stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 1 Releases Wiki Activity
Files
01104cccdf51e00d4a945031e23f904b68b99341
git.stella-ops.org/src/StellaOps.Concelier.Connector.Kev.Tests/Kev/Fixtures/kev-advisories.snapshot.json
master 052da7a7d0 Rename Concelier Source modules to Connector
2025-10-18 20:47:13 +03:00

343 lines
11 KiB
JSON
Raw Blame History

[
{
"advisoryKey": "kev/cve-2021-43798",
"affectedPackages": [
{
"type": "vendor",
"identifier": "Grafana Labs::Grafana",
"platform": null,
"versionRanges": [
{
"fixedVersion": null,
"introducedVersion": null,
"lastAffectedVersion": null,
"primitives": {
"evr": null,
"hasVendorExtensions": true,
"nevra": null,
"semVer": null,
"vendorExtensions": {
"kev.vendorProject": "Grafana Labs",
"kev.product": "Grafana",
"kev.requiredAction": "Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.",
"kev.knownRansomwareCampaignUse": "Unknown",
"kev.notes": "https://grafana.com/security/advisory; https://nvd.nist.gov/vuln/detail/CVE-2021-43798",
"kev.catalogVersion": "2025.10.09",
"kev.catalogReleased": "2025-10-09T16:52:28.6547000+00:00",
"kev.dateAdded": "2025-10-09",
"kev.dueDate": "2025-10-30",
"kev.cwe": "CWE-22"
}
},
"provenance": {
"source": "kev",
"kind": "kev-range",
"value": "Grafana Labs::Grafana",
"decisionReason": null,
"recordedAt": "2025-10-10T00:01:00+00:00",
"fieldMask": []
},
"rangeExpression": null,
"rangeKind": "vendor"
}
],
"normalizedVersions": [
{
"scheme": "kev.catalog",
"type": "exact",
"min": null,
"minInclusive": null,
"max": null,
"maxInclusive": null,
"value": "2025.10.09",
"notes": "Grafana Labs::Grafana"
},
{
"scheme": "kev.date-added",
"type": "exact",
"min": null,
"minInclusive": null,
"max": null,
"maxInclusive": null,
"value": "2025-10-09",
"notes": "Grafana Labs::Grafana"
},
{
"scheme": "kev.due-date",
"type": "lte",
"min": null,
"minInclusive": null,
"max": "2025-10-30",
"maxInclusive": true,
"value": null,
"notes": "Grafana Labs::Grafana"
}
],
"statuses": [],
"provenance": [
{
"source": "kev",
"kind": "mapping",
"value": "2025.10.09",
"decisionReason": null,
"recordedAt": "2025-10-10T00:01:00+00:00",
"fieldMask": []
}
]
}
],
"aliases": [
"CVE-2021-43798"
],
"credits": [],
"cvssMetrics": [],
"exploitKnown": true,
"language": "en",
"modified": "2025-10-09T16:52:28.6547+00:00",
"provenance": [
{
"source": "kev",
"kind": "document",
"value": "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json",
"decisionReason": null,
"recordedAt": "2025-10-10T00:00:00+00:00",
"fieldMask": []
},
{
"source": "kev",
"kind": "mapping",
"value": "2025.10.09",
"decisionReason": null,
"recordedAt": "2025-10-10T00:01:00+00:00",
"fieldMask": []
}
],
"published": "2025-10-09T00:00:00+00:00",
"references": [
{
"kind": "reference",
"provenance": {
"source": "kev",
"kind": "reference",
"value": "CVE-2021-43798",
"decisionReason": null,
"recordedAt": "2025-10-10T00:01:00+00:00",
"fieldMask": []
},
"sourceTag": "kev.notes",
"summary": null,
"url": "https://grafana.com/security/advisory"
},
{
"kind": "reference",
"provenance": {
"source": "kev",
"kind": "reference",
"value": "CVE-2021-43798",
"decisionReason": null,
"recordedAt": "2025-10-10T00:01:00+00:00",
"fieldMask": []
},
"sourceTag": "kev.notes",
"summary": null,
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-43798"
},
{
"kind": "advisory",
"provenance": {
"source": "kev",
"kind": "reference",
"value": "CVE-2021-43798",
"decisionReason": null,
"recordedAt": "2025-10-10T00:01:00+00:00",
"fieldMask": []
},
"sourceTag": "cisa-kev",
"summary": null,
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search=CVE-2021-43798"
},
{
"kind": "reference",
"provenance": {
"source": "kev",
"kind": "reference",
"value": "CVE-2021-43798",
"decisionReason": null,
"recordedAt": "2025-10-10T00:01:00+00:00",
"fieldMask": []
},
"sourceTag": "cisa-kev-feed",
"summary": null,
"url": "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json"
}
],
"severity": null,
"summary": "Grafana contains a path traversal vulnerability that could allow access to local files.",
"title": "Grafana Path Traversal Vulnerability"
},
{
"advisoryKey": "kev/cve-2024-12345",
"affectedPackages": [
{
"type": "vendor",
"identifier": "Acme Corp::Acme Widget",
"platform": null,
"versionRanges": [
{
"fixedVersion": null,
"introducedVersion": null,
"lastAffectedVersion": null,
"primitives": {
"evr": null,
"hasVendorExtensions": true,
"nevra": null,
"semVer": null,
"vendorExtensions": {
"kev.vendorProject": "Acme Corp",
"kev.product": "Acme Widget",
"kev.requiredAction": "Apply vendor patch KB-1234.",
"kev.knownRansomwareCampaignUse": "Confirmed",
"kev.notes": "https://acme.example/advisories/KB-1234 https://nvd.nist.gov/vuln/detail/CVE-2024-12345 additional context ignored",
"kev.catalogVersion": "2025.10.09",
"kev.catalogReleased": "2025-10-09T16:52:28.6547000+00:00",
"kev.dateAdded": "2025-08-01",
"kev.cwe": "CWE-120,CWE-787"
}
},
"provenance": {
"source": "kev",
"kind": "kev-range",
"value": "Acme Corp::Acme Widget",
"decisionReason": null,
"recordedAt": "2025-10-10T00:01:00+00:00",
"fieldMask": []
},
"rangeExpression": null,
"rangeKind": "vendor"
}
],
"normalizedVersions": [
{
"scheme": "kev.catalog",
"type": "exact",
"min": null,
"minInclusive": null,
"max": null,
"maxInclusive": null,
"value": "2025.10.09",
"notes": "Acme Corp::Acme Widget"
},
{
"scheme": "kev.date-added",
"type": "exact",
"min": null,
"minInclusive": null,
"max": null,
"maxInclusive": null,
"value": "2025-08-01",
"notes": "Acme Corp::Acme Widget"
}
],
"statuses": [],
"provenance": [
{
"source": "kev",
"kind": "mapping",
"value": "2025.10.09",
"decisionReason": null,
"recordedAt": "2025-10-10T00:01:00+00:00",
"fieldMask": []
}
]
}
],
"aliases": [
"CVE-2024-12345"
],
"credits": [],
"cvssMetrics": [],
"exploitKnown": true,
"language": "en",
"modified": "2025-10-09T16:52:28.6547+00:00",
"provenance": [
{
"source": "kev",
"kind": "document",
"value": "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json",
"decisionReason": null,
"recordedAt": "2025-10-10T00:00:00+00:00",
"fieldMask": []
},
{
"source": "kev",
"kind": "mapping",
"value": "2025.10.09",
"decisionReason": null,
"recordedAt": "2025-10-10T00:01:00+00:00",
"fieldMask": []
}
],
"published": "2025-08-01T00:00:00+00:00",
"references": [
{
"kind": "reference",
"provenance": {
"source": "kev",
"kind": "reference",
"value": "CVE-2024-12345",
"decisionReason": null,
"recordedAt": "2025-10-10T00:01:00+00:00",
"fieldMask": []
},
"sourceTag": "kev.notes",
"summary": null,
"url": "https://acme.example/advisories/KB-1234"
},
{
"kind": "reference",
"provenance": {
"source": "kev",
"kind": "reference",
"value": "CVE-2024-12345",
"decisionReason": null,
"recordedAt": "2025-10-10T00:01:00+00:00",
"fieldMask": []
},
"sourceTag": "kev.notes",
"summary": null,
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-12345"
},
{
"kind": "advisory",
"provenance": {
"source": "kev",
"kind": "reference",
"value": "CVE-2024-12345",
"decisionReason": null,
"recordedAt": "2025-10-10T00:01:00+00:00",
"fieldMask": []
},
"sourceTag": "cisa-kev",
"summary": null,
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search=CVE-2024-12345"
},
{
"kind": "reference",
"provenance": {
"source": "kev",
"kind": "reference",
"value": "CVE-2024-12345",
"decisionReason": null,
"recordedAt": "2025-10-10T00:01:00+00:00",
"fieldMask": []
},
"sourceTag": "cisa-kev-feed",
"summary": null,
"url": "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json"
}
],
"severity": null,
"summary": "Acme Widget contains a buffer overflow that may allow remote code execution.",
"title": "Acme Widget Buffer Overflow"
}
]
Reference in New Issue View Git Blame Copy Permalink