Publish Advisories

GHSA-2wrh-6pvc-2jm9
GHSA-8fxr-qfr9-p34w

advisories/github-reviewed/2023/08/GHSA-2wrh-6pvc-2jm9/GHSA-2wrh-6pvc-2jm9.json

@@ -1,13 +1,13 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-2wrh-6pvc-2jm9",
-  "modified": "2023-10-11T20:36:23Z",
+  "modified": "2023-10-13T23:10:21Z",
   "published": "2023-08-02T21:30:20Z",
   "aliases": [
     "CVE-2023-3978"
   ],
   "summary": "Improper rendering of text nodes in golang.org/x/net/html",
-  "details": "Text nodes not in the HTML namespace are incorrectly literally rendered, causing text which should be escaped to not be. This could lead to an XSS attack.",
+  "details": "Text nodes not in the HTML namespace are incorrectly literally rendered, causing text which should be escaped to not be. This could lead to an XSS attack. ",
   "severity": [
     {
       "type": "CVSS_V3",

advisories/github-reviewed/2023/10/GHSA-8fxr-qfr9-p34w/GHSA-8fxr-qfr9-p34w.json

@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-8fxr-qfr9-p34w",
-  "modified": "2023-10-02T22:00:54Z",
+  "modified": "2023-10-13T23:09:00Z",
   "published": "2023-10-02T20:39:20Z",
   "aliases": [
     "CVE-2023-43654"
@@ -11,7 +11,7 @@
   "severity": [
     {
       "type": "CVSS_V3",
-      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N"
     }
   ],
   "affected": [
@@ -60,13 +60,17 @@
     {
       "type": "WEB",
       "url": "https://github.com/pytorch/serve/releases/tag/v0.8.2"
+    },
+    {
+      "type": "WEB",
+      "url": "http://packetstormsecurity.com/files/175095/PyTorch-Model-Server-Registration-Deserialization-Remote-Code-Execution.html"
     }
   ],
   "database_specific": {
     "cwe_ids": [
       "CWE-918"
     ],
-    "severity": "CRITICAL",
+    "severity": "MODERATE",
     "github_reviewed": true,
     "github_reviewed_at": "2023-10-02T20:39:20Z",
     "nvd_published_at": null