File tree Expand file tree Collapse file tree
advisories/github-reviewed/2026/03 Expand file tree Collapse file tree Original file line number Diff line number Diff line change 11{
22 "schema_version" : " 1.4.0"
33 "id" : " GHSA-c38g-mx2c-9wf2"
4- "modified" : " 2026-03-20T20:55:44Z "
4+ "modified" : " 2026-03-27T21:17:31Z "
55 "published" : " 2026-03-20T20:55:44Z"
66 "aliases" : [
77 " CVE-2026-33505"
4040 "type" : " WEB"
4141 "url" : " https://github.com/ory/keto/security/advisories/GHSA-c38g-mx2c-9wf2"
4242 },
43+ {
44+ "type" : " ADVISORY"
45+ "url" : " https://nvd.nist.gov/vuln/detail/CVE-2026-33505"
46+ },
4347 {
4448 "type" : " PACKAGE"
4549 "url" : " https://github.com/ory/keto"
5256 "severity" : " HIGH"
5357 "github_reviewed" : true ,
5458 "github_reviewed_at" : " 2026-03-20T20:55:44Z"
55- "nvd_published_at" : null
59+ "nvd_published_at" : " 2026-03-26T19:17:04Z "
5660 }
5761}
Original file line number Diff line number Diff line change 11{
22 "schema_version" : " 1.4.0"
33 "id" : " GHSA-hqjr-43r5-9q58"
4- "modified" : " 2026-03-24T19:23:52Z "
4+ "modified" : " 2026-03-27T21:17:40Z "
55 "published" : " 2026-03-24T19:23:52Z"
66 "aliases" : [
77 " CVE-2026-33545"
4343 "type" : " WEB"
4444 "url" : " https://github.com/MobSF/Mobile-Security-Framework-MobSF/security/advisories/GHSA-hqjr-43r5-9q58"
4545 },
46+ {
47+ "type" : " ADVISORY"
48+ "url" : " https://nvd.nist.gov/vuln/detail/CVE-2026-33545"
49+ },
4650 {
4751 "type" : " WEB"
4852 "url" : " https://github.com/MobSF/Mobile-Security-Framework-MobSF/commit/6f8a43c1b78d21cfbd7186aaafa7f622d990e0f1"
6367 "severity" : " MODERATE"
6468 "github_reviewed" : true ,
6569 "github_reviewed_at" : " 2026-03-24T19:23:52Z"
66- "nvd_published_at" : null
70+ "nvd_published_at" : " 2026-03-26T21:17:06Z "
6771 }
6872}
Original file line number Diff line number Diff line change 11{
22 "schema_version" : " 1.4.0"
33 "id" : " GHSA-j77h-rr39-c552"
4- "modified" : " 2026-03-16T17:07:17Z "
4+ "modified" : " 2026-03-27T21:15:59Z "
55 "published" : " 2026-03-13T20:03:22Z"
66 "aliases" : [
77 " CVE-2026-32301"
3636 "database_specific" : {
3737 "last_known_affected_version_range" : " <= 6.6.2"
3838 }
39+ },
40+ {
41+ "package" : {
42+ "ecosystem" : " Go"
43+ "name" : " github.com/centrifugal/centrifugo"
44+ },
45+ "ranges" : [
46+ {
47+ "type" : " ECOSYSTEM"
48+ "events" : [
49+ {
50+ "introduced" : " 0"
51+ },
52+ {
53+ "last_affected" : " 2.4.0"
54+ }
55+ ]
56+ }
57+ ]
58+ },
59+ {
60+ "package" : {
61+ "ecosystem" : " Go"
62+ "name" : " github.com/centrifugal/centrifugo/v3"
63+ },
64+ "ranges" : [
65+ {
66+ "type" : " ECOSYSTEM"
67+ "events" : [
68+ {
69+ "introduced" : " 0"
70+ },
71+ {
72+ "last_affected" : " 3.2.3"
73+ }
74+ ]
75+ }
76+ ]
77+ },
78+ {
79+ "package" : {
80+ "ecosystem" : " Go"
81+ "name" : " github.com/centrifugal/centrifugo/v4"
82+ },
83+ "ranges" : [
84+ {
85+ "type" : " ECOSYSTEM"
86+ "events" : [
87+ {
88+ "introduced" : " 0"
89+ },
90+ {
91+ "last_affected" : " 4.1.5"
92+ }
93+ ]
94+ }
95+ ]
96+ },
97+ {
98+ "package" : {
99+ "ecosystem" : " Go"
100+ "name" : " github.com/centrifugal/centrifugo/v5"
101+ },
102+ "ranges" : [
103+ {
104+ "type" : " ECOSYSTEM"
105+ "events" : [
106+ {
107+ "introduced" : " 0"
108+ },
109+ {
110+ "last_affected" : " 5.4.9"
111+ }
112+ ]
113+ }
114+ ]
39115 }
40116 ],
41117 "references" : [
50126 {
51127 "type" : " PACKAGE"
52128 "url" : " https://github.com/centrifugal/centrifugo"
129+ },
130+ {
131+ "type" : " WEB"
132+ "url" : " https://pkg.go.dev/vuln/GO-2026-4702"
53133 }
54134 ],
55135 "database_specific" : {
Original file line number Diff line number Diff line change 11{
22 "schema_version" : " 1.4.0"
33 "id" : " GHSA-q926-c743-49qj"
4- "modified" : " 2026-03-13T20:44:37Z "
4+ "modified" : " 2026-03-27T21:17:00Z "
55 "published" : " 2026-03-13T20:44:37Z"
66 "aliases" : [],
77 "summary" : " Centrifugo's InsecureSkipTokenSignatureVerify flag silently disables JWT verification with no warning"
3434 "database_specific" : {
3535 "last_known_affected_version_range" : " <= 6.6.2"
3636 }
37+ },
38+ {
39+ "package" : {
40+ "ecosystem" : " Go"
41+ "name" : " github.com/centrifugal/centrifugo"
42+ },
43+ "ranges" : [
44+ {
45+ "type" : " ECOSYSTEM"
46+ "events" : [
47+ {
48+ "introduced" : " 0"
49+ },
50+ {
51+ "last_affected" : " 2.4.0"
52+ }
53+ ]
54+ }
55+ ]
56+ },
57+ {
58+ "package" : {
59+ "ecosystem" : " Go"
60+ "name" : " github.com/centrifugal/centrifugo/v3"
61+ },
62+ "ranges" : [
63+ {
64+ "type" : " ECOSYSTEM"
65+ "events" : [
66+ {
67+ "introduced" : " 0"
68+ },
69+ {
70+ "last_affected" : " 3.2.3"
71+ }
72+ ]
73+ }
74+ ]
75+ },
76+ {
77+ "package" : {
78+ "ecosystem" : " Go"
79+ "name" : " github.com/centrifugal/centrifugo/v4"
80+ },
81+ "ranges" : [
82+ {
83+ "type" : " ECOSYSTEM"
84+ "events" : [
85+ {
86+ "introduced" : " 0"
87+ },
88+ {
89+ "last_affected" : " 4.1.5"
90+ }
91+ ]
92+ }
93+ ]
94+ },
95+ {
96+ "package" : {
97+ "ecosystem" : " Go"
98+ "name" : " github.com/centrifugal/centrifugo/v5"
99+ },
100+ "ranges" : [
101+ {
102+ "type" : " ECOSYSTEM"
103+ "events" : [
104+ {
105+ "introduced" : " 0"
106+ },
107+ {
108+ "last_affected" : " 5.4.9"
109+ }
110+ ]
111+ }
112+ ]
37113 }
38114 ],
39115 "references" : [
52128 {
53129 "type" : " WEB"
54130 "url" : " https://github.com/centrifugal/centrifugo/releases/tag/v6.7.0"
131+ },
132+ {
133+ "type" : " WEB"
134+ "url" : " https://pkg.go.dev/vuln/GO-2026-4703"
55135 }
56136 ],
57137 "database_specific" : {
You can’t perform that action at this time.
![advisory-database[bot]](https://avatars.githubusercontent.com/in/21409?v=4&size=40){kind=avatar}
0 commit comments