diff --git a/data/anchore/2024/CVE-2024-46951.json b/data/anchore/2024/CVE-2024-46951.json new file mode 100644 index 00000000..f6bf0169 --- /dev/null +++ b/data/anchore/2024/CVE-2024-46951.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "mitre", + "cveId": "CVE-2024-46951", + "description": "An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. An unchecked Implementation pointer in Pattern color space could lead to arbitrary code execution.", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://bugs.ghostscript.com/show_bug.cgi?id=707991", + "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=f49812186baa7d1362880673408a6fbe8719b4f8", + "https://github.com/ArtifexSoftware/ghostpdl/blob/master/doc/News.html", + "https://www.suse.com/support/update/announcement/2024/suse-su-20243942-1/" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:artifex:ghostscript:*:*:*:*:*:*:*:*", + "cpe:2.3:a:ghostscript:ghostscript:*:*:*:*:*:*:*:*" + ], + "product": "ghostscript", + "repo": "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git", + "vendor": "artifex", + "versions": [ + { + "lessThan": "10.04.0", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-46952.json b/data/anchore/2024/CVE-2024-46952.json new file mode 100644 index 00000000..47018093 --- /dev/null +++ b/data/anchore/2024/CVE-2024-46952.json @@ -0,0 +1,38 @@ +{ + "additionalMetadata": { + "cna": "mitre", + "cveId": "CVE-2024-46952", + "description": "An issue was discovered in pdf/pdf_xref.c in Artifex Ghostscript before 10.04.0. There is a buffer overflow during handling of a PDF XRef stream (related to W array values).", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://bugs.ghostscript.com/show_bug.cgi?id=708001", + "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=b1f0827c30f59a2dcbc8a39e42cace7a1de35f7f", + "https://github.com/ArtifexSoftware/ghostpdl/blob/master/doc/News.html" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:artifex:ghostscript:*:*:*:*:*:*:*:*", + "cpe:2.3:a:ghostscript:ghostscript:*:*:*:*:*:*:*:*" + ], + "product": "ghostscript", + "repo": "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git", + "vendor": "artifex", + "versions": [ + { + "lessThan": "10.04.0", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-46953.json b/data/anchore/2024/CVE-2024-46953.json new file mode 100644 index 00000000..9434dafc --- /dev/null +++ b/data/anchore/2024/CVE-2024-46953.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "mitre", + "cveId": "CVE-2024-46953", + "description": "An issue was discovered in base/gsdevice.c in Artifex Ghostscript before 10.04.0. An integer overflow when parsing the filename format string (for the output filename) results in path truncation, and possible path traversal and code execution.", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://bugs.ghostscript.com/show_bug.cgi?id=707793", + "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=1f21a45df0fa3abec4cff12951022b192dda3c00", + "https://github.com/ArtifexSoftware/ghostpdl/blob/master/doc/News.html", + "https://www.suse.com/support/update/announcement/2024/suse-su-20243942-1/" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:artifex:ghostscript:*:*:*:*:*:*:*:*", + "cpe:2.3:a:ghostscript:ghostscript:*:*:*:*:*:*:*:*" + ], + "product": "ghostscript", + "repo": "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git", + "vendor": "artifex", + "versions": [ + { + "lessThan": "10.04.0", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-46954.json b/data/anchore/2024/CVE-2024-46954.json new file mode 100644 index 00000000..0875ebe5 --- /dev/null +++ b/data/anchore/2024/CVE-2024-46954.json @@ -0,0 +1,38 @@ +{ + "additionalMetadata": { + "cna": "mitre", + "cveId": "CVE-2024-46954", + "description": "An issue was discovered in decode_utf8 in base/gp_utf8.c in Artifex Ghostscript before 10.04.0. Overlong UTF-8 encoding leads to possible ../ directory traversal.", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://bugs.ghostscript.com/show_bug.cgi?id=707788", + "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=55f587dd039282316f512e1bea64218fd991f934", + "https://github.com/ArtifexSoftware/ghostpdl/blob/master/doc/News.html" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:artifex:ghostscript:*:*:*:*:*:*:*:*", + "cpe:2.3:a:ghostscript:ghostscript:*:*:*:*:*:*:*:*" + ], + "product": "ghostscript", + "repo": "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git", + "vendor": "artifex", + "versions": [ + { + "lessThan": "10.04.0", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-46955.json b/data/anchore/2024/CVE-2024-46955.json new file mode 100644 index 00000000..99b8caed --- /dev/null +++ b/data/anchore/2024/CVE-2024-46955.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "mitre", + "cveId": "CVE-2024-46955", + "description": "An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. There is an out-of-bounds read when reading color in Indexed color space.", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://bugs.ghostscript.com/show_bug.cgi?id=707990", + "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=85bd9d2f4b792fe67aef22f1a4117457461b8ba6", + "https://github.com/ArtifexSoftware/ghostpdl/blob/master/doc/News.html", + "https://www.suse.com/support/update/announcement/2024/suse-su-20243942-1/" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:artifex:ghostscript:*:*:*:*:*:*:*:*", + "cpe:2.3:a:ghostscript:ghostscript:*:*:*:*:*:*:*:*" + ], + "product": "ghostscript", + "repo": "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git", + "vendor": "artifex", + "versions": [ + { + "lessThan": "10.04.0", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-46956.json b/data/anchore/2024/CVE-2024-46956.json new file mode 100644 index 00000000..37f87460 --- /dev/null +++ b/data/anchore/2024/CVE-2024-46956.json @@ -0,0 +1,39 @@ +{ + "additionalMetadata": { + "cna": "mitre", + "cveId": "CVE-2024-46956", + "description": "An issue was discovered in psi/zfile.c in Artifex Ghostscript before 10.04.0. Out-of-bounds data access in filenameforall can lead to arbitrary code execution.", + "reason": "Added CPE configurations because not yet analyzed by NVD.", + "references": [ + "https://bugs.ghostscript.com/show_bug.cgi?id=707895", + "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git/commit/?id=f4151f12db32cd3ed26c24327de714bf2c3ed6ca", + "https://github.com/ArtifexSoftware/ghostpdl/blob/master/doc/News.html", + "https://www.suse.com/support/update/announcement/2024/suse-su-20243942-1/" + ] + }, + "adp": { + "affected": [ + { + "cpes": [ + "cpe:2.3:a:artifex:ghostscript:*:*:*:*:*:*:*:*", + "cpe:2.3:a:ghostscript:ghostscript:*:*:*:*:*:*:*:*" + ], + "product": "ghostscript", + "repo": "https://cgit.ghostscript.com/cgi-bin/cgit.cgi/ghostpdl.git", + "vendor": "artifex", + "versions": [ + { + "lessThan": "10.04.0", + "status": "affected", + "version": "0", + "versionType": "custom" + } + ] + } + ], + "providerMetadata": { + "orgId": "00000000-0000-4000-8000-000000000000", + "shortName": "anchoreadp" + } + } +} \ No newline at end of file diff --git a/data/anchore/2024/CVE-2024-52007.json b/data/anchore/2024/CVE-2024-52007.json index 6c83aa8a..6810affd 100644 --- a/data/anchore/2024/CVE-2024-52007.json +++ b/data/anchore/2024/CVE-2024-52007.json @@ -18,8 +18,8 @@ { "collectionURL": "https://repo.maven.apache.org/maven2", "cpes": [ - "cpe:2.3:a:hapifhir:hl7_fhir_core:*:*:*:*:*:maven:*:*", - "cpe:2.3:a:ca.uhn.hapi.fhir:org.hl7.fhir.core:*:*:*:*:*:maven:*:*" + "cpe:2.3:a:ca.uhn.hapi.fhir:org.hl7.fhir.core:*:*:*:*:*:maven:*:*", + "cpe:2.3:a:hapifhir:hl7_fhir_core:*:*:*:*:*:maven:*:*" ], "packageName": "ca.uhn.hapi.fhir:org.hl7.fhir.core", "packageType": "maven",