Update 20240930084402 (#620)

bitnami · Sep 30, 2024 · 4619397 · 4619397
1 parent e8a1101
commit 4619397
Show file tree

Hide file tree

Showing 23 changed files with 241 additions and 44 deletions.
diff --git a/data/gitlab/BIT-gitlab-2024-2743.json b/data/gitlab/BIT-gitlab-2024-2743.json
@@ -48,7 +48,8 @@
   "database_specific": {
     "severity": "Critical",
     "cpes": [
-      "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
+      "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*",
+      "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*"
     ]
   },
   "references": [
@@ -62,5 +63,5 @@
     }
   ],
   "published": "2024-09-14T07:17:52.830Z",
-  "modified": "2024-09-15T07:45:02.903Z"
+  "modified": "2024-09-30T09:34:51.259Z"
 }
diff --git a/data/gitlab/BIT-gitlab-2024-2800.json b/data/gitlab/BIT-gitlab-2024-2800.json
@@ -48,7 +48,8 @@
   "database_specific": {
     "severity": "High",
     "cpes": [
-      "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
+      "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*",
+      "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*"
     ]
   },
   "references": [
@@ -62,5 +63,5 @@
     }
   ],
   "published": "2024-08-10T07:28:58.601Z",
-  "modified": "2024-08-26T08:55:25.134Z"
+  "modified": "2024-09-30T09:34:51.259Z"
 }
diff --git a/data/gitlab/BIT-gitlab-2024-3115.json b/data/gitlab/BIT-gitlab-2024-3115.json
@@ -48,7 +48,8 @@
   "database_specific": {
     "severity": "Medium",
     "cpes": [
-      "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
+      "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*",
+      "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*"
     ]
   },
   "references": [
@@ -62,5 +63,5 @@
     }
   ],
   "published": "2024-06-28T07:22:56.381Z",
-  "modified": "2024-06-28T07:56:14.142Z"
+  "modified": "2024-09-30T09:34:51.259Z"
 }
diff --git a/data/gitlab/BIT-gitlab-2024-3127.json b/data/gitlab/BIT-gitlab-2024-3127.json
@@ -48,7 +48,8 @@
   "database_specific": {
     "severity": "Medium",
     "cpes": [
-      "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
+      "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*",
+      "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*"
     ]
   },
   "references": [
@@ -62,5 +63,5 @@
     }
   ],
   "published": "2024-08-26T08:32:29.904Z",
-  "modified": "2024-08-26T08:55:25.134Z"
+  "modified": "2024-09-30T09:34:51.259Z"
 }
diff --git a/data/gitlab/BIT-gitlab-2024-4283.json b/data/gitlab/BIT-gitlab-2024-4283.json
@@ -48,7 +48,8 @@
   "database_specific": {
     "severity": "Medium",
     "cpes": [
-      "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
+      "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*",
+      "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*"
     ]
   },
   "references": [
@@ -62,5 +63,5 @@
     }
   ],
   "published": "2024-09-18T07:23:19.137Z",
-  "modified": "2024-09-25T19:52:34.889Z"
+  "modified": "2024-09-30T09:34:51.259Z"
 }
diff --git a/data/gitlab/BIT-gitlab-2024-4612.json b/data/gitlab/BIT-gitlab-2024-4612.json
@@ -48,7 +48,8 @@
   "database_specific": {
     "severity": "Medium",
     "cpes": [
-      "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
+      "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*",
+      "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*"
     ]
   },
   "references": [
@@ -62,5 +63,5 @@
     }
   ],
   "published": "2024-09-14T07:13:08.316Z",
-  "modified": "2024-09-15T07:45:02.903Z"
+  "modified": "2024-09-30T09:34:51.259Z"
 }
diff --git a/data/gitlab/BIT-gitlab-2024-4660.json b/data/gitlab/BIT-gitlab-2024-4660.json
@@ -48,7 +48,8 @@
   "database_specific": {
     "severity": "High",
     "cpes": [
-      "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
+      "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*",
+      "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*"
     ]
   },
   "references": [
@@ -62,5 +63,5 @@
     }
   ],
   "published": "2024-09-14T07:12:55.540Z",
-  "modified": "2024-09-15T07:45:02.903Z"
+  "modified": "2024-09-30T09:34:51.259Z"
 }
diff --git a/data/gitlab/BIT-gitlab-2024-4784.json b/data/gitlab/BIT-gitlab-2024-4784.json
@@ -48,7 +48,8 @@
   "database_specific": {
     "severity": "Medium",
     "cpes": [
-      "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
+      "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*",
+      "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*"
     ]
   },
   "references": [
@@ -62,5 +63,5 @@
     }
   ],
   "published": "2024-08-10T07:23:52.701Z",
-  "modified": "2024-08-26T08:55:25.134Z"
+  "modified": "2024-09-30T09:34:51.259Z"
 }
diff --git a/data/gitlab/BIT-gitlab-2024-5067.json b/data/gitlab/BIT-gitlab-2024-5067.json
@@ -48,7 +48,8 @@
   "database_specific": {
     "severity": "Medium",
     "cpes": [
-      "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
+      "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*",
+      "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*"
     ]
   },
   "references": [
@@ -70,5 +71,5 @@
     }
   ],
   "published": "2024-07-26T07:22:33.753Z",
-  "modified": "2024-09-06T07:48:10.598Z"
+  "modified": "2024-09-30T09:34:51.259Z"
 }
diff --git a/data/gitlab/BIT-gitlab-2024-6323.json b/data/gitlab/BIT-gitlab-2024-6323.json
@@ -48,7 +48,8 @@
   "database_specific": {
     "severity": "High",
     "cpes": [
-      "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
+      "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*",
+      "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*"
     ]
   },
   "references": [
@@ -58,5 +59,5 @@
     }
   ],
   "published": "2024-06-28T07:18:50.287Z",
-  "modified": "2024-06-28T07:56:14.142Z"
+  "modified": "2024-09-30T09:34:51.259Z"
 }
diff --git a/data/gitlab/BIT-gitlab-2024-7110.json b/data/gitlab/BIT-gitlab-2024-7110.json
@@ -48,7 +48,8 @@
   "database_specific": {
     "severity": "Medium",
     "cpes": [
-      "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
+      "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*",
+      "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*"
     ]
   },
   "references": [
@@ -58,5 +59,5 @@
     }
   ],
   "published": "2024-08-26T08:28:53.762Z",
-  "modified": "2024-08-26T08:55:25.134Z"
+  "modified": "2024-09-30T09:34:51.259Z"
 }
diff --git a/data/gitlab/BIT-gitlab-2024-8311.json b/data/gitlab/BIT-gitlab-2024-8311.json
@@ -42,7 +42,8 @@
   "database_specific": {
     "severity": "Medium",
     "cpes": [
-      "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
+      "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*",
+      "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*"
     ]
   },
   "references": [
@@ -52,5 +53,5 @@
     }
   ],
   "published": "2024-09-14T07:06:34.533Z",
-  "modified": "2024-09-14T07:47:34.001Z"
+  "modified": "2024-09-30T09:34:51.259Z"
 }
diff --git a/data/gitlab/BIT-gitlab-2024-8631.json b/data/gitlab/BIT-gitlab-2024-8631.json
@@ -48,7 +48,8 @@
   "database_specific": {
     "severity": "High",
     "cpes": [
-      "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
+      "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*",
+      "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*"
     ]
   },
   "references": [
@@ -62,5 +63,5 @@
     }
   ],
   "published": "2024-09-14T07:06:22.032Z",
-  "modified": "2024-09-15T07:45:02.903Z"
+  "modified": "2024-09-30T09:34:51.259Z"
 }
diff --git a/data/gitlab/BIT-gitlab-2024-8635.json b/data/gitlab/BIT-gitlab-2024-8635.json
@@ -48,7 +48,8 @@
   "database_specific": {
     "severity": "Medium",
     "cpes": [
-      "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
+      "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*",
+      "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*"
     ]
   },
   "references": [
@@ -58,5 +59,5 @@
     }
   ],
   "published": "2024-09-14T07:06:09.828Z",
-  "modified": "2024-09-15T07:45:02.903Z"
+  "modified": "2024-09-30T09:34:51.259Z"
 }
diff --git a/data/gitlab/BIT-gitlab-2024-8640.json b/data/gitlab/BIT-gitlab-2024-8640.json
@@ -48,7 +48,8 @@
   "database_specific": {
     "severity": "High",
     "cpes": [
-      "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
+      "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*",
+      "cpe:2.3:a:gitlab:gitlab:*:*:*:*:enterprise:*:*:*"
     ]
   },
   "references": [
@@ -62,5 +63,5 @@
     }
   ],
   "published": "2024-09-14T07:05:58.226Z",
-  "modified": "2024-09-15T07:45:02.903Z"
+  "modified": "2024-09-30T09:34:51.259Z"
 }
diff --git a/data/gitlab/BIT-gitlab-2024-8974.json b/data/gitlab/BIT-gitlab-2024-8974.json
@@ -0,0 +1,62 @@
+{
+  "schema_version": "1.5.0",
+  "id": "BIT-gitlab-2024-8974",
+  "details": "Information disclosure in Gitlab EE/CE affecting all versions from 15.6 prior to 17.2.8, 17.3 prior to 17.3.4, and 17.4 prior to 17.4.1 in specific conditions it was possible to disclose to an unauthorised user the path of a private project.\"",
+  "aliases": [
+    "CVE-2024-8974"
+  ],
+  "affected": [
+    {
+      "package": {
+        "ecosystem": "Bitnami",
+        "name": "gitlab",
+        "purl": "pkg:bitnami/gitlab"
+      },
+      "severity": [
+        {
+          "type": "CVSS_V3",
+          "score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:N/A:N"
+        }
+      ],
+      "ranges": [
+        {
+          "type": "SEMVER",
+          "events": [
+            {
+              "introduced": "15.6.0"
+            },
+            {
+              "fixed": "17.2.8"
+            },
+            {
+              "introduced": "17.3.0"
+            },
+            {
+              "fixed": "17.3.4"
+            },
+            {
+              "introduced": "17.4.0"
+            },
+            {
+              "fixed": "17.4.1"
+            }
+          ]
+        }
+      ]
+    }
+  ],
+  "database_specific": {
+    "severity": "Low",
+    "cpes": [
+      "cpe:2.3:a:gitlab:gitlab:*:*:*:*:*:*:*:*"
+    ]
+  },
+  "references": [
+    {
+      "type": "WEB",
+      "url": "https://gitlab.com/gitlab-org/gitlab/-/issues/482843"
+    }
+  ],
+  "published": "2024-09-30T08:53:12.028Z",
+  "modified": "2024-09-30T09:34:51.259Z"
+}
diff --git a/data/grafana/BIT-grafana-2023-6152.json b/data/grafana/BIT-grafana-2023-6152.json
@@ -61,7 +61,8 @@
     "severity": "Medium",
     "cpes": [
       "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*",
-      "cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*"
+      "cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*",
+      "cpe:2.3:a:grafana:grafana:*:*:*:*:*:go:*:*"
     ]
   },
   "references": [
@@ -75,5 +76,5 @@
     }
   ],
   "published": "2024-03-12T08:24:38.577Z",
-  "modified": "2024-03-12T08:58:38.758Z"
+  "modified": "2024-09-30T09:34:51.259Z"
 }
diff --git a/data/grafana/BIT-grafana-2024-6322.json b/data/grafana/BIT-grafana-2024-6322.json
@@ -43,7 +43,8 @@
     "severity": "Medium",
     "cpes": [
       "cpe:2.3:a:grafana:grafana:*:*:*:*:*:*:*:*",
-      "cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*"
+      "cpe:2.3:a:grafana:grafana:*:*:*:*:enterprise:*:*:*",
+      "cpe:2.3:a:grafana:grafana:*:*:*:*:*:go:*:*"
     ]
   },
   "references": [
@@ -53,5 +54,5 @@
     }
   ],
   "published": "2024-08-23T07:19:28.601Z",
-  "modified": "2024-08-23T07:57:36.787Z"
+  "modified": "2024-09-30T09:34:51.259Z"
 }