-
Notifications
You must be signed in to change notification settings - Fork 423
Insights: github/advisory-database
Overview
-
- 32 Merged pull requests
- 5 Open pull requests
- 2 Closed issues
- 0 New issues
Could not load contribution data
Please try again later
32 Pull requests merged by 9 people
-
[GHSA-qpxx-2cwh-r5vh] A vulnerability was found in erdogant pypickle up to 1.1...
#5660 merged
May 27, 2025 -
[GHSA-4gc7-5j7h-4qph] Spring Framework DataBinder Case Sensitive Match Exception
#5659 merged
May 27, 2025 -
Update GHSA-h958-fxgg-g7w3.json
#5658 merged
May 27, 2025 -
[GHSA-6jwp-4wvj-6597] Apache Pinot Vulnerable to Authentication Bypass
#5657 merged
May 27, 2025 -
[GHSA-5qmp-9x47-92q8] Rancher's SAML-based login via CLI can be denied by unauthenticated users
#5656 merged
May 27, 2025 -
Update GHSA-xr9q-h9c7-xw8q.json
#5655 merged
May 27, 2025 -
[GHSA-pw39-f3m5-cxfc] Elasticsearch Uncaught Exception leading to crash
#5653 merged
May 27, 2025 -
[GHSA-5xm9-x7x4-4j5x] Elasticsearch Vulnerable to Stack Overflow due to a Large Recursion
#5651 merged
May 27, 2025 -
[GHSA-x27v-f838-jh93] io.jmix.rest:jmix-rest allows XSS in the /files Endpoint of the Generic REST API
#5650 merged
May 27, 2025 -
[GHSA-jx4g-3xqm-62vh] io.jmix.localfs:jmix-localfs has a Path Traversal in Local File Storage
#5649 merged
May 27, 2025 -
[GHSA-f3gv-cwwh-758m] io.jmix.localfs:jmix-localfs affected by DoS in the Local File Storage
#5648 merged
May 27, 2025 -
[GHSA-gp98-hfvm-2r4x] Apache IoTDB JDBC Driver Discloses Sensitive Information via Log Files
#5635 merged
May 27, 2025 -
[GHSA-hvf8-h2qh-37m9] IPC messages delivered to the wrong frame in Electron
#5634 merged
May 27, 2025 -
[GHSA-xh29-r2w5-wx8m] Nokogiri Improperly Handles Unexpected Data Type
#5631 merged
May 27, 2025 -
[GHSA-h4j7-5rxr-p4wc] Microsoft.Build.Tasks.Core .NET Spoofing Vulnerability
#5640 merged
May 23, 2025 -
[GHSA-9rmm-8fp4-26hv] phpMyAdmin Denial Of Service (DOS) attack
#5629 merged
May 23, 2025 -
[GHSA-mmvj-j7hq-rx85] Moodle sensitive information disclosure
#5628 merged
May 23, 2025 -
[GHSA-v2rh-5v88-rgvh] Moodle context freezing
#5627 merged
May 23, 2025 -
[GHSA-8h6m-wv39-239m] Rancher users who can create Projects can gain access to arbitrary projects
#5620 merged
May 23, 2025 -
[GHSA-ppj3-7jw3-8vc4] Data races in lock_api
#5604 merged
May 23, 2025 -
[GHSA-2v42-xp3j-47m4] Xuxueli xxl-job template injection vulnerability
#5600 merged
May 23, 2025 -
[GHSA-whc7-5p35-4ww2] Use after free in actix-service
#5599 merged
May 23, 2025 -
[GHSA-rqgx-hpg4-456r] Use-after-free in actix-codec
#5598 merged
May 23, 2025 -
[GHSA-hhw2-pqhf-vmx2] Use after free in actix-utils
#5597 merged
May 23, 2025 -
[GHSA-7cx3-6m66-7c5m] Tornado vulnerable to excessive logging caused by malformed multipart form data
#5621 merged
May 23, 2025 -
[GHSA-g98g-r7gf-2r25] Forgeable Encrypted Session Cookie in Apps Using Auth0-PHP SDK
#5594 merged
May 22, 2025 -
[GHSA-cpfp-m5qw-c4r3] Improper Preservation of Permissions in xxl-job
#5601 merged
May 22, 2025
5 Pull requests opened by 4 people
-
[GHSA-rhx6-c78j-4q9w] Unpatched `path-to-regexp` ReDoS in 0.1.x
#5603 opened
May 21, 2025 -
Remove duplicate `camaleon_cms` advisory
#5622 opened
May 22, 2025 -
Remove duplicate `nokogiri` advisory
#5624 opened
May 22, 2025 -
[GHSA-6vhp-hp77-6w52] Trac HTML WikiProcessor cross-site scripting (XSS) vulnerability
#5636 opened
May 23, 2025 -
[GHSA-g5vr-rgqm-vf78] Spring Framework Path Traversal vulnerability
#5662 opened
May 27, 2025
2 Issues closed by 2 people
-
Pypi patch/affected version fixes and remove patched version from GHSA-22fp-mf44-f2mq
#5639 closed
May 27, 2025 -
Injecting all apps
#5623 closed
May 22, 2025