From b157886c434e6b57c293b6007cef55d0ddcd4fca Mon Sep 17 00:00:00 2001 From: cookesan <6601329+cookesan@users.noreply.github.com> Date: Tue, 7 Jul 2026 06:47:40 -0400 Subject: [PATCH 1/3] Add Scrapy CVE-2024-1968 NVD reference --- .../2024/05/GHSA-4qqq-9vqf-3h3f/GHSA-4qqq-9vqf-3h3f.json | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/advisories/github-reviewed/2024/05/GHSA-4qqq-9vqf-3h3f/GHSA-4qqq-9vqf-3h3f.json b/advisories/github-reviewed/2024/05/GHSA-4qqq-9vqf-3h3f/GHSA-4qqq-9vqf-3h3f.json index f27671c36fe7e..4bb46a55368dd 100644 --- a/advisories/github-reviewed/2024/05/GHSA-4qqq-9vqf-3h3f/GHSA-4qqq-9vqf-3h3f.json +++ b/advisories/github-reviewed/2024/05/GHSA-4qqq-9vqf-3h3f/GHSA-4qqq-9vqf-3h3f.json @@ -40,6 +40,10 @@ "type": "WEB", "url": "https://github.com/scrapy/scrapy/security/advisories/GHSA-4qqq-9vqf-3h3f" }, + { + "type": "ADVISORY", + "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-1968" + }, { "type": "WEB", "url": "https://github.com/scrapy/scrapy/commit/1d0502f25bbe55a22899af915623fda1aaeb9dd8" @@ -62,4 +66,4 @@ "github_reviewed_at": "2024-05-14T20:14:33Z", "nvd_published_at": null } -} \ No newline at end of file +} From 441ec9262b0a77ca99d87400df7d02d0d17cfa4c Mon Sep 17 00:00:00 2001 From: cookesan <6601329+cookesan@users.noreply.github.com> Date: Tue, 7 Jul 2026 08:54:13 -0400 Subject: [PATCH 2/3] Add Scrapy fixed release references --- .../05/GHSA-4qqq-9vqf-3h3f/GHSA-4qqq-9vqf-3h3f.json | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/advisories/github-reviewed/2024/05/GHSA-4qqq-9vqf-3h3f/GHSA-4qqq-9vqf-3h3f.json b/advisories/github-reviewed/2024/05/GHSA-4qqq-9vqf-3h3f/GHSA-4qqq-9vqf-3h3f.json index 4bb46a55368dd..f7da2222b76a1 100644 --- a/advisories/github-reviewed/2024/05/GHSA-4qqq-9vqf-3h3f/GHSA-4qqq-9vqf-3h3f.json +++ b/advisories/github-reviewed/2024/05/GHSA-4qqq-9vqf-3h3f/GHSA-4qqq-9vqf-3h3f.json @@ -48,6 +48,18 @@ "type": "WEB", "url": "https://github.com/scrapy/scrapy/commit/1d0502f25bbe55a22899af915623fda1aaeb9dd8" }, + { + "type": "WEB", + "url": "https://github.com/scrapy/scrapy/releases/tag/2.11.2" + }, + { + "type": "WEB", + "url": "https://docs.scrapy.org/en/latest/news.html#scrapy-2-11-2-2024-05-14" + }, + { + "type": "WEB", + "url": "https://pypi.org/project/Scrapy/2.11.2" + }, { "type": "PACKAGE", "url": "https://github.com/scrapy/scrapy" From 0738d72fe7ef7d5408f6d595f1dab4cb8775c9a6 Mon Sep 17 00:00:00 2001 From: cookesan <6601329+cookesan@users.noreply.github.com> Date: Tue, 7 Jul 2026 19:25:36 -0400 Subject: [PATCH 3/3] Set Scrapy CVE-2024-1968 NVD published timestamp --- .../2024/05/GHSA-4qqq-9vqf-3h3f/GHSA-4qqq-9vqf-3h3f.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/advisories/github-reviewed/2024/05/GHSA-4qqq-9vqf-3h3f/GHSA-4qqq-9vqf-3h3f.json b/advisories/github-reviewed/2024/05/GHSA-4qqq-9vqf-3h3f/GHSA-4qqq-9vqf-3h3f.json index f7da2222b76a1..9c1b4c80c2bbf 100644 --- a/advisories/github-reviewed/2024/05/GHSA-4qqq-9vqf-3h3f/GHSA-4qqq-9vqf-3h3f.json +++ b/advisories/github-reviewed/2024/05/GHSA-4qqq-9vqf-3h3f/GHSA-4qqq-9vqf-3h3f.json @@ -76,6 +76,6 @@ "severity": "MODERATE", "github_reviewed": true, "github_reviewed_at": "2024-05-14T20:14:33Z", - "nvd_published_at": null + "nvd_published_at": "2024-05-20T08:15:08Z" } }