Add CVE-2024-51434 and CVE-2025-27152 to repository

Author: eoftedal

repository/jsrepository-master.json

@@ -4773,6 +4773,30 @@
   },
   "axios": {
     "vulnerabilities": [
+      {
+        "ranges": [
+          {
+            "atOrAbove": "0",
+            "below": "1.8.2"
+          }
+        ],
+        "summary": "axios Requests Vulnerable To Possible SSRF and Credential Leakage via Absolute URL",
+        "cwe": ["CWE-918"],
+        "severity": "high",
+        "identifiers": {
+          "CVE": ["CVE-2025-27152"],
+          "githubID": "GHSA-jr5f-v2jv-69x6"
+        },
+        "info": [
+          "https://github.com/advisories/GHSA-jr5f-v2jv-69x6",
+          "https://github.com/axios/axios/security/advisories/GHSA-jr5f-v2jv-69x6",
+          "https://nvd.nist.gov/vuln/detail/CVE-2025-27152",
+          "https://github.com/axios/axios/issues/6463",
+          "https://github.com/axios/axios/commit/fb8eec214ce7744b5ca787f2c3b8339b2f54b00f",
+          "https://github.com/axios/axios",
+          "https://github.com/axios/axios/releases/tag/v1.8.2"
+        ]
+      },
       {
         "ranges": [
           {
@@ -5665,6 +5689,27 @@
   "froala": {
     "npmname": "froala-editor",
     "vulnerabilities": [
+      {
+        "ranges": [
+          {
+            "atOrAbove": "0",
+            "below": "4.3.1"
+          }
+        ],
+        "summary": "Froala WYSIWYG editor allows cross-site scripting (XSS)",
+        "cwe": ["CWE-79"],
+        "severity": "medium",
+        "identifiers": {
+          "CVE": ["CVE-2024-51434"],
+          "githubID": "GHSA-549p-5c7f-c5p4"
+        },
+        "info": [
+          "https://github.com/advisories/GHSA-549p-5c7f-c5p4",
+          "https://nvd.nist.gov/vuln/detail/CVE-2024-51434",
+          "https://georgyg.com/home/froala-wysiwyg-editor---xss-cve-2024-51434",
+          "https://github.com/froala/wysiwyg-editor"
+        ]
+      },
       {
         "ranges": [
           {

repository/jsrepository-v2.json

@@ -6325,6 +6325,30 @@
           "https://github.com/axios/axios/releases/tag/v1.7.4",
           "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html"
         ]
+      },
+      {
+        "atOrAbove": "0",
+        "below": "1.8.2",
+        "cwe": [
+          "CWE-918"
+        ],
+        "severity": "high",
+        "identifiers": {
+          "summary": "axios Requests Vulnerable To Possible SSRF and Credential Leakage via Absolute URL",
+          "CVE": [
+            "CVE-2025-27152"
+          ],
+          "githubID": "GHSA-jr5f-v2jv-69x6"
+        },
+        "info": [
+          "https://github.com/advisories/GHSA-jr5f-v2jv-69x6",
+          "https://github.com/axios/axios/security/advisories/GHSA-jr5f-v2jv-69x6",
+          "https://nvd.nist.gov/vuln/detail/CVE-2025-27152",
+          "https://github.com/axios/axios/issues/6463",
+          "https://github.com/axios/axios/commit/fb8eec214ce7744b5ca787f2c3b8339b2f54b00f",
+          "https://github.com/axios/axios",
+          "https://github.com/axios/axios/releases/tag/v1.8.2"
+        ]
       }
     ],
     "extractors": {
@@ -7335,6 +7359,27 @@
           "https://froala.com/wysiwyg-editor/changelog/#4.1.4",
           "https://github.com/advisories/GHSA-hvpq-7vcc-5hj5"
         ]
+      },
+      {
+        "atOrAbove": "0",
+        "below": "4.3.1",
+        "cwe": [
+          "CWE-79"
+        ],
+        "severity": "medium",
+        "identifiers": {
+          "summary": "Froala WYSIWYG editor allows cross-site scripting (XSS)",
+          "CVE": [
+            "CVE-2024-51434"
+          ],
+          "githubID": "GHSA-549p-5c7f-c5p4"
+        },
+        "info": [
+          "https://github.com/advisories/GHSA-549p-5c7f-c5p4",
+          "https://nvd.nist.gov/vuln/detail/CVE-2024-51434",
+          "https://georgyg.com/home/froala-wysiwyg-editor---xss-cve-2024-51434",
+          "https://github.com/froala/wysiwyg-editor"
+        ]
       }
     ],
     "extractors": {

repository/jsrepository-v3.json

@@ -6471,6 +6471,30 @@
             "https://github.com/axios/axios/releases/tag/v1.7.4",
             "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html"
           ]
+        },
+        {
+          "atOrAbove": "0",
+          "below": "1.8.2",
+          "cwe": [
+            "CWE-918"
+          ],
+          "severity": "high",
+          "identifiers": {
+            "summary": "axios Requests Vulnerable To Possible SSRF and Credential Leakage via Absolute URL",
+            "CVE": [
+              "CVE-2025-27152"
+            ],
+            "githubID": "GHSA-jr5f-v2jv-69x6"
+          },
+          "info": [
+            "https://github.com/advisories/GHSA-jr5f-v2jv-69x6",
+            "https://github.com/axios/axios/security/advisories/GHSA-jr5f-v2jv-69x6",
+            "https://nvd.nist.gov/vuln/detail/CVE-2025-27152",
+            "https://github.com/axios/axios/issues/6463",
+            "https://github.com/axios/axios/commit/fb8eec214ce7744b5ca787f2c3b8339b2f54b00f",
+            "https://github.com/axios/axios",
+            "https://github.com/axios/axios/releases/tag/v1.8.2"
+          ]
         }
       ],
       "extractors": {
@@ -7503,6 +7527,27 @@
             "https://froala.com/wysiwyg-editor/changelog/#4.1.4",
             "https://github.com/advisories/GHSA-hvpq-7vcc-5hj5"
           ]
+        },
+        {
+          "atOrAbove": "0",
+          "below": "4.3.1",
+          "cwe": [
+            "CWE-79"
+          ],
+          "severity": "medium",
+          "identifiers": {
+            "summary": "Froala WYSIWYG editor allows cross-site scripting (XSS)",
+            "CVE": [
+              "CVE-2024-51434"
+            ],
+            "githubID": "GHSA-549p-5c7f-c5p4"
+          },
+          "info": [
+            "https://github.com/advisories/GHSA-549p-5c7f-c5p4",
+            "https://nvd.nist.gov/vuln/detail/CVE-2024-51434",
+            "https://georgyg.com/home/froala-wysiwyg-editor---xss-cve-2024-51434",
+            "https://github.com/froala/wysiwyg-editor"
+          ]
         }
       ],
       "extractors": {

repository/jsrepository-v4.json

@@ -6470,6 +6470,30 @@
           "https://github.com/axios/axios/releases/tag/v1.7.4",
           "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html"
         ]
+      },
+      {
+        "atOrAbove": "0",
+        "below": "1.8.2",
+        "cwe": [
+          "CWE-918"
+        ],
+        "severity": "high",
+        "identifiers": {
+          "summary": "axios Requests Vulnerable To Possible SSRF and Credential Leakage via Absolute URL",
+          "CVE": [
+            "CVE-2025-27152"
+          ],
+          "githubID": "GHSA-jr5f-v2jv-69x6"
+        },
+        "info": [
+          "https://github.com/advisories/GHSA-jr5f-v2jv-69x6",
+          "https://github.com/axios/axios/security/advisories/GHSA-jr5f-v2jv-69x6",
+          "https://nvd.nist.gov/vuln/detail/CVE-2025-27152",
+          "https://github.com/axios/axios/issues/6463",
+          "https://github.com/axios/axios/commit/fb8eec214ce7744b5ca787f2c3b8339b2f54b00f",
+          "https://github.com/axios/axios",
+          "https://github.com/axios/axios/releases/tag/v1.8.2"
+        ]
       }
     ],
     "extractors": {
@@ -7502,6 +7526,27 @@
           "https://froala.com/wysiwyg-editor/changelog/#4.1.4",
           "https://github.com/advisories/GHSA-hvpq-7vcc-5hj5"
         ]
+      },
+      {
+        "atOrAbove": "0",
+        "below": "4.3.1",
+        "cwe": [
+          "CWE-79"
+        ],
+        "severity": "medium",
+        "identifiers": {
+          "summary": "Froala WYSIWYG editor allows cross-site scripting (XSS)",
+          "CVE": [
+            "CVE-2024-51434"
+          ],
+          "githubID": "GHSA-549p-5c7f-c5p4"
+        },
+        "info": [
+          "https://github.com/advisories/GHSA-549p-5c7f-c5p4",
+          "https://nvd.nist.gov/vuln/detail/CVE-2024-51434",
+          "https://georgyg.com/home/froala-wysiwyg-editor---xss-cve-2024-51434",
+          "https://github.com/froala/wysiwyg-editor"
+        ]
       }
     ],
     "extractors": {

repository/jsrepository.json

@@ -6268,6 +6268,30 @@
           "https://github.com/axios/axios/releases/tag/v1.7.4",
           "https://jeffhacks.com/advisories/2024/06/24/CVE-2024-39338.html"
         ]
+      },
+      {
+        "atOrAbove": "0",
+        "below": "1.8.2",
+        "cwe": [
+          "CWE-918"
+        ],
+        "severity": "high",
+        "identifiers": {
+          "summary": "axios Requests Vulnerable To Possible SSRF and Credential Leakage via Absolute URL",
+          "CVE": [
+            "CVE-2025-27152"
+          ],
+          "githubID": "GHSA-jr5f-v2jv-69x6"
+        },
+        "info": [
+          "https://github.com/advisories/GHSA-jr5f-v2jv-69x6",
+          "https://github.com/axios/axios/security/advisories/GHSA-jr5f-v2jv-69x6",
+          "https://nvd.nist.gov/vuln/detail/CVE-2025-27152",
+          "https://github.com/axios/axios/issues/6463",
+          "https://github.com/axios/axios/commit/fb8eec214ce7744b5ca787f2c3b8339b2f54b00f",
+          "https://github.com/axios/axios",
+          "https://github.com/axios/axios/releases/tag/v1.8.2"
+        ]
       }
     ],
     "extractors": {
@@ -7270,6 +7294,27 @@
           "https://froala.com/wysiwyg-editor/changelog/#4.1.4",
           "https://github.com/advisories/GHSA-hvpq-7vcc-5hj5"
         ]
+      },
+      {
+        "atOrAbove": "0",
+        "below": "4.3.1",
+        "cwe": [
+          "CWE-79"
+        ],
+        "severity": "medium",
+        "identifiers": {
+          "summary": "Froala WYSIWYG editor allows cross-site scripting (XSS)",
+          "CVE": [
+            "CVE-2024-51434"
+          ],
+          "githubID": "GHSA-549p-5c7f-c5p4"
+        },
+        "info": [
+          "https://github.com/advisories/GHSA-549p-5c7f-c5p4",
+          "https://nvd.nist.gov/vuln/detail/CVE-2024-51434",
+          "https://georgyg.com/home/froala-wysiwyg-editor---xss-cve-2024-51434",
+          "https://github.com/froala/wysiwyg-editor"
+        ]
       }
     ],
     "extractors": {