Data

Tools

Indexes

Applications

Experiments

Issues

An open API service for providing issue and pull request metadata for open source projects.

GitHub / github/advisory-database issues and pull requests

#5810 - [GHSA-xqcm-7p74-m69m] The Restrict File Access plugin for WordPress is...

Pull Request - State: closed - Opened by sandykadam 17 days ago - 1 comment

#5804 - [GHSA-x5gf-qvw8-r2rm] pm2 Regular Expression Denial of Service vulnerability

Pull Request - State: closed - Opened by mhassan1 21 days ago - 2 comments

#5803 - [GHSA-8p76-6q3j-rqc2] SQL injection vulnerability in TestLink before 1.9.14...

Pull Request - State: closed - Opened by omarkurt 21 days ago - 1 comment

#5801 - Advisory GHSA-jh5w-6964-x5cf lists incorrect fixed version

Issue - State: closed - Opened by shivakumar-loginsoft 21 days ago - 1 comment

#5795 - question(npm): using semver by `npm` for affected ranges

Issue - State: closed - Opened by DmitriyLewen 26 days ago - 2 comments

#5794 - Set critical severity

Pull Request - State: closed - Opened by clement-fouque 26 days ago - 3 comments

#5792 - [GHSA-wx5j-54mm-rqqq] HTTP request smuggling in netty

Pull Request - State: open - Opened by poc-effectiveness 28 days ago - 1 comment

#5790 - Advisory GHSA-p3xv-97g8-4wmj lists incorrect fixed version

Issue - State: closed - Opened by shivakumar-loginsoft 28 days ago - 1 comment

#5789 - ## Code Review

Issue - State: closed - Opened by AlipSnowMan 28 days ago

#5788 - [GHSA-fj44-h6xw-896g] react-native-keys 0.7.11 is vulnerable to sensitive...

Pull Request - State: closed - Opened by ThomasWunderlich about 1 month ago - 1 comment

#5787 - Incorrect Package Attribution in GHSA-7rvp-xqj7-rxf2

Issue - State: closed - Opened by M-Aditya-shankar about 1 month ago - 1 comment

#5784 - [GHSA-cqqj-4p63-rrmm] HTTP Request Smuggling in Netty

Pull Request - State: closed - Opened by poc-effectiveness about 1 month ago - 2 comments

#5783 - [GHSA-gpqc-4pp7-5954] Authentication Bypass by CSRF Weakness

Pull Request - State: closed - Opened by dsten56 about 1 month ago - 2 comments

#5782 - [GHSA-v6w3-2prq-h95f] Improper Input Validation in Jakarta Expression Language

Pull Request - State: closed - Opened by levpachmanov about 1 month ago - 1 comment

#5781 - Maven advisories missing scala SBT suffixes in package names

Issue - State: closed - Opened by oliverchang about 1 month ago - 1 comment

#5780 - [GHSA-5h6x-m52p-23ph] Improper Certificate Validation in Apache Qpid Proton

Pull Request - State: closed - Opened by nhakmiller about 1 month ago - 1 comment

#5778 - [GHSA-jc9r-qcgw-fxq9] A vulnerability was found in sparklemotion nokogiri up to...

Pull Request - State: closed - Opened by flavorjones about 1 month ago - 1 comment

#5777 - [GHSA-9fq2-x9r6-wfmf] Numpy Deserialization of Untrusted Data

Pull Request - State: open - Opened by boyapatiakhil7 about 1 month ago - 1 comment

#5776 - [GHSA-48p4-8xcf-vxj5] urllib3 does not control redirects in browsers and Node.js

Pull Request - State: closed - Opened by sethmlarson about 1 month ago - 2 comments

#5775 - [GHSA-g93m-8x6h-g5gv] When using IPAuthenticationProvider in ZooKeeper Admin...

Pull Request - State: closed - Opened by ferdlestier about 1 month ago - 2 comments

#5774 - [GHSA-p979-4mfw-53vg] HTTP Request Smuggling in Netty

Pull Request - State: closed - Opened by poc-effectiveness about 1 month ago - 6 comments

#5773 - [GHSA-rvqx-wpfh-mfx7] Langflow Unauth RCE

Pull Request - State: closed - Opened by chximn-dt about 1 month ago - 2 comments

#5772 - [GHSA-m964-fjrh-xxq2] Deserialization of Untrusted Data vulnerability in Apache...

Pull Request - State: closed - Opened by oscerd about 1 month ago - 1 comment

#5771 - Check out this app!

Issue - State: closed - Opened by V1j2t3 about 1 month ago - 1 comment
Labels: invalid

#5770 - Review requested:

Issue - State: closed - Opened by V1j2t3 about 1 month ago
Labels: invalid

#5769 - Data

Issue - State: closed - Opened by AlipSnowMan about 1 month ago
Labels: invalid

#5763 - [GHSA-vhxf-7vqr-mrjg] DOMPurify allows Cross-site Scripting (XSS)

Pull Request - State: closed - Opened by julianladisch about 1 month ago - 2 comments

#5762 - Go: Supported ecosystem

Issue - State: open - Opened by hectorj2f about 1 month ago - 3 comments

#5761 - [GHSA-6f52-wpx2-hvf2] Calling Verify with a VerifyOptions.KeyUsages that...

Pull Request - State: closed - Opened by tdunlap607 about 1 month ago - 2 comments

#5760 - [GHSA-62jj-gr2r-5c34] Proxy-Authorization and Proxy-Authenticate headers...

Pull Request - State: closed - Opened by tdunlap607 about 1 month ago - 2 comments

#5759 - [GHSA-rx97-6c62-55mf] Hashicorp Nomad Incorrect Privilege Assignment vulnerability

Pull Request - State: closed - Opened by dduzgun-security about 1 month ago - 1 comment

#5758 - [GHSA-g5hg-p3ph-g8qg] Multer vulnerable to Denial of Service via unhandled exception

Pull Request - State: closed - Opened by NOVUSASTRAai about 1 month ago - 1 comment
Labels: invalid

#5747 - [GHSA-9pp5-9c7g-4r83] Spring Security authorization bypass for method security annotations on private methods

Pull Request - State: open - Opened by tomabai about 1 month ago - 2 comments
Labels: Keep

#5746 - [GHSA-h4h6-vccr-44h2] uptrace pgdriver SQL injection vulnerability

Pull Request - State: closed - Opened by maxfierke about 1 month ago - 1 comment

#5743 - Newton Protocol: Verifiable Automation Layer for Onchain Finance

Issue - State: closed - Opened by Stepease1 about 1 month ago
Labels: invalid

#5742 - [GHSA-v6h2-p8h4-qcjw] brace-expansion Regular Expression Denial of Service vulnerability

Pull Request - State: closed - Opened by V1j2t3 about 1 month ago - 1 comment

#5741 - [GHSA-v6x6-4v4x-2fx9] Lunary Cross-Site Request Forgery (CSRF) vulnerability

Pull Request - State: closed - Opened by hughcrt about 1 month ago - 1 comment

#5740 - [GHSA-6p2q-8qfq-wq7x] Lunary improper access control vulnerability

Pull Request - State: closed - Opened by hughcrt about 1 month ago - 1 comment

#5739 - [GHSA-9jmp-j63g-8x6m] Lunary information disclosure vulnerability

Pull Request - State: closed - Opened by hughcrt about 1 month ago - 1 comment

#5738 - [GHSA-rpx8-fg6w-rm6x] lunary-ai/lunary XSS in SAML metadata endpoint

Pull Request - State: closed - Opened by hughcrt about 1 month ago - 1 comment

#5737 - [GHSA-36qw-697c-h8mq] A vulnerability was found in Bitwarden up to 2.25.1. It...

Pull Request - State: closed - Opened by bwbug about 1 month ago - 1 comment

#5736 - false-positive on multiple packages

Issue - State: closed - Opened by CHATSKII about 1 month ago - 1 comment

#5735 - [GHSA-5m48-vr54-vmh3] jersey: XXE via parameter entities not disabled by the...

Pull Request - State: closed - Opened by joshbressers about 1 month ago - 1 comment

#5732 - [GHSA-qvhf-3567-pc4v] Sandbox bypass vulnerability in Script Security Plugin

Pull Request - State: closed - Opened by nhakmiller about 1 month ago - 1 comment

#5731 - [GHSA-q2q3-6r63-6pc5] The Poll, Survey & Quiz Maker Plugin by Opinion Stage...

Pull Request - State: closed - Opened by ArtemLapkin about 1 month ago - 1 comment

#5730 - [GHSA-wgc6-9f6w-h8hx] microlight allows a denial of service

Pull Request - State: closed - Opened by Qix- about 1 month ago - 6 comments

#5729 - [GHSA-2hcm-q3f4-fjgw] Arbitrary file write as the OSV-SCALIBR user on the host...

Pull Request - State: closed - Opened by Malayke about 1 month ago - 1 comment

#5728 - [GHSA-887c-mr87-cxwp] PyTorch Improper Resource Shutdown or Release vulnerability

Pull Request - State: closed - Opened by ferdlestier about 2 months ago - 1 comment

#5727 - Include Mend.io database

Issue - State: closed - Opened by SveLil about 2 months ago - 1 comment

#5726 - [GHSA-v6h2-p8h4-qcjw] brace-expansion Regular Expression Denial of Service vulnerability

Pull Request - State: closed - Opened by V1j2t3 about 2 months ago
Labels: invalid

#5723 - Improve GHSA-274v-mgcv-cm8j

Pull Request - State: closed - Opened by xnox about 2 months ago - 6 comments

#5721 - [GHSA-274v-mgcv-cm8j] Argo CD GitOps Engine does not scrub secret values from patch errors

Pull Request - State: closed - Opened by xnox about 2 months ago - 3 comments

#5719 - [GHSA-qvjc-g5vr-mfgr] Regular Expression Denial of Service in papaparse

Pull Request - State: closed - Opened by raner about 2 months ago - 1 comment

#5718 - [GHSA-h4j7-5rxr-p4wc] Microsoft.Build.Tasks.Core .NET Spoofing Vulnerability

Pull Request - State: closed - Opened by udlose about 2 months ago - 6 comments

#5717 - [GHSA-4h8f-2wvx-gg5w] Bouncy Castle Java Cryptography API vulnerable to DNS poisoning

Pull Request - State: closed - Opened by hmolsen about 2 months ago - 3 comments

#5716 - [GHSA-v6h2-p8h4-qcjw] brace-expansion Regular Expression Denial of Service vulnerability

Pull Request - State: closed - Opened by carboneater about 2 months ago - 1 comment

#5715 - [GHSA-rf6q-vx79-mjxr] Undertow Uncontrolled Resource Consumption

Pull Request - State: closed - Opened by nhakmiller about 2 months ago - 1 comment

#5714 - [GHSA-9v35-4xcr-w9ph] NetBird uses a static initialization vector (IV)

Pull Request - State: closed - Opened by mlsmaycon about 2 months ago - 4 comments

#5711 - [GHSA-v6h2-p8h4-qcjw] brace-expansion Regular Expression Denial of Service vulnerability

Pull Request - State: closed - Opened by anomiex about 2 months ago - 2 comments

#5704 - [GHSA-v6h2-p8h4-qcjw] brace-expansion Regular Expression Denial of Service vulnerability

Pull Request - State: closed - Opened by saitho about 2 months ago - 1 comment

#5703 - [GHSA-v6h2-p8h4-qcjw] brace-expansion Regular Expression Denial of Service vulnerability

Pull Request - State: closed - Opened by lkuechler about 2 months ago - 1 comment