Publish Advisories

advisory-database[bot] · advisory-database[bot] · commit 7e692dbdb6da · 2025-10-22T17:39:03.000Z
GHSA-xrr4-p6fq-hjg7 GHSA-8pqx-3rxx-f5pm GHSA-hhpm-5cp2-hg4x GHSA-j7mw-7crr-658v GHSA-wgw2-wwq8-c7wf GHSA-297x-j9pm-xjgg
diff --git a/advisories/github-reviewed/2017/10/GHSA-xrr4-p6fq-hjg7/GHSA-xrr4-p6fq-hjg7.json b/advisories/github-reviewed/2017/10/GHSA-xrr4-p6fq-hjg7/GHSA-xrr4-p6fq-hjg7.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-xrr4-p6fq-hjg7",
-  "modified": "2025-10-22T17:18:52Z",
+  "modified": "2025-10-22T17:35:03Z",
   "published": "2017-10-24T18:33:35Z",
   "aliases": [
     "CVE-2016-0752"
@@ -11,7 +11,7 @@
   "severity": [
     {
       "type": "CVSS_V3",
-      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
+      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H"
     }
   ],
   "affected": [
diff --git a/advisories/github-reviewed/2022/05/GHSA-8pqx-3rxx-f5pm/GHSA-8pqx-3rxx-f5pm.json b/advisories/github-reviewed/2022/05/GHSA-8pqx-3rxx-f5pm/GHSA-8pqx-3rxx-f5pm.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-8pqx-3rxx-f5pm",
-  "modified": "2025-10-22T17:17:39Z",
+  "modified": "2025-10-22T17:35:20Z",
   "published": "2022-05-13T01:30:06Z",
   "aliases": [
     "CVE-2015-5317"
@@ -11,7 +11,7 @@
   "severity": [
     {
       "type": "CVSS_V3",
-      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H"
     }
   ],
   "affected": [
diff --git a/advisories/github-reviewed/2022/05/GHSA-hhpm-5cp2-hg4x/GHSA-hhpm-5cp2-hg4x.json b/advisories/github-reviewed/2022/05/GHSA-hhpm-5cp2-hg4x/GHSA-hhpm-5cp2-hg4x.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-hhpm-5cp2-hg4x",
-  "modified": "2022-06-30T15:56:17Z",
+  "modified": "2025-10-22T17:35:50Z",
   "published": "2022-05-13T01:01:00Z",
   "aliases": [
     "CVE-2018-1000861"
@@ -11,7 +11,7 @@
   "severity": [
     {
       "type": "CVSS_V3",
-      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H"
     }
   ],
   "affected": [
@@ -77,6 +77,10 @@
       "type": "WEB",
       "url": "https://jenkins.io/security/advisory/2018-12-05/#SECURITY-595"
     },
+    {
+      "type": "WEB",
+      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-1000861"
+    },
     {
       "type": "WEB",
       "url": "http://packetstormsecurity.com/files/166778/Jenkins-Remote-Code-Execution.html"
diff --git a/advisories/github-reviewed/2022/05/GHSA-j7mw-7crr-658v/GHSA-j7mw-7crr-658v.json b/advisories/github-reviewed/2022/05/GHSA-j7mw-7crr-658v/GHSA-j7mw-7crr-658v.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-j7mw-7crr-658v",
-  "modified": "2023-07-20T18:40:02Z",
+  "modified": "2025-10-22T17:36:28Z",
   "published": "2022-05-13T01:17:53Z",
   "aliases": [
     "CVE-2018-14667"
@@ -11,7 +11,7 @@
   "severity": [
     {
       "type": "CVSS_V3",
-      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H"
     }
   ],
   "affected": [
@@ -64,6 +64,10 @@
       "type": "WEB",
       "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14667"
     },
+    {
+      "type": "WEB",
+      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-14667"
+    },
     {
       "type": "WEB",
       "url": "http://packetstormsecurity.com/files/156663/Richsploit-RichFaces-Exploitation-Toolkit.html"
diff --git a/advisories/github-reviewed/2022/05/GHSA-wgw2-wwq8-c7wf/GHSA-wgw2-wwq8-c7wf.json b/advisories/github-reviewed/2022/05/GHSA-wgw2-wwq8-c7wf/GHSA-wgw2-wwq8-c7wf.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-wgw2-wwq8-c7wf",
-  "modified": "2023-10-06T01:30:47Z",
+  "modified": "2025-10-22T17:37:09Z",
   "published": "2022-05-13T01:20:46Z",
   "aliases": [
     "CVE-2018-8298"
@@ -11,7 +11,7 @@
   "severity": [
     {
       "type": "CVSS_V3",
-      "score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"
+      "score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:H"
     }
   ],
   "affected": [
@@ -60,6 +60,10 @@
       "type": "WEB",
       "url": "https://web.archive.org/web/20210124183835/http://www.securityfocus.com/bid/104639"
     },
+    {
+      "type": "WEB",
+      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-8298"
+    },
     {
       "type": "WEB",
       "url": "https://www.exploit-db.com/exploits/45217"
diff --git a/advisories/github-reviewed/2024/04/GHSA-297x-j9pm-xjgg/GHSA-297x-j9pm-xjgg.json b/advisories/github-reviewed/2024/04/GHSA-297x-j9pm-xjgg/GHSA-297x-j9pm-xjgg.json
@@ -1,17 +1,17 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-297x-j9pm-xjgg",
-  "modified": "2024-07-05T17:59:29Z",
+  "modified": "2025-10-22T17:37:59Z",
   "published": "2024-04-23T22:36:09Z",
   "aliases": [
     "CVE-2018-7602"
   ],
   "summary": "Drupal Core Remote Code Execution Vulnerability",
-  "details": "A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being compromised. This vulnerability is related to Drupal core - Highly critical - Remote Code Execution - SA-CORE-2018-002. Both SA-CORE-2018-002 and this vulnerability are being exploited in the wild. ",
+  "details": "A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being compromised. This vulnerability is related to Drupal core - Highly critical - Remote Code Execution - SA-CORE-2018-002. Both SA-CORE-2018-002 and this vulnerability are being exploited in the wild.",
   "severity": [
     {
       "type": "CVSS_V3",
-      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H"
     }
   ],
   "affected": [
@@ -151,6 +151,10 @@
       "type": "WEB",
       "url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00030.html"
     },
+    {
+      "type": "WEB",
+      "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-7602"
+    },
     {
       "type": "WEB",
       "url": "https://www.debian.org/security/2018/dsa-4180"
@@ -166,14 +170,6 @@
     {
       "type": "WEB",
       "url": "https://www.exploit-db.com/exploits/44557"
-    },
-    {
-      "type": "WEB",
-      "url": "http://www.securityfocus.com/bid/103985"
-    },
-    {
-      "type": "WEB",
-      "url": "http://www.securitytracker.com/id/1040754"
     }
   ],
   "database_specific": {

Original file line number	Diff line number	Diff line change
`@@ -1,7 +1,7 @@`
`1`	`1`	`{`
`2`	`2`	`"schema_version": "1.4.0",`
`3`	`3`	`"id": "GHSA-xrr4-p6fq-hjg7",`
`4`		`- "modified": "2025-10-22T17:18:52Z",`
	`4`	`+ "modified": "2025-10-22T17:35:03Z",`
`5`	`5`	`"published": "2017-10-24T18:33:35Z",`
`6`	`6`	`"aliases": [`
`7`	`7`	`"CVE-2016-0752"`
`@@ -11,7 +11,7 @@`
`11`	`11`	`"severity": [`
`12`	`12`	`{`
`13`	`13`	`"type": "CVSS_V3",`
`14`		`- "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"`
	`14`	`+ "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H"`
`15`	`15`	`}`
`16`	`16`	`],`
`17`	`17`	`"affected": [`
Original file line number	Diff line number	Diff line change
`@@ -1,7 +1,7 @@`
`1`	`1`	`{`
`2`	`2`	`"schema_version": "1.4.0",`
`3`	`3`	`"id": "GHSA-8pqx-3rxx-f5pm",`
`4`		`- "modified": "2025-10-22T17:17:39Z",`
	`4`	`+ "modified": "2025-10-22T17:35:20Z",`
`5`	`5`	`"published": "2022-05-13T01:30:06Z",`
`6`	`6`	`"aliases": [`
`7`	`7`	`"CVE-2015-5317"`
`@@ -11,7 +11,7 @@`
`11`	`11`	`"severity": [`
`12`	`12`	`{`
`13`	`13`	`"type": "CVSS_V3",`
`14`		`- "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N"`
	`14`	`+ "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:H"`
`15`	`15`	`}`
`16`	`16`	`],`
`17`	`17`	`"affected": [`