Skip to content

[GHSA-xq3m-2v4x-88gg] Arbitrary code execution in protobufjs#7641

Open
devPSA-Business wants to merge 1 commit into
devPSA-Business/advisory-improvement-7641from
devPSA-Business-GHSA-xq3m-2v4x-88gg
Open

[GHSA-xq3m-2v4x-88gg] Arbitrary code execution in protobufjs#7641
devPSA-Business wants to merge 1 commit into
devPSA-Business/advisory-improvement-7641from
devPSA-Business-GHSA-xq3m-2v4x-88gg

Conversation

@devPSA-Business
Copy link
Copy Markdown

@devPSA-Business devPSA-Business commented May 11, 2026

Updates

  • CVSS v3

Comments

Editing security advisories in the GitHub Advisory Database

Improve advisories published in the GitHub Advisory Database by making community contributions.

  1. Navigate to https://github.com/advisories.
  2. Select the security advisory you would like to contribute to.
  3. On the right-hand side of the page, click the Suggest improvements for this vulnerability link.
  4. In the "Improve security advisory" form, make the desired improvements. You can edit or add any detail. For information about correctly specifying information on the form, including affected versions, see Best practices for writing repository security advisories.
  5. Under Reason for change, explain why you want to make this improvement. If you include links to supporting material this will help our reviewers.
  6. When you finish editing the advisory, click Submit improvements.
  7. Once you submit your community contribution, a pull request containing your changes will be created for review in github/advisory-database by the GitHub Security Lab curation team. If the advisory originated from a GitHub repository, we will also tag the original publisher for optional commentary. You can view the pull request and get notifications when it is updated or closed.

You can also open a pull request directly on an advisory file in the github/advisory-database repository. For more information, see the contribution guidelines.

@github
Copy link
Copy Markdown
Collaborator

github commented May 11, 2026

Hi there @alexander-fenster! A community member has suggested an improvement to your security advisory. If approved, this change will affect the global advisory listed at github.com/advisories. It will not affect the version listed in your project repository.

This change will be reviewed by our Security Curation Team. If you have thoughts or feedback, please share them in a comment here! If this PR has already been closed, you can start a new community contribution for this advisory

@github-actions github-actions Bot changed the base branch from main to devPSA-Business/advisory-improvement-7641 May 11, 2026 09:41
devPSA-Business
devPSA-Business commented May 11, 2026
View reviewed changes
Copy link
Copy Markdown
Author

@devPSA-Business devPSA-Business left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

approved

@devPSA-Business devPSA-Business changed the base branch from devPSA-Business/advisory-improvement-7641 to main May 11, 2026 09:47
@github-actions github-actions Bot changed the base branch from main to devPSA-Business/advisory-improvement-7641 May 11, 2026 09:48
@devPSA-Business devPSA-Business changed the base branch from devPSA-Business/advisory-improvement-7641 to main May 11, 2026 09:50
@github-actions github-actions Bot changed the base branch from main to devPSA-Business/advisory-improvement-7641 May 11, 2026 09:51
@devPSA-Business devPSA-Business mentioned this pull request May 11, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@devPSA-Business @github