Skip to content

Commit c2001c5

Browse files
advisory-database[bot]advisory-database[bot]
committed
Publish Advisories
GHSA-4wrr-9h5r-m92w GHSA-7qwv-cwgj-c8rj GHSA-qmg3-hpqr-gqvc GHSA-ggwg-cmwp-46r5 GHSA-7vrx-9684-xrf2
1 parent 5c7d4b2 commit c2001c5

File tree

5 files changed

+33
-20
lines changed

5 files changed

+33
-20
lines changed

advisories/github-reviewed/2022/05/GHSA-4wrr-9h5r-m92w/GHSA-4wrr-9h5r-m92w.json

Lines changed: 8 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-4wrr-9h5r-m92w",
4-
"modified": "2023-12-27T16:29:53Z",
4+
"modified": "2025-10-22T19:32:10Z",
55
"published": "2022-05-04T00:29:43Z",
66
"aliases": [
77
"CVE-2012-0391"
@@ -74,6 +74,10 @@
7474
"type": "WEB",
7575
"url": "https://issues.apache.org/jira/browse/WW-3668"
7676
},
77+
{
78+
"type": "WEB",
79+
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2012-0391"
80+
},
7781
{
7882
"type": "WEB",
7983
"url": "https://www.sec-consult.com/files/20120104-0_Apache_Struts2_Multiple_Critical_Vulnerabilities.txt"
@@ -97,9 +101,10 @@
97101
],
98102
"database_specific": {
99103
"cwe_ids": [
100-
"CWE-20"
104+
"CWE-20",
105+
"CWE-94"
101106
],
102-
"severity": "HIGH",
107+
"severity": "CRITICAL",
103108
"github_reviewed": true,
104109
"github_reviewed_at": "2023-08-29T20:37:05Z",
105110
"nvd_published_at": "2012-01-08T15:55:00Z"

advisories/github-reviewed/2022/05/GHSA-7qwv-cwgj-c8rj/GHSA-7qwv-cwgj-c8rj.json

Lines changed: 6 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-7qwv-cwgj-c8rj",
4-
"modified": "2024-07-25T13:38:18Z",
4+
"modified": "2025-10-22T19:30:57Z",
55
"published": "2022-05-01T06:50:42Z",
66
"aliases": [
77
"CVE-2006-1547"
@@ -11,7 +11,7 @@
1111
"severity": [
1212
{
1313
"type": "CVSS_V3",
14-
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
14+
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:H"
1515
}
1616
],
1717
"affected": [
@@ -48,6 +48,10 @@
4848
"type": "PACKAGE",
4949
"url": "https://github.com/apache/struts"
5050
},
51+
{
52+
"type": "WEB",
53+
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2006-1547"
54+
},
5155
{
5256
"type": "WEB",
5357
"url": "http://issues.apache.org/bugzilla/show_bug.cgi?id=38534"
@@ -71,14 +75,6 @@
7175
{
7276
"type": "WEB",
7377
"url": "http://struts.apache.org/struts-doc-1.2.9/userGuide/release-notes.html"
74-
},
75-
{
76-
"type": "WEB",
77-
"url": "http://www.securityfocus.com/bid/17342"
78-
},
79-
{
80-
"type": "WEB",
81-
"url": "http://www.vupen.com/english/advisories/2006/1205"
8278
}
8379
],
8480
"database_specific": {

advisories/github-reviewed/2025/03/GHSA-qmg3-hpqr-gqvc/GHSA-qmg3-hpqr-gqvc.json

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-qmg3-hpqr-gqvc",
4-
"modified": "2025-03-20T18:59:19Z",
4+
"modified": "2025-10-22T19:29:23Z",
55
"published": "2025-03-19T15:19:12Z",
66
"aliases": [
77
"CVE-2025-30154"
@@ -11,7 +11,7 @@
1111
"severity": [
1212
{
1313
"type": "CVSS_V3",
14-
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N"
14+
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N/E:H"
1515
}
1616
],
1717
"affected": [
@@ -50,6 +50,10 @@
5050
"type": "PACKAGE",
5151
"url": "https://github.com/reviewdog/reviewdog"
5252
},
53+
{
54+
"type": "WEB",
55+
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-30154"
56+
},
5357
{
5458
"type": "WEB",
5559
"url": "https://www.wiz.io/blog/new-github-action-supply-chain-attack-reviewdog-action-setup"

advisories/github-reviewed/2025/04/GHSA-ggwg-cmwp-46r5/GHSA-ggwg-cmwp-46r5.json

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-ggwg-cmwp-46r5",
4-
"modified": "2025-07-30T11:46:44Z",
4+
"modified": "2025-10-22T19:29:49Z",
55
"published": "2025-04-10T03:31:32Z",
66
"aliases": [
77
"CVE-2024-58136"
@@ -11,7 +11,7 @@
1111
"severity": [
1212
{
1313
"type": "CVSS_V3",
14-
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H"
14+
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:H"
1515
}
1616
],
1717
"affected": [
@@ -64,6 +64,10 @@
6464
"type": "WEB",
6565
"url": "https://sensepost.com/blog/2025/investigating-an-in-the-wild-campaign-using-rce-in-craftcms"
6666
},
67+
{
68+
"type": "WEB",
69+
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2024-58136"
70+
},
6771
{
6872
"type": "WEB",
6973
"url": "https://www.yiiframework.com/news/709/please-upgrade-to-yii-2-0-52"

advisories/github-reviewed/2025/05/GHSA-7vrx-9684-xrf2/GHSA-7vrx-9684-xrf2.json

Lines changed: 7 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-7vrx-9684-xrf2",
4-
"modified": "2025-05-28T21:45:30Z",
4+
"modified": "2025-10-22T19:30:22Z",
55
"published": "2025-05-08T00:31:12Z",
66
"aliases": [
77
"CVE-2025-35939"
@@ -11,11 +11,11 @@
1111
"severity": [
1212
{
1313
"type": "CVSS_V3",
14-
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N"
14+
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:H"
1515
},
1616
{
1717
"type": "CVSS_V4",
18-
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"
18+
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:A"
1919
}
2020
],
2121
"affected": [
@@ -87,6 +87,10 @@
8787
"type": "WEB",
8888
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-25-147-01.json"
8989
},
90+
{
91+
"type": "WEB",
92+
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-35939"
93+
},
9094
{
9195
"type": "WEB",
9296
"url": "https://www.cve.org/CVERecord?id=CVE-2025-35939"

0 commit comments

Comments
 (0)