The Wayback Machine - https://web.archive.org/web/20230330030514/https://github.com/github/advisory-database/pulls
Skip to content

Pull requests: github/advisory-database

New pull request New
35 Open 1,678 Closed
35 Open 1,678 Closed
Author
Filter by author
Label
Filter by label
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Milestones
Filter by milestone
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

[GHSA-vcjf-mgcg-jxjq] CKEditor 4.0 vulnerability in the HTML Data Processor
#1867 opened Mar 29, 2023 by Churro Loading…
[GHSA-p5m3-27vh-52j4] Feather-Sequelize cleanQuery method vulnerable to Prototype Pollution
#1866 opened Mar 29, 2023 by Churro Loading…
[GHSA-qpv8-4pjq-qqh7] feathers-sequelize contains improper input validation leading to SQL injection
#1865 opened Mar 29, 2023 by Churro Loading…
[GHSA-gxr4-xjj5-5px2] Potential XSS vulnerability in jQuery
#1864 opened Mar 29, 2023 by Churro Loading…
1
[GHSA-8xwg-wv7v-4vqp] Electron Vulnerable to Code Execution by Re-Enabling Node.js Integration
#1863 opened Mar 29, 2023 by Churro Loading…
[GHSA-77qv-gh6f-pgh4] Command Injection in Limdu
#1862 opened Mar 29, 2023 by Churro Loading…
1
Removing versions 6.0.x from vulnerable versions
#1861 opened Mar 29, 2023 by aviyam181199 Loading…
[GHSA-3wqf-4x89-9g79] Bootstrap vulnerable to Cross-Site Scripting (XSS)
#1860 opened Mar 29, 2023 by Churro Loading…
[GHSA-jv3g-j58f-9mq9] JOSE vulnerable to resource exhaustion via specifically crafted JWE
#1859 opened Mar 29, 2023 by Churro Loading…
1
[GHSA-5pxj-mhwj-x5gv] Prototype Pollution in asciitable.js
#1857 opened Mar 29, 2023 by tdunlap607 Loading…
[GHSA-5j5w-g665-5m35] Ambiguous OCI manifest parsing
#1856 opened Mar 29, 2023 by tdunlap607 Loading…
1
[GHSA-58c7-px5v-82hh] Potential sensitive information disclosed in error reports
#1854 opened Mar 29, 2023 by tdunlap607 Loading…
1
[GHSA-528j-9r78-wffx] etcd user credentials are stored in WAL logs in plaintext
#1852 opened Mar 29, 2023 by tdunlap607 Loading…
1
[GHSA-95xq-v4m2-fq3r] The Grit gem for Ruby, as used in GitLab 5.2 before 5.4.1...
#1825 opened Mar 25, 2023 by jasnow Loading…
1
[GHSA-62qp-3fxm-9wxf] Nokogiri gem 1.5.x has Denial of Service via infinite...
#1824 opened Mar 25, 2023 by jasnow Loading…
1
[GHSA-jmhh-w7xp-wg39] Nokogiri gem 1.5.x and 1.6.x has DoS while parsing XML...
#1823 opened Mar 25, 2023 by jasnow Loading…
1
[GHSA-qv62-xfj6-32xm] RubyGems 2.0.x before 2.0.17, 2.2.x before 2.2.5, and 2.4...
#1822 opened Mar 25, 2023 by jasnow Loading…
1
[GHSA-5mgj-mvv8-46mw] RubyGems before 1.8.23 does not verify an SSL certificate...
#1821 opened Mar 25, 2023 by jasnow Loading…
[GHSA-228f-g3h7-3fj3] RubyGems before 1.8.23 can redirect HTTPS connections to...
#1820 opened Mar 25, 2023 by jasnow Loading…
[GHSA-wg72-3rf2-wvp5] api/views/user.py in LibrePhotos before e19e539 has...
#1819 opened Mar 25, 2023 by go-compile Loading…
1
[GHSA-jp27-cwp2-5qqr] fixed so json represent same as described in text
#1807 opened Mar 22, 2023 by 7h3Rabbit Loading…
5
[GHSA-hc6q-2mpp-qw7j] Cross-realm object access in Webpack 5
#1789 opened Mar 15, 2023 by 0723Cu Loading…
1
[GHSA-8jh9-wqpf-q52c] sweetalert2 v8.19.1 and above contains hidden functionality
#1787 opened Mar 14, 2023 by sukh-idgateway Loading…
3
[GHSA-r38f-c4h4-hqq2] PostgreSQL JDBC Driver SQL Injection in ResultSet.refreshRow() with malicious column names
#1783 opened Mar 14, 2023 by JBrown0x90 Loading…
2
[GHSA-x2w5-7wp4-5qff] The ScalarMult and ScalarBaseMult methods of the P256...
#1779 opened Mar 13, 2023 by hydernaqvi Loading…
1
ProTip! Add no:assignee to see everything that’s not assigned.