From 56483287650841f617227d3b7f00e12b282e1e72 Mon Sep 17 00:00:00 2001 From: Arnout Engelen Date: Tue, 28 Jan 2025 10:48:56 +0100 Subject: [PATCH] GHSA-9cxr-76pm-j3wf: more accurate version ranges Based on the machine-readable ranges in https://www.cve.org/CVERecord?id=CVE-2024-53299 --- .../GHSA-9cxr-76pm-j3wf.json | 48 +++++++++++++++++-- 1 file changed, 43 insertions(+), 5 deletions(-) diff --git a/advisories/github-reviewed/2025/01/GHSA-9cxr-76pm-j3wf/GHSA-9cxr-76pm-j3wf.json b/advisories/github-reviewed/2025/01/GHSA-9cxr-76pm-j3wf/GHSA-9cxr-76pm-j3wf.json index f9f93204a77b4..f0b66837ba7a1 100644 --- a/advisories/github-reviewed/2025/01/GHSA-9cxr-76pm-j3wf/GHSA-9cxr-76pm-j3wf.json +++ b/advisories/github-reviewed/2025/01/GHSA-9cxr-76pm-j3wf/GHSA-9cxr-76pm-j3wf.json @@ -23,10 +23,48 @@ "introduced": "7.0.0" }, { - "fixed": "9.19.0" + "fixed": "7.19.0" } - ] - } + ] + } + ] + }, + { + "package": { + "ecosystem": "Maven", + "name": "org.apache.wicket:wicket-core" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "8.0.0-M1" + }, + { + "fixed": "8.17.0" + } + ] + } + ] + }, + { + "package": { + "ecosystem": "Maven", + "name": "org.apache.wicket:wicket-core" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "9.0.0-M1" + }, + { + "fixed": "9.18.0" + } + ] + } ] }, { @@ -39,7 +77,7 @@ "type": "ECOSYSTEM", "events": [ { - "introduced": "10.0.0" + "introduced": "10.0.0-M1" }, { "fixed": "10.3.0" @@ -76,4 +114,4 @@ "github_reviewed_at": "2025-01-23T22:31:09Z", "nvd_published_at": "2025-01-23T09:15:07Z" } -} \ No newline at end of file +}