Skip to content

Commit f7ae83f

Browse files
advisory-database[bot]advisory-database[bot]
committed
Publish Advisories
GHSA-55q8-2gwx-29pc GHSA-9h59-p45g-445h
1 parent 2ac01db commit f7ae83f

File tree

2 files changed

+70
-1
lines changed

2 files changed

+70
-1
lines changed

advisories/github-reviewed/2026/03/GHSA-55q8-2gwx-29pc/GHSA-55q8-2gwx-29pc.json

Lines changed: 65 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,65 @@
1+
{
2+
"schema_version": "1.4.0",
3+
"id": "GHSA-55q8-2gwx-29pc",
4+
"modified": "2026-03-26T22:15:54Z",
5+
"published": "2026-03-26T22:15:54Z",
6+
"aliases": [
7+
"CVE-2026-33907"
8+
],
9+
"summary": "Ella Core Panics during NAS Authentication Response/Failure with missing IEs",
10+
"details": "## Summary\n\nElla Core panics when processing Authentication Response and Authentication Failure NAS message missing IEs. \n\n## Impact\n\nAn attacker able to send crafted NAS messages to Ella Core can crash the process, causing service disruption for all connected subscribers. No authentication is required.\n\n## Fix\n\nAdded IE presence verification to NAS message handling.",
11+
"severity": [
12+
{
13+
"type": "CVSS_V3",
14+
"score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"
15+
}
16+
],
17+
"affected": [
18+
{
19+
"package": {
20+
"ecosystem": "Go",
21+
"name": "github.com/ellanetworks/core"
22+
},
23+
"ranges": [
24+
{
25+
"type": "ECOSYSTEM",
26+
"events": [
27+
{
28+
"introduced": "0"
29+
},
30+
{
31+
"fixed": "1.7.0"
32+
}
33+
]
34+
}
35+
]
36+
}
37+
],
38+
"references": [
39+
{
40+
"type": "WEB",
41+
"url": "https://github.com/ellanetworks/core/security/advisories/GHSA-55q8-2gwx-29pc"
42+
},
43+
{
44+
"type": "WEB",
45+
"url": "https://github.com/ellanetworks/core/commit/52962660e3bd3e23c7e96b0da270ac1e0e705273"
46+
},
47+
{
48+
"type": "PACKAGE",
49+
"url": "https://github.com/ellanetworks/core"
50+
},
51+
{
52+
"type": "WEB",
53+
"url": "https://github.com/ellanetworks/core/releases/tag/v1.7.0"
54+
}
55+
],
56+
"database_specific": {
57+
"cwe_ids": [
58+
"CWE-476"
59+
],
60+
"severity": "MODERATE",
61+
"github_reviewed": true,
62+
"github_reviewed_at": "2026-03-26T22:15:54Z",
63+
"nvd_published_at": null
64+
}
65+
}

advisories/github-reviewed/2026/03/GHSA-9h59-p45g-445h/GHSA-9h59-p45g-445h.json

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
{
22
"schema_version": "1.4.0",
33
"id": "GHSA-9h59-p45g-445h",
4-
"modified": "2026-03-26T22:13:33Z",
4+
"modified": "2026-03-26T22:16:38Z",
55
"published": "2026-03-26T22:13:33Z",
66
"aliases": [
77
"CVE-2026-33904"
@@ -40,6 +40,10 @@
4040
"type": "WEB",
4141
"url": "https://github.com/ellanetworks/core/security/advisories/GHSA-9h59-p45g-445h"
4242
},
43+
{
44+
"type": "WEB",
45+
"url": "https://github.com/ellanetworks/core/commit/999f606c5cae261471d9e3f063d7ecd1bd754076"
46+
},
4347
{
4448
"type": "PACKAGE",
4549
"url": "https://github.com/ellanetworks/core"

0 commit comments

Comments
 (0)