-
Notifications
You must be signed in to change notification settings - Fork 531
Asrar mared ghsa j7hp h8jx 5ppr #7022
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Closed
asrar-mared
wants to merge
160
commits into
asrar-mared/advisory-improvement-6916
from
asrar-mared-GHSA-j7hp-h8jx-5ppr
Closed
Changes from all commits
Commits
Show all changes
160 commits
Select commit
Hold shift + click to select a range
41d956f
Publish Advisories
advisory-database[bot] e1df577
Publish Advisories
advisory-database[bot] f0d3f11
Publish Advisories
advisory-database[bot] 2d2b81c
Publish Advisories
advisory-database[bot] f981753
Publish Advisories
advisory-database[bot] e4a343d
Publish Advisories
advisory-database[bot] f3339c0
Advisory Database Sync
advisory-database[bot] 4fb15b5
Publish GHSA-x4c5-c7rf-jjgv
advisory-database[bot] a13e2ae
Publish Advisories
advisory-database[bot] fab046e
Publish Advisories
advisory-database[bot] 535ca43
Publish Advisories
advisory-database[bot] 8ae550c
Publish Advisories
advisory-database[bot] b1d7234
Publish Advisories
advisory-database[bot] 0fc4c48
Publish GHSA-qw99-grcx-4pvm
advisory-database[bot] 2169cb9
Publish Advisories
advisory-database[bot] 2b4272d
Publish GHSA-hr7j-63v7-vj7g
advisory-database[bot] b45febd
Publish GHSA-64w3-5q9m-68xf
advisory-database[bot] a08849d
Publish GHSA-895x-rfqp-jh5c
advisory-database[bot] 021d64b
Publish GHSA-4hx9-48xh-5mxr
advisory-database[bot] b028746
Publish GHSA-2g4f-4pwh-qvx6
advisory-database[bot] 694d5e1
Advisory Database Sync
advisory-database[bot] abab9e9
Publish Advisories
advisory-database[bot] 8bee4b5
Publish Advisories
advisory-database[bot] 57363d6
Publish GHSA-fc3h-92p8-h36f
advisory-database[bot] 46de19c
Publish Advisories
advisory-database[bot] fbb3692
Publish Advisories
advisory-database[bot] c21fb3b
Publish GHSA-ppfx-73j5-fhxc
advisory-database[bot] aef70ae
Publish GHSA-x4gp-pqpj-f43q
advisory-database[bot] 5f78d37
Publish Advisories
advisory-database[bot] 49ecfb1
Publish Advisories
advisory-database[bot] f835ce7
Publish Advisories
advisory-database[bot] 42ec163
Advisory Database Sync
advisory-database[bot] cc1f14b
Publish Advisories
advisory-database[bot] d0c143e
Publish Advisories
advisory-database[bot] 5e80a62
Publish Advisories
advisory-database[bot] 6234aea
Publish GHSA-87r5-mp6g-5w5j
advisory-database[bot] d50ee2b
Publish GHSA-pjwm-rvh2-c87w
advisory-database[bot] 18bef7e
Publish Advisories
advisory-database[bot] 6b0d1aa
Publish Advisories
advisory-database[bot] 2d536ff
Publish GHSA-chm2-m3w2-wcxm
advisory-database[bot] cf66382
Publish Advisories
advisory-database[bot] a0993d7
Publish GHSA-pv58-549p-qh99
advisory-database[bot] d3a1d62
Publish GHSA-g34w-4xqq-h79m
advisory-database[bot] 4728411
Publish Advisories
advisory-database[bot] acf99cc
Publish Advisories
advisory-database[bot] 676a0da
Publish Advisories
advisory-database[bot] 4c83c82
Publish Advisories
advisory-database[bot] 7203f64
Advisory Database Sync
advisory-database[bot] d6d6c97
Publish Advisories
advisory-database[bot] 624ae4c
Publish Advisories
advisory-database[bot] 0be8ae2
Improve GHSA-xfhx-r7ww-5995
maksim-m 4ef3aa1
Publish Advisories
advisory-database[bot] 0a0ba0f
Advisory Database Sync
advisory-database[bot] a70887b
Merge pull request #6956 from github/maksim-m-GHSA-xfhx-r7ww-5995
advisory-database[bot] 5c0e07c
Publish GHSA-xfhx-r7ww-5995
advisory-database[bot] 2e5cf78
Publish GHSA-43fc-jf86-j433
advisory-database[bot] 0bb5d2b
Publish Advisories
advisory-database[bot] 0083c7c
Publish Advisories
advisory-database[bot] 175bf9c
Publish GHSA-jfv4-h8mc-jcp8
advisory-database[bot] 600a0a3
Publish Advisories
advisory-database[bot] 51aad82
Publish GHSA-6xw9-2p64-7622
advisory-database[bot] 5b7321c
Advisory Database Sync
advisory-database[bot] 67ec8ed
Advisory Database Sync
advisory-database[bot] c7b29b3
Publish Advisories
advisory-database[bot] c14bf0f
Publish Advisories
advisory-database[bot] 2f7e08e
Publish GHSA-wx95-c6cv-8532
advisory-database[bot] 41148b5
Publish Advisories
advisory-database[bot] b79537e
Publish Advisories
advisory-database[bot] 81336c8
Publish Advisories
advisory-database[bot] 799717c
Publish Advisories
advisory-database[bot] aa4d96d
Publish Advisories
advisory-database[bot] fe8107c
Publish Advisories
advisory-database[bot] 44697e2
Publish Advisories
advisory-database[bot] f462145
Publish Advisories
advisory-database[bot] 538d183
Publish Advisories
advisory-database[bot] 32a17ae
Publish GHSA-pqqf-7hxm-rj5r
advisory-database[bot] 089089d
Publish GHSA-2ww3-72rp-wpp4
advisory-database[bot] 488a79e
Publish Advisories
advisory-database[bot] 450add9
Publish Advisories
advisory-database[bot] 0874b56
Publish Advisories
advisory-database[bot] 76ad3dc
Publish Advisories
advisory-database[bot] 9279da8
Publish Advisories
advisory-database[bot] 6ea42f1
Advisory Database Sync
advisory-database[bot] 618fadc
Publish Advisories
advisory-database[bot] ead68b2
Publish Advisories
advisory-database[bot] 465ccbb
Publish Advisories
advisory-database[bot] 33f1945
Publish Advisories
advisory-database[bot] 20d53d5
Advisory Database Sync
advisory-database[bot] 0de16c6
Advisory Database Sync
advisory-database[bot] 3b3e802
Publish GHSA-9f29-v6mm-pw6w
advisory-database[bot] 78f91be
Publish Advisories
advisory-database[bot] 58c895b
Publish Advisories
advisory-database[bot] 2649f9d
Publish Advisories
advisory-database[bot] de9540d
Publish Advisories
advisory-database[bot] 2869df6
Publish GHSA-gq3j-xvxp-8hrf
advisory-database[bot] 56cbd5f
Publish Advisories
advisory-database[bot] cc944bc
Publish Advisories
advisory-database[bot] bbedc4f
Publish Advisories
advisory-database[bot] 8290b32
Publish Advisories
advisory-database[bot] a57d901
Publish Advisories
advisory-database[bot] d1b99fb
Publish GHSA-67pg-wm7f-q7fj
advisory-database[bot] 24430b5
Publish GHSA-2xcx-75h9-vr9h
advisory-database[bot] 1ac0f74
Publish Advisories
advisory-database[bot] 760bb6b
Publish Advisories
advisory-database[bot] 8b065cc
Advisory Database Sync
advisory-database[bot] 2f05351
Publish Advisories
advisory-database[bot] e5f2c22
Publish GHSA-fwxx-wv44-7qfg
advisory-database[bot] 6b2fe29
Publish Advisories
advisory-database[bot] cc905f2
Publish Advisories
advisory-database[bot] 38f4067
Publish Advisories
advisory-database[bot] ae16c8d
Publish Advisories
advisory-database[bot] fbdb304
Publish GHSA-pv58-549p-qh99
advisory-database[bot] 2a4cc40
Advisory Database Sync
advisory-database[bot] 03399a2
Publish Advisories
advisory-database[bot] 8b38a69
Publish Advisories
advisory-database[bot] 86b2861
Publish Advisories
advisory-database[bot] 7b0594e
Publish Advisories
advisory-database[bot] f9e9f64
Publish Advisories
advisory-database[bot] e4ed87a
Publish Advisories
advisory-database[bot] da86798
Publish Advisories
advisory-database[bot] 4f3178c
Publish Advisories
advisory-database[bot] f6494f1
Publish Advisories
advisory-database[bot] f0ae703
Publish Advisories
advisory-database[bot] 9e37ed4
Publish GHSA-qqhf-pm3j-96g7
advisory-database[bot] 6ecbb5d
Publish Advisories
advisory-database[bot] 5c53a25
Publish Advisories
advisory-database[bot] 2112e7a
Advisory Database Sync
advisory-database[bot] 16b4db1
Publish GHSA-2ww3-72rp-wpp4
advisory-database[bot] 1f80578
Publish Advisories
advisory-database[bot] 4d1cb89
Publish Advisories
advisory-database[bot] c06dd00
Publish GHSA-2g4f-4pwh-qvx6
advisory-database[bot] abeec1b
Publish GHSA-wh94-p5m6-mr7j
advisory-database[bot] 4892a03
Publish GHSA-r6h2-5gqq-v5v6
advisory-database[bot] ef3ccde
Publish GHSA-w45g-5746-x9fp
advisory-database[bot] caae1cc
Publish Advisories
advisory-database[bot] 15ca792
Publish GHSA-378v-28hj-76wf
advisory-database[bot] f9abce7
Advisory Database Sync
advisory-database[bot] ebf4870
Publish GHSA-6qr9-g2xw-cw92
advisory-database[bot] 3c5089d
Publish GHSA-8j8w-wwqc-x596
advisory-database[bot] d19ea1e
Publish GHSA-cxpw-2g23-2vgw
advisory-database[bot] a8170f7
Publish Advisories
advisory-database[bot] 583028d
Publish Advisories
advisory-database[bot] 7b171aa
Publish Advisories
advisory-database[bot] c0da40a
Advisory Database Sync
advisory-database[bot] 4a25af6
Publish GHSA-gfw7-2v73-69wg
advisory-database[bot] 715a73b
Publish Advisories
advisory-database[bot] 1cb2f15
Publish Advisories
advisory-database[bot] b81a27c
Publish Advisories
advisory-database[bot] 44095bd
Publish Advisories
advisory-database[bot] 30c3276
Publish Advisories
advisory-database[bot] 6fbb688
Publish Advisories
advisory-database[bot] 493d991
Publish Advisories
advisory-database[bot] 9632124
Publish Advisories
advisory-database[bot] 1b8b37e
Publish Advisories
advisory-database[bot] 5552854
Publish Advisories
advisory-database[bot] 2ab36c6
Publish Advisories
advisory-database[bot] a53df6e
Publish Advisories
advisory-database[bot] 90d3ff7
Publish Advisories
advisory-database[bot] 241db5f
Publish Advisories
advisory-database[bot] 5cebf1f
Improve GHSA-j7hp-h8jx-5ppr
asrar-mared File filter
Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
The table of contents is too big for display.
Diff view
Diff view
There are no files selected for viewing
6 changes: 4 additions & 2 deletions
6
advisories/github-reviewed/2021/10/GHSA-pjwm-rvh2-c87w/GHSA-pjwm-rvh2-c87w.json
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
112 changes: 112 additions & 0 deletions
112
advisories/github-reviewed/2022/05/GHSA-236c-vhj4-gfxg/GHSA-236c-vhj4-gfxg.json
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,112 @@ | ||
| { | ||
| "schema_version": "1.4.0", | ||
| "id": "GHSA-236c-vhj4-gfxg", | ||
| "modified": "2026-02-17T21:40:20Z", | ||
| "published": "2022-05-25T00:00:31Z", | ||
| "withdrawn": "2026-02-17T21:40:20Z", | ||
| "aliases": [], | ||
| "summary": "Duplicate Advisory: Embedded malware in ua-parser-js", | ||
| "details": "### Duplicate Advisory\nThis advisory has been withdrawn because it is a duplicate of GHSA-pjwm-rvh2-c87w. This link is maintained to preserve external references.\n\n### Original Description\nA vulnerability was found in ua-parser-js 0.7.29/0.8.0/1.0.0. It has been rated as critical. This issue affects the crypto mining component which introduces a backdoor. Upgrading to version 0.7.30, 0.8.1 and 1.0.1 is able to address this issue. It is recommended to upgrade the affected component.", | ||
| "severity": [ | ||
| { | ||
| "type": "CVSS_V3", | ||
| "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" | ||
| } | ||
| ], | ||
| "affected": [ | ||
| { | ||
| "package": { | ||
| "ecosystem": "npm", | ||
| "name": "ua-parser-js" | ||
| }, | ||
| "ranges": [ | ||
| { | ||
| "type": "ECOSYSTEM", | ||
| "events": [ | ||
| { | ||
| "introduced": "0.7.29" | ||
| }, | ||
| { | ||
| "fixed": "0.7.30" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "versions": [ | ||
| "0.7.29" | ||
| ] | ||
| }, | ||
| { | ||
| "package": { | ||
| "ecosystem": "npm", | ||
| "name": "ua-parser-js" | ||
| }, | ||
| "ranges": [ | ||
| { | ||
| "type": "ECOSYSTEM", | ||
| "events": [ | ||
| { | ||
| "introduced": "0.8.0" | ||
| }, | ||
| { | ||
| "fixed": "0.8.1" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "versions": [ | ||
| "0.8.0" | ||
| ] | ||
| }, | ||
| { | ||
| "package": { | ||
| "ecosystem": "npm", | ||
| "name": "ua-parser-js" | ||
| }, | ||
| "ranges": [ | ||
| { | ||
| "type": "ECOSYSTEM", | ||
| "events": [ | ||
| { | ||
| "introduced": "1.0.0" | ||
| }, | ||
| { | ||
| "fixed": "1.0.1" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "versions": [ | ||
| "1.0.0" | ||
| ] | ||
| } | ||
| ], | ||
| "references": [ | ||
| { | ||
| "type": "ADVISORY", | ||
| "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-4229" | ||
| }, | ||
| { | ||
| "type": "WEB", | ||
| "url": "https://github.com/faisalman/ua-parser-js/issues/536" | ||
| }, | ||
| { | ||
| "type": "ADVISORY", | ||
| "url": "https://github.com/advisories/GHSA-pjwm-rvh2-c87w" | ||
| }, | ||
| { | ||
| "type": "WEB", | ||
| "url": "https://vuldb.com/?id.185453" | ||
| } | ||
| ], | ||
| "database_specific": { | ||
| "cwe_ids": [ | ||
| "CWE-829", | ||
| "CWE-912" | ||
| ], | ||
| "severity": "HIGH", | ||
| "github_reviewed": true, | ||
| "github_reviewed_at": "2026-02-17T21:40:20Z", | ||
| "nvd_published_at": "2022-05-24T16:15:00Z" | ||
| } | ||
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
9 changes: 7 additions & 2 deletions
9
advisories/github-reviewed/2023/01/GHSA-qjm7-55vv-3c5f/GHSA-qjm7-55vv-3c5f.json
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
9 changes: 7 additions & 2 deletions
9
advisories/github-reviewed/2023/01/GHSA-vm74-j4wq-82xj/GHSA-vm74-j4wq-82xj.json
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
variable files