Publish Advisories

GHSA-856v-8qm2-9wjv
GHSA-6vrj-w635-63jg
GHSA-5mh9-3jwc-rp59
GHSA-cgqr-v3c9-4f9g
GHSA-qpxx-2fwx-f5qj

Author: advisory-database[bot]

advisories/github-reviewed/2025/08/GHSA-856v-8qm2-9wjv/GHSA-856v-8qm2-9wjv.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-856v-8qm2-9wjv",
-  "modified": "2025-12-01T15:30:16Z",
+  "modified": "2025-12-04T00:30:57Z",
   "published": "2025-08-07T21:31:08Z",
   "aliases": [
     "CVE-2025-7195"
@@ -80,6 +80,14 @@
       "type": "WEB",
       "url": "https://access.redhat.com/errata/RHSA-2025:22420"
     },
+    {
+      "type": "WEB",
+      "url": "https://access.redhat.com/errata/RHSA-2025:22683"
+    },
+    {
+      "type": "WEB",
+      "url": "https://access.redhat.com/errata/RHSA-2025:22684"
+    },
     {
       "type": "WEB",
       "url": "https://access.redhat.com/security/cve/CVE-2025-7195"

advisories/unreviewed/2022/05/GHSA-6vrj-w635-63jg/GHSA-6vrj-w635-63jg.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-6vrj-w635-63jg",
-  "modified": "2022-05-13T01:02:39Z",
+  "modified": "2025-12-04T00:30:57Z",
   "published": "2022-05-13T01:02:39Z",
   "aliases": [
     "CVE-2017-5130"
@@ -66,6 +66,7 @@
   ],
   "database_specific": {
     "cwe_ids": [
+      "CWE-190",
       "CWE-787"
     ],
     "severity": "HIGH",

advisories/unreviewed/2025/12/GHSA-5mh9-3jwc-rp59/GHSA-5mh9-3jwc-rp59.json

@@ -1,13 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-5mh9-3jwc-rp59",
-  "modified": "2025-12-03T21:31:05Z",
+  "modified": "2025-12-04T00:30:58Z",
   "published": "2025-12-03T21:31:05Z",
   "aliases": [
     "CVE-2025-61727"
   ],
   "details": "An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate. For example a constraint that excludes the subdomain test.example.com does not prevent a leaf certificate from claiming the SAN *.example.com.",
-  "severity": [],
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
+    }
+  ],
   "affected": [],
   "references": [
     {
@@ -33,7 +38,7 @@
   ],
   "database_specific": {
     "cwe_ids": [],
-    "severity": null,
+    "severity": "MODERATE",
     "github_reviewed": false,
     "github_reviewed_at": null,
     "nvd_published_at": "2025-12-03T20:16:25Z"

advisories/unreviewed/2025/12/GHSA-cgqr-v3c9-4f9g/GHSA-cgqr-v3c9-4f9g.json

@@ -1,13 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-cgqr-v3c9-4f9g",
-  "modified": "2025-12-01T21:30:26Z",
+  "modified": "2025-12-04T00:30:58Z",
   "published": "2025-12-01T21:30:26Z",
   "aliases": [
     "CVE-2025-65838"
   ],
   "details": "PublicCMS V5.202506.b is vulnerable to path traversal via the doUploadSitefile method.",
-  "severity": [],
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
+    }
+  ],
   "affected": [],
   "references": [
     {
@@ -28,8 +33,10 @@
     }
   ],
   "database_specific": {
-    "cwe_ids": [],
-    "severity": null,
+    "cwe_ids": [
+      "CWE-22"
+    ],
+    "severity": "HIGH",
     "github_reviewed": false,
     "github_reviewed_at": null,
     "nvd_published_at": "2025-12-01T20:15:57Z"

advisories/unreviewed/2025/12/GHSA-qpxx-2fwx-f5qj/GHSA-qpxx-2fwx-f5qj.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-qpxx-2fwx-f5qj",
-  "modified": "2025-12-03T21:31:04Z",
+  "modified": "2025-12-04T00:30:58Z",
   "published": "2025-12-03T21:31:04Z",
   "aliases": [
     "CVE-2025-12819"
@@ -22,6 +22,10 @@
     {
       "type": "WEB",
       "url": "https://www.pgbouncer.org/changelog.html#pgbouncer-124x"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.pgbouncer.org/changelog.html#pgbouncer-125x"
     }
   ],
   "database_specific": {