Improve GHSA-f522-ffg8-j8r6

shaked-seal · shaked-seal · commit 715e8aacebb0 · 2025-10-16T11:12:16.000+03:00
diff --git a/advisories/github-reviewed/2017/10/GHSA-f522-ffg8-j8r6/GHSA-f522-ffg8-j8r6.json b/advisories/github-reviewed/2017/10/GHSA-f522-ffg8-j8r6/GHSA-f522-ffg8-j8r6.json
@@ -1,13 +1,13 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-f522-ffg8-j8r6",
-  "modified": "2024-10-02T17:16:12Z",
+  "modified": "2024-10-02T17:16:13Z",
   "published": "2017-10-24T18:33:35Z",
   "aliases": [
     "CVE-2016-2537"
   ],
   "summary": "Regular Expression Denial of Service in is-my-json-valid",
-  "details": "Version of `is-my-json-valid` before 1.4.1 or 2.17.2 are vulnerable to regular expression denial of service (ReDoS) via the email validation function.\n\n\n## Recommendation\n\nUpdate to version 1.4.1, 2.17.2 or later.",
+  "details": "Version of `is-my-json-valid` before 1.4.1 or v2.12.4 are vulnerable to regular expression denial of service (ReDoS) via the email validation function.\n\n\n## Recommendation\n\nUpdate to version 1.4.1, 2.17.2 or later.",
   "severity": [
     {
       "type": "CVSS_V3",
@@ -28,11 +28,14 @@
               "introduced": "0"
             },
             {
-              "fixed": "2.17.2"
+              "fixed": "v2.12.4"
             }
           ]
         }
-      ]
+      ],
+      "database_specific": {
+        "last_known_affected_version_range": "< 2.12.4"
+      }
     }
   ],
   "references": [

Original file line number	Diff line number	Diff line change
`@@ -1,13 +1,13 @@`
`1`	`1`	`{`
`2`	`2`	`"schema_version": "1.4.0",`
`3`	`3`	`"id": "GHSA-f522-ffg8-j8r6",`
`4`		`- "modified": "2024-10-02T17:16:12Z",`
	`4`	`+ "modified": "2024-10-02T17:16:13Z",`
`5`	`5`	`"published": "2017-10-24T18:33:35Z",`
`6`	`6`	`"aliases": [`
`7`	`7`	`"CVE-2016-2537"`
`8`	`8`	`],`
`9`	`9`	`"summary": "Regular Expression Denial of Service in is-my-json-valid",`
`10`		- "details": "Version of `is-my-json-valid` before 1.4.1 or 2.17.2 are vulnerable to regular expression denial of service (ReDoS) via the email validation function.\n\n\n## Recommendation\n\nUpdate to version 1.4.1, 2.17.2 or later.",
	`10`	+ "details": "Version of `is-my-json-valid` before 1.4.1 or v2.12.4 are vulnerable to regular expression denial of service (ReDoS) via the email validation function.\n\n\n## Recommendation\n\nUpdate to version 1.4.1, 2.17.2 or later.",
`11`	`11`	`"severity": [`
`12`	`12`	`{`
`13`	`13`	`"type": "CVSS_V3",`
`@@ -28,11 +28,14 @@`
`28`	`28`	`"introduced": "0"`
`29`	`29`	`},`
`30`	`30`	`{`
`31`		`- "fixed": "2.17.2"`
	`31`	`+ "fixed": "v2.12.4"`
`32`	`32`	`}`
`33`	`33`	`]`
`34`	`34`	`}`
`35`		`- ]`
	`35`	`+ ],`
	`36`	`+ "database_specific": {`
	`37`	`+ "last_known_affected_version_range": "< 2.12.4"`
	`38`	`+ }`
`36`	`39`	`}`
`37`	`40`	`],`
`38`	`41`	`"references": [`