|
|
|
@ -23,35 +23,35 @@ it out with the correct data. |
|
|
|
|
Blank template: |
|
|
|
|
|
|
|
|
|
```yml |
|
|
|
|
- vendor: '' |
|
|
|
|
product: '' |
|
|
|
|
cves: |
|
|
|
|
cve-2021-4104: |
|
|
|
|
investigated: '' |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-44228: |
|
|
|
|
investigated: '' |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-45046: |
|
|
|
|
investigated: '' |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-45105: |
|
|
|
|
investigated: '' |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
vendor_links: |
|
|
|
|
- '' |
|
|
|
|
notes: '' |
|
|
|
|
references: |
|
|
|
|
- '' |
|
|
|
|
last_updated: '' |
|
|
|
|
- vendor: '' |
|
|
|
|
product: '' |
|
|
|
|
cves: |
|
|
|
|
cve-2021-4104: |
|
|
|
|
investigated: '' |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-44228: |
|
|
|
|
investigated: '' |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-45046: |
|
|
|
|
investigated: '' |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-45105: |
|
|
|
|
investigated: '' |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
vendor_links: |
|
|
|
|
- '' |
|
|
|
|
notes: '' |
|
|
|
|
references: |
|
|
|
|
- '' |
|
|
|
|
last_updated: '' |
|
|
|
|
``` |
|
|
|
|
|
|
|
|
|
**Step 4:** Verify the new entry was entered before and/or after the prior and |
|
|
|
@ -74,39 +74,39 @@ given there are no patched versions available for this entry. |
|
|
|
|
Entry example: |
|
|
|
|
|
|
|
|
|
```yml |
|
|
|
|
- vendor: CISA |
|
|
|
|
product: Product |
|
|
|
|
cves: |
|
|
|
|
cve-2021-4104: |
|
|
|
|
investigated: false |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-44228: |
|
|
|
|
investigated: true |
|
|
|
|
affected_versions: |
|
|
|
|
- <=8.4.6 |
|
|
|
|
- <=8.5.3 |
|
|
|
|
- <=8.6.4 |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-45046: |
|
|
|
|
investigated: false |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-45105: |
|
|
|
|
investigated: false |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
vendor_links: |
|
|
|
|
- https://example.org/ |
|
|
|
|
notes: Contains vulnerable code but not likely to get |
|
|
|
|
unauthenticated user input to the log4j component. |
|
|
|
|
references: |
|
|
|
|
- '' |
|
|
|
|
last_updated: '2021-12-14T00:00:00' |
|
|
|
|
- vendor: Example Vendor |
|
|
|
|
product: Example Product |
|
|
|
|
cves: |
|
|
|
|
cve-2021-4104: |
|
|
|
|
investigated: false |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-44228: |
|
|
|
|
investigated: true |
|
|
|
|
affected_versions: |
|
|
|
|
- <=8.4.6 |
|
|
|
|
- <=8.5.3 |
|
|
|
|
- <=8.6.4 |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-45046: |
|
|
|
|
investigated: '' |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
cve-2021-45105: |
|
|
|
|
investigated: '' |
|
|
|
|
affected_versions: [] |
|
|
|
|
fixed_versions: [] |
|
|
|
|
unaffected_versions: [] |
|
|
|
|
vendor_links: |
|
|
|
|
- https://www.example.org/ |
|
|
|
|
notes: Contains vulnerable code but not likely to get |
|
|
|
|
unauthenticated user input to the log4j component. |
|
|
|
|
references: |
|
|
|
|
- '' |
|
|
|
|
last_updated: '2021-12-14T00:00:00' |
|
|
|
|
``` |
|
|
|
|
|
|
|
|
|
**Step 6:** Validate that your data follows the appropriate format and proceed |
|
|
|
|