From 42f8cd2a57c8f9cfaed2ef1ba995a95e86991af6 Mon Sep 17 00:00:00 2001
From: "advisory-database[bot]"
 <45398580+advisory-database[bot]@users.noreply.github.com>
Date: Wed, 7 Aug 2024 20:40:10 +0000
Subject: [PATCH] Publish GHSA-36h2-g4c8-9xcm

---
 .../GHSA-36h2-g4c8-9xcm.json                  | 39 +++++++++++++++++--
 1 file changed, 35 insertions(+), 4 deletions(-)
 rename advisories/{unreviewed => github-reviewed}/2024/07/GHSA-36h2-g4c8-9xcm/GHSA-36h2-g4c8-9xcm.json (53%)

diff --git a/advisories/unreviewed/2024/07/GHSA-36h2-g4c8-9xcm/GHSA-36h2-g4c8-9xcm.json b/advisories/github-reviewed/2024/07/GHSA-36h2-g4c8-9xcm/GHSA-36h2-g4c8-9xcm.json
similarity index 53%
rename from advisories/unreviewed/2024/07/GHSA-36h2-g4c8-9xcm/GHSA-36h2-g4c8-9xcm.json
rename to advisories/github-reviewed/2024/07/GHSA-36h2-g4c8-9xcm/GHSA-36h2-g4c8-9xcm.json
index 65a703ace0350..06dd8a498c0e3 100644
--- a/advisories/unreviewed/2024/07/GHSA-36h2-g4c8-9xcm/GHSA-36h2-g4c8-9xcm.json
+++ b/advisories/github-reviewed/2024/07/GHSA-36h2-g4c8-9xcm/GHSA-36h2-g4c8-9xcm.json
@@ -1,26 +1,57 @@
 {
   "schema_version": "1.4.0",
   "id": "GHSA-36h2-g4c8-9xcm",
-  "modified": "2024-07-08T21:31:40Z",
+  "modified": "2024-08-07T20:38:41Z",
   "published": "2024-07-08T21:31:40Z",
   "aliases": [
     "CVE-2024-6227"
   ],
+  "summary": "Aim denial of service vulnerability",
   "details": "A vulnerability in aimhubio/aim version 3.19.3 allows an attacker to cause a denial of service by configuring the remote tracking server to point at itself. This results in the server endlessly connecting to itself, rendering it unable to respond to other connections.",
   "severity": [
     {
       "type": "CVSS_V3",
       "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N"
     }
   ],
   "affected": [
-
+    {
+      "package": {
+        "ecosystem": "PyPI",
+        "name": "aim"
+      },
+      "ranges": [
+        {
+          "type": "ECOSYSTEM",
+          "events": [
+            {
+              "introduced": "0"
+            },
+            {
+              "last_affected": "3.19.3"
+            }
+          ]
+        }
+      ]
+    }
   ],
   "references": [
     {
       "type": "ADVISORY",
       "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6227"
     },
+    {
+      "type": "PACKAGE",
+      "url": "https://github.com/aimhubio/aim"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/aimhubio/aim/blob/2e7b8aff8dcba9ddd5043dfec88cf2319ba8a87c/aim/sdk/repo.py#L195"
+    },
     {
       "type": "WEB",
       "url": "https://huntr.com/bounties/abcea7c6-bb3b-45e9-aa15-9eb6b224451a"
@@ -32,8 +63,8 @@
       "CWE-835"
     ],
     "severity": "HIGH",
-    "github_reviewed": false,
-    "github_reviewed_at": null,
+    "github_reviewed": true,
+    "github_reviewed_at": "2024-08-07T20:38:41Z",
     "nvd_published_at": "2024-07-08T19:15:10Z"
   }
 }
\ No newline at end of file