Publish Advisories

GHSA-6qvw-249j-h44c
GHSA-4rmg-292m-wg3w
GHSA-h75v-3vvj-5mfj
GHSA-34jh-p97f-mpxf
GHSA-c8m8-j448-xjx7
GHSA-cf56-g6w6-pqq2
GHSA-f7q4-pwc6-w24p

Author: advisory-database[bot]

advisories/github-reviewed/2024/02/GHSA-6qvw-249j-h44c/GHSA-6qvw-249j-h44c.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-6qvw-249j-h44c",
-  "modified": "2024-08-14T22:14:48Z",
+  "modified": "2025-11-04T16:50:03Z",
   "published": "2024-02-29T03:33:14Z",
   "aliases": [
     "CVE-2023-51775"
@@ -47,6 +47,10 @@
     {
       "type": "WEB",
       "url": "https://bitbucket.org/b_c/jose4j/issues/212"
+    },
+    {
+      "type": "WEB",
+      "url": "https://security.netapp.com/advisory/ntap-20241108-0002"
     }
   ],
   "database_specific": {

advisories/github-reviewed/2024/05/GHSA-4rmg-292m-wg3w/GHSA-4rmg-292m-wg3w.json

@@ -1,13 +1,13 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-4rmg-292m-wg3w",
-  "modified": "2024-05-29T18:44:30Z",
+  "modified": "2025-11-04T16:50:38Z",
   "published": "2024-05-29T18:44:30Z",
   "aliases": [
     "CVE-2024-35226"
   ],
   "summary": "Smarty vulnerable to PHP Code Injection by malicious attribute in extends-tag",
-  "details": "### Impact\nTemplate authors could inject php code by choosing a malicous file name for an extends-tag. Users that cannot fully trust template authors should update asap.\n\n### Patches\nPlease upgrade to the most recent version of Smarty v4 or v5. There is no patch for v3.\n\n",
+  "details": "### Impact\nTemplate authors could inject php code by choosing a malicous file name for an extends-tag. Users that cannot fully trust template authors should update asap.\n\n### Patches\nPlease upgrade to the most recent version of Smarty v4 or v5. There is no patch for v3.",
   "severity": [
     {
       "type": "CVSS_V3",
@@ -70,6 +70,10 @@
     {
       "type": "PACKAGE",
       "url": "https://github.com/smarty-php/smarty"
+    },
+    {
+      "type": "WEB",
+      "url": "https://lists.debian.org/debian-lts-announce/2024/11/msg00013.html"
     }
   ],
   "database_specific": {

advisories/github-reviewed/2024/05/GHSA-h75v-3vvj-5mfj/GHSA-h75v-3vvj-5mfj.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-h75v-3vvj-5mfj",
-  "modified": "2024-06-10T18:30:57Z",
+  "modified": "2025-11-04T16:50:23Z",
   "published": "2024-05-06T14:20:59Z",
   "aliases": [
     "CVE-2024-34064"
@@ -52,6 +52,10 @@
       "type": "PACKAGE",
       "url": "https://github.com/pallets/jinja"
     },
+    {
+      "type": "WEB",
+      "url": "https://lists.debian.org/debian-lts-announce/2024/12/msg00009.html"
+    },
     {
       "type": "WEB",
       "url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/567XIGSZMABG6TSMYWD7MIYNJSUQQRUC"

advisories/github-reviewed/2024/06/GHSA-34jh-p97f-mpxf/GHSA-34jh-p97f-mpxf.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-34jh-p97f-mpxf",
-  "modified": "2024-12-18T22:20:24Z",
+  "modified": "2025-11-04T16:50:51Z",
   "published": "2024-06-17T21:37:20Z",
   "aliases": [
     "CVE-2024-37891"
@@ -74,6 +74,18 @@
     {
       "type": "PACKAGE",
       "url": "https://github.com/urllib3/urllib3"
+    },
+    {
+      "type": "WEB",
+      "url": "https://lists.debian.org/debian-lts-announce/2024/12/msg00020.html"
+    },
+    {
+      "type": "WEB",
+      "url": "https://security.netapp.com/advisory/ntap-20240822-0003"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.vicarius.io/vsociety/posts/proxy-authorization-header-handling-vulnerability-in-urllib3-cve-2024-37891"
     }
   ],
   "database_specific": {

advisories/github-reviewed/2024/07/GHSA-c8m8-j448-xjx7/GHSA-c8m8-j448-xjx7.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-c8m8-j448-xjx7",
-  "modified": "2024-11-18T16:26:56Z",
+  "modified": "2025-11-04T16:51:06Z",
   "published": "2024-07-29T16:33:11Z",
   "aliases": [
     "CVE-2024-41671"
@@ -62,6 +62,14 @@
     {
       "type": "PACKAGE",
       "url": "https://github.com/twisted/twisted"
+    },
+    {
+      "type": "WEB",
+      "url": "https://lists.debian.org/debian-lts-announce/2024/11/msg00028.html"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.vicarius.io/vsociety/posts/disordered-http-pipeline-in-twistedweb-cve-2024-4167"
     }
   ],
   "database_specific": {

advisories/github-reviewed/2024/07/GHSA-cf56-g6w6-pqq2/GHSA-cf56-g6w6-pqq2.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-cf56-g6w6-pqq2",
-  "modified": "2024-09-11T21:37:53Z",
+  "modified": "2025-11-04T16:51:18Z",
   "published": "2024-07-29T17:29:36Z",
   "aliases": [
     "CVE-2024-41810"
@@ -62,6 +62,10 @@
     {
       "type": "PACKAGE",
       "url": "https://github.com/twisted/twisted"
+    },
+    {
+      "type": "WEB",
+      "url": "https://lists.debian.org/debian-lts-announce/2024/11/msg00028.html"
     }
   ],
   "database_specific": {

advisories/github-reviewed/2024/08/GHSA-f7q4-pwc6-w24p/GHSA-f7q4-pwc6-w24p.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-f7q4-pwc6-w24p",
-  "modified": "2024-08-15T17:53:38Z",
+  "modified": "2025-11-04T16:51:32Z",
   "published": "2024-08-02T09:31:35Z",
   "aliases": [
     "CVE-2024-42459"
@@ -62,6 +62,10 @@
     {
       "type": "PACKAGE",
       "url": "https://github.com/indutny/elliptic"
+    },
+    {
+      "type": "WEB",
+      "url": "https://security.netapp.com/advisory/ntap-20241004-0005"
     }
   ],
   "database_specific": {