Skip to content

Pull requests: github/advisory-database

New pull request New
Clear current search query, filters, and sorts
11 Open 5,850 Closed
11 Open 5,850 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Assigned to nobody Loading
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

[GHSA-vc2m-m665-8xm2] If the value passed to os.path.expandvars() is user...
#6387 by kexinoh was closed Nov 5, 2025 Loading…
1
[GHSA-m494-w24q-6f7w] JDBC Driver for SQL Server has improper input validation issue
#6386 by andreasmh was merged Nov 5, 2025 Loading…
6
[GHSA-qppj-fm5r-hxr3] HTTP/2 Stream Cancellation Attack
#6385 by lwertugrul was closed Nov 5, 2025 Loading…
2
[GHSA-29xp-372q-xqph] node-tar has a race condition leading to uninitialized memory exposure
#6384 by aiob3 was closed Nov 5, 2025 Loading…
4
[GHSA-vxvp-4xwc-jpp6] activesupport Cross-site Scripting vulnerability
#6383 by tjuyuxinzhang was merged Nov 4, 2025 Loading…
1
[GHSA-5pgg-2g8v-p4x9] SheetJS Regular Expression Denial of Service (ReDoS)
#6381 by Usd-t was closed Nov 4, 2025 Loading…
1
[GHSA-2qfp-q593-8484] Brotli is vulnerable to a denial of service (DoS) attack due to decompression
#6380 by smithcoin was merged Nov 4, 2025 Loading…
5
[GHSA-7f5h-v6xp-fcq8] Starlette vulnerable to O(n^2) DoS via Range header merging in starlette.responses.FileResponse
#6379 by nadavaseal was merged Nov 4, 2025 Loading…
5
Fix wrong data in GHSA-c32m-27pj-4xcj.json
#6378 by surli was merged Nov 4, 2025 Loading…
1
[GHSA-pjxw-22xf-6pwc] Prototype Pollution in defaults-deep
#6377 by BOTCAHX was closed Nov 3, 2025 Loading…
[GHSA-h6w6-xmqv-7q78] activerecord vulnerable to SQL Injection
#6376 by tjuyuxinzhang was merged Nov 3, 2025 Loading…
1
[GHSA-cpx3-93w7-457x] Ansible leaks password to logs
#6375 by tjuyuxinzhang was closed Nov 3, 2025 Loading…
1
[GHSA-m494-w24q-6f7w] Improper input validation in JDBC Driver for SQL Server...
#6374 by Fidget-Grep was merged Nov 3, 2025 Loading…
1
[GHSA-pq5p-34cr-23v9] Authlib is vulnerable to Denial of Service via Oversized JOSE Segments
#6373 by Neiland85 was closed Nov 3, 2025 Loading…
6
[GHSA-qqj3-g7mx-5p4w] NeuVector telemetry sender is vulnerable to MITM and DoS
#6372 by mmalesev was merged Oct 30, 2025 Loading…
2
[GHSA-h773-7gf7-9m2x] NeuVector is shipping cryptographic material into its binary
#6371 by mmalesev was closed Oct 30, 2025 Loading…
3
[GHSA-q2pj-6v73-8rgj] SQL Injection vulnerability in TypeORM before 0.3.26 via...
#6370 by cavadalizada was merged Oct 31, 2025 Loading…
3
[GHSA-qm9p-f9j5-w83w] Parcel has an Origin Validation Error vulnerability
#6369 by G-Rath was merged Oct 29, 2025 Loading…
2
[GHSA-95h4-w6j8-2rp8] Undertow MadeYouReset HTTP/2 DDoS Vulnerability
#6368 by fawind was merged Oct 29, 2025 Loading…
2
[GHSA-9w53-xr52-mwgj] A security flaw has been discovered in lmsys sglang 0.4.6...
#6367 by m1ssya was merged Oct 29, 2025 Loading…
1
[GHSA-p72g-pv48-7w9x] Apache Tika XXE Vulnerability via Crafted XFA File Inside a PDF
#6366 by vlsi was merged Oct 29, 2025 Loading…
3
[GHSA-vfww-5hm6-hx2j] Apache Tomcat Vulnerable to Improper Neutralization of Escape, Meta, or Control Sequences
#6365 by aruneko was merged Oct 29, 2025 Loading…
4
[GHSA-vfww-5hm6-hx2j] Apache Tomcat Vulnerable to Improper Neutralization of Escape, Meta, or Control Sequences
#6364 by aruneko was closed Oct 29, 2025 Loading…
1
[GHSA-wmwf-9ccg-fff5] Apache Tomcat Vulnerable to Relative Path Traversal
#6363 by aruneko was merged Oct 29, 2025 Loading…
2
[GHSA-jh6x-7xfg-9cq2] Searching Opencast may cause a denial of service
#6362 by westonsteimel was merged Oct 28, 2025 Loading…
2
ProTip! Find all pull requests that aren't related to any open issues with -linked:issue.