diff --git a/2022/37xxx/CVE-2022-37424.json b/2022/37xxx/CVE-2022-37424.json index 70368722405..9f78fb78c15 100644 --- a/2022/37xxx/CVE-2022-37424.json +++ b/2022/37xxx/CVE-2022-37424.json @@ -21,8 +21,7 @@ "description": [ { "lang": "eng", - "value": "CWE-552 Files or Directories Accessible to External Parties", - "cweId": "CWE-552" + "value": "n/a" } ] } @@ -32,22 +31,21 @@ "vendor": { "vendor_data": [ { - "vendor_name": "OpenNebula", "product": { "product_data": [ { - "product_name": "OpenNebula", + "product_name": "n/a", "version": { "version_data": [ { - "version_affected": "=", - "version_value": "6.2" + "version_value": "n/a" } ] } } ] - } + }, + "vendor_name": "n/a" } ] } @@ -106,12 +104,6 @@ ] } ], - "credits": [ - { - "lang": "en", - "value": "Paul Batchelor" - } - ], "impact": { "cvss": [ { diff --git a/2022/37xxx/CVE-2022-37425.json b/2022/37xxx/CVE-2022-37425.json index c744cb2d5ff..2477301c515 100644 --- a/2022/37xxx/CVE-2022-37425.json +++ b/2022/37xxx/CVE-2022-37425.json @@ -21,8 +21,7 @@ "description": [ { "lang": "eng", - "value": "CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')", - "cweId": "CWE-77" + "value": "n/a" } ] } @@ -32,22 +31,21 @@ "vendor": { "vendor_data": [ { - "vendor_name": "OpenNebula", "product": { "product_data": [ { - "product_name": "OpenNebula", + "product_name": "n/a", "version": { "version_data": [ { - "version_affected": "=", - "version_value": "6.2" + "version_value": "n/a" } ] } } ] - } + }, + "vendor_name": "n/a" } ] } @@ -106,12 +104,6 @@ ] } ], - "credits": [ - { - "lang": "en", - "value": "Paul Batchelor" - } - ], "impact": { "cvss": [ { diff --git a/2022/37xxx/CVE-2022-37680.json b/2022/37xxx/CVE-2022-37680.json index 6a74f7bbe1d..8cb728e4367 100644 --- a/2022/37xxx/CVE-2022-37680.json +++ b/2022/37xxx/CVE-2022-37680.json @@ -71,16 +71,6 @@ "advisory": "hitachi-sec-2022-001", "discovery": "EXTERNAL" }, - "credits": [ - { - "lang": "en", - "value": "Thomas Knudsen" - }, - { - "lang": "en", - "value": "Samy Younsi" - } - ], "impact": { "cvss": [ { diff --git a/2022/37xxx/CVE-2022-37681.json b/2022/37xxx/CVE-2022-37681.json index 375ee6050b8..1192aaa9b12 100644 --- a/2022/37xxx/CVE-2022-37681.json +++ b/2022/37xxx/CVE-2022-37681.json @@ -71,16 +71,6 @@ "advisory": "hitachi-sec-2022-001", "discovery": "EXTERNAL" }, - "credits": [ - { - "lang": "en", - "value": "Thomas Knudsen" - }, - { - "lang": "en", - "value": "Samy Younsi" - } - ], "impact": { "cvss": [ { diff --git a/2023/33xxx/CVE-2023-33952.json b/2023/33xxx/CVE-2023-33952.json index 2fc7d6fad91..d9db4dbbd56 100644 --- a/2023/33xxx/CVE-2023-33952.json +++ b/2023/33xxx/CVE-2023-33952.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "A double-free vulnerability was found in the vmwgfx driver in the Linux kernel. The flaw exists within the handling of vmw_buffer_object objects. The issue results from the lack of validating the existence of an object prior to performing further free operations on the object. This flaw allows a local privileged user to escalate privileges and execute code in the context of the kernel." + "value": "A double-free vulnerability was found in handling vmw_buffer_object objects in the vmwgfx driver in the Linux kernel. This issue occurs due to the lack of validating the existence of an object prior to performing further free operations on the object, which may allow a local privileged user to escalate privileges and execute code in the context of the kernel." } ] }, diff --git a/2024/0xxx/CVE-2024-0241.json b/2024/0xxx/CVE-2024-0241.json index 950e41c8fc4..090ccc76549 100644 --- a/2024/0xxx/CVE-2024-0241.json +++ b/2024/0xxx/CVE-2024-0241.json @@ -1,18 +1,81 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-0241", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "disclosure@vulncheck.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "encoded_id-rails versions before 1.0.0.beta2 are affected by an uncontrolled resource consumption vulnerability. A remote and unauthenticated attacker might cause a denial of service condition by sending an HTTP request with an extremely long \"id\" parameter.\n\n" } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-400 Uncontrolled Resource Consumption", + "cweId": "CWE-400" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/stevegeek/encoded_id-rails/security/advisories/GHSA-3px7-jm2p-6h2c", + "refsource": "MISC", + "name": "https://github.com/stevegeek/encoded_id-rails/security/advisories/GHSA-3px7-jm2p-6h2c" + }, + { + "url": "https://github.com/stevegeek/encoded_id-rails/commit/afa495a77b8a21ad582611f9cdc2081dc4018b91", + "refsource": "MISC", + "name": "https://github.com/stevegeek/encoded_id-rails/commit/afa495a77b8a21ad582611f9cdc2081dc4018b91" + }, + { + "url": "https://github.com/advisories/GHSA-3px7-jm2p-6h2c", + "refsource": "MISC", + "name": "https://github.com/advisories/GHSA-3px7-jm2p-6h2c" + }, + { + "url": "https://vulncheck.com/advisories/vc-advisory-GHSA-3px7-jm2p-6h2c", + "refsource": "MISC", + "name": "https://vulncheck.com/advisories/vc-advisory-GHSA-3px7-jm2p-6h2c" + } + ] + }, + "source": { + "discovery": "INTERNAL" } } \ No newline at end of file diff --git a/2024/21xxx/CVE-2024-21636.json b/2024/21xxx/CVE-2024-21636.json index 916f9ce7ed0..dd939877436 100644 --- a/2024/21xxx/CVE-2024-21636.json +++ b/2024/21xxx/CVE-2024-21636.json @@ -1,17 +1,95 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-21636", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-advisories@github.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "view_component is a framework for building reusable, testable, and encapsulated view components in Ruby on Rails. Versions prior to 3.9.0 have a cross-site scripting vulnerability that has the potential to impact anyone rendering a component directly from a controller with the view_component gem. Note that only components that define a `#call` method (i.e. instead of using a sidecar template) are affected. The return value of the `#call` method is not sanitized and can include user-defined content. In addition, the return value of the `#output_postamble` methodis not sanitized, which can also lead to cross-site scripting issues. Versions 3.9.0 has been released and fully mitigates both the `#call` and the `#output_postamble` vulnerabilities. As a workaround, sanitize the return value of `#call`." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "ViewComponent", + "product": { + "product_data": [ + { + "product_name": "view_component", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "< 3.9.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/ViewComponent/view_component/security/advisories/GHSA-wf2x-8w6j-qw37", + "refsource": "MISC", + "name": "https://github.com/ViewComponent/view_component/security/advisories/GHSA-wf2x-8w6j-qw37" + }, + { + "url": "https://github.com/ViewComponent/view_component/pull/1950", + "refsource": "MISC", + "name": "https://github.com/ViewComponent/view_component/pull/1950" + }, + { + "url": "https://github.com/ViewComponent/view_component/commit/0d26944a8d2730ea40e60eae23d70684483e5017", + "refsource": "MISC", + "name": "https://github.com/ViewComponent/view_component/commit/0d26944a8d2730ea40e60eae23d70684483e5017" + } + ] + }, + "source": { + "advisory": "GHSA-wf2x-8w6j-qw37", + "discovery": "UNKNOWN" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "version": "3.1" } ] } diff --git a/2024/22xxx/CVE-2024-22047.json b/2024/22xxx/CVE-2024-22047.json index ebb5f449072..e5054aab946 100644 --- a/2024/22xxx/CVE-2024-22047.json +++ b/2024/22xxx/CVE-2024-22047.json @@ -1,17 +1,108 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-22047", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "disclosure@vulncheck.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A race condition exists in Audited 4.0.0 to 5.3.3 that can result in an authenticated user to cause audit log entries to be attributed to another user.\n\n" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')", + "cweId": "CWE-362" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/collectiveidea/audited/security/advisories/GHSA-hjp3-5g2q-7jww", + "refsource": "MISC", + "name": "https://github.com/collectiveidea/audited/security/advisories/GHSA-hjp3-5g2q-7jww" + }, + { + "url": "https://github.com/collectiveidea/audited/issues/601", + "refsource": "MISC", + "name": "https://github.com/collectiveidea/audited/issues/601" + }, + { + "url": "https://github.com/collectiveidea/audited/pull/669", + "refsource": "MISC", + "name": "https://github.com/collectiveidea/audited/pull/669" + }, + { + "url": "https://github.com/collectiveidea/audited/pull/671", + "refsource": "MISC", + "name": "https://github.com/collectiveidea/audited/pull/671" + }, + { + "url": "https://github.com/advisories/GHSA-hjp3-5g2q-7jww", + "refsource": "MISC", + "name": "https://github.com/advisories/GHSA-hjp3-5g2q-7jww" + }, + { + "url": "https://vulncheck.com/advisories/vc-advisory-GHSA-hjp3-5g2q-7jww", + "refsource": "MISC", + "name": "https://vulncheck.com/advisories/vc-advisory-GHSA-hjp3-5g2q-7jww" + } + ] + }, + "source": { + "discovery": "INTERNAL" + }, + "impact": { + "cvss": [ + { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 3.1, + "baseSeverity": "LOW", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N", + "version": "3.1" } ] } diff --git a/2024/22xxx/CVE-2024-22048.json b/2024/22xxx/CVE-2024-22048.json index ec7b8de18f7..97c89c88758 100644 --- a/2024/22xxx/CVE-2024-22048.json +++ b/2024/22xxx/CVE-2024-22048.json @@ -1,18 +1,86 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-22048", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "disclosure@vulncheck.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "govuk_tech_docs versions from 2.0.2 to before 3.3.1 are vulnerable to a cross-site scripting vulnerability. Malicious JavaScript may be executed in the user's browser if a malicious search result is displayed on the search page.\n\n" } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/alphagov/tech-docs-gem/security/advisories/GHSA-x2xw-hw8g-6773", + "refsource": "MISC", + "name": "https://github.com/alphagov/tech-docs-gem/security/advisories/GHSA-x2xw-hw8g-6773" + }, + { + "url": "https://github.com/alphagov/tech-docs-gem/pull/323", + "refsource": "MISC", + "name": "https://github.com/alphagov/tech-docs-gem/pull/323" + }, + { + "url": "https://github.com/alphagov/tech-docs-gem/releases/tag/v3.3.1", + "refsource": "MISC", + "name": "https://github.com/alphagov/tech-docs-gem/releases/tag/v3.3.1" + }, + { + "url": "https://github.com/advisories/GHSA-x2xw-hw8g-6773", + "refsource": "MISC", + "name": "https://github.com/advisories/GHSA-x2xw-hw8g-6773" + }, + { + "url": "https://vulncheck.com/advisories/vc-advisory-GHSA-x2xw-hw8g-6773", + "refsource": "MISC", + "name": "https://vulncheck.com/advisories/vc-advisory-GHSA-x2xw-hw8g-6773" + } + ] + }, + "source": { + "discovery": "INTERNAL" } } \ No newline at end of file diff --git a/2024/22xxx/CVE-2024-22049.json b/2024/22xxx/CVE-2024-22049.json index 864503df204..6c81b6fa06d 100644 --- a/2024/22xxx/CVE-2024-22049.json +++ b/2024/22xxx/CVE-2024-22049.json @@ -1,18 +1,86 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-22049", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "disclosure@vulncheck.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "httparty before 0.21.0 is vulnerable to an assumed-immutable web parameter vulnerability. A remote and unauthenticated attacker can provide a crafted filename parameter during multipart/form-data uploads which could result in attacker controlled filenames being written.\n\n" } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-472 External Control of Assumed-Immutable Web Parameter", + "cweId": "CWE-472" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/jnunemaker/httparty/security/advisories/GHSA-5pq7-52mg-hr42", + "refsource": "MISC", + "name": "https://github.com/jnunemaker/httparty/security/advisories/GHSA-5pq7-52mg-hr42" + }, + { + "url": "https://github.com/jnunemaker/httparty/commit/cdb45a678c43e44570b4e73f84b1abeb5ec22b8e", + "refsource": "MISC", + "name": "https://github.com/jnunemaker/httparty/commit/cdb45a678c43e44570b4e73f84b1abeb5ec22b8e" + }, + { + "url": "https://github.com/jnunemaker/httparty/blob/4416141d37fd71bdba4f37589ec265f55aa446ce/lib/httparty/request/body.rb#L43", + "refsource": "MISC", + "name": "https://github.com/jnunemaker/httparty/blob/4416141d37fd71bdba4f37589ec265f55aa446ce/lib/httparty/request/body.rb#L43" + }, + { + "url": "https://github.com/advisories/GHSA-5pq7-52mg-hr42", + "refsource": "MISC", + "name": "https://github.com/advisories/GHSA-5pq7-52mg-hr42" + }, + { + "url": "https://vulncheck.com/advisories/vc-advisory-GHSA-5pq7-52mg-hr42", + "refsource": "MISC", + "name": "https://vulncheck.com/advisories/vc-advisory-GHSA-5pq7-52mg-hr42" + } + ] + }, + "source": { + "discovery": "INTERNAL" } } \ No newline at end of file diff --git a/2024/22xxx/CVE-2024-22050.json b/2024/22xxx/CVE-2024-22050.json index 798a936f90a..76c504da772 100644 --- a/2024/22xxx/CVE-2024-22050.json +++ b/2024/22xxx/CVE-2024-22050.json @@ -1,18 +1,81 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-22050", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "disclosure@vulncheck.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Path traversal in the static file service in Iodine less than 0.7.33 allows an unauthenticated, remote attacker to read files outside the public folder via malicious URLs.\n\n" } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')", + "cweId": "CWE-22" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/boazsegev/iodine/security/advisories/GHSA-85rf-xh54-whp3", + "refsource": "MISC", + "name": "https://github.com/boazsegev/iodine/security/advisories/GHSA-85rf-xh54-whp3" + }, + { + "url": "https://github.com/boazsegev/iodine/commit/5558233fb7defda706b4f9c87c17759705949889", + "refsource": "MISC", + "name": "https://github.com/boazsegev/iodine/commit/5558233fb7defda706b4f9c87c17759705949889" + }, + { + "url": "https://github.com/advisories/GHSA-85rf-xh54-whp3", + "refsource": "MISC", + "name": "https://github.com/advisories/GHSA-85rf-xh54-whp3" + }, + { + "url": "https://vulncheck.com/advisories/vc-advisory-GHSA-85rf-xh54-whp3", + "refsource": "MISC", + "name": "https://vulncheck.com/advisories/vc-advisory-GHSA-85rf-xh54-whp3" + } + ] + }, + "source": { + "discovery": "INTERNAL" } } \ No newline at end of file diff --git a/2024/22xxx/CVE-2024-22051.json b/2024/22xxx/CVE-2024-22051.json index de62093b500..f3cdb19cf23 100644 --- a/2024/22xxx/CVE-2024-22051.json +++ b/2024/22xxx/CVE-2024-22051.json @@ -1,18 +1,86 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-22051", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "disclosure@vulncheck.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "CommonMarker versions prior to 0.23.4 are at risk of an integer overflow vulnerability. This vulnerability can result in possibly unauthenticated remote attackers to cause heap memory corruption, potentially leading to an information leak or remote code execution, via parsing tables with marker rows that contain more than UINT16_MAX columns.\n\n" } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-190 Integer Overflow or Wraparound", + "cweId": "CWE-190" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/github/cmark-gfm/security/advisories/GHSA-mc3g-88wq-6f4x", + "refsource": "MISC", + "name": "https://github.com/github/cmark-gfm/security/advisories/GHSA-mc3g-88wq-6f4x" + }, + { + "url": "https://github.com/gjtorikian/commonmarker/security/advisories/GHSA-fmx4-26r3-wxpf", + "refsource": "MISC", + "name": "https://github.com/gjtorikian/commonmarker/security/advisories/GHSA-fmx4-26r3-wxpf" + }, + { + "url": "https://github.com/gjtorikian/commonmarker/commit/ab4504fd17460627a6ab255bc3c63e8e5fc6aed3", + "refsource": "MISC", + "name": "https://github.com/gjtorikian/commonmarker/commit/ab4504fd17460627a6ab255bc3c63e8e5fc6aed3" + }, + { + "url": "https://github.com/advisories/GHSA-fmx4-26r3-wxpf", + "refsource": "MISC", + "name": "https://github.com/advisories/GHSA-fmx4-26r3-wxpf" + }, + { + "url": "https://vulncheck.com/advisories/vc-advisory-GHSA-fmx4-26r3-wxpf", + "refsource": "MISC", + "name": "https://vulncheck.com/advisories/vc-advisory-GHSA-fmx4-26r3-wxpf" + } + ] + }, + "source": { + "discovery": "INTERNAL" } } \ No newline at end of file