Publish Advisories

advisory-database[bot] · advisory-database[bot] · commit b68b9f066353 · 2025-11-05T22:08:53.000Z
GHSA-47m2-4cr7-mhcw GHSA-4p3p-cr38-v5xp GHSA-q8j9-34qf-7vq7 GHSA-xch9-h8qw-85c7
diff --git a/advisories/github-reviewed/2025/10/GHSA-47m2-4cr7-mhcw/GHSA-47m2-4cr7-mhcw.json b/advisories/github-reviewed/2025/10/GHSA-47m2-4cr7-mhcw/GHSA-47m2-4cr7-mhcw.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-47m2-4cr7-mhcw",
-  "modified": "2025-10-13T15:44:54Z",
+  "modified": "2025-11-05T22:06:25Z",
   "published": "2025-10-10T17:03:01Z",
   "aliases": [
     "CVE-2025-59530"
@@ -82,6 +82,10 @@
     {
       "type": "WEB",
       "url": "https://github.com/quic-go/quic-go/blob/v0.55.0/connection.go#L2682-L2685"
+    },
+    {
+      "type": "WEB",
+      "url": "https://pkg.go.dev/vuln/GO-2025-4017"
     }
   ],
   "database_specific": {
diff --git a/advisories/github-reviewed/2025/10/GHSA-4p3p-cr38-v5xp/GHSA-4p3p-cr38-v5xp.json b/advisories/github-reviewed/2025/10/GHSA-4p3p-cr38-v5xp/GHSA-4p3p-cr38-v5xp.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-4p3p-cr38-v5xp",
-  "modified": "2025-10-13T22:09:25Z",
+  "modified": "2025-11-05T22:07:29Z",
   "published": "2025-10-13T19:59:17Z",
   "aliases": [
     "CVE-2025-59836"
@@ -80,6 +80,10 @@
     {
       "type": "PACKAGE",
       "url": "https://github.com/siderolabs/omni"
+    },
+    {
+      "type": "WEB",
+      "url": "https://pkg.go.dev/vuln/GO-2025-4021"
     }
   ],
   "database_specific": {
diff --git a/advisories/github-reviewed/2025/10/GHSA-q8j9-34qf-7vq7/GHSA-q8j9-34qf-7vq7.json b/advisories/github-reviewed/2025/10/GHSA-q8j9-34qf-7vq7/GHSA-q8j9-34qf-7vq7.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-q8j9-34qf-7vq7",
-  "modified": "2025-10-29T14:47:34Z",
+  "modified": "2025-11-05T22:05:52Z",
   "published": "2025-10-28T17:31:32Z",
   "aliases": [
     "CVE-2025-27093"
@@ -36,6 +36,25 @@
       "database_specific": {
         "last_known_affected_version_range": "<= 1.5.43"
       }
+    },
+    {
+      "package": {
+        "ecosystem": "Go",
+        "name": "github.com/bishopfox/sliver"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "fixed": "1.5.44"
+            }
+          ]
+        }
+      ]
     }
   ],
   "references": [
@@ -58,6 +77,10 @@
     {
       "type": "PACKAGE",
       "url": "https://github.com/BishopFox/sliver"
+    },
+    {
+      "type": "WEB",
+      "url": "https://pkg.go.dev/vuln/GO-2025-4079"
     }
   ],
   "database_specific": {
diff --git a/advisories/github-reviewed/2025/10/GHSA-xch9-h8qw-85c7/GHSA-xch9-h8qw-85c7.json b/advisories/github-reviewed/2025/10/GHSA-xch9-h8qw-85c7/GHSA-xch9-h8qw-85c7.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-xch9-h8qw-85c7",
-  "modified": "2025-10-02T21:15:46Z",
+  "modified": "2025-11-05T22:07:56Z",
   "published": "2025-10-02T21:15:46Z",
   "aliases": [
     "CVE-2025-54291"
@@ -89,6 +89,10 @@
     {
       "type": "PACKAGE",
       "url": "https://github.com/canonical/lxd"
+    },
+    {
+      "type": "WEB",
+      "url": "https://pkg.go.dev/vuln/GO-2025-4005"
     }
   ],
   "database_specific": {

Original file line number	Diff line number	Diff line change
`@@ -1,7 +1,7 @@`
`1`	`1`	`{`
`2`	`2`	`"schema_version": "1.4.0",`
`3`	`3`	`"id": "GHSA-47m2-4cr7-mhcw",`
`4`		`- "modified": "2025-10-13T15:44:54Z",`
	`4`	`+ "modified": "2025-11-05T22:06:25Z",`
`5`	`5`	`"published": "2025-10-10T17:03:01Z",`
`6`	`6`	`"aliases": [`
`7`	`7`	`"CVE-2025-59530"`
`@@ -82,6 +82,10 @@`
`82`	`82`	`{`
`83`	`83`	`"type": "WEB",`
`84`	`84`	`"url": "https://github.com/quic-go/quic-go/blob/v0.55.0/connection.go#L2682-L2685"`
	`85`	`+ },`
	`86`	`+ {`
	`87`	`+ "type": "WEB",`
	`88`	`+ "url": "https://pkg.go.dev/vuln/GO-2025-4017"`
`85`	`89`	`}`
`86`	`90`	`],`
`87`	`91`	`"database_specific": {`
Original file line number	Diff line number	Diff line change
`@@ -1,7 +1,7 @@`
`1`	`1`	`{`
`2`	`2`	`"schema_version": "1.4.0",`
`3`	`3`	`"id": "GHSA-4p3p-cr38-v5xp",`
`4`		`- "modified": "2025-10-13T22:09:25Z",`
	`4`	`+ "modified": "2025-11-05T22:07:29Z",`
`5`	`5`	`"published": "2025-10-13T19:59:17Z",`
`6`	`6`	`"aliases": [`
`7`	`7`	`"CVE-2025-59836"`
`@@ -80,6 +80,10 @@`
`80`	`80`	`{`
`81`	`81`	`"type": "PACKAGE",`
`82`	`82`	`"url": "https://github.com/siderolabs/omni"`
	`83`	`+ },`
	`84`	`+ {`
	`85`	`+ "type": "WEB",`
	`86`	`+ "url": "https://pkg.go.dev/vuln/GO-2025-4021"`
`83`	`87`	`}`
`84`	`88`	`],`
`85`	`89`	`"database_specific": {`
Original file line number	Diff line number	Diff line change
`@@ -1,7 +1,7 @@`
`1`	`1`	`{`
`2`	`2`	`"schema_version": "1.4.0",`
`3`	`3`	`"id": "GHSA-xch9-h8qw-85c7",`
`4`		`- "modified": "2025-10-02T21:15:46Z",`
	`4`	`+ "modified": "2025-11-05T22:07:56Z",`
`5`	`5`	`"published": "2025-10-02T21:15:46Z",`
`6`	`6`	`"aliases": [`
`7`	`7`	`"CVE-2025-54291"`
`@@ -89,6 +89,10 @@`
`89`	`89`	`{`
`90`	`90`	`"type": "PACKAGE",`
`91`	`91`	`"url": "https://github.com/canonical/lxd"`
	`92`	`+ },`
	`93`	`+ {`
	`94`	`+ "type": "WEB",`
	`95`	`+ "url": "https://pkg.go.dev/vuln/GO-2025-4005"`
`92`	`96`	`}`
`93`	`97`	`],`
`94`	`98`	`"database_specific": {`