Skip to content

Commit d670831

Browse files
Advisory Database Sync
1 parent da7d305 commit d670831

70 files changed

Lines changed: 2107 additions & 20 deletions

File tree

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

advisories/unreviewed/2023/07/GHSA-378h-jm2h-7wrm/GHSA-378h-jm2h-7wrm.json

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,12 +1,12 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-378h-jm2h-7wrm",
4-
"modified": "2024-04-04T05:35:51Z",
4+
"modified": "2026-06-29T21:31:48Z",
55
"published": "2023-07-06T19:24:14Z",
66
"aliases": [
77
"CVE-2023-0645"
88
],
9-
"details": "An out of bounds read exists in libjxl. An attacker using a specifically crafted file could cause an out of bounds read in the exif handler. We recommend upgrading to version 0.8.1 or past commit  https://github.com/libjxl/libjxl/pull/2101/commits/d95b050c1822a5b1ede9e0dc937e43fca1b10159 https://github.com/libjxl/libjxl/pull/2101/commits/d95b050c1822a5b1ede9e0dc937e43fca1b10159 ",
9+
"details": "An out of bounds read exists in libjxl. An attacker using a specifically crafted file could cause an out of bounds read in the exif handler. We recommend upgrading to version 0.8.1 or past commit  https://github.com/libjxl/libjxl/pull/2101/commits/d95b050c1822a5b1ede9e0dc937e43fca1b10159 https://github.com/libjxl/libjxl/pull/2101/commits/d95b050c1822a5b1ede9e0dc937e43fca1b10159",
1010
"severity": [
1111
{
1212
"type": "CVSS_V3",
@@ -26,6 +26,10 @@
2626
{
2727
"type": "WEB",
2828
"url": "https://github.com/libjxl/libjxl/pull/2101/commits/d95b050c1822a5b1ede9e0dc937e43fca1b10159"
29+
},
30+
{
31+
"type": "WEB",
32+
"url": "http://www.openwall.com/lists/oss-security/2026/06/29/3"
2933
}
3034
],
3135
"database_specific": {

advisories/unreviewed/2026/04/GHSA-cmj5-x3xf-69wq/GHSA-cmj5-x3xf-69wq.json

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-cmj5-x3xf-69wq",
4-
"modified": "2026-06-29T12:31:42Z",
4+
"modified": "2026-06-29T21:31:55Z",
55
"published": "2026-04-30T18:30:32Z",
66
"aliases": [
77
"CVE-2026-33845"
@@ -63,6 +63,10 @@
6363
"type": "WEB",
6464
"url": "https://access.redhat.com/errata/RHSA-2026:32962"
6565
},
66+
{
67+
"type": "WEB",
68+
"url": "https://access.redhat.com/errata/RHSA-2026:33125"
69+
},
6670
{
6771
"type": "WEB",
6872
"url": "https://access.redhat.com/security/cve/CVE-2026-33845"
Lines changed: 37 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,37 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-29hx-mf8v-qr9g",
4+
"modified": "2026-06-29T21:32:14Z",
5+
"published": "2026-06-29T21:32:14Z",
6+
"aliases": [
7+
"CVE-2026-43713"
8+
],
9+
"details": "A permissions issue was addressed with additional restrictions. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Visiting a website may leak sensitive data.",
10+
"severity": [],
11+
"affected": [],
12+
"references": [
13+
{
14+
"type": "ADVISORY",
15+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-43713"
16+
},
17+
{
18+
"type": "WEB",
19+
"url": "https://support.apple.com/en-us/127594"
20+
},
21+
{
22+
"type": "WEB",
23+
"url": "https://support.apple.com/en-us/127595"
24+
},
25+
{
26+
"type": "WEB",
27+
"url": "https://support.apple.com/en-us/127685"
28+
}
29+
],
30+
"database_specific": {
31+
"cwe_ids": [],
32+
"severity": null,
33+
"github_reviewed": false,
34+
"github_reviewed_at": null,
35+
"nvd_published_at": "2026-06-29T20:17:36Z"
36+
}
37+
}
Lines changed: 37 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,37 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-3555-mvv3-v5xj",
4+
"modified": "2026-06-29T21:32:14Z",
5+
"published": "2026-06-29T21:32:14Z",
6+
"aliases": [
7+
"CVE-2026-43708"
8+
],
9+
"details": "The issue was addressed with improved input validation. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. A malicious website may exfiltrate data cross-origin.",
10+
"severity": [],
11+
"affected": [],
12+
"references": [
13+
{
14+
"type": "ADVISORY",
15+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-43708"
16+
},
17+
{
18+
"type": "WEB",
19+
"url": "https://support.apple.com/en-us/127594"
20+
},
21+
{
22+
"type": "WEB",
23+
"url": "https://support.apple.com/en-us/127595"
24+
},
25+
{
26+
"type": "WEB",
27+
"url": "https://support.apple.com/en-us/127685"
28+
}
29+
],
30+
"database_specific": {
31+
"cwe_ids": [],
32+
"severity": null,
33+
"github_reviewed": false,
34+
"github_reviewed_at": null,
35+
"nvd_published_at": "2026-06-29T20:17:35Z"
36+
}
37+
}

advisories/unreviewed/2026/06/GHSA-3frm-wcmv-8jx7/GHSA-3frm-wcmv-8jx7.json

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,17 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-3frm-wcmv-8jx7",
4-
"modified": "2026-06-24T15:31:48Z",
4+
"modified": "2026-06-29T21:31:55Z",
55
"published": "2026-06-24T15:31:48Z",
66
"aliases": [
77
"CVE-2026-11877"
88
],
99
"details": "An unauthorized user can modify configuration through API\ncalls that affects the OpenText Access\nManager. This issue affects Access Manager before 5.1.3.",
1010
"severity": [
11+
{
12+
"type": "CVSS_V3",
13+
"score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N"
14+
},
1115
{
1216
"type": "CVSS_V4",
1317
"score": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
Lines changed: 37 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,37 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-3pf9-4p9r-8vcp",
4+
"modified": "2026-06-29T21:32:13Z",
5+
"published": "2026-06-29T21:32:13Z",
6+
"aliases": [
7+
"CVE-2026-39872"
8+
],
9+
"details": "The issue was addressed with improved memory handling. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash.",
10+
"severity": [],
11+
"affected": [],
12+
"references": [
13+
{
14+
"type": "ADVISORY",
15+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-39872"
16+
},
17+
{
18+
"type": "WEB",
19+
"url": "https://support.apple.com/en-us/127594"
20+
},
21+
{
22+
"type": "WEB",
23+
"url": "https://support.apple.com/en-us/127595"
24+
},
25+
{
26+
"type": "WEB",
27+
"url": "https://support.apple.com/en-us/127685"
28+
}
29+
],
30+
"database_specific": {
31+
"cwe_ids": [],
32+
"severity": null,
33+
"github_reviewed": false,
34+
"github_reviewed_at": null,
35+
"nvd_published_at": "2026-06-29T20:17:34Z"
36+
}
37+
}

advisories/unreviewed/2026/06/GHSA-43cg-f93f-9jhx/GHSA-43cg-f93f-9jhx.json

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-43cg-f93f-9jhx",
4-
"modified": "2026-06-03T21:30:28Z",
4+
"modified": "2026-06-29T21:31:55Z",
55
"published": "2026-06-03T15:30:42Z",
66
"aliases": [
77
"CVE-2025-70100"
@@ -30,6 +30,10 @@
3030
{
3131
"type": "WEB",
3232
"url": "https://infosec.exchange/@sigdevel/116668952003072580"
33+
},
34+
{
35+
"type": "WEB",
36+
"url": "http://www.openwall.com/lists/oss-security/2026/06/29/5"
3337
}
3438
],
3539
"database_specific": {
Lines changed: 37 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,37 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-44fm-8753-g4f8",
4+
"modified": "2026-06-29T21:32:14Z",
5+
"published": "2026-06-29T21:32:14Z",
6+
"aliases": [
7+
"CVE-2026-43734"
8+
],
9+
"details": "A use-after-free issue was addressed with improved memory management. This issue is fixed in Safari 26.5.2, iOS 26.5.2 and iPadOS 26.5.2, macOS Tahoe 26.5.2. Processing maliciously crafted web content may lead to an unexpected process crash.",
10+
"severity": [],
11+
"affected": [],
12+
"references": [
13+
{
14+
"type": "ADVISORY",
15+
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-43734"
16+
},
17+
{
18+
"type": "WEB",
19+
"url": "https://support.apple.com/en-us/127594"
20+
},
21+
{
22+
"type": "WEB",
23+
"url": "https://support.apple.com/en-us/127595"
24+
},
25+
{
26+
"type": "WEB",
27+
"url": "https://support.apple.com/en-us/127685"
28+
}
29+
],
30+
"database_specific": {
31+
"cwe_ids": [],
32+
"severity": null,
33+
"github_reviewed": false,
34+
"github_reviewed_at": null,
35+
"nvd_published_at": "2026-06-29T20:17:37Z"
36+
}
37+
}

advisories/unreviewed/2026/06/GHSA-4v5r-xr6m-8fwr/GHSA-4v5r-xr6m-8fwr.json

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-4v5r-xr6m-8fwr",
4-
"modified": "2026-06-25T03:31:41Z",
4+
"modified": "2026-06-29T21:31:56Z",
55
"published": "2026-06-25T03:31:41Z",
66
"aliases": [
77
"CVE-2026-8665"

advisories/unreviewed/2026/06/GHSA-4v99-r46p-gx3v/GHSA-4v99-r46p-gx3v.json

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-4v99-r46p-gx3v",
4-
"modified": "2026-06-03T21:30:28Z",
4+
"modified": "2026-06-29T21:31:55Z",
55
"published": "2026-06-03T15:30:42Z",
66
"aliases": [
77
"CVE-2025-70101"
@@ -30,6 +30,10 @@
3030
{
3131
"type": "WEB",
3232
"url": "https://infosec.exchange/@sigdevel/116668958927817708"
33+
},
34+
{
35+
"type": "WEB",
36+
"url": "http://www.openwall.com/lists/oss-security/2026/06/29/6"
3337
}
3438
],
3539
"database_specific": {

0 commit comments

Comments
 (0)