Publish Advisories

GHSA-8cr7-x5g8-m3f3
GHSA-vgjg-5wh9-2grq
GHSA-q469-433j-8xc2
GHSA-r8j3-whr2-75m5
GHSA-6h4f-pj3g-q8fq

Author: advisory-database[bot]

advisories/unreviewed/2024/08/GHSA-8cr7-x5g8-m3f3/GHSA-8cr7-x5g8-m3f3.json

@@ -1,13 +1,17 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-8cr7-x5g8-m3f3",
-  "modified": "2024-08-27T21:31:14Z",
+  "modified": "2025-12-06T03:30:15Z",
   "published": "2024-08-27T21:31:14Z",
   "aliases": [
     "CVE-2024-5814"
   ],
   "details": "A malicious TLS1.2 server can force a TLS1.3 client with downgrade capability to use a ciphersuite that it did not agree to and achieve a successful connection. This is because, aside from the extensions, the client was skipping fully parsing the server hello.  https://doi.org/10.46586/tches.v2024.i1.457-500",
   "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"
+    },
     {
       "type": "CVSS_V4",
       "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:D/RE:M/U:Green"

advisories/unreviewed/2024/10/GHSA-vgjg-5wh9-2grq/GHSA-vgjg-5wh9-2grq.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-vgjg-5wh9-2grq",
-  "modified": "2024-10-10T15:30:32Z",
+  "modified": "2025-12-06T03:30:15Z",
   "published": "2024-10-08T09:30:52Z",
   "aliases": [
     "CVE-2024-34671"

advisories/unreviewed/2025/03/GHSA-q469-433j-8xc2/GHSA-q469-433j-8xc2.json

@@ -1,13 +1,17 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-q469-433j-8xc2",
-  "modified": "2025-03-07T18:31:06Z",
+  "modified": "2025-12-06T03:30:15Z",
   "published": "2025-03-07T18:31:06Z",
   "aliases": [
     "CVE-2024-53696"
   ],
   "details": "A server-side request forgery (SSRF) vulnerability has been reported to affect QuLog Center. If exploited, the vulnerability could allow remote attackers who have gained administrator access to read application data.\n\nWe have already fixed the vulnerability in the following versions:\nQuLog Center 1.7.0.829 ( 2024/10/01 ) and later\nQuLog Center 1.8.0.888 ( 2024/10/15 ) and later\nQTS 4.5.4.2957 build 20241119 and later\nQuTS hero h4.5.4.2956 build 20241119 and later",
   "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N"
+    },
     {
       "type": "CVSS_V4",
       "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"

advisories/unreviewed/2025/11/GHSA-r8j3-whr2-75m5/GHSA-r8j3-whr2-75m5.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-r8j3-whr2-75m5",
-  "modified": "2025-11-26T06:31:28Z",
+  "modified": "2025-12-06T03:30:15Z",
   "published": "2025-11-26T06:31:28Z",
   "aliases": [
     "CVE-2025-59820"
@@ -30,6 +30,10 @@
     {
       "type": "WEB",
       "url": "https://kde.org/info/security/advisory-20250929-1.txt"
+    },
+    {
+      "type": "WEB",
+      "url": "https://lists.debian.org/debian-lts-announce/2025/12/msg00006.html"
     }
   ],
   "database_specific": {

advisories/unreviewed/2025/12/GHSA-6h4f-pj3g-q8fq/GHSA-6h4f-pj3g-q8fq.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-6h4f-pj3g-q8fq",
-  "modified": "2025-12-05T00:31:04Z",
+  "modified": "2025-12-06T03:30:15Z",
   "published": "2025-12-03T21:31:04Z",
   "aliases": [
     "CVE-2024-3884"
@@ -31,6 +31,14 @@
       "type": "WEB",
       "url": "https://access.redhat.com/errata/RHSA-2025:22777"
     },
+    {
+      "type": "WEB",
+      "url": "https://access.redhat.com/errata/RHSA-2025:3990"
+    },
+    {
+      "type": "WEB",
+      "url": "https://access.redhat.com/errata/RHSA-2025:3992"
+    },
     {
       "type": "WEB",
       "url": "https://access.redhat.com/security/cve/CVE-2024-3884"