Skip to content

Commit c2eb837

Browse files
advisory-database[bot]advisory-database[bot]
committed
Publish Advisories
GHSA-95h4-w6j8-2rp8 GHSA-qm9p-f9j5-w83w
1 parent a399e60 commit c2eb837

File tree

2 files changed

+40
-5
lines changed

2 files changed

+40
-5
lines changed

advisories/github-reviewed/2025/09/GHSA-95h4-w6j8-2rp8/GHSA-95h4-w6j8-2rp8.json

Lines changed: 37 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-95h4-w6j8-2rp8",
4-
"modified": "2025-09-24T20:59:11Z",
4+
"modified": "2025-10-29T22:15:01Z",
55
"published": "2025-09-02T15:31:08Z",
66
"aliases": [
77
"CVE-2025-9784"
@@ -28,7 +28,26 @@
2828
"introduced": "0"
2929
},
3030
{
31-
"last_affected": "2.3.18.Final"
31+
"fixed": "2.2.38.Final"
32+
}
33+
]
34+
}
35+
]
36+
},
37+
{
38+
"package": {
39+
"ecosystem": "Maven",
40+
"name": "io.undertow:undertow-core"
41+
},
42+
"ranges": [
43+
{
44+
"type": "ECOSYSTEM",
45+
"events": [
46+
{
47+
"introduced": "2.3.0.Alpha1"
48+
},
49+
{
50+
"fixed": "2.3.20.Final"
3251
}
3352
]
3453
}
@@ -44,6 +63,22 @@
4463
"type": "WEB",
4564
"url": "https://github.com/undertow-io/undertow/pull/1778"
4665
},
66+
{
67+
"type": "WEB",
68+
"url": "https://github.com/undertow-io/undertow/pull/1802"
69+
},
70+
{
71+
"type": "WEB",
72+
"url": "https://github.com/undertow-io/undertow/pull/1803"
73+
},
74+
{
75+
"type": "WEB",
76+
"url": "https://github.com/undertow-io/undertow/pull/1804"
77+
},
78+
{
79+
"type": "WEB",
80+
"url": "https://github.com/undertow-io/undertow/pull/1805"
81+
},
4782
{
4883
"type": "WEB",
4984
"url": "https://access.redhat.com/security/cve/CVE-2025-9784"

advisories/github-reviewed/2025/09/GHSA-qm9p-f9j5-w83w/GHSA-qm9p-f9j5-w83w.json

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,13 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-qm9p-f9j5-w83w",
4-
"modified": "2025-09-20T00:50:59Z",
4+
"modified": "2025-10-29T22:16:20Z",
55
"published": "2025-09-17T21:30:42Z",
66
"aliases": [
77
"CVE-2025-56648"
88
],
99
"summary": "Parcel has an Origin Validation Error vulnerability",
10-
"details": "npm parcel 2.0.0-alpha and before has an Origin Validation Error vulnerability. Malicious websites can send XMLHTTPRequests to the application's development server and read the response to steal source code when developers visit them.",
10+
"details": "parcel versions 1.6.0 and above have an Origin Validation Error vulnerability. Malicious websites can send XMLHTTPRequests to the application's development server and read the response to steal source code when developers visit them.",
1111
"severity": [
1212
{
1313
"type": "CVSS_V3",
@@ -28,7 +28,7 @@
2828
"introduced": "1.6.0"
2929
},
3030
{
31-
"last_affected": "2.14.4"
31+
"last_affected": "2.16.0"
3232
}
3333
]
3434
}

0 commit comments

Comments
 (0)