Advisory Database Sync

Author: advisory-database[bot]

…-r385-c5fc-x56c/GHSA-r385-c5fc-x56c.json …-r385-c5fc-x56c/GHSA-r385-c5fc-x56c.jsonadvisories/unreviewed/2025/02/GHSA-r385-c5fc-x56c/GHSA-r385-c5fc-x56c.json renamed to advisories/github-reviewed/2025/02/GHSA-r385-c5fc-x56c/GHSA-r385-c5fc-x56c.json advisories/unreviewed/2025/02/GHSA-r385-c5fc-x56c/GHSA-r385-c5fc-x56c.json renamed to advisories/github-reviewed/2025/02/GHSA-r385-c5fc-x56c/GHSA-r385-c5fc-x56c.json

@@ -1,26 +1,47 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-r385-c5fc-x56c",
-  "modified": "2025-02-10T21:31:39Z",
+  "modified": "2025-12-18T15:30:18Z",
   "published": "2025-02-10T21:31:39Z",
   "aliases": [
     "CVE-2024-57177"
   ],
-  "details": "A host header injection vulnerability exists in the NPM package of perfood/couch-auth <= 0.21.2. By sending a specially crafted host header in the email change confirmation request, it is possible to trigger a SSTI which can be leveraged to run limited commands or leak server-side information",
+  "summary": "CouchAuth has a Server-Side Template Injection vulnerability in its email functionality",
+  "details": "A host header injection vulnerability exists in the NPM package of perfood/couch-auth <= 0.21.2. By sending a specially crafted host header in the email change confirmation request, it is possible to trigger a SSTI which can be leveraged to run limited commands or leak server-side information.",
   "severity": [
     {
       "type": "CVSS_V3",
       "score": "CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
     }
   ],
-  "affected": [],
+  "affected": [
+    {
+      "package": {
+        "ecosystem": "npm",
+        "name": "@perfood/couch-auth"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "last_affected": "0.21.2"
+            }
+          ]
+        }
+      ]
+    }
+  ],
   "references": [
     {
       "type": "ADVISORY",
       "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-57177"
     },
     {
-      "type": "WEB",
+      "type": "PACKAGE",
       "url": "https://github.com/perfood/couch-auth"
     },
     {
@@ -34,8 +55,8 @@
       "CWE-74"
     ],
     "severity": "MODERATE",
-    "github_reviewed": false,
-    "github_reviewed_at": null,
+    "github_reviewed": true,
+    "github_reviewed_at": "2025-12-18T15:30:17Z",
     "nvd_published_at": "2025-02-10T20:15:41Z"
   }
 }

advisories/unreviewed/2022/05/GHSA-66mx-93rr-rg39/GHSA-66mx-93rr-rg39.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-66mx-93rr-rg39",
-  "modified": "2022-05-24T17:43:22Z",
+  "modified": "2025-12-18T15:30:24Z",
   "published": "2022-05-24T17:43:22Z",
   "aliases": [
     "CVE-2021-27803"
@@ -23,6 +23,18 @@
       "type": "WEB",
       "url": "https://lists.debian.org/debian-lts-announce/2021/03/msg00003.html"
     },
+    {
+      "type": "WEB",
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZGUR5XFHATVXTRAEJMODS7ROYHA56NX"
+    },
+    {
+      "type": "WEB",
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KOGP2VIVVXXQ6CZ2HU4DKGPDB4WR24XF"
+    },
+    {
+      "type": "WEB",
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SEHS2CFGH3KCSNPHBHNGN5SGV6QPMLZ4"
+    },
     {
       "type": "WEB",
       "url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/IZGUR5XFHATVXTRAEJMODS7ROYHA56NX"

advisories/unreviewed/2022/05/GHSA-96g2-7cqx-5ggh/GHSA-96g2-7cqx-5ggh.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-96g2-7cqx-5ggh",
-  "modified": "2022-05-24T17:22:01Z",
+  "modified": "2025-12-18T15:30:24Z",
   "published": "2022-05-24T17:22:01Z",
   "aliases": [
     "CVE-2020-14145"

advisories/unreviewed/2022/05/GHSA-hc96-xw56-vfwh/GHSA-hc96-xw56-vfwh.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-hc96-xw56-vfwh",
-  "modified": "2022-07-26T00:00:43Z",
+  "modified": "2025-12-18T15:30:24Z",
   "published": "2022-05-24T17:39:30Z",
   "aliases": [
     "CVE-2021-3177"
@@ -25,111 +25,171 @@
     },
     {
       "type": "WEB",
-      "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
+      "url": "https://bugs.python.org/issue42938"
     },
     {
       "type": "WEB",
-      "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
+      "url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA"
     },
     {
       "type": "WEB",
-      "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
+      "url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/FPE7SMXYUIWPOIZV4DQYXODRXMFX3C5E"
     },
     {
       "type": "WEB",
-      "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
+      "url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4"
     },
     {
       "type": "WEB",
-      "url": "https://security.netapp.com/advisory/ntap-20210226-0003"
+      "url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/MGSV6BJQLRQ6RKVUXK7JGU7TP4QFGQXC"
     },
     {
       "type": "WEB",
-      "url": "https://security.gentoo.org/glsa/202101-18"
+      "url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62"
     },
     {
       "type": "WEB",
-      "url": "https://python-security.readthedocs.io/vuln/ctypes-buffer-overflow-pycarg_repr.html"
+      "url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2"
     },
     {
       "type": "WEB",
-      "url": "https://news.ycombinator.com/item?id=26185005"
+      "url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/NQPARTLNSFQVMMQHPNBFOCOZOO3TMQNA"
     },
     {
       "type": "WEB",
-      "url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/Z7GZV74KM72O2PEJN2C4XP3V5Q5MZUOO"
+      "url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/NXSMBHES3ANXXS2RSO5G6Q24BR4B2PWK"
     },
     {
       "type": "WEB",
-      "url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/YDTZVGSXQ7HR7OCGSUHTRNTMBG43OMKU"
+      "url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/V6XJAULOS5JVB2L67NCKKMJ5NTKZJBSD"
     },
     {
       "type": "WEB",
       "url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/Y4KSYYWMGAKOA2JVCQA422OINT6CKQ7O"
     },
     {
       "type": "WEB",
-      "url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/V6XJAULOS5JVB2L67NCKKMJ5NTKZJBSD"
+      "url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/YDTZVGSXQ7HR7OCGSUHTRNTMBG43OMKU"
     },
     {
       "type": "WEB",
-      "url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/NXSMBHES3ANXXS2RSO5G6Q24BR4B2PWK"
+      "url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/Z7GZV74KM72O2PEJN2C4XP3V5Q5MZUOO"
     },
     {
       "type": "WEB",
-      "url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/NQPARTLNSFQVMMQHPNBFOCOZOO3TMQNA"
+      "url": "https://news.ycombinator.com/item?id=26185005"
     },
     {
       "type": "WEB",
-      "url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2"
+      "url": "https://python-security.readthedocs.io/vuln/ctypes-buffer-overflow-pycarg_repr.html"
     },
     {
       "type": "WEB",
-      "url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62"
+      "url": "https://security.gentoo.org/glsa/202101-18"
     },
     {
       "type": "WEB",
-      "url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/MGSV6BJQLRQ6RKVUXK7JGU7TP4QFGQXC"
+      "url": "https://security.netapp.com/advisory/ntap-20210226-0003"
     },
     {
       "type": "WEB",
-      "url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4"
+      "url": "https://www.oracle.com//security-alerts/cpujul2021.html"
     },
     {
       "type": "WEB",
-      "url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/FPE7SMXYUIWPOIZV4DQYXODRXMFX3C5E"
+      "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
     },
     {
       "type": "WEB",
-      "url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA"
+      "url": "https://www.oracle.com/security-alerts/cpujul2022.html"
     },
     {
       "type": "WEB",
-      "url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/CCFZMVRQUKCBQIG5F2CBVADK63NFSE4A"
+      "url": "https://www.oracle.com/security-alerts/cpuoct2021.html"
     },
     {
       "type": "WEB",
-      "url": "https://lists.fedoraproject.org/archives/list/[email protected].org/message/BRHOCQYX3QLDGDQGTWQAUUT2GGIZCZUO"
+      "url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E"
     },
     {
       "type": "WEB",
-      "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html"
+      "url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E"
+    },
+    {
+      "type": "WEB",
+      "url": "https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html"
     },
     {
       "type": "WEB",
       "url": "https://lists.debian.org/debian-lts-announce/2022/02/msg00013.html"
     },
     {
       "type": "WEB",
-      "url": "https://lists.debian.org/debian-lts-announce/2021/04/msg00005.html"
+      "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00024.html"
     },
     {
       "type": "WEB",
-      "url": "https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E"
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BRHOCQYX3QLDGDQGTWQAUUT2GGIZCZUO"
     },
     {
       "type": "WEB",
-      "url": "https://bugs.python.org/issue42938"
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CCFZMVRQUKCBQIG5F2CBVADK63NFSE4A"
+    },
+    {
+      "type": "WEB",
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FONHJIOZOFD7CD35KZL6SVBUTMBPGZGA"
+    },
+    {
+      "type": "WEB",
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FPE7SMXYUIWPOIZV4DQYXODRXMFX3C5E"
+    },
+    {
+      "type": "WEB",
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HCQTCSP6SCVIYNIRUJC5X7YBVUHPLSC4"
+    },
+    {
+      "type": "WEB",
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MGSV6BJQLRQ6RKVUXK7JGU7TP4QFGQXC"
+    },
+    {
+      "type": "WEB",
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MP572OLHMS7MZO4KUPSCIMSZIA5IZZ62"
+    },
+    {
+      "type": "WEB",
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NODWHDIFBQE5RU5PUWUVE47JOT5VCMJ2"
+    },
+    {
+      "type": "WEB",
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NQPARTLNSFQVMMQHPNBFOCOZOO3TMQNA"
+    },
+    {
+      "type": "WEB",
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NXSMBHES3ANXXS2RSO5G6Q24BR4B2PWK"
+    },
+    {
+      "type": "WEB",
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V6XJAULOS5JVB2L67NCKKMJ5NTKZJBSD"
+    },
+    {
+      "type": "WEB",
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y4KSYYWMGAKOA2JVCQA422OINT6CKQ7O"
+    },
+    {
+      "type": "WEB",
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YDTZVGSXQ7HR7OCGSUHTRNTMBG43OMKU"
+    },
+    {
+      "type": "WEB",
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z7GZV74KM72O2PEJN2C4XP3V5Q5MZUOO"
+    },
+    {
+      "type": "WEB",
+      "url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/BRHOCQYX3QLDGDQGTWQAUUT2GGIZCZUO"
+    },
+    {
+      "type": "WEB",
+      "url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/CCFZMVRQUKCBQIG5F2CBVADK63NFSE4A"
     }
   ],
   "database_specific": {

advisories/unreviewed/2022/05/GHSA-jr78-hfw4-xp7g/GHSA-jr78-hfw4-xp7g.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-jr78-hfw4-xp7g",
-  "modified": "2022-05-13T01:22:35Z",
+  "modified": "2025-12-18T15:30:24Z",
   "published": "2022-05-13T01:22:35Z",
   "aliases": [
     "CVE-2019-6111"
@@ -59,6 +59,10 @@
       "type": "WEB",
       "url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/W3YVQ2BPTOVDCFDVNC2GGF5P5ISFG37G"
     },
+    {
+      "type": "WEB",
+      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W3YVQ2BPTOVDCFDVNC2GGF5P5ISFG37G"
+    },
     {
       "type": "WEB",
       "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00030.html"
@@ -67,18 +71,34 @@
       "type": "WEB",
       "url": "https://lists.apache.org/thread.html/e47597433b351d6e01a5d68d610b4ba195743def9730e49561e8cf3f@%3Cdev.mina.apache.org%3E"
     },
+    {
+      "type": "WEB",
+      "url": "https://lists.apache.org/thread.html/e47597433b351d6e01a5d68d610b4ba195743def9730e49561e8cf3f%40%3Cdev.mina.apache.org%3E"
+    },
     {
       "type": "WEB",
       "url": "https://lists.apache.org/thread.html/d540139359de999b0f1c87d05b715be4d7d4bec771e1ae55153c5c7a@%3Cdev.mina.apache.org%3E"
     },
+    {
+      "type": "WEB",
+      "url": "https://lists.apache.org/thread.html/d540139359de999b0f1c87d05b715be4d7d4bec771e1ae55153c5c7a%40%3Cdev.mina.apache.org%3E"
+    },
     {
       "type": "WEB",
       "url": "https://lists.apache.org/thread.html/c7301cab36a86825359e1b725fc40304d1df56dc6d107c1fe885148b@%3Cdev.mina.apache.org%3E"
     },
+    {
+      "type": "WEB",
+      "url": "https://lists.apache.org/thread.html/c7301cab36a86825359e1b725fc40304d1df56dc6d107c1fe885148b%40%3Cdev.mina.apache.org%3E"
+    },
     {
       "type": "WEB",
       "url": "https://lists.apache.org/thread.html/c45d9bc90700354b58fb7455962873c44229841880dcb64842fa7d23@%3Cdev.mina.apache.org%3E"
     },
+    {
+      "type": "WEB",
+      "url": "https://lists.apache.org/thread.html/c45d9bc90700354b58fb7455962873c44229841880dcb64842fa7d23%40%3Cdev.mina.apache.org%3E"
+    },
     {
       "type": "WEB",
       "url": "https://cvsweb.openbsd.org/src/usr.bin/ssh/scp.c"

advisories/unreviewed/2022/05/GHSA-mv2j-4mm8-9xgv/GHSA-mv2j-4mm8-9xgv.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-mv2j-4mm8-9xgv",
-  "modified": "2022-05-13T01:22:35Z",
+  "modified": "2025-12-18T15:30:24Z",
   "published": "2022-05-13T01:22:35Z",
   "aliases": [
     "CVE-2019-6110"

advisories/unreviewed/2025/10/GHSA-447q-wwcf-54f8/GHSA-447q-wwcf-54f8.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-447q-wwcf-54f8",
-  "modified": "2025-10-28T12:30:17Z",
+  "modified": "2025-12-18T15:30:24Z",
   "published": "2025-10-28T12:30:17Z",
   "aliases": [
     "CVE-2025-40075"
@@ -18,6 +18,10 @@
       "type": "WEB",
       "url": "https://git.kernel.org/stable/c/07613a95326ebad2d1b88d883cd72546025a4f3e"
     },
+    {
+      "type": "WEB",
+      "url": "https://git.kernel.org/stable/c/4b89397807eb04986427c4786d065e9442834ad4"
+    },
     {
       "type": "WEB",
       "url": "https://git.kernel.org/stable/c/50c127a69cd6285300931853b352a1918cfa180f"