Skip to content

File tree

advisories/github-reviewed/2023/02/GHSA-368x-wmmg-hq5c/GHSA-368x-wmmg-hq5c.json

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,13 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-368x-wmmg-hq5c",
4-
"modified": "2023-02-22T21:58:33Z",
4+
"modified": "2026-06-08T23:55:14Z",
55
"published": "2023-02-22T21:58:33Z",
66
"aliases": [
77
"CVE-2023-25570"
88
],
99
"summary": "Apollo has potential access control security issue in eureka",
10-
"details": "### Impact\nIf users expose the apollo-configservice to the internet (which is not recommended), there are potential security issues since there is no authentication feature enabled for the built-in eureka service. Malicious hackers may access eureka directly to mock apollo-configservice and apollo-adminservice .\n\n### Patches\nLogin authentication for eureka was added in https://github.com/apolloconfig/apollo/pull/4663 and was released in [v2.1.0](https://github.com/apolloconfig/apollo/releases/tag/v2.1.0).\n\n### Workarounds\nTo fix the potential issue without upgrading, simply follow the advice that does not expose apollo-configservice to the internet.\n\n### References\n[Apollo Security Guidence](https://www.apolloconfig.com/#/en/usage/apollo-user-guide?id=_71-security-related)\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Open an issue in [issue](https://github.com/apolloconfig/apollo/issues)\n* Email us at [apollo-config@googlegroups.com](mailto:apollo-config@googlegroups.com)\n",
10+
"details": "### Impact\nIf users expose the apollo-configservice to the internet(which is not recommended), there are potential security issues since there is no authentication feature enabled for the built-in eureka service. Malicious hackers may access eureka directly to mock apollo-configservice and apollo-adminservice .\n\n### Patches\nLogin authentication for eureka was added in https://github.com/apolloconfig/apollo/pull/4663 and was released in [v2.1.0](https://github.com/apolloconfig/apollo/releases/tag/v2.1.0).\n\n### Workarounds\nTo fix the potential issue without upgrading, simply follow the advice that does not expose apollo-configservice to the internet.\n\n### References\n[Apollo Security Guidence](https://www.apolloconfig.com/#/en/portal/apollo-user-guide?id=_71-security-related)\n\n### For more information\nIf you have any questions or comments about this advisory:\n* Open an issue in [issue](https://github.com/apolloconfig/apollo/issues)\n* Email us at [apollo-config@googlegroups.com](mailto:apollo-config@googlegroups.com)",
1111
"severity": [
1212
{
1313
"type": "CVSS_V3",

advisories/github-reviewed/2026/05/GHSA-223g-f5mq-gw33/GHSA-223g-f5mq-gw33.json

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-223g-f5mq-gw33",
4-
"modified": "2026-05-13T01:39:04Z",
4+
"modified": "2026-06-08T23:54:55Z",
55
"published": "2026-05-13T01:39:04Z",
66
"aliases": [
77
"CVE-2026-44720"
@@ -40,6 +40,10 @@
4040
"type": "WEB",
4141
"url": "https://github.com/th30d4y/OpenLearnX/security/advisories/GHSA-223g-f5mq-gw33"
4242
},
43+
{
44+
"type": "ADVISORY",
45+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44720"
46+
},
4347
{
4448
"type": "PACKAGE",
4549
"url": "https://github.com/th30d4y/OpenLearnX"
@@ -57,6 +61,6 @@
5761
"severity": "MODERATE",
5862
"github_reviewed": true,
5963
"github_reviewed_at": "2026-05-13T01:39:04Z",
60-
"nvd_published_at": null
64+
"nvd_published_at": "2026-05-27T22:16:36Z"
6165
}
6266
}

advisories/github-reviewed/2026/05/GHSA-2rgp-f66f-4499/GHSA-2rgp-f66f-4499.json

Lines changed: 10 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-2rgp-f66f-4499",
4-
"modified": "2026-05-13T15:33:24Z",
4+
"modified": "2026-06-08T23:55:04Z",
55
"published": "2026-05-13T15:33:24Z",
66
"aliases": [
77
"CVE-2026-45083"
@@ -40,10 +40,18 @@
4040
"type": "WEB",
4141
"url": "https://github.com/intranda/goobi-viewer-core/security/advisories/GHSA-2rgp-f66f-4499"
4242
},
43+
{
44+
"type": "ADVISORY",
45+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45083"
46+
},
4347
{
4448
"type": "WEB",
4549
"url": "https://github.com/intranda/goobi-viewer-core/commit/326980f24ce1e7cfabf658dd5f615934ca68ebbd"
4650
},
51+
{
52+
"type": "WEB",
53+
"url": "https://github.com/intranda/goobi-viewer-core/commit/6bfb1cbd4250b0b347e84a80f38e8bf46acac705"
54+
},
4755
{
4856
"type": "PACKAGE",
4957
"url": "https://github.com/intranda/goobi-viewer-core"
@@ -60,6 +68,6 @@
6068
"severity": "CRITICAL",
6169
"github_reviewed": true,
6270
"github_reviewed_at": "2026-05-13T15:33:24Z",
63-
"nvd_published_at": null
71+
"nvd_published_at": "2026-05-27T22:16:36Z"
6472
}
6573
}

advisories/github-reviewed/2026/05/GHSA-3644-q5cj-c5c7/GHSA-3644-q5cj-c5c7.json

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-3644-q5cj-c5c7",
4-
"modified": "2026-05-13T15:29:30Z",
4+
"modified": "2026-06-08T23:54:03Z",
55
"published": "2026-05-13T15:29:30Z",
66
"aliases": [
77
"CVE-2026-45134"
@@ -97,6 +97,10 @@
9797
"type": "WEB",
9898
"url": "https://github.com/langchain-ai/langsmith-sdk/security/advisories/GHSA-3644-q5cj-c5c7"
9999
},
100+
{
101+
"type": "ADVISORY",
102+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45134"
103+
},
100104
{
101105
"type": "PACKAGE",
102106
"url": "https://github.com/langchain-ai/langsmith-sdk"
@@ -109,6 +113,6 @@
109113
"severity": "HIGH",
110114
"github_reviewed": true,
111115
"github_reviewed_at": "2026-05-13T15:29:30Z",
112-
"nvd_published_at": null
116+
"nvd_published_at": "2026-05-27T20:16:38Z"
113117
}
114118
}

advisories/github-reviewed/2026/05/GHSA-8wxp-xxp2-rcgx/GHSA-8wxp-xxp2-rcgx.json

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-8wxp-xxp2-rcgx",
4-
"modified": "2026-05-08T20:44:54Z",
4+
"modified": "2026-06-08T23:54:51Z",
55
"published": "2026-05-08T20:44:54Z",
66
"aliases": [
77
"CVE-2026-44247"
@@ -78,6 +78,10 @@
7878
"type": "WEB",
7979
"url": "https://github.com/volcano-sh/volcano/security/advisories/GHSA-8wxp-xxp2-rcgx"
8080
},
81+
{
82+
"type": "ADVISORY",
83+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44247"
84+
},
8185
{
8286
"type": "PACKAGE",
8387
"url": "https://github.com/volcano-sh/volcano"
@@ -91,6 +95,6 @@
9195
"severity": "MODERATE",
9296
"github_reviewed": true,
9397
"github_reviewed_at": "2026-05-08T20:44:54Z",
94-
"nvd_published_at": null
98+
"nvd_published_at": "2026-05-27T22:16:35Z"
9599
}
96100
}

advisories/github-reviewed/2026/05/GHSA-c38f-wx89-p2xg/GHSA-c38f-wx89-p2xg.json

Lines changed: 10 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,14 +1,18 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-c38f-wx89-p2xg",
4-
"modified": "2026-05-12T22:25:11Z",
4+
"modified": "2026-06-08T23:53:55Z",
55
"published": "2026-05-12T22:25:11Z",
66
"aliases": [
77
"CVE-2026-44660"
88
],
99
"summary": "UltraJSON has a Memory Leak in ujson.dump() on Write Failure",
1010
"details": "### Summary\n\nWhen `ujson.dump()` writes to a file-like object and the write operation raises an exception, the serialized JSON string object is not decremented, leaking memory. Each failed write operation leaks the full size of the serialized payload.\n\nCode that uses `ujson.dumps()` rather than `ujson.dump()` or only JSON load/decode methods is unaffected.\n\n### Details\n\n**Vulnerability Location:**\n- `src/ujson/python/objToJSON.c:913` - `objToJSONFile()` function start\n- `src/ujson/python/objToJSON.c:931` - Error return on write failure\n- `src/ujson/python/objToJSON.c:942` - Early return without cleanup\n \n**Root Cause:**\n\nThe `objToJSONFile()` function allocates a Python string object via `ujson_dumps_internal()`, calls the file's `write()` method, and returns early if `write()` raises an exception—but never calls `Py_DECREF(string)` on the early exit path.\n\n### PoC\n```python\nimport gc, tracemalloc, ujson\n\nclass BadFile:\n def write(self, s):\n raise RuntimeError(\"boom\")\n\nobj = {\"x\": \"A\" * 200000}\n\ndef run():\n try:\n ujson.dump(obj, BadFile())\n except RuntimeError:\n pass\n\nrun()\ntracemalloc.start()\ngc.collect()\nbase = tracemalloc.get_traced_memory()[0]\n\nfor i in range(5):\n run()\n gc.collect()\n cur = tracemalloc.get_traced_memory()[0]\n print(i, cur - base)\n```\n\n### Impact\n\nAny application that serializes data through `ujson.dump()` to an attacker-influenced file-like object that can fail can be driven into linear memory growth. An attacker can quickly use up all the memory of say a web server that sends JSON responses using `ujson.dump()` by repeatedly making requests then closing the connection mid response.\n\n### Remediation\n\nThe missing dec-refs were added in 82af1d0ac01d09aa40c887b460d44b9d9f4bccd9. We recommend upgrading to [UltraJSON 5.12.1](https://github.com/ultrajson/ultrajson/releases/tag/5.12.1).\n\n### Workarounds\n\nReplacing `ujson.dump(obj, file)` with `file.write(ujson.dumps(obj))` is equivalent (contrary to popular misconception, there are no streaming benefits to using `ujson.dump()`) and will avoid the memory leak.",
1111
"severity": [
12+
{
13+
"type": "CVSS_V3",
14+
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
15+
},
1216
{
1317
"type": "CVSS_V4",
1418
"score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"
@@ -43,6 +47,10 @@
4347
"type": "WEB",
4448
"url": "https://github.com/ultrajson/ultrajson/security/advisories/GHSA-c38f-wx89-p2xg"
4549
},
50+
{
51+
"type": "ADVISORY",
52+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44660"
53+
},
4654
{
4755
"type": "WEB",
4856
"url": "https://github.com/ultrajson/ultrajson/commit/82af1d0ac01d09aa40c887b460d44b9d9f4bccd9"
@@ -63,6 +71,6 @@
6371
"severity": "HIGH",
6472
"github_reviewed": true,
6573
"github_reviewed_at": "2026-05-12T22:25:11Z",
66-
"nvd_published_at": null
74+
"nvd_published_at": "2026-05-27T21:16:17Z"
6775
}
6876
}

advisories/github-reviewed/2026/05/GHSA-c6rc-8jpp-2fgc/GHSA-c6rc-8jpp-2fgc.json

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-c6rc-8jpp-2fgc",
4-
"modified": "2026-05-19T16:08:41Z",
4+
"modified": "2026-06-08T23:54:37Z",
55
"published": "2026-05-13T15:31:49Z",
66
"aliases": [
77
"CVE-2026-45137"
@@ -44,6 +44,10 @@
4444
"type": "WEB",
4545
"url": "https://github.com/solana-foundation/anchor/security/advisories/GHSA-c6rc-8jpp-2fgc"
4646
},
47+
{
48+
"type": "ADVISORY",
49+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45137"
50+
},
4751
{
4852
"type": "PACKAGE",
4953
"url": "https://github.com/solana-foundation/anchor"
@@ -64,6 +68,6 @@
6468
"severity": "HIGH",
6569
"github_reviewed": true,
6670
"github_reviewed_at": "2026-05-13T15:31:49Z",
67-
"nvd_published_at": null
71+
"nvd_published_at": "2026-05-27T21:16:18Z"
6872
}
6973
}

advisories/github-reviewed/2026/05/GHSA-f3jg-756w-gm35/GHSA-f3jg-756w-gm35.json

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-f3jg-756w-gm35",
4-
"modified": "2026-05-11T21:20:04Z",
4+
"modified": "2026-06-08T23:53:33Z",
55
"published": "2026-05-11T21:20:04Z",
66
"aliases": [
77
"CVE-2026-45046"
@@ -43,6 +43,10 @@
4343
"type": "WEB",
4444
"url": "https://github.com/safedep/gryph/security/advisories/GHSA-f3jg-756w-gm35"
4545
},
46+
{
47+
"type": "ADVISORY",
48+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45046"
49+
},
4650
{
4751
"type": "PACKAGE",
4852
"url": "https://github.com/safedep/gryph"
@@ -59,6 +63,6 @@
5963
"severity": "MODERATE",
6064
"github_reviewed": true,
6165
"github_reviewed_at": "2026-05-11T21:20:04Z",
62-
"nvd_published_at": null
66+
"nvd_published_at": "2026-05-27T19:16:21Z"
6367
}
6468
}

advisories/github-reviewed/2026/05/GHSA-g3xq-3gmv-qq8g/GHSA-g3xq-3gmv-qq8g.json

Lines changed: 16 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,14 +1,23 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-g3xq-3gmv-qq8g",
4-
"modified": "2026-05-13T15:31:41Z",
4+
"modified": "2026-06-08T23:54:32Z",
55
"published": "2026-05-13T15:31:41Z",
66
"aliases": [
77
"CVE-2026-45136"
88
],
99
"summary": "claude-code-cache-fix vulnerable to local code execution via Python triple-quote injection in tools/quota-statusline.sh",
1010
"details": "## Summary\n\n`tools/quota-statusline.sh` (introduced in v3.5.0) interpolates Claude Code's hook stdin payload directly into a Python triple-quoted string literal. A `'''` byte sequence in any user-controlled field of the payload closes the literal early and lets following bytes execute as Python in the user's Claude Code process.\n\n## Affected versions\n\n- v3.5.0\n- v3.5.1\n\n## Patched versions\n\n- v3.5.2\n\n## Affected configurations\n\nUsers who wired `tools/quota-statusline.sh` into Claude Code's `statusLine` configuration. The v3.5.0 README explicitly recommends this setup, so most users on v3.5.0/v3.5.1 with the recommended setup are affected.\n\n## Attack chain\n\nClaude Code's statusline hook payload reflects user-controlled paths (`cwd`, `workspace.current_dir`, `workspace.project_dir`, `transcript_path`). Apostrophes are legal in POSIX filesystem paths.\n\n1. A hostile directory name containing `'''+payload+'''` lands on disk via any normal vector — `git clone`, archive extraction, npm package, downloaded zip, etc.\n2. The victim has the recommended `tools/quota-statusline.sh` wired into their CC `statusLine` config.\n3. The victim `cd`s anywhere a hostile path is reachable.\n4. CC fires the statusline hook on every redraw. The Python literal closes early. The injected bytes execute as Python in the user's process.\n\n## Severity\n\nLocal code execution at user privilege. Persistent re-fire on every statusline redraw. No user interaction beyond `cd`-ing into the hostile path. The user's shell, CC session, files, SSH keys, and any locally-accessible credentials are reachable from the executed code.\n\n## Vulnerable pattern\n\n```sh\ninput=$(cat)\nresult=$(python3 -c \"\n stdin_data = json.loads('''$input''') if '''$input''' else {}\n\")\n```\n\n## Fix\n\nCapture stdin in bash, export to env, and pipe the Python source through a single-quoted heredoc (`<<'PYEOF'`). Single-quoting disables ALL bash interpolation inside the body. Python reads the JSON via `os.environ.get('CC_INPUT')`, where the bytes are inert at every layer.\n\n```sh\nCC_INPUT=$(cat)\nexport CC_INPUT\n\npython3 <<'PYEOF' 2>/dev/null\nimport os, json\ntry:\n cc_input = json.loads(os.environ.get('CC_INPUT') or '{}')\nexcept Exception:\n cc_input = {}\n# ...\nPYEOF\n```\n\n## Workarounds\n\nUntil upgrading to v3.5.2:\n\n- Disable the statusline by removing the `statusLine` entry from `~/.claude/settings.json`, or\n- Replace `tools/quota-statusline.sh` with a script that does NOT pass stdin through `python3 -c \"...\"` (a heredoc + env var rewrite is safe)\n\n## Credit\n\nReported by Jakob Linke (@schuay) via GitHub issue [#108](https://github.com/cnighswonger/claude-code-cache-fix/issues/108).\n\n## Timeline\n\n- 2026-05-07 — reported (#108)\n- 2026-05-07 — confirmed, fix implemented (#110)\n- 2026-05-07 — v3.5.2 published",
11-
"severity": [],
11+
"severity": [
12+
{
13+
"type": "CVSS_V3",
14+
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"
15+
},
16+
{
17+
"type": "CVSS_V4",
18+
"score": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N"
19+
}
20+
],
1221
"affected": [
1322
{
1423
"package": {
@@ -35,6 +44,10 @@
3544
"type": "WEB",
3645
"url": "https://github.com/cnighswonger/claude-code-cache-fix/security/advisories/GHSA-g3xq-3gmv-qq8g"
3746
},
47+
{
48+
"type": "ADVISORY",
49+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-45136"
50+
},
3851
{
3952
"type": "WEB",
4053
"url": "https://github.com/cnighswonger/claude-code-cache-fix/issues/108"
@@ -60,6 +73,6 @@
6073
"severity": "HIGH",
6174
"github_reviewed": true,
6275
"github_reviewed_at": "2026-05-13T15:31:41Z",
63-
"nvd_published_at": null
76+
"nvd_published_at": "2026-05-27T21:16:18Z"
6477
}
6578
}

advisories/github-reviewed/2026/05/GHSA-hvx9-hwr7-wjj9/GHSA-hvx9-hwr7-wjj9.json

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-hvx9-hwr7-wjj9",
4-
"modified": "2026-05-13T15:29:21Z",
4+
"modified": "2026-06-08T23:53:59Z",
55
"published": "2026-05-13T15:29:21Z",
66
"aliases": [
77
"CVE-2026-44724"
@@ -43,6 +43,10 @@
4343
"type": "WEB",
4444
"url": "https://github.com/sebhildebrandt/systeminformation/security/advisories/GHSA-hvx9-hwr7-wjj9"
4545
},
46+
{
47+
"type": "ADVISORY",
48+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-44724"
49+
},
4650
{
4751
"type": "PACKAGE",
4852
"url": "https://github.com/sebhildebrandt/systeminformation"
@@ -59,6 +63,6 @@
5963
"severity": "HIGH",
6064
"github_reviewed": true,
6165
"github_reviewed_at": "2026-05-13T15:29:21Z",
62-
"nvd_published_at": null
66+
"nvd_published_at": "2026-05-27T20:16:37Z"
6367
}
6468
}

0 commit comments

Comments
 (0)