From 034d16510f6bffaff01143b88bef4937ff9c5173 Mon Sep 17 00:00:00 2001 From: qwilr-altonius <124948145+qwilr-altonius@users.noreply.github.com> Date: Wed, 30 Apr 2025 11:11:03 +1000 Subject: [PATCH 1/2] Improve GHSA-75v8-2h7p-7m2m --- .../GHSA-75v8-2h7p-7m2m.json | 31 +++++++++++++++++-- 1 file changed, 28 insertions(+), 3 deletions(-) diff --git a/advisories/github-reviewed/2025/04/GHSA-75v8-2h7p-7m2m/GHSA-75v8-2h7p-7m2m.json b/advisories/github-reviewed/2025/04/GHSA-75v8-2h7p-7m2m/GHSA-75v8-2h7p-7m2m.json index f7852a35b8c11..2d1c5c6b5d9a4 100644 --- a/advisories/github-reviewed/2025/04/GHSA-75v8-2h7p-7m2m/GHSA-75v8-2h7p-7m2m.json +++ b/advisories/github-reviewed/2025/04/GHSA-75v8-2h7p-7m2m/GHSA-75v8-2h7p-7m2m.json @@ -1,7 +1,7 @@ { "schema_version": "1.4.0", "id": "GHSA-75v8-2h7p-7m2m", - "modified": "2025-04-29T14:07:17Z", + "modified": "2025-04-29T14:07:18Z", "published": "2025-04-26T21:31:26Z", "aliases": [ "CVE-2025-46653" @@ -25,14 +25,39 @@ "type": "ECOSYSTEM", "events": [ { - "introduced": "2.1.0" + "introduced": "3.0.0" }, { "fixed": "3.5.3" } ] } - ] + ], + "database_specific": { + "last_known_affected_version_range": "<= 3.5.2" + } + }, + { + "package": { + "ecosystem": "npm", + "name": "formidable" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "2.1.0" + }, + { + "fixed": "2.1.4" + } + ] + } + ], + "database_specific": { + "last_known_affected_version_range": "<= 2.1.3" + } } ], "references": [ From 17b4f38162895d997bf9e5a79cee61730077f11a Mon Sep 17 00:00:00 2001 From: qwilr-altonius <124948145+qwilr-altonius@users.noreply.github.com> Date: Wed, 30 Apr 2025 11:19:06 +1000 Subject: [PATCH 2/2] Improve GHSA-75v8-2h7p-7m2m --- .../04/GHSA-75v8-2h7p-7m2m/GHSA-75v8-2h7p-7m2m.json | 11 ++++------- 1 file changed, 4 insertions(+), 7 deletions(-) diff --git a/advisories/github-reviewed/2025/04/GHSA-75v8-2h7p-7m2m/GHSA-75v8-2h7p-7m2m.json b/advisories/github-reviewed/2025/04/GHSA-75v8-2h7p-7m2m/GHSA-75v8-2h7p-7m2m.json index 2d1c5c6b5d9a4..bfa7a3e67d423 100644 --- a/advisories/github-reviewed/2025/04/GHSA-75v8-2h7p-7m2m/GHSA-75v8-2h7p-7m2m.json +++ b/advisories/github-reviewed/2025/04/GHSA-75v8-2h7p-7m2m/GHSA-75v8-2h7p-7m2m.json @@ -25,17 +25,14 @@ "type": "ECOSYSTEM", "events": [ { - "introduced": "3.0.0" + "introduced": "3.1.1-canary.20211030" }, { "fixed": "3.5.3" } ] } - ], - "database_specific": { - "last_known_affected_version_range": "<= 3.5.2" - } + ] }, { "package": { @@ -50,13 +47,13 @@ "introduced": "2.1.0" }, { - "fixed": "2.1.4" + "fixed": "2.1.3" } ] } ], "database_specific": { - "last_known_affected_version_range": "<= 2.1.3" + "last_known_affected_version_range": "< 2.1.2" } } ],