Skip to content

Pull requests: github/advisory-database

New pull request New
21 Open 6,380 Closed
21 Open 6,380 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Assigned to nobody Loading
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

[GHSA-xwc8-rf6m-xr86] hnswlib Double Free vulnerability
#7232 opened Mar 24, 2026 by ilyajob05 Loading…
[GHSA-rvv3-g6hj-g44x] AutoMapper Vulnerable to Denial of Service (DoS) via Uncontrolled Recursion
#7230 opened Mar 24, 2026 by jbogard Loading…
2
GHSA-m964-fjrh-xxq2: update fix commit reference and affected artifact
#7229 opened Mar 24, 2026 by raboof Loading…
GHSA-2r4x-667f-mpfh: fix artifact and fix commit reference
#7228 opened Mar 24, 2026 by raboof Loading…
[GHSA-rvv3-g6hj-g44x] AutoMapper Vulnerable to Denial of Service (DoS) via Uncontrolled Recursion
#7227 opened Mar 24, 2026 by mkarbowski-quilt Loading…
2
[GHSA-2w8x-224x-785m] sjcl is missing point-on-curve validation in sjcl.ecc.basicKey.publicKey
#7225 opened Mar 24, 2026 by wmorland Loading…
[GHSA-cv4x-93xx-wgfj] Fix affected version ranges to use proper OSV schema
#7224 opened Mar 24, 2026 by vdemeester Loading…
1
[GHSA-cv4x-93xx-wgfj] Tekton Pipelines controller panic via long resolver name in TaskRun/PipelineRun
#7222 opened Mar 24, 2026 by vdemeester Loading…
6
[GHSA-mwjc-5j4x-r686] AVideo has an unauthenticated decrypt oracle leaking any ciphertext
#7221 opened Mar 24, 2026 by Ahmad-jarwan Loading…
1
[GHSA-8gc5-j5rx-235r] fast-xml-parser affected by numeric entity expansion bypassing all entity expansion limits (incomplete fix for CVE-2026-26278)
#7220 opened Mar 24, 2026 by yuezk Loading…
2
[GHSA-r3hf-q3mf-7h6w] A vulnerability was found in HybridAuth up to 3.12.2....
#7219 opened Mar 23, 2026 by jontyms Loading…
4
[GHSA-mgvc-8q2h-5pgc] Spring Boot has an Authentication Bypass under Actuator CloudFoundry endpoints
#7218 opened Mar 23, 2026 by yeikel Loading…
[GHSA-x44p-gvrj-pj2r] Amazon S3 Encryption Client for Java has a Key Commitment Issue
#7210 opened Mar 22, 2026 by decsecre583 Loading…
[GHSA-p436-gjf2-799p] Docker CLI Plugins: Uncontrolled Search Path Element Leads to Local Privilege Escalation on Windows
#7207 opened Mar 21, 2026 by levpachmanov Loading…
[GHSA-jx49-fphc-w293] Improper Restriction of XML External Entity Reference...
#7197 opened Mar 19, 2026 by Bhanu99517 Loading…
1
[GHSA-fg6f-75jq-6523] Authlib has 1-click Account Takeover vulnerability
#7191 opened Mar 18, 2026 by levpachmanov Loading…
2
[GHSA-q9hv-hpm4-hj6x] CIRCL has an incorrect calculation in secp384r1 CombinedMult
#7173 opened Mar 15, 2026 by yusuke-koyoshi Loading…
5
[GHSA-h2f4-v4c4-6wx4] Uncontrolled Resource Consumption in org.eclipse.jetty:jetty-server
#7093 opened Mar 2, 2026 by Meet003118 Loading…
2
[GHSA-mw96-cpmx-2vgc] Rollup 4 has Arbitrary File Write via Path Traversal Stale
#7089 opened Mar 1, 2026 by JaclynCodes Loading…
2
[GHSA-7r86-cg39-jmmj] minimatch has ReDoS: matchOne() combinatorial backtracking via multiple non-adjacent GLOBSTAR segments
#7087 opened Feb 28, 2026 by ljharb Loading…
5
[GHSA-qq67-mvv5-fw3g] Astro has Full-Read SSRF in error rendering via Host: header injection Keep
#7055 opened Feb 24, 2026 by kytta Loading…
8
ProTip! Exclude everything labeled bug with -label:bug.