vex exception

2024-11-15 02:50:10 +01:00 · 2024-07-22 14:07:01 -07:00 · 2024-07-22 14:07:01 -07:00 · c646351347
commit c646351347
parent 7b42a67acf
1 changed files with 51 additions and 0 deletions
--- a/docker/vex/CVE-2019-10790.vex.json
+++ b/docker/vex/CVE-2019-10790.vex.json
@ -0,0 +1,51 @@
+{
+  "@context": "https://openvex.dev/ns/v0.2.0",
+  "@id": "https://openvex.dev/docs/public/vex-6750d79bb005487e11d10f81d0b3ac92c47e6e259292c6b2d02558f9f4bca52d",
+  "author": "tim@mintplexlabs.com",
+  "timestamp": "2024-07-22T13:49:12.883675-07:00",
+  "version": 1,
+  "statements": [
+    {
+      "vulnerability": {
+        "name": "CVE-2019-10790"
+      },
+      "timestamp": "2024-07-22T13:49:12.883678-07:00",
+      "products": [
+        {
+          "@id": "pkg:docker/mintplexlabs/anythingllm@render",
+          "subcomponents": [
+            {
+              "@id": "pkg:npm/taffydb@2.6.2"
+            }
+          ]
+        },
+        {
+          "@id": "pkg:docker/mintplexlabs/anythingllm@railway",
+          "subcomponents": [
+            {
+              "@id": "pkg:npm/taffydb@2.6.2"
+            }
+          ]
+        },
+        {
+          "@id": "pkg:docker/mintplexlabs/anythingllm@latest",
+          "subcomponents": [
+            {
+              "@id": "pkg:npm/taffydb@2.6.2"
+            }
+          ]
+        },
+        {
+          "@id": "pkg:docker/mintplexlabs/anythingllm@master",
+          "subcomponents": [
+            {
+              "@id": "pkg:npm/taffydb@2.6.2"
+            }
+          ]
+        }
+      ],
+      "status": "not_affected",
+      "justification": "vulnerable_code_cannot_be_controlled_by_adversary"
+    }
+  ]
+}