "introduced": "0" + }, + { + "last_affected": "4.x" + } + ] + }, + "events": [ + { + "introduced": "0" + }, + { + "last_affected": "85c43e41805cde051a7a29aefcac2cd6aee8c69d" + } + ], + "repo": "https://github.com/forcedotcom/salesforcemobilesdk-windows", + "type": "GIT" + } + ] + } + ], + "database_specific": { + "cna_assigner": "VulDB", + "cwe_ids": [ + "CWE-89" + ], + "osv_generated_from": "unknown" + }, + "details": "** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in forcedotcom SalesforceMobileSDK-Windows up to 4.x. It has been rated as critical. This issue affects the function ComputeCountSql of the file SalesforceSDK/SmartStore/Store/QuerySpec.cs. The manipulation leads to sql injection. Upgrading to version 5.0.0 is able to address this issue. The patch is named 83b3e91e0c1e84873a6d3ca3c5887eb5b4f5a3d8. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-217619. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.", + "id": "CVE-2016-15012", + "modified": "2025-04-08T20:30:50.208Z", + "published": "2023-01-07T12:59:27.772Z", + "references": [ + { + "type": "FIX", + "url": "https://github.com/forcedotcom/SalesforceMobileSDK-Windows/commit/83b3e91e0c1e84873a6d3ca3c5887eb5b4f5a3d8" + }, + { + "type": "FIX", + "url": "https://github.com/forcedotcom/SalesforceMobileSDK-Windows/releases/tag/v5.0.0" + }, + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-15012" + }, + { + "type": "REPORT", + "url": "https://vuldb.com/?ctiid.217619" + }, + { + "type": "ADVISORY", + "url": "https://vuldb.com/?id.217619" + } + ], + "schema_version": "1.7.3", + "severity": [ + { + "score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "type": "CVSS_V3" + } + ], + "summary": "forcedotcom SalesforceMobileSDK-Windows QuerySpec.cs ComputeCountSql sql injection" +} \ No newline at end of file diff --git a/vulnfeeds/cmd/combine-to-osv/cve5/curl/CVE-2024-7264.json b/vulnfeeds/cmd/combine-to-osv/cve5/curl/CVE-2024-7264.json new file mode 100644 index 00000000000..cc8c052a6ad --- /dev/null +++ b/vulnfeeds/cmd/combine-to-osv/cve5/curl/CVE-2024-7264.json @@ -0,0 +1,649 @@ +{ + "affected": [ + { + "ranges": [ + { + "database_specific": { + "source": "AFFECTED_FIELD", + "versions": [ + { + "introduced": "0" + }, + { + "last_affected": "8.9.0" + }, + { + "last_affected": "8.8.0" + }, + { + "last_affected": "8.7.1" + }, + { + "last_affected": "8.7.0" + }, + { + "last_affected": "8.6.0" + }, + { + "last_affected": "8.5.0" + }, + { + "last_affected": "8.4.0" + }, + { + "last_affected": "8.3.0" + }, + { + "last_affected": "8.2.1" + }, + { + "last_affected": "8.2.0" + }, + { + "last_affected": "8.1.2" + }, + { + "last_affected": "8.1.1" + }, + { + "last_affected": "8.1.0" + }, + { + "last_affected": "8.0.1" + }, + { + "last_affected": "8.0.0" + }, + { + "last_affected": "7.88.1" + }, + { + "last_affected": "7.88.0" + }, + { + "last_affected": "7.87.0" + }, + { + "last_affected": "7.86.0" + }, + { + "last_affected": "7.85.0" + }, + { + "last_affected": "7.84.0" + }, + { + "last_affected": "7.83.1" + }, + { + "last_affected": "7.83.0" + }, + { + "last_affected": "7.82.0" + }, + { + "last_affected": "7.81.0" + }, + { + "last_affected": "7.80.0" + }, + { + "last_affected": "7.79.1" + }, + { + "last_affected": "7.79.0" + }, + { + "last_affected": "7.78.0" + }, + { + "last_affected": "7.77.0" + }, + { + "last_affected": "7.76.1" + }, + { + "last_affected": "7.76.0" + }, + { + "last_affected": "7.75.0" + }, + { + "last_affected": "7.74.0" + }, + { + "last_affected": "7.73.0" + }, + { + "last_affected": "7.72.0" + }, + { + "last_affected": "7.71.1" + }, + { + "last_affected": "7.71.0" + }, + { + "last_affected": "7.70.0" + }, + { + "last_affected": "7.69.1" + }, + { + "last_affected": "7.69.0" + }, + { + "last_affected": "7.68.0" + }, + { + "last_affected": "7.67.0" + }, + { + "last_affected": "7.66.0" + }, + { + "last_affected": "7.65.3" + }, + { + "last_affected": "7.65.2" + }, + { + "last_affected": "7.65.1" + }, + { + "last_affected": "7.65.0" + }, + { + "last_affected": "7.64.1" + }, + { + "last_affected": "7.64.0" + }, + { + "last_affected": "7.63.0" + }, + { + "last_affected": "7.62.0" + }, + { + "last_affected": "7.61.1" + }, + { + "last_affected": "7.61.0" + }, + { + "last_affected": "7.60.0" + }, + { + "last_affected": "7.59.0" + }, + { + "last_affected": "7.58.0" + }, + { + "last_affected": "7.57.0" + }, + { + "last_affected": "7.56.1" + }, + { + "last_affected": "7.56.0" + }, + { + "last_affected": "7.55.1" + }, + { + "last_affected": "7.55.0" + }, + { + "last_affected": "7.54.1" + }, + { + "last_affected": "7.54.0" + }, + { + "last_affected": "7.53.1" + }, + { + "last_affected": "7.53.0" + }, + { + "last_affected": "7.52.1" + }, + { + "last_affected": "7.52.0" + }, + { + "last_affected": "7.51.0" + }, + { + "last_affected": "7.50.3" + }, + { + "last_affected": "7.50.2" + }, + { + "last_affected": "7.50.1" + }, + { + "last_affected": "7.50.0" + }, + { + "last_affected": "7.49.1" + }, + { + "last_affected": "7.49.0" + }, + { + "last_affected": "7.48.0" + }, + { + "last_affected": "7.47.1" + }, + { + "last_affected": "7.47.0" + }, + { + "last_affected": "7.46.0" + }, + { + "last_affected": "7.45.0" + }, + { + "last_affected": "7.44.0" + }, + { + "last_affected": "7.43.0" + }, + { + "last_affected": "7.42.1" + }, + { + "last_affected": "7.42.0" + }, + { + "last_affected": "7.41.0" + }, + { + "last_affected": "7.40.0" + }, + { + "last_affected": "7.39.0" + }, + { + "last_affected": "7.38.0" + }, + { + "last_affected": "7.37.1" + }, + { + "last_affected": "7.37.0" + }, + { + "last_affected": "7.36.0" + }, + { + "last_affected": "7.35.0" + }, + { + "last_affected": "7.34.0" + }, + { + "last_affected": "7.33.0" + }, + { + "last_affected": "7.32.0" + } + ] + }, + "events": [ + { + "introduced": "0" + }, + { + "last_affected": "5040f7e94cd01decbe7ba8fdacbf489182d503dc" + }, + { + "last_affected": "fd567d4f06857f4fc8e2f64ea727b1318f76ad33" + }, + { + "last_affected": "de7b3e89218467159a7af72d58cea8425946e97d" + }, + { + "last_affected": "72cf468d459d29e5366e416c014faaaf281dfa2d" + }, + { + "last_affected": "5ce164e0e9290c96eb7d502173426c0a135ec008" + }, + { + "last_affected": "7161cb17c01dcff1dc5bf89a18437d9d729f1ecd" + }, + { + "last_affected": "172e54cda18412da73fd8eb4e444e8a5b371ca59" + }, + { + "last_affected": "6fa1d817e5b1a00d7d0c8168091877476b499317" + }, + { + "last_affected": "50490c0679fcd0e50bb3a8fbf2d9244845652cf0" + }, + { + "last_affected": "98044e81705dc24a56daaf3544f30c13f0fc3a31" + }, + { + "last_affected": "7ab9d43720bc34d9aa351c7ca683c1668ebf8335" + }, + { + "last_affected": "1561d0675208854b39066877b140780a965702fa" + }, + { + "last_affected": "a9f8fe28481fef7c28d85b4a12a3a35521408eaf" + }, + { + "last_affected": "b16d1fa8ee567b52c09a0f89940b07d8491b881d" + }, + { + "last_affected": "47ccaa4218c408e70671a2fa9caaa3caf8c1a877" + }, + { + "last_affected": "046209e561b7e9b5aab1aef7daebf29ee6e6e8c7" + }, + { + "last_affected": "3027611ca6d4cc5510d2d0fccc3e5a074e09a2fb" + }, + { + "last_affected": "c12fb3ddaf48e709a7a4deaa55ec485e4df163ee" + }, + { + "last_affected": "cd95ee9f771361acf241629d2fe5507e308082a2" + }, + { + "last_affected": "93d092867f0f2c78571983040ef75e078ee1a4c4" + }, + { + "last_affected": "45ac4d019475df03562fe0ac54eb67e1d1de0ca7" + }, + { + "last_affected": "462196e6b4a47f924293a0e26b8e9c23d37ac26f" + }, + { + "last_affected": "1669b17d3a1a1fd824308544ca0ec02a2a4f50ea" + }, + { + "last_affected": "64db5c575d9c5536bd273a890f50777ad1ca7c13" + }, + { + "last_affected": "801bd5138ce31aa0d906fa4e2eabfc599d74e793" + }, + { + "last_affected": "9e560d11aad028de74addc0d1edfefa5667884f4" + }, + { + "last_affected": "c7aef0a945f9b6fb6d3f91716a21dfe2f4ea635f" + }, + { + "last_affected": "8e82f2a04a238c54ba91e553e9a8452e6d405965" + }, + { + "last_affected": "bfbde883af33397943df68a3ae01847a634d33bf" + }, + { + "last_affected": "6b951a6928811507d493303b2878e848c077b471" + }, + { + "last_affected": "566b74a0e19b9aa610f4931e5bfd339bcf8e9147" + }, + { + "last_affected": "3266b35bbe21c68dea0dc7ccd991eb028e6d360c" + }, + { + "last_affected": "2f33be817cbce6ad7a36f27dd7ada9219f13584c" + }, + { + "last_affected": "e052859759b34d0e05ce0f17244873e5cd7b457b" + }, + { + "last_affected": "315ee3fe75dade912b48a21ceec9ccda0230d937" + }, + { + "last_affected": "0c9211798fc80d5c9cc9bcdc8e11eb485c9c1c5b" + }, + { + "last_affected": "5a1fc8d33808d7b22f57bdf9403cda7ff07b0670" + }, + { + "last_affected": "e9db32a09af03f27e86d1251a9e68e9b7486d371" + }, + { + "last_affected": "53cdc2c963e33bc0cc1a51ad2df79396202e07f8" + }, + { + "last_affected": "b81e0b07784dc4c1e8d0a86194b9d28776d071c0" + }, + { + "last_affected": "b8d1366852fd0034374c5de1e4968c7a224f77cc" + }, + { + "last_affected": "2cfac302fbeec68f1727cba3d1705e16f02220ad" + }, + { + "last_affected": "2e9b725f67d49a9d7a1f053fe52dd4920c9ab1ad" + }, + { + "last_affected": "9cd755e1d768bbf228e7c9faf223b7459f7e0105" + }, + { + "last_affected": "aa73eb47bc8583070734696b25b34ad54c2c1f5e" + }, + { + "last_affected": "72c2cac8f0ac3a89c21d00b6c6e36fe6c6a8e62b" + }, + { + "last_affected": "69248b58f649e35b09a126c12781353e3471f5c6" + }, + { + "last_affected": "885ce31401b6789c959131754b1e5ae518964072" + }, + { + "last_affected": "521bbbe29928f9bc1c61306df612e856d45cbe5a" + }, + { + "last_affected": "f3294d9d86e6a7915a967efff2842089b8b0d071" + }, + { + "last_affected": "4258dc02d86e7e4de9f795a1af3a0bc6732d4ab5" + }, + { + "last_affected": "196677150f711a96c38ed123e621f1d4e995b2e5" + }, + { + "last_affected": "432eb5f5c254ee8383b2522ce597c9219877923e" + }, + { + "last_affected": "eb8138405a3f747f2c236464932f72e918946f68" + }, + { + "last_affected": "cb013830383f1ccc9757aba36bc32df5ec281c02" + }, + { + "last_affected": "4d6bd91ab33328c6d27eddc32e064defc02dc4fd" + }, + { + "last_affected": "d6c21c8eec597a925d2b647cff3d58ac69de01a0" + }, + { + "last_affected": "62c07b5743490ce373910f469abc8cdc759bec2b" + }, + { + "last_affected": "c514af5a4f5ac3ce724065cc6a8e009373436f78" + }, + { + "last_affected": "3ea76790571c1f7cf1bed34fabffd3cc20ad3dd3" + }, + { + "last_affected": "8839c05fba1f8415eec17eff8ac60cc3a50eb51e" + }, + { + "last_affected": "2679562dc7685674998f2841811d361400ae0d19" + }, + { + "last_affected": "54b636f14546d3fde9f9c67c3b32701d78563161" + }, + { + "last_affected": "d957e2189fdc73cef0ff3d1fb58043d354754449" + }, + { + "last_affected": "25df50aa3392ecdbf2b8256b93b30558e8b3a810" + }, + { + "last_affected": "a7135ac3c3d825ec9f4919ee0212434e01e76b4c" + }, + { + "last_affected": "44b9b4d4f56d6f6de92c89636994c03984e9cd01" + }, + { + "last_affected": "95c717bbd9c327c38b4efcc37d5cda29b8ee2a36" + }, + { + "last_affected": "3c561c657c2f0e553b19115a506592a8bbd744bc" + }, + { + "last_affected": "8986c86e1ef297e95518ae4695339f2d64d913cf" + }, + { + "last_affected": "9ce6d0d52821c6e33506cb173f0e27c68014e60e" + }, + { + "last_affected": "f2cb3a01192d36395d16acec6cdb93446ca6fd45" + }, + { + "last_affected": "79e63a53bb9598af863b0afe49ad662795faeef4" + }, + { + "last_affected": "cf93a7b364a70b56150cf6ea77492b799ec02a45" + }, + { + "last_affected": "67fe54d918a3b42a24cb7f5db81514c10e239735" + }, + { + "last_affected": "9819cec61b00cc872136ea5faf469627b3b87e69" + }, + { + "last_affected": "8f995e2e0022292374fc99a2277069b08ad98b5c" + }, + { + "last_affected": "06bf874bbca0a5c600b210b5db920eff9f95f0d0" + }, + { + "last_affected": "e2ae32ff5f3ab6f0819590f61f248f17df12987f" + }, + { + "last_affected": "2c000d91f3c423cee0af44e8afc79b9d25a9e714" + }, + { + "last_affected": "1a7f66a3de2625d10f65415e6eb3e56067dc0555" + }, + { + "last_affected": "38e07886ed2792988217a2ffa482ce3a69ca92c2" + }, + { + "last_affected": "4feb6e6d035d5d66984957c8ca22bc9a05df527f" + }, + { + "last_affected": "22691f849ac959ffaa821a3ca7f746ee54bd5e52" + }, + { + "last_affected": "ff837422ee4ec7d6aea7750a40e30cba29db93e8" + }, + { + "last_affected": "9ce2d7001939b795b45a8ce7700d1a3dcde0475d" + }, + { + "last_affected": "303bfc1024d948a5ba134ccfc106f82c0b4fd675" + }, + { + "last_affected": "202aa9f7758636730299b86715d924f54468a908" + }, + { + "last_affected": "df5169fa35f31ebe10893f2a3416ec8e8d8faa20" + }, + { + "last_affected": "3fed9acaef45ac8b99ceecc38afbed3494e2d3ef" + }, + { + "last_affected": "4f041c9d6e61829310eb0715d8edb2a232478123" + }, + { + "last_affected": "2bf90d071016e279796e789f0ac223d635671a41" + }, + { + "last_affected": "0966b324d911423c81351fb12e9219f71cd63be8" + }, + { + "last_affected": "f77e89c5d20db09eaebf378ec036a7e796932810" + }, + { + "last_affected": "70812c2f32fc5734bcbbe572b9f61c380433ad6a" + } + ], + "repo": "https://github.com/curl/curl", + "type": "GIT" + } + ] + } + ], + "database_specific": { + "cna_assigner": "curl", + "osv_generated_from": "unknown" + }, + "details": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "id": "CVE-2024-7264", + "modified": "2025-11-03T22:32:51.400Z", + "published": "2024-07-31T08:08:14.585Z", + "references": [ + { + "type": "WEB", + "url": "http://www.openwall.com/lists/oss-security/2024/07/31/1" + }, + { + "type": "WEB", + "url": "https://curl.se/docs/CVE-2024-7264.html" + }, + { + "type": "WEB", + "url": "https://curl.se/docs/CVE-2024-7264.json" + }, + { + "type": "FIX", + "url": "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519" + }, + { + "type": "WEB", + "url": "https://hackerone.com/reports/2629968" + }, + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-7264" + }, + { + "type": "ADVISORY", + "url": "https://security.netapp.com/advisory/ntap-20240828-0008/" + }, + { + "type": "ADVISORY", + "url": "https://security.netapp.com/advisory/ntap-20241025-0006/" + }, + { + "type": "ADVISORY", + "url": "https://security.netapp.com/advisory/ntap-20241025-0010/" + } + ], + "schema_version": "1.7.3", + "severity": [ + { + "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "type": "CVSS_V3" + } + ], + "summary": "ASN.1 date parser overread" +} \ No newline at end of file diff --git a/vulnfeeds/cmd/combine-to-osv/cve5/mitre/CVE-2016-1897.json b/vulnfeeds/cmd/combine-to-osv/cve5/mitre/CVE-2016-1897.json new file mode 100644 index 00000000000..d632e0b4db9 --- /dev/null +++ b/vulnfeeds/cmd/combine-to-osv/cve5/mitre/CVE-2016-1897.json @@ -0,0 +1,68 @@ +{ + "affected": [ + {} + ], + "database_specific": { + "cna_assigner": "mitre", + "osv_generated_from": "unknown" + }, + "details": "FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the concat protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP request in which the URL string contains the first line of a local file.", + "id": "CVE-2016-1897", + "modified": "2024-08-05T23:10:39.912Z", + "published": "2016-01-15T02:00:00Z", + "references": [ + { + "type": "ARTICLE", + "url": "http://habrahabr.ru/company/mailru/blog/274855" + }, + { + "type": "ADVISORY", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00034.html" + }, + { + "type": "WEB", + "url": "http://security.stackexchange.com/questions/110644" + }, + { + "type": "ADVISORY", + "url": "http://www.debian.org/security/2016/dsa-3506" + }, + { + "type": "ARTICLE", + "url": "http://www.openwall.com/lists/oss-security/2016/01/14/1" + }, + { + "type": "ADVISORY", + "url": "http://www.securityfocus.com/bid/80501" + }, + { + "type": "ADVISORY", + "url": "http://www.securitytracker.com/id/1034932" + }, + { + "type": "ADVISORY", + "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.529036" + }, + { + "type": "ADVISORY", + "url": "http://www.ubuntu.com/usn/USN-2944-1" + }, + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-1897" + }, + { + "type": "ADVISORY", + "url": "https://security.gentoo.org/glsa/201606-09" + }, + { + "type": "ADVISORY", + "url": "https://security.gentoo.org/glsa/201705-08" + }, + { + "type": "ADVISORY", + "url": "https://www.kb.cert.org/vuls/id/772447" + } + ], + "schema_version": "1.7.3" +} \ No newline at end of file diff --git a/vulnfeeds/cmd/combine-to-osv/cve5/mitre/CVE-2022-33068.json b/vulnfeeds/cmd/combine-to-osv/cve5/mitre/CVE-2022-33068.json new file mode 100644 index 00000000000..1e42921464a --- /dev/null +++ b/vulnfeeds/cmd/combine-to-osv/cve5/mitre/CVE-2022-33068.json @@ -0,0 +1,44 @@ +{ + "affected": [ + {} + ], + "database_specific": { + "cna_assigner": "mitre", + "osv_generated_from": "unknown" + }, + "details": "An integer overflow in the component hb-ot-shape-fallback.cc of Harfbuzz v4.3.0 allows attackers to cause a Denial of Service (DoS) via unspecified vectors.", + "id": "CVE-2022-33068", + "modified": "2024-08-03T08:01:19.054Z", + "published": "2022-06-22T13:24:42Z", + "references": [ + { + "type": "FIX", + "url": "https://github.com/harfbuzz/harfbuzz/commit/62e803b36173fd096d7ad460dd1d1db9be542593" + }, + { + "type": "REPORT", + "url": "https://github.com/harfbuzz/harfbuzz/issues/3557" + }, + { + "type": "ADVISORY", + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FQBJ24W6TXLSAQWCFW7IBGUMX4AJI3S4/" + }, + { + "type": "ADVISORY", + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QQMEXOVDL3T2UXKBCON7JSOCE646G7HG/" + }, + { + "type": "ADVISORY", + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W56WTC5IY4EIUHVUIHMCXA3BSBZLSZCI/" + }, + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-33068" + }, + { + "type": "ADVISORY", + "url": "https://security.gentoo.org/glsa/202209-11" + } + ], + "schema_version": "1.7.3" +} \ No newline at end of file diff --git a/vulnfeeds/cmd/combine-to-osv/cve5/redhat/CVE-2018-14618.json b/vulnfeeds/cmd/combine-to-osv/cve5/redhat/CVE-2018-14618.json new file mode 100644 index 00000000000..41ea7a13fb8 --- /dev/null +++ b/vulnfeeds/cmd/combine-to-osv/cve5/redhat/CVE-2018-14618.json @@ -0,0 +1,96 @@ +{ + "affected": [ + {} + ], + "database_specific": { + "cna_assigner": "redhat", + "cwe_ids": [ + "CWE-122", + "CWE-131" + ], + "osv_generated_from": "unknown", + "unresolved_ranges": [ + { + "metadata": { + "source": "AFFECTED_FIELD" + }, + "versions": [ + { + "last_affected": "7.61.1" + } + ] + }, + { + "metadata": { + "source": "DESCRIPTION" + }, + "versions": [ + { + "fixed": "7.61.1" + } + ] + } + ] + }, + "details": "curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently used to iterate over the password and generate output into the allocated storage buffer. On systems with a 32 bit size_t, the math to calculate SUM triggers an integer overflow when the password length exceeds 2GB (2^31 bytes). This integer overflow usually causes a very small buffer to actually get allocated instead of the intended very huge one, making the use of that buffer end up in a heap buffer overflow. (This bug is almost identical to CVE-2017-8816.)", + "id": "CVE-2018-14618", + "modified": "2024-08-05T09:29:51.906Z", + "published": "2018-09-05T19:00:00Z", + "references": [ + { + "type": "ADVISORY", + "url": "http://www.securitytracker.com/id/1041605" + }, + { + "type": "ADVISORY", + "url": "https://access.redhat.com/errata/RHSA-2018:3558" + }, + { + "type": "ADVISORY", + "url": "https://access.redhat.com/errata/RHSA-2019:1880" + }, + { + "type": "REPORT", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14618" + }, + { + "type": "WEB", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf" + }, + { + "type": "WEB", + "url": "https://curl.haxx.se/docs/CVE-2018-14618.html" + }, + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14618" + }, + { + "type": "WEB", + "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0014" + }, + { + "type": "ADVISORY", + "url": "https://security.gentoo.org/glsa/201903-03" + }, + { + "type": "ADVISORY", + "url": "https://usn.ubuntu.com/3765-1/" + }, + { + "type": "ADVISORY", + "url": "https://usn.ubuntu.com/3765-2/" + }, + { + "type": "ADVISORY", + "url": "https://www.debian.org/security/2018/dsa-4286" + } + ], + "schema_version": "1.7.3", + "severity": [ + { + "score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H", + "type": "CVSS_V3" + } + ] +} \ No newline at end of file diff --git a/vulnfeeds/cmd/combine-to-osv/cve5/redhat/CVE-2023-1055.json b/vulnfeeds/cmd/combine-to-osv/cve5/redhat/CVE-2023-1055.json new file mode 100644 index 00000000000..01c0d0ace99 --- /dev/null +++ b/vulnfeeds/cmd/combine-to-osv/cve5/redhat/CVE-2023-1055.json @@ -0,0 +1,43 @@ +{ + "affected": [ + {} + ], + "database_specific": { + "cna_assigner": "redhat", + "cwe_ids": [ + "CWE-200" + ], + "osv_generated_from": "unknown", + "unresolved_ranges": [ + { + "metadata": { + "source": "AFFECTED_FIELD" + }, + "versions": [ + { + "last_affected": "11 and 12" + } + ] + } + ] + }, + "details": "A flaw was found in RHDS 11 and RHDS 12. While browsing entries LDAP tries to decode the userPassword attribute instead of the userCertificate attribute which could lead into sensitive information leaked. An attacker with a local account where the cockpit-389-ds is running can list the processes and display the hashed passwords. The highest threat from this vulnerability is to data confidentiality.", + "id": "CVE-2023-1055", + "modified": "2025-03-11T14:02:59.854Z", + "published": "2023-02-27T00:00:00Z", + "references": [ + { + "type": "REPORT", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2173517#c0" + }, + { + "type": "ADVISORY", + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZOYQ5TCV6ZEPMDV4CSLK3KINAAO4SRI/" + }, + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1055" + } + ], + "schema_version": "1.7.3" +} \ No newline at end of file diff --git a/vulnfeeds/cmd/combine-to-osv/cve5/redhat/CVE-2024-2002.json b/vulnfeeds/cmd/combine-to-osv/cve5/redhat/CVE-2024-2002.json new file mode 100644 index 00000000000..0f9b9bfdc8a --- /dev/null +++ b/vulnfeeds/cmd/combine-to-osv/cve5/redhat/CVE-2024-2002.json @@ -0,0 +1,66 @@ +{ + "affected": [ + {} + ], + "database_specific": { + "cna_assigner": "redhat", + "cwe_ids": [ + "CWE-415" + ], + "osv_generated_from": "unknown", + "unresolved_ranges": [ + { + "metadata": { + "source": "AFFECTED_FIELD" + }, + "versions": [ + { + "last_affected": "0.1.0" + } + ] + } + ] + }, + "details": "A double-free vulnerability was found in libdwarf. In a multiply-corrupted DWARF object, libdwarf may try to dealloc(free) an allocation twice, potentially causing unpredictable and various results.", + "id": "CVE-2024-2002", + "modified": "2025-11-20T18:21:28.745Z", + "published": "2024-03-18T12:26:31.386Z", + "references": [ + { + "type": "WEB", + "url": "https://access.redhat.com/downloads/content/package-browser/" + }, + { + "type": "ADVISORY", + "url": "https://access.redhat.com/security/cve/CVE-2024-2002" + }, + { + "type": "REPORT", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267700" + }, + { + "type": "WEB", + "url": "https://github.com/davea42/libdwarf-code/" + }, + { + "type": "WEB", + "url": "https://github.com/davea42/libdwarf-code/blob/main/bugxml/data.txt" + }, + { + "type": "WEB", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGPVLSPIXR32J6FOAFTTIMYTUUXJICGW/" + }, + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-2002" + } + ], + "schema_version": "1.7.3", + "severity": [ + { + "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "type": "CVSS_V3" + } + ], + "summary": "Libdwarf: crashes randomly on fuzzed object" +} \ No newline at end of file From 2252b2e5e451cfbdb4f0d7e13b38f6df26bf1a06 Mon Sep 17 00:00:00 2001 From: Jess Lowe Date: Mon, 30 Mar 2026 03:37:45 +0000 Subject: [PATCH 26/26] add nvd records --- .../nvd/ENOCPE/CVE-2026-23522.json | 47 ++ .../nvd/ffmpeg/ffmpeg/CVE-2016-1897.json | 679 ++++++++++++++++++ .../nvd/gitea/gitea/CVE-2026-20912.json | 71 ++ .../google/protobuf-python/CVE-2025-4565.json | 79 ++ .../harfbuzz/CVE-2022-33068.json | 95 +++ .../nvd/haxx/libcurl/CVE-2018-14618.json | 149 ++++ .../nvd/haxx/libcurl/CVE-2024-7264.json | 83 +++ .../libdwarf/CVE-2024-2002.json | 85 +++ .../directory_server/CVE-2023-1055.json | 63 ++ .../CVE-2016-15012.json | 67 ++ .../nvd/tokio/tokio/CVE-2023-22466.json | 91 +++ 11 files changed, 1509 insertions(+) create mode 100644 vulnfeeds/cmd/combine-to-osv/nvd/ENOCPE/CVE-2026-23522.json create mode 100644 vulnfeeds/cmd/combine-to-osv/nvd/ffmpeg/ffmpeg/CVE-2016-1897.json create mode 100644 vulnfeeds/cmd/combine-to-osv/nvd/gitea/gitea/CVE-2026-20912.json create mode 100644 vulnfeeds/cmd/combine-to-osv/nvd/google/protobuf-python/CVE-2025-4565.json create mode 100644 vulnfeeds/cmd/combine-to-osv/nvd/harfbuzz_project/harfbuzz/CVE-2022-33068.json create mode 100644 vulnfeeds/cmd/combine-to-osv/nvd/haxx/libcurl/CVE-2018-14618.json create mode 100644 vulnfeeds/cmd/combine-to-osv/nvd/haxx/libcurl/CVE-2024-7264.json create mode 100644 vulnfeeds/cmd/combine-to-osv/nvd/libdwarf_project/libdwarf/CVE-2024-2002.json create mode 100644 vulnfeeds/cmd/combine-to-osv/nvd/redhat/directory_server/CVE-2023-1055.json create mode 100644 vulnfeeds/cmd/combine-to-osv/nvd/salesforce/mobile_software_development_kit/CVE-2016-15012.json create mode 100644 vulnfeeds/cmd/combine-to-osv/nvd/tokio/tokio/CVE-2023-22466.json diff --git a/vulnfeeds/cmd/combine-to-osv/nvd/ENOCPE/CVE-2026-23522.json b/vulnfeeds/cmd/combine-to-osv/nvd/ENOCPE/CVE-2026-23522.json new file mode 100644 index 00000000000..e2a309c290a --- /dev/null +++ b/vulnfeeds/cmd/combine-to-osv/nvd/ENOCPE/CVE-2026-23522.json @@ -0,0 +1,47 @@ +{ + "affected": [ + { + "ranges": [ + { + "database_specific": { + "source": "REFERENCES" + }, + "events": [ + { + "introduced": "0" + }, + { + "fixed": "2c1762b85acb84467ed5e799afe1499cd2f912e6" + } + ], + "repo": "https://github.com/lobehub/lobehub", + "type": "GIT" + } + ] + } + ], + "aliases": [ + "GHSA-j7xp-4mg9-x28r" + ], + "database_specific": {}, + "details": "LobeChat is an open source chat application platform. Prior to version 2.0.0-next.193, `knowledgeBase.removeFilesFromKnowledgeBase` tRPC ep allows authenticated users to delete files from any knowledge base without verifying ownership. `userId` filter in the database query is commented out, so it's enabling attackers to delete other users' KB files if they know the knowledge base ID and file ID. While the vulnerability is confirmed, practical exploitation requires knowing target's KB ID and target's file ID. These IDs are random and not easily enumerable. However, IDs may leak through shared links, logs, referrer headers and so on. Missing authorization check is a critical security flaw regardless. Users should upgrade to version 2.0.0-next.193 to receive a patch.", + "id": "CVE-2026-23522", + "modified": "2026-01-26T15:05:39.840Z", + "published": "2026-01-19T17:15:50.590Z", + "references": [ + { + "type": "ADVISORY", + "url": "https://github.com/lobehub/lobe-chat/security/advisories/GHSA-j7xp-4mg9-x28r" + }, + { + "type": "FIX", + "url": "https://github.com/lobehub/lobe-chat/commit/2c1762b85acb84467ed5e799afe1499cd2f912e6" + } + ], + "severity": [ + { + "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", + "type": "CVSS_V3" + } + ] +} \ No newline at end of file diff --git a/vulnfeeds/cmd/combine-to-osv/nvd/ffmpeg/ffmpeg/CVE-2016-1897.json b/vulnfeeds/cmd/combine-to-osv/nvd/ffmpeg/ffmpeg/CVE-2016-1897.json new file mode 100644 index 00000000000..94925751695 --- /dev/null +++ b/vulnfeeds/cmd/combine-to-osv/nvd/ffmpeg/ffmpeg/CVE-2016-1897.json @@ -0,0 +1,679 @@ +{ + "affected": [ + { + "ranges": [ + { + "database_specific": { + "cpe": [ + "cpe:2.3:a:ffmpeg:ffmpeg:2.0:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.0.1:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.0.2:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.0.3:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.0.4:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.0.5:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.0.6:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.0.7:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.1:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.1.1:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.1.2:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.1.3:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.1.4:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.1.5:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.1.6:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.1.7:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.1.8:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.2:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.2.1:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.2.2:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.2.3:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.2.4:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.2.5:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.2.6:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.2.7:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.2.8:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.2.9:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.2.10:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.2.11:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.2.12:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.2.13:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.2.14:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.2.15:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.2.16:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.3:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.3.1:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.3.2:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.3.3:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.3.4:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.3.5:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.3.6:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.4:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.4.1:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.4.2:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.4.3:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.4.4:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.4.5:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.4.6:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.4.7:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.4.8:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.4.9:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.4.10:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.4.11:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.4.12:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.5:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.5.1:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.5.2:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.5.3:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.5.4:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.5.5:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.5.6:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.5.7:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.5.8:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.5.9:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.6:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.6.1:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.6.2:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.6.3:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.6.4:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.6.5:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.6.6:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.7:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.7.1:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.7.2:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.7.3:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.7.4:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.8:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.8:dev:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.8.1:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.8.2:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.8.3:*:*:*:*:*:*:*", + "cpe:2.3:a:ffmpeg:ffmpeg:2.8.4:*:*:*:*:*:*:*" + ], + "source": "CPE_FIELD", + "versions": [ + { + "introduced": "0" + }, + { + "last_affected": "2.0" + }, + { + "last_affected": "2.0.1" + }, + { + "last_affected": "2.0.2" + }, + { + "last_affected": "2.0.3" + }, + { + "last_affected": "2.0.4" + }, + { + "last_affected": "2.0.5" + }, + { + "last_affected": "2.0.6" + }, + { + "last_affected": "2.0.7" + }, + { + "last_affected": "2.1" + }, + { + "last_affected": "2.1.1" + }, + { + "last_affected": "2.1.2" + }, + { + "last_affected": "2.1.3" + }, + { + "last_affected": "2.1.4" + }, + { + "last_affected": "2.1.5" + }, + { + "last_affected": "2.1.6" + }, + { + "last_affected": "2.1.7" + }, + { + "last_affected": "2.1.8" + }, + { + "last_affected": "2.2" + }, + { + "last_affected": "2.2.1" + }, + { + "last_affected": "2.2.2" + }, + { + "last_affected": "2.2.3" + }, + { + "last_affected": "2.2.4" + }, + { + "last_affected": "2.2.5" + }, + { + "last_affected": "2.2.6" + }, + { + "last_affected": "2.2.7" + }, + { + "last_affected": "2.2.8" + }, + { + "last_affected": "2.2.9" + }, + { + "last_affected": "2.2.10" + }, + { + "last_affected": "2.2.11" + }, + { + "last_affected": "2.2.12" + }, + { + "last_affected": "2.2.13" + }, + { + "last_affected": "2.2.14" + }, + { + "last_affected": "2.2.15" + }, + { + "last_affected": "2.2.16" + }, + { + "last_affected": "2.3" + }, + { + "last_affected": "2.3.1" + }, + { + "last_affected": "2.3.2" + }, + { + "last_affected": "2.3.3" + }, + { + "last_affected": "2.3.4" + }, + { + "last_affected": "2.3.5" + }, + { + "last_affected": "2.3.6" + }, + { + "last_affected": "2.4" + }, + { + "last_affected": "2.4.1" + }, + { + "last_affected": "2.4.2" + }, + { + "last_affected": "2.4.3" + }, + { + "last_affected": "2.4.4" + }, + { + "last_affected": "2.4.5" + }, + { + "last_affected": "2.4.6" + }, + { + "last_affected": "2.4.7" + }, + { + "last_affected": "2.4.8" + }, + { + "last_affected": "2.4.9" + }, + { + "last_affected": "2.4.10" + }, + { + "last_affected": "2.4.11" + }, + { + "last_affected": "2.4.12" + }, + { + "last_affected": "2.5" + }, + { + "last_affected": "2.5.1" + }, + { + "last_affected": "2.5.2" + }, + { + "last_affected": "2.5.3" + }, + { + "last_affected": "2.5.4" + }, + { + "last_affected": "2.5.5" + }, + { + "last_affected": "2.5.6" + }, + { + "last_affected": "2.5.7" + }, + { + "last_affected": "2.5.8" + }, + { + "last_affected": "2.5.9" + }, + { + "last_affected": "2.6" + }, + { + "last_affected": "2.6.1" + }, + { + "last_affected": "2.6.2" + }, + { + "last_affected": "2.6.3" + }, + { + "last_affected": "2.6.4" + }, + { + "last_affected": "2.6.5" + }, + { + "last_affected": "2.6.6" + }, + { + "last_affected": "2.7" + }, + { + "last_affected": "2.7.1" + }, + { + "last_affected": "2.7.2" + }, + { + "last_affected": "2.7.3" + }, + { + "last_affected": "2.7.4" + }, + { + "last_affected": "2.8" + }, + { + "last_affected": "2.8-dev" + }, + { + "last_affected": "2.8.1" + }, + { + "last_affected": "2.8.2" + }, + { + "last_affected": "2.8.3" + }, + { + "last_affected": "2.8.4" + } + ] + }, + "events": [ + { + "introduced": "0" + }, + { + "last_affected": "2b8b2ba19fe0ca6594cb09439b9ead2c328a79d8" + }, + { + "last_affected": "acf511de34e0b79fff0183e06ed37f1aa8dc3d94" + }, + { + "last_affected": "9d0bb7fc3991b030603acfe899e6f001e530c89a" + }, + { + "last_affected": "b4552cc9b8c37410f754af5d34d24e7b8a9b4b0e" + }, + { + "last_affected": "7de7bd4f563a1431bdac59dae5d8e930e71405e6" + }, + { + "last_affected": "205e2264c3d5b1a16a4493b9281b9167d09c3505" + }, + { + "last_affected": "3d91569c5e39f4062393fdb40b038e31df38473a" + }, + { + "last_affected": "0caff57c42cac0f80152187473b1ee753aca8257" + }, + { + "last_affected": "a37e42b3ee4226a4d2c69cd4eebf9c81e6df8ea5" + }, + { + "last_affected": "9422cd85a081f6e084731e87eda3e8e4df9f6827" + }, + { + "last_affected": "29353dd3f8159089ecf2fa0886f94f4cf32e75f2" + }, + { + "last_affected": "eda6effcabcf9c238e4635eb058d72371336e09b" + }, + { + "last_affected": "d3139c9733f1994fb86825e0d1fd2a5abf3be7b5" + }, + { + "last_affected": "e7873dfccad595e9d8fc65217ebffcf3686e1d34" + }, + { + "last_affected": "27172a5ca360e61a07ff16bf22f2ec91208f4e00" + }, + { + "last_affected": "41802887eb647bee21238e0a575a7c4bbf954b86" + }, + { + "last_affected": "68f89b8264d46d5812e710ca0f903d4d323ec899" + }, + { + "last_affected": "6baf9c4406bcdf1015c9ec8bd6b8c4aef77624ac" + }, + { + "last_affected": "e72c0a04664a9aab449b63135fe16ade51a99bb6" + }, + { + "last_affected": "c2eb668617555cb8b8bcfb9796241ada9471ac65" + }, + { + "last_affected": "f406bf3fa933be089bd76a95f75ea57b0942f8c5" + }, + { + "last_affected": "e0a03d1f9cb18139ede8c3d0263a21828494c951" + }, + { + "last_affected": "0edc79962641dd853cda187ee13b617701346061" + }, + { + "last_affected": "1b99667005156cadc8d3ae0099ef5d244e598ac5" + }, + { + "last_affected": "49fa398858df1a1e425740672de5fb4819b4d947" + }, + { + "last_affected": "5df02760dd2f050b996f931fa7cdf8871bfa5d96" + }, + { + "last_affected": "b05d3550407418aea53f2672463a8ebc8f75654e" + }, + { + "last_affected": "969aee07e68c5930782bc46f2ac2391db55b8d1b" + }, + { + "last_affected": "9f09bfe681259cfed7414f207c88f84c09d5b501" + }, + { + "last_affected": "86a01362c0e46d155fbfc1ef19f5ba17af3ee69d" + }, + { + "last_affected": "36cfee3adc70c6a78a07df4bb16349c4b0893ef4" + }, + { + "last_affected": "bf0d2ee92c33d802907e829f99c26a46578ed679" + }, + { + "last_affected": "1c14b09caf903f2e776dcd661085db49511bf531" + }, + { + "last_affected": "051cd7dc5f42542753f809109d00ec3cf19eb337" + }, + { + "last_affected": "3ec3f70ddb1b97fd6174ab3ca8617d8a1a6516ab" + }, + { + "last_affected": "7c2d152f562ab089ecf8262438e2f8e9cb9c546f" + }, + { + "last_affected": "b88de7b31a4a5c35d10b1392d2d86d93fc942b4c" + }, + { + "last_affected": "bc259185cb69c6532232be4b2ad57a70ef7ed946" + }, + { + "last_affected": "d005e2ecce5c8104679b39f2050a9d83e417d275" + }, + { + "last_affected": "b44506c393b176dc396502ad262ac18bec52a110" + }, + { + "last_affected": "db27f50e0658e91758e8a17fdcf390e6bc93c1d2" + }, + { + "last_affected": "13a72d9b08c914c3d3c99be1053e9d5cda8baa88" + }, + { + "last_affected": "e1ce4f805f31aecec83fc7c7ecaab623f3b6327f" + }, + { + "last_affected": "d61454e7c1de48f6a9059ca98f55e6beb52a618c" + }, + { + "last_affected": "043f32606046b1470218511ded151edfa7a126ee" + }, + { + "last_affected": "dd2394754d8cee3717b3e198c83cc382674cf126" + }, + { + "last_affected": "4afe2684d8f50b28ce6743c7ee999f3157c9857f" + }, + { + "last_affected": "1fd7fb9036fcfb1620068014d8a52112067d2d59" + }, + { + "last_affected": "3c63503792147a996997023694a3b45f27ab3f78" + }, + { + "last_affected": "2c8c55195da97ee45fb0daf6d68c22b942e14ade" + }, + { + "last_affected": "de7b74d2544d2cb5ff85db20a9853116ea72ed47" + }, + { + "last_affected": "1047c286fa20c79dde8ddd7577a3b87cc1effdb7" + }, + { + "last_affected": "0045969e411bcf946b2393e7bcb42032cb71a9a1" + }, + { + "last_affected": "5e4ec87720a64cd969120af60e82cbd55454ab8e" + }, + { + "last_affected": "da2186be81b5cb2d24da5671e25affbb8f09920d" + }, + { + "last_affected": "2c01dd2ea5e39238261945185d2b30e11979cf4b" + }, + { + "last_affected": "959ab06c68f8c74a0f31bcaf2692cbbdaf5702f6" + }, + { + "last_affected": "07d508e4f55f6045b83df3346448b149faab5d7d" + }, + { + "last_affected": "3429714f3d046f4e2235848a60b6f63bd084e01f" + }, + { + "last_affected": "d0599a3516c5da31c7009af7574abbff360b9ce6" + }, + { + "last_affected": "faac8e43315dae5818816bcebe52d11777b064b2" + }, + { + "last_affected": "21d0ae829f72ec327aff31b0cb1af1261b56596c" + }, + { + "last_affected": "1eb646ec9f87ed488f52561867e107eaee89e20c" + }, + { + "last_affected": "d52b5f85f2837b0de9bdefe2a650d8d1b0e02ec1" + }, + { + "last_affected": "f478bdabf2afcd5f709789347f8a3becc4ff17bc" + }, + { + "last_affected": "b2c9cd36d34c4157af10342ad3476dd9260bbefe" + }, + { + "last_affected": "04fd0250e1fd3fddcd7bc96c8ac95455f910637e" + }, + { + "last_affected": "af5917698bd44f136fd0ff00a9e5f8b5f92f2d58" + }, + { + "last_affected": "b17cec526214dff9d6ac1d97b70167d15a4e14d7" + }, + { + "last_affected": "48d388b03336d01e0db9b729f9f82cbadf3af7bd" + }, + { + "last_affected": "d6ce1cb14077891f3f6ac86cfd243835c92eb374" + }, + { + "last_affected": "0bcb6ac150690d1b799982efabc11cab3420f3e3" + }, + { + "last_affected": "620197d1ffea20e9168372c354438f1c1e926ecd" + }, + { + "last_affected": "15466db69e60f486c44e4c3e680d27c951f125d7" + }, + { + "last_affected": "93f3752b970cc7c9e1a360037fff1ddb9dcbb86e" + }, + { + "last_affected": "26241af6f8b291eed42c597ffa2b32802331f813" + }, + { + "last_affected": "58142a27ea96bf9246586a91a82db85e37646933" + }, + { + "last_affected": "40934e0e9b632fa6c6ec22ac03b530625a027c79" + }, + { + "last_affected": "c9b3451da3cf632424c07c35759c9ffbd537fa9e" + }, + { + "last_affected": "644296e736ee219cd02f7b7d7b7b4c7c5a464217" + }, + { + "last_affected": "644179e0d4155ae8f5ddd5c3f6bd003e2e13cf94" + } + ], + "repo": "https://github.com/ffmpeg/ffmpeg", + "type": "GIT" + } + ] + } + ], + "database_specific": { + "unresolved_ranges": [ + { + "metadata": { + "cpes": [ + "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", + "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*" + ], + "source": "CPE_FIELD" + }, + "versions": [ + { + "last_affected": "12.04" + }, + { + "last_affected": "42.1" + } + ] + } + ] + }, + "details": "FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and read arbitrary files by using the concat protocol in an HTTP Live Streaming (HLS) M3U8 file, leading to an external HTTP request in which the URL string contains the first line of a local file.", + "id": "CVE-2016-1897", + "modified": "2025-04-12T10:46:40.837Z", + "published": "2016-01-15T03:59:23.063Z", + "references": [ + { + "type": "WEB", + "url": "http://www.slackware.com/security/viewer.php?l=slackware-security\u0026y=2016\u0026m=slackware-security.529036" + }, + { + "type": "WEB", + "url": "https://www.kb.cert.org/vuls/id/772447" + }, + { + "type": "WEB", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00034.html" + }, + { + "type": "WEB", + "url": "http://www.openwall.com/lists/oss-security/2016/01/14/1" + }, + { + "type": "WEB", + "url": "http://www.securityfocus.com/bid/80501" + }, + { + "type": "WEB", + "url": "http://www.securitytracker.com/id/1034932" + }, + { + "type": "ADVISORY", + "url": "http://www.ubuntu.com/usn/USN-2944-1" + }, + { + "type": "ADVISORY", + "url": "https://security.gentoo.org/glsa/201606-09" + }, + { + "type": "ADVISORY", + "url": "https://security.gentoo.org/glsa/201705-08" + }, + { + "type": "ADVISORY", + "url": "http://www.debian.org/security/2016/dsa-3506" + }, + { + "type": "EVIDENCE", + "url": "http://security.stackexchange.com/questions/110644" + }, + { + "type": "EVIDENCE", + "url": "http://habrahabr.ru/company/mailru/blog/274855" + } + ], + "severity": [ + { + "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", + "type": "CVSS_V3" + } + ] +} \ No newline at end of file diff --git a/vulnfeeds/cmd/combine-to-osv/nvd/gitea/gitea/CVE-2026-20912.json b/vulnfeeds/cmd/combine-to-osv/nvd/gitea/gitea/CVE-2026-20912.json new file mode 100644 index 00000000000..5a2f1947180 --- /dev/null +++ b/vulnfeeds/cmd/combine-to-osv/nvd/gitea/gitea/CVE-2026-20912.json @@ -0,0 +1,71 @@ +{ + "affected": [ + { + "ranges": [ + { + "database_specific": { + "cpe": "cpe:2.3:a:gitea:gitea:*:*:*:*:*:-:*:*", + "source": [ + "CPE_FIELD", + "REFERENCES" + ], + "versions": [ + { + "introduced": "0" + }, + { + "fixed": "1.25.4" + } + ] + }, + "events": [ + { + "introduced": "0" + }, + { + "fixed": "369830bada2fd8826a5135cb2fc66660a9bef708" + } + ], + "repo": "https://github.com/go-gitea/gitea", + "type": "GIT" + } + ] + } + ], + "aliases": [ + "GHSA-vfmv-f93v-37mw" + ], + "database_specific": {}, + "details": "Gitea does not properly validate repository ownership when linking attachments to releases. An attachment uploaded to a private repository could potentially be linked to a release in a different public repository, making it accessible to unauthorized users.", + "id": "CVE-2026-20912", + "modified": "2026-01-29T22:03:58.330Z", + "published": "2026-01-22T22:16:19.297Z", + "references": [ + { + "type": "ADVISORY", + "url": "https://blog.gitea.com/release-of-1.25.4/" + }, + { + "type": "ADVISORY", + "url": "https://github.com/go-gitea/gitea/releases/tag/v1.25.4" + }, + { + "type": "ADVISORY", + "url": "https://github.com/go-gitea/gitea/security/advisories/GHSA-vfmv-f93v-37mw" + }, + { + "type": "FIX", + "url": "https://github.com/go-gitea/gitea/pull/36320" + }, + { + "type": "FIX", + "url": "https://github.com/go-gitea/gitea/pull/36355" + } + ], + "severity": [ + { + "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", + "type": "CVSS_V3" + } + ] +} \ No newline at end of file diff --git a/vulnfeeds/cmd/combine-to-osv/nvd/google/protobuf-python/CVE-2025-4565.json b/vulnfeeds/cmd/combine-to-osv/nvd/google/protobuf-python/CVE-2025-4565.json new file mode 100644 index 00000000000..ba15fba27dc --- /dev/null +++ b/vulnfeeds/cmd/combine-to-osv/nvd/google/protobuf-python/CVE-2025-4565.json @@ -0,0 +1,79 @@ +{ + "affected": [ + { + "ranges": [ + { + "database_specific": { + "cpe": "cpe:2.3:a:google:protobuf-python:*:*:*:*:*:*:*:*", + "source": [ + "CPE_FIELD", + "REFERENCES" + ], + "versions": [ + { + "introduced": "0" + }, + { + "fixed": "4.25.8" + }, + { + "introduced": "5.26.0" + }, + { + "fixed": "5.29.5" + }, + { + "introduced": "6.30.0" + }, + { + "fixed": "6.31.1" + } + ] + }, + "events": [ + { + "introduced": "0" + }, + { + "fixed": "a4cbdd3ed0042e8f9b9c30e8b0634096d9532809" + }, + { + "introduced": "d6511091a0cab1ad13f676a02676ad2a0e5eb9ae" + }, + { + "fixed": "f5de0a0495faa63b4186fc767324f8b9a7bf4fc4" + }, + { + "introduced": "d295af5c3002c08e1bfd9d7f9e175d0a4d015f1e" + }, + { + "fixed": "74211c0dfc2777318ab53c2cd2c317a2ef9012de" + }, + { + "fixed": "17838beda2943d08b8a9d4df5b68f5f04f26d901" + } + ], + "repo": "https://github.com/protocolbuffers/protobuf", + "type": "GIT" + } + ] + } + ], + "database_specific": {}, + "details": "Any project that uses Protobuf Pure-Python backend to parse untrusted Protocol Buffers data containing an arbitrary number of recursive groups, recursive messages or a series of SGROUP tags can be corrupted by exceeding the Python recursion limit. This can result in a Denial of service by crashing the application with a RecursionError. We recommend upgrading to version =\u003e6.31.1 or beyond commit 17838beda2943d08b8a9d4df5b68f5f04f26d901", + "id": "CVE-2025-4565", + "modified": "2025-08-14T17:05:37.770Z", + "published": "2025-06-16T15:15:24.990Z", + "references": [ + { + "type": "FIX", + "url": "https://github.com/protocolbuffers/protobuf/commit/17838beda2943d08b8a9d4df5b68f5f04f26d901" + } + ], + "severity": [ + { + "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", + "type": "CVSS_V3" + } + ] +} \ No newline at end of file diff --git a/vulnfeeds/cmd/combine-to-osv/nvd/harfbuzz_project/harfbuzz/CVE-2022-33068.json b/vulnfeeds/cmd/combine-to-osv/nvd/harfbuzz_project/harfbuzz/CVE-2022-33068.json new file mode 100644 index 00000000000..3c14380f227 --- /dev/null +++ b/vulnfeeds/cmd/combine-to-osv/nvd/harfbuzz_project/harfbuzz/CVE-2022-33068.json @@ -0,0 +1,95 @@ +{ + "affected": [ + { + "ranges": [ + { + "database_specific": { + "cpe": "cpe:2.3:a:harfbuzz_project:harfbuzz:4.3.0:*:*:*:*:*:*:*", + "source": [ + "CPE_FIELD", + "REFERENCES" + ], + "versions": [ + { + "introduced": "0" + }, + { + "last_affected": "4.3.0" + } + ] + }, + "events": [ + { + "introduced": "0" + }, + { + "last_affected": "aee123fc83388b8f5acfb301d87bd92eccc5b843" + }, + { + "fixed": "62e803b36173fd096d7ad460dd1d1db9be542593" + } + ], + "repo": "https://github.com/harfbuzz/harfbuzz", + "type": "GIT" + } + ] + } + ], + "database_specific": { + "unresolved_ranges": [ + { + "metadata": { + "cpes": [ + "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", + "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*" + ], + "source": "CPE_FIELD" + }, + "versions": [ + { + "last_affected": "35" + }, + { + "last_affected": "36" + } + ] + } + ] + }, + "details": "An integer overflow in the component hb-ot-shape-fallback.cc of Harfbuzz v4.3.0 allows attackers to cause a Denial of Service (DoS) via unspecified vectors.", + "id": "CVE-2022-33068", + "modified": "2024-11-21T07:07:30.140Z", + "published": "2022-06-23T17:15:14.350Z", + "references": [ + { + "type": "WEB", + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FQBJ24W6TXLSAQWCFW7IBGUMX4AJI3S4/" + }, + { + "type": "WEB", + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/QQMEXOVDL3T2UXKBCON7JSOCE646G7HG/" + }, + { + "type": "WEB", + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W56WTC5IY4EIUHVUIHMCXA3BSBZLSZCI/" + }, + { + "type": "ADVISORY", + "url": "https://security.gentoo.org/glsa/202209-11" + }, + { + "type": "FIX", + "url": "https://github.com/harfbuzz/harfbuzz/commit/62e803b36173fd096d7ad460dd1d1db9be542593" + }, + { + "type": "FIX", + "url": "https://github.com/harfbuzz/harfbuzz/issues/3557" + } + ], + "severity": [ + { + "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "type": "CVSS_V3" + } + ] +} \ No newline at end of file diff --git a/vulnfeeds/cmd/combine-to-osv/nvd/haxx/libcurl/CVE-2018-14618.json b/vulnfeeds/cmd/combine-to-osv/nvd/haxx/libcurl/CVE-2018-14618.json new file mode 100644 index 00000000000..717ce519ca8 --- /dev/null +++ b/vulnfeeds/cmd/combine-to-osv/nvd/haxx/libcurl/CVE-2018-14618.json @@ -0,0 +1,149 @@ +{ + "affected": [ + { + "ranges": [ + { + "database_specific": { + "cpe": [ + "cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*", + "cpe:2.3:o:redhat:enterprise_linux:7.5:*:*:*:*:*:*:*", + "cpe:2.3:o:redhat:enterprise_linux:7.6:*:*:*:*:*:*:*" + ], + "source": "CPE_FIELD", + "versions": [ + { + "introduced": "0" + }, + { + "fixed": "7.61.1" + }, + { + "last_affected": "7.5" + }, + { + "last_affected": "7.6" + } + ] + }, + "events": [ + { + "introduced": "0" + }, + { + "fixed": "432eb5f5c254ee8383b2522ce597c9219877923e" + }, + { + "last_affected": "52707f959058c148c8a5ef4e81d0599780a1c014" + }, + { + "last_affected": "ac98c73b04aec60683ec2094f3c311485f08d6ab" + } + ], + "repo": "https://github.com/curl/curl", + "type": "GIT" + } + ] + } + ], + "database_specific": { + "unresolved_ranges": [ + { + "metadata": { + "cpes": [ + "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*", + "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", + "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", + "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", + "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", + "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", + "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", + "cpe:2.3:o:redhat:enterprise_linux:7.4:*:*:*:*:*:*:*" + ], + "source": "CPE_FIELD" + }, + "versions": [ + { + "last_affected": "12.04" + }, + { + "last_affected": "14.04" + }, + { + "last_affected": "16.04" + }, + { + "last_affected": "18.04" + }, + { + "last_affected": "9.0" + }, + { + "last_affected": "6.0" + }, + { + "last_affected": "7.0" + }, + { + "last_affected": "7.4" + } + ] + } + ] + }, + "details": "curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently used to iterate over the password and generate output into the allocated storage buffer. On systems with a 32 bit size_t, the math to calculate SUM triggers an integer overflow when the password length exceeds 2GB (2^31 bytes). This integer overflow usually causes a very small buffer to actually get allocated instead of the intended very huge one, making the use of that buffer end up in a heap buffer overflow. (This bug is almost identical to CVE-2017-8816.)", + "id": "CVE-2018-14618", + "modified": "2024-11-21T03:49:26.003Z", + "published": "2018-09-05T19:29:00.420Z", + "references": [ + { + "type": "WEB", + "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-436177.pdf" + }, + { + "type": "ADVISORY", + "url": "http://www.securitytracker.com/id/1041605" + }, + { + "type": "ADVISORY", + "url": "https://access.redhat.com/errata/RHSA-2018:3558" + }, + { + "type": "ADVISORY", + "url": "https://access.redhat.com/errata/RHSA-2019:1880" + }, + { + "type": "ADVISORY", + "url": "https://curl.haxx.se/docs/CVE-2018-14618.html" + }, + { + "type": "ADVISORY", + "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2018-0014" + }, + { + "type": "ADVISORY", + "url": "https://security.gentoo.org/glsa/201903-03" + }, + { + "type": "ADVISORY", + "url": "https://usn.ubuntu.com/3765-1/" + }, + { + "type": "ADVISORY", + "url": "https://usn.ubuntu.com/3765-2/" + }, + { + "type": "ADVISORY", + "url": "https://www.debian.org/security/2018/dsa-4286" + }, + { + "type": "REPORT", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14618" + } + ], + "severity": [ + { + "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "type": "CVSS_V3" + } + ] +} \ No newline at end of file diff --git a/vulnfeeds/cmd/combine-to-osv/nvd/haxx/libcurl/CVE-2024-7264.json b/vulnfeeds/cmd/combine-to-osv/nvd/haxx/libcurl/CVE-2024-7264.json new file mode 100644 index 00000000000..ce099fabbf9 --- /dev/null +++ b/vulnfeeds/cmd/combine-to-osv/nvd/haxx/libcurl/CVE-2024-7264.json @@ -0,0 +1,83 @@ +{ + "affected": [ + { + "ranges": [ + { + "database_specific": { + "cpe": "cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*", + "source": [ + "CPE_FIELD", + "REFERENCES" + ], + "versions": [ + { + "introduced": "7.32.0" + }, + { + "fixed": "8.9.1" + } + ] + }, + "events": [ + { + "introduced": "70812c2f32fc5734bcbbe572b9f61c380433ad6a" + }, + { + "fixed": "83bedbd730d62b83744cc26fa0433d3f6e2e4cd6" + }, + { + "fixed": "27959ecce75cdb2809c0bdb3286e60e08fadb519" + } + ], + "repo": "https://github.com/curl/curl", + "type": "GIT" + } + ] + } + ], + "database_specific": {}, + "details": "libcurl's ASN1 parser code has the `GTime2str()` function, used for parsing an\nASN.1 Generalized Time field. If given an syntactically incorrect field, the\nparser might end up using -1 for the length of the *time fraction*, leading to\na `strlen()` getting performed on a pointer to a heap buffer area that is not\n(purposely) null terminated.\n\nThis flaw most likely leads to a crash, but can also lead to heap contents\ngetting returned to the application when\n[CURLINFO_CERTINFO](https://curl.se/libcurl/c/CURLINFO_CERTINFO.html) is used.", + "id": "CVE-2024-7264", + "modified": "2025-11-03T23:17:31.647Z", + "published": "2024-07-31T08:15:02.657Z", + "references": [ + { + "type": "ADVISORY", + "url": "https://curl.se/docs/CVE-2024-7264.html" + }, + { + "type": "ADVISORY", + "url": "https://curl.se/docs/CVE-2024-7264.json" + }, + { + "type": "ADVISORY", + "url": "https://security.netapp.com/advisory/ntap-20240828-0008/" + }, + { + "type": "ADVISORY", + "url": "https://security.netapp.com/advisory/ntap-20241025-0006/" + }, + { + "type": "ADVISORY", + "url": "https://security.netapp.com/advisory/ntap-20241025-0010/" + }, + { + "type": "REPORT", + "url": "https://hackerone.com/reports/2629968" + }, + { + "type": "FIX", + "url": "https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519" + }, + { + "type": "ARTICLE", + "url": "http://www.openwall.com/lists/oss-security/2024/07/31/1" + } + ], + "severity": [ + { + "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H", + "type": "CVSS_V3" + } + ] +} \ No newline at end of file diff --git a/vulnfeeds/cmd/combine-to-osv/nvd/libdwarf_project/libdwarf/CVE-2024-2002.json b/vulnfeeds/cmd/combine-to-osv/nvd/libdwarf_project/libdwarf/CVE-2024-2002.json new file mode 100644 index 00000000000..a719bfab2a3 --- /dev/null +++ b/vulnfeeds/cmd/combine-to-osv/nvd/libdwarf_project/libdwarf/CVE-2024-2002.json @@ -0,0 +1,85 @@ +{ + "affected": [ + { + "ranges": [ + { + "database_specific": { + "cpe": "cpe:2.3:a:libdwarf_project:libdwarf:*:*:*:*:*:*:*:*", + "source": "CPE_FIELD", + "versions": [ + { + "introduced": "0.1.0" + }, + { + "fixed": "0.9.2" + } + ] + }, + "events": [ + { + "introduced": "0" + }, + { + "fixed": "5e43a5ab73cb00c8a46660b361366a8c9c3c93c9" + } + ], + "repo": "https://github.com/davea42/libdwarf-code", + "type": "GIT" + } + ] + } + ], + "database_specific": { + "unresolved_ranges": [ + { + "metadata": { + "cpes": [ + "cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*", + "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", + "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*" + ], + "source": "CPE_FIELD" + }, + "versions": [ + { + "last_affected": "7.0" + }, + { + "last_affected": "8.0" + }, + { + "last_affected": "40" + } + ] + } + ] + }, + "details": "A double-free vulnerability was found in libdwarf. In a multiply-corrupted DWARF object, libdwarf may try to dealloc(free) an allocation twice, potentially causing unpredictable and various results.", + "id": "CVE-2024-2002", + "modified": "2025-04-09T15:36:37.840Z", + "published": "2024-03-18T13:15:07.657Z", + "references": [ + { + "type": "ADVISORY", + "url": "https://access.redhat.com/security/cve/CVE-2024-2002" + }, + { + "type": "ADVISORY", + "url": "https://github.com/davea42/libdwarf-code/blob/main/bugxml/data.txt" + }, + { + "type": "REPORT", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2267700" + }, + { + "type": "ARTICLE", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZGPVLSPIXR32J6FOAFTTIMYTUUXJICGW/" + } + ], + "severity": [ + { + "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "type": "CVSS_V3" + } + ] +} \ No newline at end of file diff --git a/vulnfeeds/cmd/combine-to-osv/nvd/redhat/directory_server/CVE-2023-1055.json b/vulnfeeds/cmd/combine-to-osv/nvd/redhat/directory_server/CVE-2023-1055.json new file mode 100644 index 00000000000..bf82e5ff9ac --- /dev/null +++ b/vulnfeeds/cmd/combine-to-osv/nvd/redhat/directory_server/CVE-2023-1055.json @@ -0,0 +1,63 @@ +{ + "database_specific": { + "unresolved_ranges": [ + { + "metadata": { + "cpes": [ + "cpe:2.3:a:redhat:directory_server:11.5:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:directory_server:11.6:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:directory_server:12.0:*:*:*:*:*:*:*", + "cpe:2.3:a:redhat:directory_server:12.1:*:*:*:*:*:*:*", + "cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*", + "cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*", + "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*" + ], + "source": "CPE_FIELD" + }, + "versions": [ + { + "last_affected": "11.5" + }, + { + "last_affected": "11.6" + }, + { + "last_affected": "12.0" + }, + { + "last_affected": "12.1" + }, + { + "last_affected": "36" + }, + { + "last_affected": "37" + }, + { + "last_affected": "38" + } + ] + } + ] + }, + "details": "A flaw was found in RHDS 11 and RHDS 12. While browsing entries LDAP tries to decode the userPassword attribute instead of the userCertificate attribute which could lead into sensitive information leaked. An attacker with a local account where the cockpit-389-ds is running can list the processes and display the hashed passwords. The highest threat from this vulnerability is to data confidentiality.", + "id": "CVE-2023-1055", + "modified": "2024-11-21T07:38:22.297Z", + "published": "2023-02-27T22:15:09.990Z", + "references": [ + { + "type": "WEB", + "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MZOYQ5TCV6ZEPMDV4CSLK3KINAAO4SRI/" + }, + { + "type": "REPORT", + "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2173517#c0" + } + ], + "severity": [ + { + "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", + "type": "CVSS_V3" + } + ] +} \ No newline at end of file diff --git a/vulnfeeds/cmd/combine-to-osv/nvd/salesforce/mobile_software_development_kit/CVE-2016-15012.json b/vulnfeeds/cmd/combine-to-osv/nvd/salesforce/mobile_software_development_kit/CVE-2016-15012.json new file mode 100644 index 00000000000..9774951accd --- /dev/null +++ b/vulnfeeds/cmd/combine-to-osv/nvd/salesforce/mobile_software_development_kit/CVE-2016-15012.json @@ -0,0 +1,67 @@ +{ + "affected": [ + { + "ranges": [ + { + "database_specific": { + "cpe": "cpe:2.3:a:salesforce:mobile_software_development_kit:*:*:*:*:*:windows:*:*", + "source": [ + "CPE_FIELD", + "REFERENCES" + ], + "versions": [ + { + "introduced": "0" + }, + { + "fixed": "5.0.0" + } + ] + }, + "events": [ + { + "introduced": "0" + }, + { + "fixed": "e4dd3fa3182d0fd382e229e0c25d1bfd8b77a711" + }, + { + "fixed": "83b3e91e0c1e84873a6d3ca3c5887eb5b4f5a3d8" + } + ], + "repo": "https://github.com/forcedotcom/salesforcemobilesdk-windows", + "type": "GIT" + } + ] + } + ], + "database_specific": {}, + "details": "** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in forcedotcom SalesforceMobileSDK-Windows up to 4.x. It has been rated as critical. This issue affects the function ComputeCountSql of the file SalesforceSDK/SmartStore/Store/QuerySpec.cs. The manipulation leads to sql injection. Upgrading to version 5.0.0 is able to address this issue. The patch is named 83b3e91e0c1e84873a6d3ca3c5887eb5b4f5a3d8. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-217619. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.", + "id": "CVE-2016-15012", + "modified": "2024-11-21T02:45:29.557Z", + "published": "2023-01-07T13:15:09.530Z", + "references": [ + { + "type": "ADVISORY", + "url": "https://github.com/forcedotcom/SalesforceMobileSDK-Windows/releases/tag/v5.0.0" + }, + { + "type": "REPORT", + "url": "https://vuldb.com/?ctiid.217619" + }, + { + "type": "REPORT", + "url": "https://vuldb.com/?id.217619" + }, + { + "type": "FIX", + "url": "https://github.com/forcedotcom/SalesforceMobileSDK-Windows/commit/83b3e91e0c1e84873a6d3ca3c5887eb5b4f5a3d8" + } + ], + "severity": [ + { + "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "type": "CVSS_V3" + } + ] +} \ No newline at end of file diff --git a/vulnfeeds/cmd/combine-to-osv/nvd/tokio/tokio/CVE-2023-22466.json b/vulnfeeds/cmd/combine-to-osv/nvd/tokio/tokio/CVE-2023-22466.json new file mode 100644 index 00000000000..ebb25eeb49d --- /dev/null +++ b/vulnfeeds/cmd/combine-to-osv/nvd/tokio/tokio/CVE-2023-22466.json @@ -0,0 +1,91 @@ +{ + "affected": [ + { + "ranges": [ + { + "database_specific": { + "cpe": "cpe:2.3:a:tokio:tokio:*:*:*:*:*:rust:*:*", + "source": [ + "CPE_FIELD", + "REFERENCES" + ], + "versions": [ + { + "introduced": "1.7.0" + }, + { + "fixed": "1.18.4" + }, + { + "introduced": "1.19.0" + }, + { + "fixed": "1.20.3" + }, + { + "introduced": "1.21.0" + }, + { + "fixed": "1.23.1" + } + ] + }, + "events": [ + { + "introduced": "f64673580dfc649954eb744eb2734f2f118baa47" + }, + { + "fixed": "9241c3eddf4a6a218681b088d71f7191513e2376" + }, + { + "introduced": "674d77d4ef42bd99238521546b3b2cd60b26e50d" + }, + { + "fixed": "ba81945ffc2695b71f2bbcadbfb5e46ec55aaef3" + }, + { + "introduced": "50795e652ecb0747c8d048aeaa38a41dddb2da4b" + }, + { + "fixed": "1a997ffbd62334af2553775234e75ede2d7d949f" + } + ], + "repo": "https://github.com/tokio-rs/tokio", + "type": "GIT" + } + ] + } + ], + "database_specific": {}, + "details": "Tokio is a runtime for writing applications with Rust. Starting with version 1.7.0 and prior to versions 1.18.4, 1.20.3, and 1.23.1, when configuring a Windows named pipe server, setting `pipe_mode` will reset `reject_remote_clients` to `false`. If the application has previously configured `reject_remote_clients` to `true`, this effectively undoes the configuration. Remote clients may only access the named pipe if the named pipe's associated path is accessible via a publicly shared folder (SMB). Versions 1.23.1, 1.20.3, and 1.18.4 have been patched. The fix will also be present in all releases starting from version 1.24.0. Named pipes were introduced to Tokio in version 1.7.0, so releases older than 1.7.0 are not affected. As a workaround, ensure that `pipe_mode` is set first after initializing a `ServerOptions`.", + "id": "CVE-2023-22466", + "modified": "2024-11-21T07:44:51.683Z", + "published": "2023-01-04T22:15:09.267Z", + "references": [ + { + "type": "ADVISORY", + "url": "https://github.com/tokio-rs/tokio/releases/tag/tokio-1.23.1" + }, + { + "type": "ADVISORY", + "url": "https://github.com/tokio-rs/tokio/security/advisories/GHSA-7rrj-xr53-82p7" + }, + { + "type": "ADVISORY", + "url": "https://learn.microsoft.com/en-us/windows/win32/api/winbase/nf-winbase-createnamedpipea#pipe_reject_remote_clients" + }, + { + "type": "FIX", + "url": "https://github.com/tokio-rs/tokio/pull/5336" + } + ], + "related": [ + "GHSA-7rrj-xr53-82p7" + ], + "severity": [ + { + "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N", + "type": "CVSS_V3" + } + ] +} \ No newline at end of file