Publish Advisories

GHSA-96g7-g7g9-jxw8
GHSA-9c3x-r3wp-mgxm
GHSA-g3rh-rrhp-jhh9
GHSA-jxgr-3v7q-3w9v
GHSA-mrqx-rp3w-jpjp
GHSA-qq5c-677p-737q
GHSA-x8vp-gf4q-mw5j

advisories/github-reviewed/2024/11/GHSA-96g7-g7g9-jxw8/GHSA-96g7-g7g9-jxw8.json

@@ -1,13 +1,13 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-96g7-g7g9-jxw8",
-  "modified": "2024-11-06T20:04:41Z",
+  "modified": "2024-11-06T23:39:29Z",
   "published": "2024-11-06T15:27:50Z",
   "aliases": [
     "CVE-2024-51757"
   ],
   "summary": "happy-dom allows for server side code to be executed by a <script> tag",
-  "details": "### Impact\nConsumers of the NPM package `happy-dom`\n\n### Patches\nThe security vulnerability has been patched in v15.10.1\n\n### Workarounds\nNo easy workarounds to my knowledge\n\n### References\n[#1585](https://github.com/capricorn86/happy-dom/issues/1585)\n",
+  "details": "### Impact\nConsumers of the NPM package `happy-dom`\n\n### Patches\nThe security vulnerability has been patched in v15.10.2\n\n### Workarounds\nNo easy workarounds to my knowledge\n\n### References\n[#1585](https://github.com/capricorn86/happy-dom/issues/1585)\n",
   "severity": [
     {
       "type": "CVSS_V4",
@@ -40,6 +40,10 @@
       "type": "WEB",
       "url": "https://github.com/capricorn86/happy-dom/security/advisories/GHSA-96g7-g7g9-jxw8"
     },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-51757"
+    },
     {
       "type": "WEB",
       "url": "https://github.com/capricorn86/happy-dom/issues/1585"
@@ -52,18 +56,26 @@
       "type": "WEB",
       "url": "https://github.com/capricorn86/happy-dom/commit/5ee0b1676d4ce20cc2a70d1c9c8d6f1e3f57efac"
     },
+    {
+      "type": "WEB",
+      "url": "https://github.com/capricorn86/happy-dom/commit/d23834c232f1cf5519c9418b073f1dcec6b2f0fd"
+    },
     {
       "type": "PACKAGE",
       "url": "https://github.com/capricorn86/happy-dom"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/capricorn86/happy-dom/releases/tag/v15.10.2"
     }
   ],
   "database_specific": {
     "cwe_ids": [
-
+      "CWE-79"
     ],
     "severity": "CRITICAL",
     "github_reviewed": true,
     "github_reviewed_at": "2024-11-06T15:27:50Z",
-    "nvd_published_at": null
+    "nvd_published_at": "2024-11-06T20:15:06Z"
   }
 }

advisories/github-reviewed/2024/11/GHSA-9c3x-r3wp-mgxm/GHSA-9c3x-r3wp-mgxm.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-9c3x-r3wp-mgxm",
-  "modified": "2024-11-06T15:16:09Z",
+  "modified": "2024-11-06T23:40:04Z",
   "published": "2024-11-06T15:16:09Z",
   "aliases": [
     "CVE-2024-50342"
@@ -139,6 +139,10 @@
       "type": "WEB",
       "url": "https://github.com/symfony/symfony/security/advisories/GHSA-9c3x-r3wp-mgxm"
     },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-50342"
+    },
     {
       "type": "WEB",
       "url": "https://github.com/symfony/symfony/commit/296d4b34a33b1a6ca5475c6040b3203622520f5b"
@@ -167,6 +171,6 @@
     "severity": "LOW",
     "github_reviewed": true,
     "github_reviewed_at": "2024-11-06T15:16:09Z",
-    "nvd_published_at": null
+    "nvd_published_at": "2024-11-06T21:15:05Z"
   }
 }

advisories/github-reviewed/2024/11/GHSA-g3rh-rrhp-jhh9/GHSA-g3rh-rrhp-jhh9.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-g3rh-rrhp-jhh9",
-  "modified": "2024-11-06T15:21:08Z",
+  "modified": "2024-11-06T23:40:08Z",
   "published": "2024-11-06T15:21:08Z",
   "aliases": [
     "CVE-2024-50343"
@@ -139,6 +139,10 @@
       "type": "WEB",
       "url": "https://github.com/symfony/symfony/security/advisories/GHSA-g3rh-rrhp-jhh9"
     },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-50343"
+    },
     {
       "type": "WEB",
       "url": "https://github.com/symfony/symfony/commit/7d1032bbead9a4229b32fa6ebca32681c80cb76f"
@@ -167,6 +171,6 @@
     "severity": "LOW",
     "github_reviewed": true,
     "github_reviewed_at": "2024-11-06T15:21:08Z",
-    "nvd_published_at": null
+    "nvd_published_at": "2024-11-06T21:15:06Z"
   }
 }

advisories/github-reviewed/2024/11/GHSA-jxgr-3v7q-3w9v/GHSA-jxgr-3v7q-3w9v.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-jxgr-3v7q-3w9v",
-  "modified": "2024-11-06T15:13:42Z",
+  "modified": "2024-11-06T23:39:58Z",
   "published": "2024-11-06T15:13:42Z",
   "aliases": [
     "CVE-2024-50341"
@@ -139,6 +139,10 @@
       "type": "WEB",
       "url": "https://github.com/symfony/symfony/security/advisories/GHSA-jxgr-3v7q-3w9v"
     },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-50341"
+    },
     {
       "type": "WEB",
       "url": "https://github.com/symfony/symfony/commit/22a0789a0085c3ee96f4ef715ecad8255cf0e105"
@@ -167,6 +171,6 @@
     "severity": "LOW",
     "github_reviewed": true,
     "github_reviewed_at": "2024-11-06T15:13:42Z",
-    "nvd_published_at": null
+    "nvd_published_at": "2024-11-06T21:15:05Z"
   }
 }

advisories/github-reviewed/2024/11/GHSA-mrqx-rp3w-jpjp/GHSA-mrqx-rp3w-jpjp.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-mrqx-rp3w-jpjp",
-  "modified": "2024-11-06T15:22:09Z",
+  "modified": "2024-11-06T23:40:12Z",
   "published": "2024-11-06T15:22:09Z",
   "aliases": [
     "CVE-2024-50345"
@@ -139,6 +139,10 @@
       "type": "WEB",
       "url": "https://github.com/symfony/symfony/security/advisories/GHSA-mrqx-rp3w-jpjp"
     },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-50345"
+    },
     {
       "type": "WEB",
       "url": "https://github.com/symfony/symfony/commit/5a9b08e5740af795854b1b639b7d45b9cbfe8819"
@@ -158,6 +162,10 @@
     {
       "type": "WEB",
       "url": "https://symfony.com/cve-2024-50345"
+    },
+    {
+      "type": "WEB",
+      "url": "https://url.spec.whatwg.org"
     }
   ],
   "database_specific": {
@@ -167,6 +175,6 @@
     "severity": "LOW",
     "github_reviewed": true,
     "github_reviewed_at": "2024-11-06T15:22:09Z",
-    "nvd_published_at": null
+    "nvd_published_at": "2024-11-06T21:15:06Z"
   }
 }

advisories/github-reviewed/2024/11/GHSA-qq5c-677p-737q/GHSA-qq5c-677p-737q.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-qq5c-677p-737q",
-  "modified": "2024-11-06T15:22:55Z",
+  "modified": "2024-11-06T23:39:33Z",
   "published": "2024-11-06T15:22:55Z",
   "aliases": [
     "CVE-2024-51736"
@@ -139,6 +139,10 @@
       "type": "WEB",
       "url": "https://github.com/symfony/symfony/security/advisories/GHSA-qq5c-677p-737q"
     },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-51736"
+    },
     {
       "type": "WEB",
       "url": "https://github.com/symfony/symfony/commit/18ecd03eda3917fdf901a48e72518f911c64a1c9"
@@ -167,6 +171,6 @@
     "severity": "HIGH",
     "github_reviewed": true,
     "github_reviewed_at": "2024-11-06T15:22:55Z",
-    "nvd_published_at": null
+    "nvd_published_at": "2024-11-06T21:15:06Z"
   }
 }

advisories/github-reviewed/2024/11/GHSA-x8vp-gf4q-mw5j/GHSA-x8vp-gf4q-mw5j.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-x8vp-gf4q-mw5j",
-  "modified": "2024-11-06T15:11:07Z",
+  "modified": "2024-11-06T23:39:51Z",
   "published": "2024-11-06T15:11:07Z",
   "aliases": [
     "CVE-2024-50340"
@@ -139,6 +139,10 @@
       "type": "WEB",
       "url": "https://github.com/symfony/symfony/security/advisories/GHSA-x8vp-gf4q-mw5j"
     },
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-50340"
+    },
     {
       "type": "WEB",
       "url": "https://github.com/symfony/symfony/commit/a77b308c3f179ed7c8a8bc295f82b2d6ee3493fa"
@@ -162,11 +166,12 @@
   ],
   "database_specific": {
     "cwe_ids": [
-      "CWE-20"
+      "CWE-20",
+      "CWE-74"
     ],
     "severity": "MODERATE",
     "github_reviewed": true,
     "github_reviewed_at": "2024-11-06T15:11:07Z",
-    "nvd_published_at": null
+    "nvd_published_at": "2024-11-06T21:15:05Z"
   }
 }