From 08854031a804a1cab3a7e1f4490aa8791f7f10c9 Mon Sep 17 00:00:00 2001 From: justmurphy <96064251+justmurphy@users.noreply.github.com> Date: Wed, 2 Feb 2022 08:58:08 -0500 Subject: [PATCH] Add GitHub & Gitlab products --- data/cisagov_G.yml | 256 +++++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 250 insertions(+), 6 deletions(-) diff --git a/data/cisagov_G.yml b/data/cisagov_G.yml index c5746a7..569f308 100644 --- a/data/cisagov_G.yml +++ b/data/cisagov_G.yml @@ -633,6 +633,36 @@ software: references: - '' last_updated: '2022-01-12T07:18:50+00:00' + - vendor: Ghisler + product: Total Commander + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://www.ghisler.com/whatsnew.htm + notes: Third Party plugins might contain log4j. + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' - vendor: Gigamon product: Fabric Manager cves: @@ -643,9 +673,9 @@ software: unaffected_versions: [] cve-2021-44228: investigated: true - affected_versions: - - <5.13.01.02 - fixed_versions: [] + affected_versions: [] + fixed_versions: + - '<5.13.01.02' unaffected_versions: [] cve-2021-45046: investigated: false @@ -694,8 +724,41 @@ software: references: - '' last_updated: '2021-12-17T00:00:00' + - vendor: GitHub + product: GitHub Enterprise Server + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - '3.0.22' + - '3.1.14' + - '3.2.6' + - '3.3.1' + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://github.blog/2021-12-13-githubs-response-to-log4j-vulnerability-cve-2021-44228/ + notes: '' + references: + - '' + last_updated: '2021-12-17T00:00:00' - vendor: GitLab - product: '' + product: All cves: cve-2021-4104: investigated: false @@ -703,10 +766,41 @@ software: fixed_versions: [] unaffected_versions: [] cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' + cve-2021-45046: investigated: false affected_versions: [] fixed_versions: [] unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://forum.gitlab.com/t/cve-2021-4428/62763/8 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: GitLab + product: DAST Analyzer + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: [] + unaffected_versions: + - '' cve-2021-45046: investigated: false affected_versions: [] @@ -718,13 +812,163 @@ software: fixed_versions: [] unaffected_versions: [] vendor_links: - - https://forum.gitlab.com/t/cve-2021-4428/62763 + - https://forum.gitlab.com/t/cve-2021-4428/62763/8 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: GitLab + product: Dependency Scanning + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - '' + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://forum.gitlab.com/t/cve-2021-4428/62763/8 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: GitLab + product: Gemnasium-Maven + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - '' + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://forum.gitlab.com/t/cve-2021-4428/62763/8 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: GitLab + product: PMD OSS + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - '' + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://forum.gitlab.com/t/cve-2021-4428/62763/8 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: GitLab + product: SAST + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - '' + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://forum.gitlab.com/t/cve-2021-4428/62763/8 + notes: '' + references: + - '' + last_updated: '2022-01-12T07:18:50+00:00' + - vendor: GitLab + product: Spotbugs + cves: + cve-2021-4104: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-44228: + investigated: true + affected_versions: [] + fixed_versions: + - '' + unaffected_versions: [] + cve-2021-45046: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + cve-2021-45105: + investigated: false + affected_versions: [] + fixed_versions: [] + unaffected_versions: [] + vendor_links: + - https://forum.gitlab.com/t/cve-2021-4428/62763/8 notes: '' references: - '' last_updated: '2022-01-12T07:18:50+00:00' - vendor: Globus - product: '' + product: All cves: cve-2021-4104: investigated: false