-
Notifications
You must be signed in to change notification settings - Fork 598
Pull requests: github/advisory-database
Author
Label
Projects
Milestones
Reviews
Assignee
Sort
Pull requests list
Update Tekton Pipelines advisories with multi-branch patch ranges
#7575
opened May 4, 2026 by
waveywaves
Loading…
[GHSA-fvcv-3m26-pcqx] Axios has Unrestricted Cloud Metadata Exfiltration via Header Injection Chain
Stale
#7419
opened Apr 17, 2026 by
ylemkimon
Loading…
[GHSA-355h-qmc2-wpwf] Jetty has HTTP Request Smuggling via Chunked Extension Quoted-String Parsing
Stale
#7421
opened Apr 17, 2026 by
jhy
Loading…
[GHSA-mwv9-gp5h-frr4] Sveltejs devalue's
devalue.parse and devalue.unflatten emit objects with __proto__ own properties
#7464
opened Apr 20, 2026 by
Wenxin-Jiang
Loading…
[GHSA-prf8-cf2x-rhx7] fabric-sdk-java has ObjectInputStream.readObject() without ObjectInputFilter, which allows Java deserialization RCE
#7570
opened May 1, 2026 by
brodmart
Loading…
[GHSA-w5hq-g745-h8pq] uuid: Missing buffer bounds check in v3/v5/v6 when buf is provided
#7578
opened May 4, 2026 by
c-harding
Loading…
[GHSA-q3mw-pvr8-9ggc] Apache Tomcat Open Redirect vulnerability
#7517
opened Apr 28, 2026 by
hara-satoshi-ymr
Loading…
[GHSA-vxg3-v4p6-f3fp] Pimcore vulnerable to SQL injection via unsanitized filter value in Dependency Dao RLIKE clause
Stale
#7340
opened Apr 9, 2026 by
herbertroth
Loading…
[GHSA-w5hq-g745-h8pq] uuid: Missing buffer bounds check in v3/v5/v6 when buf is provided
#7585
opened May 4, 2026 by
milenkotomic
Loading…
[GHSA-j3q9-mxjg-w52f] path-to-regexp vulnerable to Denial of Service via sequential optional groups
Stale
#7282
opened Apr 1, 2026 by
CodyCodeman
Loading…
[GHSA-563x-q5rq-57qp] Apache Tomcat has an HTTP Request/Response Smuggling vulnerability
#7519
opened Apr 28, 2026 by
aruneko
Loading…
[GHSA-vpq2-c234-7xj6] @tootallnate/once vulnerable to Incorrect Control Flow Scoping
#7573
opened May 4, 2026 by
janpe
Loading…
[GHSA-f23m-r3pf-42rh] lodash vulnerable to Prototype Pollution via array path bypass in
_.unset and _.omit
Stale
#7320
opened Apr 8, 2026 by
Kteamk
Loading…
fix: correct GHSA-pfr9-2p92-qrhq dbn fixed version 0.22.0 -> 0.22.1
#7483
opened Apr 21, 2026 by
DEVSOG12
Loading…
[GHSA-344f-f5vg-2jfj] Potential remote code execution in Apache Tomcat
#7520
opened Apr 28, 2026 by
aruneko
Loading…
[GHSA-j39c-c8hj-x4j3] Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat
#7523
opened Apr 28, 2026 by
hara-satoshi-ymr
Loading…
[GHSA-2mjp-6q6p-2qxm] Undici has an HTTP Request/Response Smuggling issue
#7514
opened Apr 28, 2026 by
tijuks
Loading…
[GHSA-8vrh-3pm2-v4v6] FileBrowser Quantum: Password Protection Not Enforced on Shared File Links
#7353
opened Apr 9, 2026 by
ByteAfterlife
Loading…
[GHSA-jpcq-cgw6-v4j6] Potential XSS vulnerability in jQuery
Stale
#7435
opened Apr 19, 2026 by
sealonohana
Loading…
[GHSA-23f4-hfmq-94mj] Quick-Media Batik Codec FIX Package has Buffer Overflow Vulnerability in PNG Codec
#7438
opened Apr 19, 2026 by
carlosame
Loading…
[GHSA-hx9m-jf43-8ffr] seroval affected by Denial of Service via RegExp serialization
#7463
opened Apr 20, 2026 by
Wenxin-Jiang
Loading…
[GHSA-qcxh-w3j9-58qr] Apache Tomcat Denial of Service vulnerability
#7516
opened Apr 28, 2026 by
aruneko
Loading…
Add advisory: asn1 BerReader infinite loop CPU DoS (CWE-835)
#7561
opened Apr 30, 2026 by
tynus3
Loading…
[GHSA-x8mh-94wc-33gv] Apache Airflow's SMTP provider
SmtpHook called Python's...
#7562
opened Apr 30, 2026 by
francisbergin
Loading…
Previous Next
ProTip!
Mix and match filters to narrow down what you’re looking for.