CLEANSTART-2026-JY63371

See a problem?

Import Source

https://github.com/cleanstart-dev/cleanstart-security-advisories/blob/main/advisories/2026/CLEANSTART-2026-JY63371.json

JSON Data

https://api.osv.dev/v1/vulns/CLEANSTART-2026-JY63371

Upstream

CVE-2026-24051

CVE-2026-32280

CVE-2026-32281

CVE-2026-32282

CVE-2026-32283

CVE-2026-32285

CVE-2026-32289

CVE-2026-33186

CVE-2026-39882

CVE-2026-39883

Published

2026-04-10T00:45:58.478015Z

Modified

2026-04-15T05:45:16.387169Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

Delete function fails to properly validate offsets when processing malformed JSON input

Details

Multiple security vulnerabilities affect the prometheus package. The Delete function fails to properly validate offsets when processing malformed JSON input. See references for individual vulnerability details.

References

Affected packages

CleanStart / prometheus

Package

Name: prometheus

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

3.5.1-r1

Database specific

source

"https://github.com/cleanstart-dev/cleanstart-security-advisories/blob/main/advisories/2026/CLEANSTART-2026-JY63371.json"