Publish Advisories

advisory-database[bot] · advisory-database[bot] · commit 7492e6fe3795 · 2025-11-04T16:49:57.000Z
GHSA-53v4-42fg-g287 GHSA-c35q-ffpf-5qpm GHSA-cfc2-wr2v-gxm5 GHSA-jfhm-5ghh-2f97 GHSA-hhw5-c326-822h GHSA-264p-99wq-f4j6 GHSA-c2f4-cvqm-65w2 GHSA-h5c8-rqwp-cp95 GHSA-jc7h-c423-mpjc GHSA-jchw-25xp-jwwc
diff --git a/advisories/github-reviewed/2023/11/GHSA-53v4-42fg-g287/GHSA-53v4-42fg-g287.json b/advisories/github-reviewed/2023/11/GHSA-53v4-42fg-g287/GHSA-53v4-42fg-g287.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-53v4-42fg-g287",
-  "modified": "2024-05-31T20:40:33Z",
+  "modified": "2025-11-04T16:47:34Z",
   "published": "2023-11-28T18:30:23Z",
   "aliases": [
     "CVE-2022-41678"
@@ -91,6 +91,10 @@
       "type": "WEB",
       "url": "https://lists.apache.org/thread/7g17kwbtjl011mm4tr8bn1vnoq9wh4sl"
     },
+    {
+      "type": "WEB",
+      "url": "https://lists.debian.org/debian-lts-announce/2024/10/msg00027.html"
+    },
     {
       "type": "WEB",
       "url": "https://security.netapp.com/advisory/ntap-20240216-0004"
diff --git a/advisories/github-reviewed/2023/11/GHSA-c35q-ffpf-5qpm/GHSA-c35q-ffpf-5qpm.json b/advisories/github-reviewed/2023/11/GHSA-c35q-ffpf-5qpm/GHSA-c35q-ffpf-5qpm.json
diff --git a/advisories/github-reviewed/2023/11/GHSA-cfc2-wr2v-gxm5/GHSA-cfc2-wr2v-gxm5.json b/advisories/github-reviewed/2023/11/GHSA-cfc2-wr2v-gxm5/GHSA-cfc2-wr2v-gxm5.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-cfc2-wr2v-gxm5",
-  "modified": "2023-11-14T21:16:22Z",
+  "modified": "2025-11-04T16:46:51Z",
   "published": "2023-11-09T18:34:53Z",
   "aliases": [
     "CVE-2023-46445"
@@ -64,6 +64,10 @@
       "type": "WEB",
       "url": "https://github.com/ronf/asyncssh/blob/develop/docs/changes.rst"
     },
+    {
+      "type": "WEB",
+      "url": "https://lists.debian.org/debian-lts-announce/2024/09/msg00042.html"
+    },
     {
       "type": "WEB",
       "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ME34ROZWMDK5KLMZKTSA422XVJZ7IMTE"
diff --git a/advisories/github-reviewed/2023/11/GHSA-jfhm-5ghh-2f97/GHSA-jfhm-5ghh-2f97.json b/advisories/github-reviewed/2023/11/GHSA-jfhm-5ghh-2f97/GHSA-jfhm-5ghh-2f97.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-jfhm-5ghh-2f97",
-  "modified": "2024-02-20T18:14:36Z",
+  "modified": "2025-11-04T16:48:52Z",
   "published": "2023-11-28T20:46:46Z",
   "aliases": [
     "CVE-2023-49083"
@@ -60,6 +60,10 @@
       "type": "WEB",
       "url": "https://github.com/pypa/advisory-database/tree/main/vulns/cryptography/PYSEC-2023-254.yaml"
     },
+    {
+      "type": "WEB",
+      "url": "https://lists.debian.org/debian-lts-announce/2024/10/msg00012.html"
+    },
     {
       "type": "WEB",
       "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QMNTYMUGFJSDBYBU22FUYBHFRZODRKXV"
diff --git a/advisories/github-reviewed/2023/12/GHSA-hhw5-c326-822h/GHSA-hhw5-c326-822h.json b/advisories/github-reviewed/2023/12/GHSA-hhw5-c326-822h/GHSA-hhw5-c326-822h.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-hhw5-c326-822h",
-  "modified": "2025-05-22T19:24:47Z",
+  "modified": "2025-11-04T16:47:46Z",
   "published": "2023-12-14T09:30:19Z",
   "aliases": [
     "CVE-2023-46750"
@@ -78,6 +78,10 @@
     {
       "type": "WEB",
       "url": "https://security.netapp.com/advisory/ntap-20240808-0002"
+    },
+    {
+      "type": "WEB",
+      "url": "https://security.netapp.com/advisory/ntap-20241108-0002"
     }
   ],
   "database_specific": {
diff --git a/advisories/github-reviewed/2024/01/GHSA-264p-99wq-f4j6/GHSA-264p-99wq-f4j6.json b/advisories/github-reviewed/2024/01/GHSA-264p-99wq-f4j6/GHSA-264p-99wq-f4j6.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-264p-99wq-f4j6",
-  "modified": "2024-04-12T17:08:03Z",
+  "modified": "2025-11-04T16:48:17Z",
   "published": "2024-01-03T22:04:08Z",
   "aliases": [
     "CVE-2024-21634"
@@ -66,6 +66,10 @@
     {
       "type": "PACKAGE",
       "url": "https://github.com/amazon-ion/ion-java"
+    },
+    {
+      "type": "WEB",
+      "url": "https://security.netapp.com/advisory/ntap-20241108-0002"
     }
   ],
   "database_specific": {
diff --git a/advisories/github-reviewed/2024/01/GHSA-c2f4-cvqm-65w2/GHSA-c2f4-cvqm-65w2.json b/advisories/github-reviewed/2024/01/GHSA-c2f4-cvqm-65w2/GHSA-c2f4-cvqm-65w2.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-c2f4-cvqm-65w2",
-  "modified": "2024-01-09T21:50:47Z",
+  "modified": "2025-11-04T16:49:07Z",
   "published": "2024-01-08T15:56:48Z",
   "aliases": [
     "CVE-2024-21647"
@@ -82,6 +82,10 @@
     {
       "type": "WEB",
       "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puma/CVE-2024-21647.yml"
+    },
+    {
+      "type": "WEB",
+      "url": "https://lists.debian.org/debian-lts-announce/2024/11/msg00004.html"
     }
   ],
   "database_specific": {
diff --git a/advisories/github-reviewed/2024/01/GHSA-h5c8-rqwp-cp95/GHSA-h5c8-rqwp-cp95.json b/advisories/github-reviewed/2024/01/GHSA-h5c8-rqwp-cp95/GHSA-h5c8-rqwp-cp95.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-h5c8-rqwp-cp95",
-  "modified": "2025-02-13T19:31:33Z",
+  "modified": "2025-11-04T16:48:33Z",
   "published": "2024-01-11T15:20:48Z",
   "aliases": [
     "CVE-2024-22195"
@@ -60,6 +60,10 @@
       "type": "WEB",
       "url": "https://lists.debian.org/debian-lts-announce/2024/01/msg00010.html"
     },
+    {
+      "type": "WEB",
+      "url": "https://lists.debian.org/debian-lts-announce/2024/12/msg00009.html"
+    },
     {
       "type": "WEB",
       "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5XCWZD464AJJJUBOO7CMPXQ4ROBC6JX2"
diff --git a/advisories/github-reviewed/2024/01/GHSA-jc7h-c423-mpjc/GHSA-jc7h-c423-mpjc.json b/advisories/github-reviewed/2024/01/GHSA-jc7h-c423-mpjc/GHSA-jc7h-c423-mpjc.json
@@ -1,13 +1,13 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-jc7h-c423-mpjc",
-  "modified": "2024-01-22T21:32:36Z",
+  "modified": "2025-11-04T16:49:23Z",
   "published": "2024-01-15T12:30:19Z",
   "aliases": [
     "CVE-2023-46749"
   ],
   "summary": "Apache Shiro vulnerable to path traversal",
-  "details": "Apache Shiro before 1.130 or 2.0.0-alpha-4, may be susceptible to a path traversal attack that results in an authentication bypass when used together with path rewriting \n\nMitigation: Update to Apache Shiro 1.13.0+ or 2.0.0-alpha-4+, or ensure `blockSemicolon` is enabled (this is the default).\n\n",
+  "details": "Apache Shiro before 1.130 or 2.0.0-alpha-4, may be susceptible to a path traversal attack that results in an authentication bypass when used together with path rewriting \n\nMitigation: Update to Apache Shiro 1.13.0+ or 2.0.0-alpha-4+, or ensure `blockSemicolon` is enabled (this is the default).",
   "severity": [
     {
       "type": "CVSS_V3",
@@ -65,6 +65,10 @@
     {
       "type": "WEB",
       "url": "https://lists.apache.org/thread/mdv7ftz7k4488rzloxo2fb0p9shnp9wm"
+    },
+    {
+      "type": "WEB",
+      "url": "https://security.netapp.com/advisory/ntap-20241108-0002"
     }
   ],
   "database_specific": {
diff --git a/advisories/github-reviewed/2024/01/GHSA-jchw-25xp-jwwc/GHSA-jchw-25xp-jwwc.json b/advisories/github-reviewed/2024/01/GHSA-jchw-25xp-jwwc/GHSA-jchw-25xp-jwwc.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-jchw-25xp-jwwc",
-  "modified": "2024-01-09T19:03:24Z",
+  "modified": "2025-11-04T16:48:07Z",
   "published": "2024-01-02T06:30:30Z",
   "aliases": [
     "CVE-2023-26159"
@@ -60,6 +60,10 @@
       "type": "WEB",
       "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZZ425BFKNBQ6AK7I5SAM56TWON5OF2XM"
     },
+    {
+      "type": "WEB",
+      "url": "https://security.netapp.com/advisory/ntap-20241108-0002"
+    },
     {
       "type": "WEB",
       "url": "https://security.snyk.io/vuln/SNYK-JS-FOLLOWREDIRECTS-6141137"

Original file line number	Diff line number	Diff line change
`@@ -1,7 +1,7 @@`
`1`	`1`	`{`
`2`	`2`	`"schema_version": "1.4.0",`
`3`	`3`	`"id": "GHSA-hhw5-c326-822h",`
`4`		`- "modified": "2025-05-22T19:24:47Z",`
	`4`	`+ "modified": "2025-11-04T16:47:46Z",`
`5`	`5`	`"published": "2023-12-14T09:30:19Z",`
`6`	`6`	`"aliases": [`
`7`	`7`	`"CVE-2023-46750"`
`@@ -78,6 +78,10 @@`
`78`	`78`	`{`
`79`	`79`	`"type": "WEB",`
`80`	`80`	`"url": "https://security.netapp.com/advisory/ntap-20240808-0002"`
	`81`	`+ },`
	`82`	`+ {`
	`83`	`+ "type": "WEB",`
	`84`	`+ "url": "https://security.netapp.com/advisory/ntap-20241108-0002"`
`81`	`85`	`}`
`82`	`86`	`],`
`83`	`87`	`"database_specific": {`
Original file line number	Diff line number	Diff line change
`@@ -1,7 +1,7 @@`
`1`	`1`	`{`
`2`	`2`	`"schema_version": "1.4.0",`
`3`	`3`	`"id": "GHSA-264p-99wq-f4j6",`
`4`		`- "modified": "2024-04-12T17:08:03Z",`
	`4`	`+ "modified": "2025-11-04T16:48:17Z",`
`5`	`5`	`"published": "2024-01-03T22:04:08Z",`
`6`	`6`	`"aliases": [`
`7`	`7`	`"CVE-2024-21634"`
`@@ -66,6 +66,10 @@`
`66`	`66`	`{`
`67`	`67`	`"type": "PACKAGE",`
`68`	`68`	`"url": "https://github.com/amazon-ion/ion-java"`
	`69`	`+ },`
	`70`	`+ {`
	`71`	`+ "type": "WEB",`
	`72`	`+ "url": "https://security.netapp.com/advisory/ntap-20241108-0002"`
`69`	`73`	`}`
`70`	`74`	`],`
`71`	`75`	`"database_specific": {`
Original file line number	Diff line number	Diff line change
`@@ -1,7 +1,7 @@`
`1`	`1`	`{`
`2`	`2`	`"schema_version": "1.4.0",`
`3`	`3`	`"id": "GHSA-c2f4-cvqm-65w2",`
`4`		`- "modified": "2024-01-09T21:50:47Z",`
	`4`	`+ "modified": "2025-11-04T16:49:07Z",`
`5`	`5`	`"published": "2024-01-08T15:56:48Z",`
`6`	`6`	`"aliases": [`
`7`	`7`	`"CVE-2024-21647"`
`@@ -82,6 +82,10 @@`
`82`	`82`	`{`
`83`	`83`	`"type": "WEB",`
`84`	`84`	`"url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/puma/CVE-2024-21647.yml"`
	`85`	`+ },`
	`86`	`+ {`
	`87`	`+ "type": "WEB",`
	`88`	`+ "url": "https://lists.debian.org/debian-lts-announce/2024/11/msg00004.html"`
`85`	`89`	`}`
`86`	`90`	`],`
`87`	`91`	`"database_specific": {`