Publish GHSA-qmgx-j96g-4428

advisory-database[bot] · advisory-database[bot] · commit c0f590739c9f · 2026-02-02T15:58:19.000Z
diff --git a/advisories/github-reviewed/2024/03/GHSA-qmgx-j96g-4428/GHSA-qmgx-j96g-4428.json b/advisories/github-reviewed/2024/03/GHSA-qmgx-j96g-4428/GHSA-qmgx-j96g-4428.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-qmgx-j96g-4428",
-  "modified": "2025-02-13T19:07:31Z",
+  "modified": "2026-02-02T15:57:47Z",
   "published": "2024-03-15T12:30:37Z",
   "aliases": [
     "CVE-2024-28752"
@@ -22,7 +22,7 @@
     {
       "package": {
         "ecosystem": "Maven",
-        "name": "org.apache.cxf:cxf-core"
+        "name": "org.apache.cxf:cxf-rt-databinding-aegis"
       },
       "ranges": [
         {
@@ -41,7 +41,7 @@
     {
       "package": {
         "ecosystem": "Maven",
-        "name": "org.apache.cxf:cxf-core"
+        "name": "org.apache.cxf:cxf-rt-databinding-aegis"
       },
       "ranges": [
         {
@@ -60,7 +60,7 @@
     {
       "package": {
         "ecosystem": "Maven",
-        "name": "org.apache.cxf:cxf-core"
+        "name": "org.apache.cxf:cxf-rt-databinding-aegis"
       },
       "ranges": [
         {
@@ -82,6 +82,10 @@
       "type": "ADVISORY",
       "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28752"
     },
+    {
+      "type": "WEB",
+      "url": "https://github.com/apache/cxf/commit/d0baeb3ee64c6d7c883bd2f5c4cb0de6b0b5f463"
+    },
     {
       "type": "WEB",
       "url": "https://cxf.apache.org/security-advisories.data/CVE-2024-28752.txt"

Original file line number	Diff line number	Diff line change
`@@ -1,7 +1,7 @@`
`1`	`1`	`{`
`2`	`2`	`"schema_version": "1.4.0",`
`3`	`3`	`"id": "GHSA-qmgx-j96g-4428",`
`4`		`- "modified": "2025-02-13T19:07:31Z",`
	`4`	`+ "modified": "2026-02-02T15:57:47Z",`
`5`	`5`	`"published": "2024-03-15T12:30:37Z",`
`6`	`6`	`"aliases": [`
`7`	`7`	`"CVE-2024-28752"`
`@@ -22,7 +22,7 @@`
`22`	`22`	`{`
`23`	`23`	`"package": {`
`24`	`24`	`"ecosystem": "Maven",`
`25`		`- "name": "org.apache.cxf:cxf-core"`
	`25`	`+ "name": "org.apache.cxf:cxf-rt-databinding-aegis"`
`26`	`26`	`},`
`27`	`27`	`"ranges": [`
`28`	`28`	`{`
`@@ -41,7 +41,7 @@`
`41`	`41`	`{`
`42`	`42`	`"package": {`
`43`	`43`	`"ecosystem": "Maven",`
`44`		`- "name": "org.apache.cxf:cxf-core"`
	`44`	`+ "name": "org.apache.cxf:cxf-rt-databinding-aegis"`
`45`	`45`	`},`
`46`	`46`	`"ranges": [`
`47`	`47`	`{`
`@@ -60,7 +60,7 @@`
`60`	`60`	`{`
`61`	`61`	`"package": {`
`62`	`62`	`"ecosystem": "Maven",`
`63`		`- "name": "org.apache.cxf:cxf-core"`
	`63`	`+ "name": "org.apache.cxf:cxf-rt-databinding-aegis"`
`64`	`64`	`},`
`65`	`65`	`"ranges": [`
`66`	`66`	`{`
`@@ -82,6 +82,10 @@`
`82`	`82`	`"type": "ADVISORY",`
`83`	`83`	`"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-28752"`
`84`	`84`	`},`
	`85`	`+ {`
	`86`	`+ "type": "WEB",`
	`87`	`+ "url": "https://github.com/apache/cxf/commit/d0baeb3ee64c6d7c883bd2f5c4cb0de6b0b5f463"`
	`88`	`+ },`
`85`	`89`	`{`
`86`	`90`	`"type": "WEB",`
`87`	`91`	`"url": "https://cxf.apache.org/security-advisories.data/CVE-2024-28752.txt"`