From 4421b82e37fed9f94fe2c19676678baa269091c4 Mon Sep 17 00:00:00 2001 From: Robert Korulczyk Date: Mon, 10 Jun 2024 23:24:10 +0200 Subject: [PATCH] Improve GHSA-qg5r-95m4-mjgj --- .../GHSA-qg5r-95m4-mjgj.json | 17 ++++++++++++++--- 1 file changed, 14 insertions(+), 3 deletions(-) diff --git a/advisories/github-reviewed/2024/06/GHSA-qg5r-95m4-mjgj/GHSA-qg5r-95m4-mjgj.json b/advisories/github-reviewed/2024/06/GHSA-qg5r-95m4-mjgj/GHSA-qg5r-95m4-mjgj.json index 732d84a255932..812ffb96d6ecc 100644 --- a/advisories/github-reviewed/2024/06/GHSA-qg5r-95m4-mjgj/GHSA-qg5r-95m4-mjgj.json +++ b/advisories/github-reviewed/2024/06/GHSA-qg5r-95m4-mjgj/GHSA-qg5r-95m4-mjgj.json @@ -1,7 +1,7 @@ { "schema_version": "1.4.0", "id": "GHSA-qg5r-95m4-mjgj", - "modified": "2024-06-03T20:54:45Z", + "modified": "2024-06-03T20:54:46Z", "published": "2024-06-02T22:27:54Z", "aliases": [ "CVE-2024-32877" @@ -28,11 +28,14 @@ "introduced": "2.0.43" }, { - "fixed": "2.0.50" + "fixed": "2.0.49.4, 2.0.50" } ] } - ] + ], + "database_specific": { + "last_known_affected_version_range": "< 2.0.49.4" + } } ], "references": [ @@ -44,6 +47,10 @@ "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-32877" }, + { + "type": "WEB", + "url": "https://github.com/yiisoft/yii2/commit/62d081f18c3602d09e7d075bba3a0ca5c313f0b4" + }, { "type": "WEB", "url": "https://github.com/yiisoft/yii2/commit/8cc9aeb2f0b2ffe02fb54a817064e9da75512706" @@ -55,6 +62,10 @@ { "type": "PACKAGE", "url": "https://github.com/yiisoft/yii2" + }, + { + "type": "WEB", + "url": "https://github.com/yiisoft/yii2/blob/2.0.49.x/framework/CHANGELOG.md#20494-june-4-2024" } ], "database_specific": {