From 9cafd1e62e6e0aabef153309ec83a60b8c1c1641 Mon Sep 17 00:00:00 2001 From: Eric Douglas Date: Tue, 13 May 2025 14:52:31 -0700 Subject: [PATCH] Improve GHSA-42mr-jpwh-m9rv --- .../05/GHSA-42mr-jpwh-m9rv/GHSA-42mr-jpwh-m9rv.json | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/advisories/github-reviewed/2025/05/GHSA-42mr-jpwh-m9rv/GHSA-42mr-jpwh-m9rv.json b/advisories/github-reviewed/2025/05/GHSA-42mr-jpwh-m9rv/GHSA-42mr-jpwh-m9rv.json index eb9acce02375e..7fc3f3bd78ed9 100644 --- a/advisories/github-reviewed/2025/05/GHSA-42mr-jpwh-m9rv/GHSA-42mr-jpwh-m9rv.json +++ b/advisories/github-reviewed/2025/05/GHSA-42mr-jpwh-m9rv/GHSA-42mr-jpwh-m9rv.json @@ -1,13 +1,13 @@ { "schema_version": "1.4.0", "id": "GHSA-42mr-jpwh-m9rv", - "modified": "2025-05-06T00:38:55Z", + "modified": "2025-05-06T00:38:56Z", "published": "2025-05-05T18:32:53Z", "aliases": [ "CVE-2025-43915" ], "summary": "Linkerd resource exhaustion vulnerability", - "details": "In Buoyant Edge releases before edge-25.2.1 and Enterprise for Linkerd releases 2.16.* before 2.16.5, 2.17.* before 2.17.2, and 2.18.* before 2.18.0, resource exhaustion can occur for Linkerd proxy metrics.", + "details": "In Linkerd edge releases before edge-25.2.1, and Buoyant Enterprise for Linkerd releases 2.13.0–2.13.7, 2.14.0–2.14.10, 2.15.0–2.15.7, 2.16.0–2.16.4, and 2.17.0–2.17.1, resource exhaustion can occur for Linkerd proxy metrics.", "severity": [ { "type": "CVSS_V3", @@ -28,7 +28,7 @@ "introduced": "0" }, { - "fixed": "0.6.0-20250501173313-4823b7af3e1e" + "fixed": "0.0.0-20250212165942-faa3f617eef5" } ] } @@ -47,10 +47,6 @@ { "type": "PACKAGE", "url": "https://github.com/linkerd/linkerd2" - }, - { - "type": "WEB", - "url": "https://www.buoyant.io/resources" } ], "database_specific": {