The Wayback Machine - https://web.archive.org/web/20230814165635/https://github.com/github/advisory-database/pulls
Skip to content

Pull requests: github/advisory-database

New pull request New
41 Open 2,352 Closed
41 Open 2,352 Closed
Author
Filter by author
Label
Filter by label
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Milestones
Filter by milestone
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

[GHSA-wfcc-pff6-rgc5] Jetty vulnerable to exposure of sensitive information due to observable discrepancy
#2619 opened Aug 14, 2023 by westonsteimel Loading…
[GHSA-2f88-5hg8-9x2x] Origin Validation Error in Apache Maven
#2618 opened Aug 14, 2023 by joshbressers Loading…
[GHSA-h755-8qp9-cq85] protobufjs Prototype Pollution vulnerability
#2617 opened Aug 14, 2023 by fhoeben Loading…
[GHSA-h7wm-ph43-c39p] Scrapy denial of service vulnerability
#2616 opened Aug 14, 2023 by G-Rath Loading…
[GHSA-c2qf-rxjj-qqgw] semver vulnerable to Regular Expression Denial of Service
#2615 opened Aug 12, 2023 by classicvalues Loading…
1
[GHSA-5wv5-4vpf-pj6m] Pallets Project Flask is vulnerable to Denial of Service via Unexpected memory usage
#2614 opened Aug 11, 2023 by Ghcml Loading…
[GHSA-6r78-m64m-qwcf] Moq v4.20.0 and 4.20.1 share hashed user data
#2613 opened Aug 10, 2023 by JonDouglas Loading…
[GHSA-ffw3-6378-cqgp] mlflow vulnerable to OS Command Injection
#2612 opened Aug 10, 2023 by gjwoods Loading…
[GHSA-p9xf-74xh-mhw5] fix package name in GHSA-p9xf-74xh-mhw5.json
#2611 opened Aug 9, 2023 by amascia-gg Loading…
[GHSA-p8p7-x288-28g6] Server-Side Request Forgery in Request
#2609 opened Aug 8, 2023 by G-Rath Loading…
[GHSA-4g8v-vg43-wpgf] Actionpack has possible cross-site scripting vulnerability via User Supplied Values to redirect_to
#2608 opened Aug 8, 2023 by aripollak Loading…
1
[GHSA-gq63-p39p-jrjf] SQL injectionin Yii 2
#2607 opened Aug 8, 2023 by iBotPeaches Loading…
[GHSA-j249-ghv5-7mxv] In Docker CE and EE before 18.09.8 (as well as Docker EE...
#2591 opened Aug 4, 2023 by joshbressers Loading…
4
[GHSA-7mj4-2984-955f] AlchemyCMS is vulnerable to stored XSS via the /admin/pictures image field
#2587 opened Aug 4, 2023 by tvdeyen Loading…
4
[GHSA-xqcq-j8w9-3pxv] imporve: add CVE number
#2573 opened Aug 3, 2023 by tencyle-yairm Loading…
1
[GHSA-pv7r-9vjg-g3f9] Duplicate advisory: swift-nio-http2 vulnerable to denial of service via invalid HTTP/2 HEADERS frame length
#2567 opened Aug 2, 2023 by 186PhillipBeam Loading…
1
[GHSA-qm95-pgcg-qqfq] Insufficient validation when decoding a Socket.IO packet
#2561 opened Aug 1, 2023 by Subrata19777 Loading…
1
[GHSA-8hfj-j24r-96c4] Path Traversal: 'dir/../../filename' in moment.locale
#2560 opened Jul 31, 2023 by Subrata19777 Loading…
10
[GHSA-wc69-rhjr-hc9g] Moment.js vulnerable to Inefficient Regular Expression Complexity
#2559 opened Jul 31, 2023 by Subrata19777 Loading…
7
[GHSA-f8vr-r385-rh5r] h2 vulnerable to denial of service
#2554 opened Jul 29, 2023 by Apetree100122 Loading…
1
[GHSA-cmm9-mgm5-9r42] pandas through 1.0.3 can unserialize and execute commands...
#2553 opened Jul 28, 2023 by felickz Loading…
1
[GHSA-3p62-6fjh-3p5h] Keycloak vulnerable to cross-site scripting when validating URI-schemes on SAML and OIDC
#2549 opened Jul 27, 2023 by uxdom Loading…
2
[GHSA-qwph-4952-7xr6] jsonwebtoken vulnerable to signature validation bypass due to insecure default algorithm in jwt.verify()
#2537 opened Jul 27, 2023 by sulaiman-coder Loading…
1
[GHSA-q9w4-w667-qqj4] ckeditor-wordcount-plugin vulnerable to Cross-site Scripting in Source Mode of Editor
#2523 opened Jul 26, 2023 by ohader Loading…
1
[GHSA-cf7p-gm2m-833m] cryptography mishandles SSH certificates
#2519 opened Jul 24, 2023 by alanc Loading…
1
ProTip! Adding no:label will show everything without a label.