diff --git a/advisories/unreviewed/2026/03/GHSA-57q8-p4r4-7xr7/GHSA-57q8-p4r4-7xr7.json b/advisories/unreviewed/2026/03/GHSA-57q8-p4r4-7xr7/GHSA-57q8-p4r4-7xr7.json index 21b8eb085caef..662ca57487b68 100644 --- a/advisories/unreviewed/2026/03/GHSA-57q8-p4r4-7xr7/GHSA-57q8-p4r4-7xr7.json +++ b/advisories/unreviewed/2026/03/GHSA-57q8-p4r4-7xr7/GHSA-57q8-p4r4-7xr7.json @@ -1,14 +1,37 @@ { "schema_version": "1.4.0", "id": "GHSA-57q8-p4r4-7xr7", - "modified": "2026-03-05T06:30:25Z", + "modified": "2026-03-05T06:30:32Z", "published": "2026-03-05T06:30:25Z", "aliases": [ "CVE-2026-23767" ], + "summary": "Missing Authentication and Encryption in Epson ESC/POS Protocol", "details": "ESC/POS, a printer control language designed by Seiko Epson Corporation, lacks mechanisms for user authentication and command authorization, does not provide controls to restrict sources or destinations of network communication, and transmits commands without encryption or integrity protection.", - "severity": [], - "affected": [], + "severity": [ + { + "type": "CVSS_V3", + "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N" + } + ], + "affected": [ + { + "package": { + "ecosystem": "GitHub Actions", + "name": "" + }, + "ranges": [ + { + "type": "ECOSYSTEM", + "events": [ + { + "introduced": "0" + } + ] + } + ] + } + ], "references": [ { "type": "ADVISORY", @@ -18,6 +41,10 @@ "type": "WEB", "url": "https://download4.epson.biz/sec_pubs/bs/pdf/IP_Filtering_Guide_en_revA.pdf" }, + { + "type": "WEB", + "url": "https://github.com/futileskills/Security-Advisory" + }, { "type": "WEB", "url": "https://jvn.jp/en/ta/JVNTA97995322" @@ -31,7 +58,7 @@ "cwe_ids": [ "CWE-306" ], - "severity": null, + "severity": "LOW", "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2026-03-05T06:16:22Z"