Advisory Database Sync

github · Jan 31, 2025 · 95ee070 · 95ee070
1 parent 522abaa
commit 95ee070
Show file tree

Hide file tree

Showing 51 changed files with 400 additions and 116 deletions.
diff --git a/advisories/unreviewed/2023/04/GHSA-4x95-p9f4-3p7r/GHSA-4x95-p9f4-3p7r.json b/advisories/unreviewed/2023/04/GHSA-4x95-p9f4-3p7r/GHSA-4x95-p9f4-3p7r.json
@@ -29,7 +29,9 @@
     }
   ],
   "database_specific": {
-    "cwe_ids": [],
+    "cwe_ids": [
+      "CWE-863"
+    ],
     "severity": "HIGH",
     "github_reviewed": false,
     "github_reviewed_at": null,

diff --git a/advisories/unreviewed/2023/04/GHSA-5mcp-h82r-f9v7/GHSA-5mcp-h82r-f9v7.json b/advisories/unreviewed/2023/04/GHSA-5mcp-h82r-f9v7/GHSA-5mcp-h82r-f9v7.json
@@ -34,7 +34,8 @@
   ],
   "database_specific": {
     "cwe_ids": [
-      "CWE-269"
+      "CWE-269",
+      "CWE-863"
     ],
     "severity": "HIGH",
     "github_reviewed": false,

diff --git a/advisories/unreviewed/2023/04/GHSA-68w8-q32v-4g44/GHSA-68w8-q32v-4g44.json b/advisories/unreviewed/2023/04/GHSA-68w8-q32v-4g44/GHSA-68w8-q32v-4g44.json
@@ -34,6 +34,7 @@
   ],
   "database_specific": {
     "cwe_ids": [
+      "CWE-22",
       "CWE-668"
     ],
     "severity": "HIGH",

diff --git a/advisories/unreviewed/2023/04/GHSA-89xv-gh3p-mrvg/GHSA-89xv-gh3p-mrvg.json b/advisories/unreviewed/2023/04/GHSA-89xv-gh3p-mrvg/GHSA-89xv-gh3p-mrvg.json
@@ -34,7 +34,8 @@
   ],
   "database_specific": {
     "cwe_ids": [
-      "CWE-269"
+      "CWE-269",
+      "CWE-863"
     ],
     "severity": "HIGH",
     "github_reviewed": false,

diff --git a/advisories/unreviewed/2023/04/GHSA-fhhm-9qhh-g52w/GHSA-fhhm-9qhh-g52w.json b/advisories/unreviewed/2023/04/GHSA-fhhm-9qhh-g52w/GHSA-fhhm-9qhh-g52w.json
@@ -34,7 +34,8 @@
   ],
   "database_specific": {
     "cwe_ids": [
-      "CWE-269"
+      "CWE-269",
+      "CWE-863"
     ],
     "severity": "HIGH",
     "github_reviewed": false,

diff --git a/advisories/unreviewed/2023/04/GHSA-pmgh-8j9v-4xhf/GHSA-pmgh-8j9v-4xhf.json b/advisories/unreviewed/2023/04/GHSA-pmgh-8j9v-4xhf/GHSA-pmgh-8j9v-4xhf.json
@@ -30,7 +30,8 @@
   ],
   "database_specific": {
     "cwe_ids": [
-      "CWE-367"
+      "CWE-367",
+      "CWE-59"
     ],
     "severity": "MODERATE",
     "github_reviewed": false,

diff --git a/advisories/unreviewed/2023/07/GHSA-7w8f-q3m3-pfj7/GHSA-7w8f-q3m3-pfj7.json b/advisories/unreviewed/2023/07/GHSA-7w8f-q3m3-pfj7/GHSA-7w8f-q3m3-pfj7.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-7w8f-q3m3-pfj7",
-  "modified": "2024-04-04T05:38:25Z",
+  "modified": "2025-01-31T21:32:44Z",
   "published": "2023-07-06T19:24:19Z",
   "aliases": [
     "CVE-2023-2158"

diff --git a/advisories/unreviewed/2023/07/GHSA-9296-w48c-7m8r/GHSA-9296-w48c-7m8r.json b/advisories/unreviewed/2023/07/GHSA-9296-w48c-7m8r/GHSA-9296-w48c-7m8r.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-9296-w48c-7m8r",
-  "modified": "2024-04-04T05:40:13Z",
+  "modified": "2025-01-31T21:32:44Z",
   "published": "2023-07-06T21:14:54Z",
   "aliases": [
     "CVE-2023-22782"

diff --git a/advisories/unreviewed/2023/07/GHSA-h44p-c6q5-xj3p/GHSA-h44p-c6q5-xj3p.json b/advisories/unreviewed/2023/07/GHSA-h44p-c6q5-xj3p/GHSA-h44p-c6q5-xj3p.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-h44p-c6q5-xj3p",
-  "modified": "2024-04-04T05:40:17Z",
+  "modified": "2025-01-31T21:32:44Z",
   "published": "2023-07-06T21:14:54Z",
   "aliases": [
     "CVE-2023-22781"

diff --git a/advisories/unreviewed/2023/07/GHSA-jwcx-m84w-h98g/GHSA-jwcx-m84w-h98g.json b/advisories/unreviewed/2023/07/GHSA-jwcx-m84w-h98g/GHSA-jwcx-m84w-h98g.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-jwcx-m84w-h98g",
-  "modified": "2024-04-04T05:38:24Z",
+  "modified": "2025-01-31T21:32:44Z",
   "published": "2023-07-06T19:24:19Z",
   "aliases": [
     "CVE-2023-28770"
@@ -19,6 +19,10 @@
       "type": "ADVISORY",
       "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-28770"
     },
+    {
+      "type": "WEB",
+      "url": "https://packetstorm.news/files/id/172277"
+    },
     {
       "type": "WEB",
       "url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-multiple-vulnerabilities"
@@ -30,7 +34,8 @@
   ],
   "database_specific": {
     "cwe_ids": [
-      "CWE-200"
+      "CWE-200",
+      "CWE-203"
     ],
     "severity": "HIGH",
     "github_reviewed": false,

diff --git a/advisories/unreviewed/2024/07/GHSA-r8h6-cwxj-rv5j/GHSA-r8h6-cwxj-rv5j.json b/advisories/unreviewed/2024/07/GHSA-r8h6-cwxj-rv5j/GHSA-r8h6-cwxj-rv5j.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-r8h6-cwxj-rv5j",
-  "modified": "2024-11-05T00:31:27Z",
+  "modified": "2025-01-31T21:32:44Z",
   "published": "2024-07-30T00:34:24Z",
   "aliases": [
     "CVE-2024-3219"
@@ -47,6 +47,10 @@
       "type": "WEB",
       "url": "https://github.com/python/cpython/commit/b252317956b7fc035bb3774ef6a177e227f9fc54"
     },
+    {
+      "type": "WEB",
+      "url": "https://github.com/python/cpython/commit/78df1043dbdce5c989600616f9f87b4ee72944e5"
+    },
     {
       "type": "WEB",
       "url": "https://github.com/python/cpython/commit/5f90abaa786f994db3907fc31e2ee00ea2cf0929"

diff --git a/advisories/unreviewed/2024/08/GHSA-7pwv-g7hj-39pr/GHSA-7pwv-g7hj-39pr.json b/advisories/unreviewed/2024/08/GHSA-7pwv-g7hj-39pr/GHSA-7pwv-g7hj-39pr.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-7pwv-g7hj-39pr",
-  "modified": "2024-09-04T21:30:31Z",
+  "modified": "2025-01-31T21:32:44Z",
   "published": "2024-08-19T21:35:10Z",
   "aliases": [
     "CVE-2024-7592"
@@ -31,6 +31,10 @@
       "type": "WEB",
       "url": "https://github.com/python/cpython/commit/391e5626e3ee5af267b97e37abc7475732e67621"
     },
+    {
+      "type": "WEB",
+      "url": "https://github.com/python/cpython/commit/44e458357fca05ca0ae2658d62c8c595b048b5ef"
+    },
     {
       "type": "WEB",
       "url": "https://github.com/python/cpython/commit/a77ab24427a18bff817025adb03ca920dc3f1a06"
@@ -54,6 +58,10 @@
     {
       "type": "WEB",
       "url": "https://mail.python.org/archives/list/[email protected]/thread/HXJAAAALNUNGCQUS2W7WR6GFIZIHFOOK"
+    },
+    {
+      "type": "WEB",
+      "url": "https://security.netapp.com/advisory/ntap-20241018-0006"
     }
   ],
   "database_specific": {

diff --git a/advisories/unreviewed/2024/08/GHSA-87qc-q3w7-7m8w/GHSA-87qc-q3w7-7m8w.json b/advisories/unreviewed/2024/08/GHSA-87qc-q3w7-7m8w/GHSA-87qc-q3w7-7m8w.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-87qc-q3w7-7m8w",
-  "modified": "2025-01-11T15:30:27Z",
+  "modified": "2025-01-31T21:32:44Z",
   "published": "2024-08-01T15:32:20Z",
   "aliases": [
     "CVE-2024-6923"
@@ -31,6 +31,10 @@
       "type": "WEB",
       "url": "https://github.com/python/cpython/commit/06f28dc236708f72871c64d4bc4b4ea144c50147"
     },
+    {
+      "type": "WEB",
+      "url": "https://github.com/python/cpython/commit/097633981879b3c9de9a1dd120d3aa585ecc2384"
+    },
     {
       "type": "WEB",
       "url": "https://github.com/python/cpython/commit/4766d1200fdf8b6728137aa2927a297e224d5fa7"

diff --git a/advisories/unreviewed/2024/09/GHSA-mmm5-wgvp-wp8r/GHSA-mmm5-wgvp-wp8r.json b/advisories/unreviewed/2024/09/GHSA-mmm5-wgvp-wp8r/GHSA-mmm5-wgvp-wp8r.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-mmm5-wgvp-wp8r",
-  "modified": "2024-09-04T21:30:31Z",
+  "modified": "2025-01-31T21:32:44Z",
   "published": "2024-09-03T15:30:44Z",
   "aliases": [
     "CVE-2024-6232"
@@ -27,6 +27,10 @@
       "type": "WEB",
       "url": "https://github.com/python/cpython/pull/121286"
     },
+    {
+      "type": "WEB",
+      "url": "https://github.com/python/cpython/commit/34ddb64d088dd7ccc321f6103d23153256caa5d4"
+    },
     {
       "type": "WEB",
       "url": "https://github.com/python/cpython/commit/4eaf4891c12589e3c7bdad5f5b076e4c8392dd06"
@@ -54,6 +58,14 @@
     {
       "type": "WEB",
       "url": "https://mail.python.org/archives/list/[email protected]/thread/JRYFTPRHZRTLMZLWQEUHZSJXNHM4ACTY"
+    },
+    {
+      "type": "WEB",
+      "url": "https://security.netapp.com/advisory/ntap-20241018-0007"
+    },
+    {
+      "type": "WEB",
+      "url": "http://www.openwall.com/lists/oss-security/2024/09/03/5"
     }
   ],
   "database_specific": {

diff --git a/advisories/unreviewed/2024/10/GHSA-grqq-hcc7-crmr/GHSA-grqq-hcc7-crmr.json b/advisories/unreviewed/2024/10/GHSA-grqq-hcc7-crmr/GHSA-grqq-hcc7-crmr.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-grqq-hcc7-crmr",
-  "modified": "2024-11-04T18:31:18Z",
+  "modified": "2025-01-31T21:32:44Z",
   "published": "2024-10-22T18:32:12Z",
   "aliases": [
     "CVE-2024-9287"
@@ -43,6 +43,10 @@
       "type": "WEB",
       "url": "https://github.com/python/cpython/commit/ae961ae94bf19c8f8c7fbea3d1c25cc55ce8ae97"
     },
+    {
+      "type": "WEB",
+      "url": "https://github.com/python/cpython/commit/d48cc82ed25e26b02eb97c6263d95dcaa1e9111b"
+    },
     {
       "type": "WEB",
       "url": "https://github.com/python/cpython/commit/e52095a0c1005a87eed2276af7a1f2f66e2b6483"

diff --git a/advisories/unreviewed/2024/12/GHSA-ph84-rcj2-fxxm/GHSA-ph84-rcj2-fxxm.json b/advisories/unreviewed/2024/12/GHSA-ph84-rcj2-fxxm/GHSA-ph84-rcj2-fxxm.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-ph84-rcj2-fxxm",
-  "modified": "2025-01-06T18:31:00Z",
+  "modified": "2025-01-31T21:32:44Z",
   "published": "2024-12-06T18:30:45Z",
   "aliases": [
     "CVE-2024-12254"
@@ -39,6 +39,10 @@
       "type": "WEB",
       "url": "https://github.com/python/cpython/commit/9aa0deb2eef2655a1029ba228527b152353135b5"
     },
+    {
+      "type": "WEB",
+      "url": "https://github.com/python/cpython/commit/e991ac8f2037d78140e417cc9a9486223eb3e786"
+    },
     {
       "type": "WEB",
       "url": "https://mail.python.org/archives/list/[email protected]/thread/H4O3UBAOAQQXGT4RE3E4XQYR5XLROORB"

diff --git a/advisories/unreviewed/2025/01/GHSA-28rx-w98g-gmx7/GHSA-28rx-w98g-gmx7.json b/advisories/unreviewed/2025/01/GHSA-28rx-w98g-gmx7/GHSA-28rx-w98g-gmx7.json
@@ -25,7 +25,9 @@
     }
   ],
   "database_specific": {
-    "cwe_ids": [],
+    "cwe_ids": [
+      "CWE-306"
+    ],
     "severity": "CRITICAL",
     "github_reviewed": false,
     "github_reviewed_at": null,

diff --git a/advisories/unreviewed/2025/01/GHSA-2fv7-7xr8-8j4g/GHSA-2fv7-7xr8-8j4g.json b/advisories/unreviewed/2025/01/GHSA-2fv7-7xr8-8j4g/GHSA-2fv7-7xr8-8j4g.json
@@ -1,13 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-2fv7-7xr8-8j4g",
-  "modified": "2025-01-14T00:30:45Z",
+  "modified": "2025-01-31T21:32:45Z",
   "published": "2025-01-14T00:30:45Z",
   "aliases": [
     "CVE-2023-42241"
   ],
   "details": "An issue was discovered in Selesta Visual Access Manager (VAM) prior to 4.42.2. An authenticated attacker can perform SQL Injection in multiple POST parameters of /vam/vam_anagraphic.php.",
-  "severity": [],
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N"
+    }
+  ],
   "affected": [],
   "references": [
     {
@@ -20,8 +25,10 @@
     }
   ],
   "database_specific": {
-    "cwe_ids": [],
-    "severity": null,
+    "cwe_ids": [
+      "CWE-89"
+    ],
+    "severity": "LOW",
     "github_reviewed": false,
     "github_reviewed_at": null,
     "nvd_published_at": "2025-01-13T22:15:12Z"

diff --git a/advisories/unreviewed/2025/01/GHSA-3qj2-76xw-wwh7/GHSA-3qj2-76xw-wwh7.json b/advisories/unreviewed/2025/01/GHSA-3qj2-76xw-wwh7/GHSA-3qj2-76xw-wwh7.json
@@ -25,7 +25,9 @@
     }
   ],
   "database_specific": {
-    "cwe_ids": [],
+    "cwe_ids": [
+      "CWE-863"
+    ],
     "severity": "MODERATE",
     "github_reviewed": false,
     "github_reviewed_at": null,

diff --git a/advisories/unreviewed/2025/01/GHSA-4r8j-mw5f-9g2j/GHSA-4r8j-mw5f-9g2j.json b/advisories/unreviewed/2025/01/GHSA-4r8j-mw5f-9g2j/GHSA-4r8j-mw5f-9g2j.json
@@ -1,13 +1,18 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-4r8j-mw5f-9g2j",
-  "modified": "2025-01-22T18:31:55Z",
+  "modified": "2025-01-31T21:32:46Z",
   "published": "2025-01-22T18:31:55Z",
   "aliases": [
     "CVE-2023-37777"
   ],
   "details": "Synnefo Internet Management Software 2023 was discovered to contain a SQL injection vulnerability.",
-  "severity": [],
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+    }
+  ],
   "affected": [],
   "references": [
     {
@@ -24,8 +29,10 @@
     }
   ],
   "database_specific": {
-    "cwe_ids": [],
-    "severity": null,
+    "cwe_ids": [
+      "CWE-89"
+    ],
+    "severity": "CRITICAL",
     "github_reviewed": false,
     "github_reviewed_at": null,
     "nvd_published_at": "2025-01-22T16:15:28Z"

diff --git a/advisories/unreviewed/2025/01/GHSA-5qjr-cj9f-phrx/GHSA-5qjr-cj9f-phrx.json b/advisories/unreviewed/2025/01/GHSA-5qjr-cj9f-phrx/GHSA-5qjr-cj9f-phrx.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-5qjr-cj9f-phrx",
-  "modified": "2025-01-31T18:31:08Z",
+  "modified": "2025-01-31T21:32:47Z",
   "published": "2025-01-31T18:31:08Z",
   "aliases": [
     "CVE-2025-0938"
@@ -26,6 +26,14 @@
     {
       "type": "WEB",
       "url": "https://github.com/python/cpython/pull/129418"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/python/cpython/commit/d89a5f6a6e65511a5f6e0618c4c30a7aa5aba56a"
+    },
+    {
+      "type": "WEB",
+      "url": "https://mail.python.org/archives/list/[email protected]/thread/K4EUG6EKV6JYFIC24BASYOZS4M5XOQIB"
     }
   ],
   "database_specific": {