Skip to content

Commit ed4c15d

Browse files
advisory-database[bot]advisory-database[bot]
committed
Publish Advisories
GHSA-fh88-2p7h-7g9h GHSA-3vvh-6qrh-25vg GHSA-67h2-pfm2-j5q5 GHSA-9qvj-ffh9-wpg4 GHSA-39m5-v8xj-6c9r GHSA-g5qj-pfmg-p3jp GHSA-555q-7wq3-w6ch GHSA-75x9-5mr4-583v GHSA-7xmr-c34w-p9w7 GHSA-9pmh-gp9r-2wrj GHSA-c9fq-7ph4-v5cv GHSA-cj9r-cvpx-fx3h GHSA-gf34-2fpp-vmc4 GHSA-gpj5-h9pc-v6jc GHSA-h7h9-grcq-c72m GHSA-mq7g-cwjx-j964 GHSA-pm9m-75p4-7h69 GHSA-pw24-qqc3-7vpx GHSA-qw73-x9xv-6cch GHSA-vc27-49rw-f322 GHSA-vcqr-f63g-v876 GHSA-vxf4-hr69-67w5 GHSA-w8w2-83mf-6cp5 GHSA-wwmx-66w6-2p5v
1 parent 17822aa commit ed4c15d

File tree

24 files changed

+633
-8
lines changed

24 files changed

+633
-8
lines changed

advisories/unreviewed/2022/02/GHSA-fh88-2p7h-7g9h/GHSA-fh88-2p7h-7g9h.json

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-fh88-2p7h-7g9h",
4-
"modified": "2023-08-08T15:31:37Z",
4+
"modified": "2025-01-30T00:31:03Z",
55
"published": "2022-02-10T00:00:32Z",
66
"aliases": [
77
"CVE-2022-24682"
@@ -42,6 +42,7 @@
4242
],
4343
"database_specific": {
4444
"cwe_ids": [
45+
"CWE-116",
4546
"CWE-79"
4647
],
4748
"severity": "MODERATE",

advisories/unreviewed/2022/11/GHSA-3vvh-6qrh-25vg/GHSA-3vvh-6qrh-25vg.json

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -25,7 +25,9 @@
2525
}
2626
],
2727
"database_specific": {
28-
"cwe_ids": [],
28+
"cwe_ids": [
29+
"CWE-922"
30+
],
2931
"severity": "LOW",
3032
"github_reviewed": false,
3133
"github_reviewed_at": null,

advisories/unreviewed/2024/05/GHSA-67h2-pfm2-j5q5/GHSA-67h2-pfm2-j5q5.json

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-67h2-pfm2-j5q5",
4-
"modified": "2024-05-17T00:31:00Z",
4+
"modified": "2025-01-30T00:31:03Z",
55
"published": "2024-05-17T00:31:00Z",
66
"aliases": [
77
"CVE-2024-3134"
@@ -29,7 +29,9 @@
2929
}
3030
],
3131
"database_specific": {
32-
"cwe_ids": [],
32+
"cwe_ids": [
33+
"CWE-79"
34+
],
3335
"severity": "MODERATE",
3436
"github_reviewed": false,
3537
"github_reviewed_at": null,

advisories/unreviewed/2024/05/GHSA-9qvj-ffh9-wpg4/GHSA-9qvj-ffh9-wpg4.json

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -37,7 +37,9 @@
3737
}
3838
],
3939
"database_specific": {
40-
"cwe_ids": [],
40+
"cwe_ids": [
41+
"CWE-79"
42+
],
4143
"severity": "MODERATE",
4244
"github_reviewed": false,
4345
"github_reviewed_at": null,

advisories/unreviewed/2024/07/GHSA-39m5-v8xj-6c9r/GHSA-39m5-v8xj-6c9r.json

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-39m5-v8xj-6c9r",
4-
"modified": "2024-07-25T18:32:36Z",
4+
"modified": "2025-01-30T00:31:03Z",
55
"published": "2024-07-24T18:31:17Z",
66
"aliases": [
77
"CVE-2024-40422"
@@ -30,6 +30,10 @@
3030
{
3131
"type": "WEB",
3232
"url": "https://github.com/stitionai/devika"
33+
},
34+
{
35+
"type": "WEB",
36+
"url": "https://medium.com/@alpernae/uncovering-path-traversal-in-devika-v1-a-deep-dive-into-cve-2024-40422-f8ce81398b99"
3337
}
3438
],
3539
"database_specific": {

advisories/unreviewed/2024/07/GHSA-g5qj-pfmg-p3jp/GHSA-g5qj-pfmg-p3jp.json

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-g5qj-pfmg-p3jp",
4-
"modified": "2024-09-11T18:31:02Z",
4+
"modified": "2025-01-30T00:31:03Z",
55
"published": "2024-07-02T21:32:15Z",
66
"aliases": [
77
"CVE-2024-39894"
@@ -35,6 +35,10 @@
3535
"type": "WEB",
3636
"url": "https://security.netapp.com/advisory/ntap-20240712-0004"
3737
},
38+
{
39+
"type": "WEB",
40+
"url": "https://www.freebsd.org/security/advisories/FreeBSD-SA-25:01.openssh.asc"
41+
},
3842
{
3943
"type": "WEB",
4044
"url": "https://www.openssh.com/txt/release-9.8"

advisories/unreviewed/2025/01/GHSA-555q-7wq3-w6ch/GHSA-555q-7wq3-w6ch.json

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-555q-7wq3-w6ch",
4-
"modified": "2025-01-29T21:31:24Z",
4+
"modified": "2025-01-30T00:31:03Z",
55
"published": "2025-01-28T18:31:28Z",
66
"aliases": [
77
"CVE-2025-0781"
@@ -34,6 +34,10 @@
3434
{
3535
"type": "WEB",
3636
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00028.html"
37+
},
38+
{
39+
"type": "WEB",
40+
"url": "https://lists.debian.org/debian-lts-announce/2025/01/msg00029.html"
3741
}
3842
],
3943
"database_specific": {

advisories/unreviewed/2025/01/GHSA-75x9-5mr4-583v/GHSA-75x9-5mr4-583v.json

Lines changed: 29 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,29 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-75x9-5mr4-583v",
4+
"modified": "2025-01-30T00:31:04Z",
5+
"published": "2025-01-30T00:31:04Z",
6+
"aliases": [
7+
"CVE-2024-57665"
8+
],
9+
"details": "JFinalCMS 1.0 is vulnerable to SQL Injection in rc/main/java/com/cms/entity/Content.java. The cause of the vulnerability is that the title parameter is controllable and is concatenated directly into filterSql without filtering.",
10+
"severity": [],
11+
"affected": [],
12+
"references": [
13+
{
14+
"type": "ADVISORY",
15+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-57665"
16+
},
17+
{
18+
"type": "WEB",
19+
"url": "https://github.com/Nbccccc/vulnerability_discovery/blob/main/JFinalCMS/JFinalCms%20SQL%20Injection.md"
20+
}
21+
],
22+
"database_specific": {
23+
"cwe_ids": [],
24+
"severity": null,
25+
"github_reviewed": false,
26+
"github_reviewed_at": null,
27+
"nvd_published_at": "2025-01-29T23:15:22Z"
28+
}
29+
}

advisories/unreviewed/2025/01/GHSA-7xmr-c34w-p9w7/GHSA-7xmr-c34w-p9w7.json

Lines changed: 29 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,29 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-7xmr-c34w-p9w7",
4+
"modified": "2025-01-30T00:31:04Z",
5+
"published": "2025-01-30T00:31:03Z",
6+
"aliases": [
7+
"CVE-2024-54851"
8+
],
9+
"details": "Teedy <= 1.12 is vulnerable to Cross Site Request Forgery (CSRF), due to the lack of CSRF protection.",
10+
"severity": [],
11+
"affected": [],
12+
"references": [
13+
{
14+
"type": "ADVISORY",
15+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-54851"
16+
},
17+
{
18+
"type": "WEB",
19+
"url": "https://github.com/Tanguy-Boisset/CVE/blob/master/CVE-2024-54851/README.md"
20+
}
21+
],
22+
"database_specific": {
23+
"cwe_ids": [],
24+
"severity": null,
25+
"github_reviewed": false,
26+
"github_reviewed_at": null,
27+
"nvd_published_at": "2025-01-29T22:15:29Z"
28+
}
29+
}

advisories/unreviewed/2025/01/GHSA-9pmh-gp9r-2wrj/GHSA-9pmh-gp9r-2wrj.json

Lines changed: 29 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,29 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-9pmh-gp9r-2wrj",
4+
"modified": "2025-01-30T00:31:03Z",
5+
"published": "2025-01-30T00:31:03Z",
6+
"aliases": [
7+
"CVE-2024-51182"
8+
],
9+
"details": "HTML Injection vulnerability in Celk Sistemas Celk Saude v.3.1.252.1 allows a remote attacker to inject arbitrary HTML code via the \"erro\" parameter.",
10+
"severity": [],
11+
"affected": [],
12+
"references": [
13+
{
14+
"type": "ADVISORY",
15+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-51182"
16+
},
17+
{
18+
"type": "WEB",
19+
"url": "https://github.com/gabriel-bri/vulnerability-research/tree/main/CVE-2024-51182"
20+
}
21+
],
22+
"database_specific": {
23+
"cwe_ids": [],
24+
"severity": null,
25+
"github_reviewed": false,
26+
"github_reviewed_at": null,
27+
"nvd_published_at": "2025-01-29T22:15:29Z"
28+
}
29+
}

0 commit comments

Comments
 (0)