Publish GHSA-846p-jg2w-w324

advisory-database[bot] · advisory-database[bot] · commit f4d1897004d3 · 2026-01-22T02:17:56.000Z
diff --git a/advisories/github-reviewed/2026/01/GHSA-846p-jg2w-w324/GHSA-846p-jg2w-w324.json b/advisories/github-reviewed/2026/01/GHSA-846p-jg2w-w324/GHSA-846p-jg2w-w324.json
@@ -1,7 +1,7 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-846p-jg2w-w324",
-  "modified": "2026-01-21T16:19:28Z",
+  "modified": "2026-01-22T02:16:31Z",
   "published": "2026-01-21T16:19:28Z",
   "aliases": [
     "CVE-2026-23991"
@@ -33,32 +33,17 @@
           ]
         }
       ]
-    },
-    {
-      "package": {
-        "ecosystem": "Go",
-        "name": "github.com/theupdateframework/go-tuf"
-      },
-      "ranges": [
-        {
-          "type": "ECOSYSTEM",
-          "events": [
-            {
-              "introduced": "0"
-            },
-            {
-              "last_affected": "0.7.0"
-            }
-          ]
-        }
-      ]
     }
   ],
   "references": [
     {
       "type": "WEB",
       "url": "https://github.com/theupdateframework/go-tuf/security/advisories/GHSA-846p-jg2w-w324"
     },
+    {
+      "type": "WEB",
+      "url": "https://github.com/theupdateframework/go-tuf/commit/73345ab6b0eb7e59d525dac17a428f043074cef6"
+    },
     {
       "type": "PACKAGE",
       "url": "https://github.com/theupdateframework/go-tuf"
