Publish Advisories

advisory-database[bot] · advisory-database[bot] · commit 447c9927cca6 · 2025-11-05T22:14:35.000Z
GHSA-7g3r-8c6v-hfmr GHSA-f5p4-p5q5-jv3h GHSA-mwmh-7px9-4c23 GHSA-qh7p-pfq3-677h GHSA-xrw9-r35x-x878
diff --git a/advisories/github-reviewed/2025/10/GHSA-7g3r-8c6v-hfmr/GHSA-7g3r-8c6v-hfmr.json b/advisories/github-reviewed/2025/10/GHSA-7g3r-8c6v-hfmr/GHSA-7g3r-8c6v-hfmr.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-7g3r-8c6v-hfmr",
-  "modified": "2025-10-29T15:40:04Z",
+  "modified": "2025-11-05T22:12:03Z",
   "published": "2025-10-28T21:30:33Z",
   "aliases": [
     "CVE-2025-11374"
@@ -59,6 +59,10 @@
     {
       "type": "WEB",
       "url": "https://github.com/hashicorp/consul/releases/tag/v1.22.0"
+    },
+    {
+      "type": "WEB",
+      "url": "https://pkg.go.dev/vuln/GO-2025-4081"
     }
   ],
   "database_specific": {
diff --git a/advisories/github-reviewed/2025/10/GHSA-f5p4-p5q5-jv3h/GHSA-f5p4-p5q5-jv3h.json b/advisories/github-reviewed/2025/10/GHSA-f5p4-p5q5-jv3h/GHSA-f5p4-p5q5-jv3h.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-f5p4-p5q5-jv3h",
-  "modified": "2025-10-28T17:49:59Z",
+  "modified": "2025-11-05T22:11:22Z",
   "published": "2025-10-28T17:49:59Z",
   "aliases": [],
   "summary": "Contrast has insecure LUKS2 persistent storage partitions may be opened and used",
@@ -52,6 +52,10 @@
     {
       "type": "PACKAGE",
       "url": "https://github.com/edgelesssys/contrast"
+    },
+    {
+      "type": "WEB",
+      "url": "https://pkg.go.dev/vuln/GO-2025-4078"
     }
   ],
   "database_specific": {
diff --git a/advisories/github-reviewed/2025/10/GHSA-mwmh-7px9-4c23/GHSA-mwmh-7px9-4c23.json b/advisories/github-reviewed/2025/10/GHSA-mwmh-7px9-4c23/GHSA-mwmh-7px9-4c23.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-mwmh-7px9-4c23",
-  "modified": "2025-11-04T17:05:59Z",
+  "modified": "2025-11-05T22:13:14Z",
   "published": "2025-10-29T22:20:50Z",
   "aliases": [
     "CVE-2025-64101"
@@ -70,6 +70,10 @@
     {
       "type": "PACKAGE",
       "url": "https://github.com/zitadel/zitadel"
+    },
+    {
+      "type": "WEB",
+      "url": "https://pkg.go.dev/vuln/GO-2025-4084"
     }
   ],
   "database_specific": {
diff --git a/advisories/github-reviewed/2025/10/GHSA-qh7p-pfq3-677h/GHSA-qh7p-pfq3-677h.json b/advisories/github-reviewed/2025/10/GHSA-qh7p-pfq3-677h/GHSA-qh7p-pfq3-677h.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-qh7p-pfq3-677h",
-  "modified": "2025-10-29T15:40:11Z",
+  "modified": "2025-11-05T22:12:37Z",
   "published": "2025-10-28T21:30:33Z",
   "aliases": [
     "CVE-2025-11375"
@@ -59,6 +59,10 @@
     {
       "type": "WEB",
       "url": "https://github.com/hashicorp/consul/releases/tag/v1.22.0"
+    },
+    {
+      "type": "WEB",
+      "url": "https://pkg.go.dev/vuln/GO-2025-4082"
     }
   ],
   "database_specific": {
diff --git a/advisories/github-reviewed/2025/10/GHSA-xrw9-r35x-x878/GHSA-xrw9-r35x-x878.json b/advisories/github-reviewed/2025/10/GHSA-xrw9-r35x-x878/GHSA-xrw9-r35x-x878.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-xrw9-r35x-x878",
-  "modified": "2025-11-04T17:11:43Z",
+  "modified": "2025-11-05T22:13:38Z",
   "published": "2025-10-29T22:21:05Z",
   "aliases": [
     "CVE-2025-64102"
@@ -70,6 +70,10 @@
     {
       "type": "PACKAGE",
       "url": "https://github.com/zitadel/zitadel"
+    },
+    {
+      "type": "WEB",
+      "url": "https://pkg.go.dev/vuln/GO-2025-4085"
     }
   ],
   "database_specific": {

Original file line number	Diff line number	Diff line change
`@@ -1,7 +1,7 @@`
`1`	`1`	`{`
`2`	`2`	`"schema_version": "1.4.0",`
`3`	`3`	`"id": "GHSA-7g3r-8c6v-hfmr",`
`4`		`- "modified": "2025-10-29T15:40:04Z",`
	`4`	`+ "modified": "2025-11-05T22:12:03Z",`
`5`	`5`	`"published": "2025-10-28T21:30:33Z",`
`6`	`6`	`"aliases": [`
`7`	`7`	`"CVE-2025-11374"`
`@@ -59,6 +59,10 @@`
`59`	`59`	`{`
`60`	`60`	`"type": "WEB",`
`61`	`61`	`"url": "https://github.com/hashicorp/consul/releases/tag/v1.22.0"`
	`62`	`+ },`
	`63`	`+ {`
	`64`	`+ "type": "WEB",`
	`65`	`+ "url": "https://pkg.go.dev/vuln/GO-2025-4081"`
`62`	`66`	`}`
`63`	`67`	`],`
`64`	`68`	`"database_specific": {`
Original file line number	Diff line number	Diff line change
`@@ -1,7 +1,7 @@`
`1`	`1`	`{`
`2`	`2`	`"schema_version": "1.4.0",`
`3`	`3`	`"id": "GHSA-f5p4-p5q5-jv3h",`
`4`		`- "modified": "2025-10-28T17:49:59Z",`
	`4`	`+ "modified": "2025-11-05T22:11:22Z",`
`5`	`5`	`"published": "2025-10-28T17:49:59Z",`
`6`	`6`	`"aliases": [],`
`7`	`7`	`"summary": "Contrast has insecure LUKS2 persistent storage partitions may be opened and used",`
`@@ -52,6 +52,10 @@`
`52`	`52`	`{`
`53`	`53`	`"type": "PACKAGE",`
`54`	`54`	`"url": "https://github.com/edgelesssys/contrast"`
	`55`	`+ },`
	`56`	`+ {`
	`57`	`+ "type": "WEB",`
	`58`	`+ "url": "https://pkg.go.dev/vuln/GO-2025-4078"`
`55`	`59`	`}`
`56`	`60`	`],`
`57`	`61`	`"database_specific": {`
Original file line number	Diff line number	Diff line change
`@@ -1,7 +1,7 @@`
`1`	`1`	`{`
`2`	`2`	`"schema_version": "1.4.0",`
`3`	`3`	`"id": "GHSA-mwmh-7px9-4c23",`
`4`		`- "modified": "2025-11-04T17:05:59Z",`
	`4`	`+ "modified": "2025-11-05T22:13:14Z",`
`5`	`5`	`"published": "2025-10-29T22:20:50Z",`
`6`	`6`	`"aliases": [`
`7`	`7`	`"CVE-2025-64101"`
`@@ -70,6 +70,10 @@`
`70`	`70`	`{`
`71`	`71`	`"type": "PACKAGE",`
`72`	`72`	`"url": "https://github.com/zitadel/zitadel"`
	`73`	`+ },`
	`74`	`+ {`
	`75`	`+ "type": "WEB",`
	`76`	`+ "url": "https://pkg.go.dev/vuln/GO-2025-4084"`
`73`	`77`	`}`
`74`	`78`	`],`
`75`	`79`	`"database_specific": {`
Original file line number	Diff line number	Diff line change
`@@ -1,7 +1,7 @@`
`1`	`1`	`{`
`2`	`2`	`"schema_version": "1.4.0",`
`3`	`3`	`"id": "GHSA-qh7p-pfq3-677h",`
`4`		`- "modified": "2025-10-29T15:40:11Z",`
	`4`	`+ "modified": "2025-11-05T22:12:37Z",`
`5`	`5`	`"published": "2025-10-28T21:30:33Z",`
`6`	`6`	`"aliases": [`
`7`	`7`	`"CVE-2025-11375"`
`@@ -59,6 +59,10 @@`
`59`	`59`	`{`
`60`	`60`	`"type": "WEB",`
`61`	`61`	`"url": "https://github.com/hashicorp/consul/releases/tag/v1.22.0"`
	`62`	`+ },`
	`63`	`+ {`
	`64`	`+ "type": "WEB",`
	`65`	`+ "url": "https://pkg.go.dev/vuln/GO-2025-4082"`
`62`	`66`	`}`
`63`	`67`	`],`
`64`	`68`	`"database_specific": {`
Original file line number	Diff line number	Diff line change
`@@ -1,7 +1,7 @@`
`1`	`1`	`{`
`2`	`2`	`"schema_version": "1.4.0",`
`3`	`3`	`"id": "GHSA-xrw9-r35x-x878",`
`4`		`- "modified": "2025-11-04T17:11:43Z",`
	`4`	`+ "modified": "2025-11-05T22:13:38Z",`
`5`	`5`	`"published": "2025-10-29T22:21:05Z",`
`6`	`6`	`"aliases": [`
`7`	`7`	`"CVE-2025-64102"`
`@@ -70,6 +70,10 @@`
`70`	`70`	`{`
`71`	`71`	`"type": "PACKAGE",`
`72`	`72`	`"url": "https://github.com/zitadel/zitadel"`
	`73`	`+ },`
	`74`	`+ {`
	`75`	`+ "type": "WEB",`
	`76`	`+ "url": "https://pkg.go.dev/vuln/GO-2025-4085"`
`73`	`77`	`}`
`74`	`78`	`],`
`75`	`79`	`"database_specific": {`