From 6e5d59d18634c90c2a1025eb3b26ddf8030add32 Mon Sep 17 00:00:00 2001 From: shialmoti-boop Date: Tue, 14 Jul 2026 11:25:17 +0530 Subject: [PATCH] Improve GHSA-c236-24xj-j3g6 --- .../GHSA-c236-24xj-j3g6.json | 28 +++++++++++++++++-- 1 file changed, 26 insertions(+), 2 deletions(-) diff --git a/advisories/unreviewed/2026/03/GHSA-c236-24xj-j3g6/GHSA-c236-24xj-j3g6.json b/advisories/unreviewed/2026/03/GHSA-c236-24xj-j3g6/GHSA-c236-24xj-j3g6.json index e84ca91d67acd..731aef281b26d 100644 --- a/advisories/unreviewed/2026/03/GHSA-c236-24xj-j3g6/GHSA-c236-24xj-j3g6.json +++ b/advisories/unreviewed/2026/03/GHSA-c236-24xj-j3g6/GHSA-c236-24xj-j3g6.json @@ -1,11 +1,12 @@ { "schema_version": "1.4.0", "id": "GHSA-c236-24xj-j3g6", - "modified": "2026-03-25T15:31:28Z", + "modified": "2026-03-25T15:32:30Z", "published": "2026-03-24T21:31:23Z", "aliases": [ "CVE-2026-1995" ], + "summary": "Fix affected version range and add patched version for CVE-2026-1995", "details": "IDrive’s id_service.exe process runs with elevated privileges and regularly reads from several files under the C:\\ProgramData\\IDrive\\ directory. The UTF16-LE encoded contents of these files are used as arguments for starting a process, but they can be edited by any standard user logged into the system. An attacker can overwrite or edit the files to specify a path to an arbitrary executable, which will then be executed by the id_service.exe process with SYSTEM privileges.", "severity": [ { @@ -13,7 +14,30 @@ "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } ], - "affected": [], + "affected": [ + { + "package": { + "ecosystem": "GitHub Actions", + "name": "IDrive_Cloud_Backu_Client_Windows" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + }, + { + "fixed": "7.0.0.64" + } + ] + } + ], + "database_specific": { + "last_known_affected_version_range": "<= 7.0.0.63" + } + } + ], "references": [ { "type": "ADVISORY",