From f0b9da9091d5314a47684388e9488a53119a4621 Mon Sep 17 00:00:00 2001 From: cookesan <6601329+cookesan@users.noreply.github.com> Date: Tue, 7 Jul 2026 06:45:58 -0400 Subject: [PATCH 1/4] Add Newtonsoft.Json NVD reference --- .../2022/06/GHSA-5crp-9r3c-p9vr/GHSA-5crp-9r3c-p9vr.json | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/advisories/github-reviewed/2022/06/GHSA-5crp-9r3c-p9vr/GHSA-5crp-9r3c-p9vr.json b/advisories/github-reviewed/2022/06/GHSA-5crp-9r3c-p9vr/GHSA-5crp-9r3c-p9vr.json index 5492397e7b5af..a8e04f8a8cda4 100644 --- a/advisories/github-reviewed/2022/06/GHSA-5crp-9r3c-p9vr/GHSA-5crp-9r3c-p9vr.json +++ b/advisories/github-reviewed/2022/06/GHSA-5crp-9r3c-p9vr/GHSA-5crp-9r3c-p9vr.json @@ -40,6 +40,10 @@ "type": "WEB", "url": "https://github.com/JamesNK/Newtonsoft.Json/issues/2457" }, + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-21907" + }, { "type": "WEB", "url": "https://github.com/JamesNK/Newtonsoft.Json/pull/2462" @@ -74,4 +78,4 @@ "github_reviewed_at": "2022-06-22T15:08:47Z", "nvd_published_at": null } -} \ No newline at end of file +} From ffd2498067a4ea0e0d0d57119d97d096afb6b6ef Mon Sep 17 00:00:00 2001 From: cookesan <6601329+cookesan@users.noreply.github.com> Date: Tue, 7 Jul 2026 09:01:51 -0400 Subject: [PATCH 2/4] Add Newtonsoft.Json fixed release references --- .../06/GHSA-5crp-9r3c-p9vr/GHSA-5crp-9r3c-p9vr.json | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/advisories/github-reviewed/2022/06/GHSA-5crp-9r3c-p9vr/GHSA-5crp-9r3c-p9vr.json b/advisories/github-reviewed/2022/06/GHSA-5crp-9r3c-p9vr/GHSA-5crp-9r3c-p9vr.json index a8e04f8a8cda4..881b99af403cc 100644 --- a/advisories/github-reviewed/2022/06/GHSA-5crp-9r3c-p9vr/GHSA-5crp-9r3c-p9vr.json +++ b/advisories/github-reviewed/2022/06/GHSA-5crp-9r3c-p9vr/GHSA-5crp-9r3c-p9vr.json @@ -52,6 +52,10 @@ "type": "WEB", "url": "https://github.com/JamesNK/Newtonsoft.Json/commit/7e77bbe1beccceac4fc7b174b53abfefac278b66" }, + { + "type": "WEB", + "url": "https://github.com/JamesNK/Newtonsoft.Json/releases/tag/13.0.1" + }, { "type": "WEB", "url": "https://alephsecurity.com/2018/10/22/StackOverflowException" @@ -64,9 +68,17 @@ "type": "PACKAGE", "url": "https://github.com/JamesNK/Newtonsoft.Json" }, + { + "type": "WEB", + "url": "https://www.nuget.org/packages/Newtonsoft.Json/13.0.1" + }, { "type": "WEB", "url": "https://security.snyk.io/vuln/SNYK-DOTNET-NEWTONSOFTJSON-2774678" + }, + { + "type": "WEB", + "url": "https://www.vulncheck.com/advisories/vc-advisory-GHSA-5crp-9r3c-p9vr" } ], "database_specific": { From 26871c1d4af0e2f17910f18f0d8c71d0a76a4f3f Mon Sep 17 00:00:00 2001 From: cookesan <6601329+cookesan@users.noreply.github.com> Date: Tue, 7 Jul 2026 19:33:15 -0400 Subject: [PATCH 3/4] Set Newtonsoft.Json NVD published timestamp --- .../2022/06/GHSA-5crp-9r3c-p9vr/GHSA-5crp-9r3c-p9vr.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advisories/github-reviewed/2022/06/GHSA-5crp-9r3c-p9vr/GHSA-5crp-9r3c-p9vr.json b/advisories/github-reviewed/2022/06/GHSA-5crp-9r3c-p9vr/GHSA-5crp-9r3c-p9vr.json index 881b99af403cc..e9711f1a159b1 100644 --- a/advisories/github-reviewed/2022/06/GHSA-5crp-9r3c-p9vr/GHSA-5crp-9r3c-p9vr.json +++ b/advisories/github-reviewed/2022/06/GHSA-5crp-9r3c-p9vr/GHSA-5crp-9r3c-p9vr.json @@ -88,6 +88,6 @@ "severity": "HIGH", "github_reviewed": true, "github_reviewed_at": "2022-06-22T15:08:47Z", - "nvd_published_at": null + "nvd_published_at": "2024-01-03T16:15:08Z" } } From 71cf083ab23643dce6131fb61dc6d368354428fc Mon Sep 17 00:00:00 2001 From: cookesan <6601329+cookesan@users.noreply.github.com> Date: Fri, 10 Jul 2026 13:42:45 -0400 Subject: [PATCH 4/4] Remove secondary advisory reference --- .../2022/06/GHSA-5crp-9r3c-p9vr/GHSA-5crp-9r3c-p9vr.json | 4 ---- 1 file changed, 4 deletions(-) diff --git a/advisories/github-reviewed/2022/06/GHSA-5crp-9r3c-p9vr/GHSA-5crp-9r3c-p9vr.json b/advisories/github-reviewed/2022/06/GHSA-5crp-9r3c-p9vr/GHSA-5crp-9r3c-p9vr.json index e9711f1a159b1..9e4000f075eaa 100644 --- a/advisories/github-reviewed/2022/06/GHSA-5crp-9r3c-p9vr/GHSA-5crp-9r3c-p9vr.json +++ b/advisories/github-reviewed/2022/06/GHSA-5crp-9r3c-p9vr/GHSA-5crp-9r3c-p9vr.json @@ -75,10 +75,6 @@ { "type": "WEB", "url": "https://security.snyk.io/vuln/SNYK-DOTNET-NEWTONSOFTJSON-2774678" - }, - { - "type": "WEB", - "url": "https://www.vulncheck.com/advisories/vc-advisory-GHSA-5crp-9r3c-p9vr" } ], "database_specific": {