Skip to content

Pull requests: github/advisory-database

New pull request New
260 Open 6,901 Closed
260 Open 6,901 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Assigned to nobody Loading
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

[GHSA-263q-5cv3-xq9g] Gitea allows attackers to add attachments with forbidden file extensions
#8114 opened Jun 24, 2026 by brianrlamar-enlighten Loading…
[GHSA-98m9-hrrm-r99r] Faraday: Uncontrolled recursion in NestedParamsEncoder allows stack exhaustion DoS via deeply nested query parameters
#8113 opened Jun 24, 2026 by Starfox64 Loading…
4
[GHSA-5jmj-h7xm-6q6v] jackson-databind has case-insensitive deserialization bypasses per-property @JsonIgnoreProperties
#8112 opened Jun 24, 2026 by pjfanning Loading…
4
[GHSA-98m9-hrrm-r99r] Faraday: Uncontrolled recursion in NestedParamsEncoder allows stack exhaustion DoS via deeply nested query parameters
#8111 opened Jun 24, 2026 by iBotPeaches Loading…
3
[GHSA-663r-x48j-fg8p] A weakness has been identified in jsonata-js jsonata up...
#8110 opened Jun 24, 2026 by mattbaileyuk Loading…
[GHSA-5vg9-5847-vvmq] Laravel Framework: CRLF injection in default email rule
#8109 opened Jun 24, 2026 by OmarXtream Loading…
1
[GHSA-98m9-hrrm-r99r] Faraday: Uncontrolled recursion in NestedParamsEncoder allows stack exhaustion DoS via deeply nested query parameters
#8108 opened Jun 24, 2026 by G-Rath Loading…
2
Add fix references to GHSA-cmwh-pvxp-8882 (DOMPurify)
#8106 opened Jun 23, 2026 by EchoTydes Loading…
[GHSA-rhv4-8758-jx7v] Decimal: Unbounded exponent in Decimal.new enables unauthenticated DoS
#8105 opened Jun 23, 2026 by tiagoefmoraes Loading…
1
Add fix references to GHSA-vq2f-vcc9-j8mv (python-liquid)
#8104 opened Jun 23, 2026 by EchoTydes Loading…
Add fix references to GHSA-h8w8-99g7-qmvj (concurrent-ruby)
#8103 opened Jun 23, 2026 by EchoTydes Loading…
Add fix references to GHSA-35p6-xmwp-9g52 (undici)
#8101 opened Jun 23, 2026 by EchoTydes Loading…
Add fix references to GHSA-cwxw-98qj-8qjx (guzzlehttp/guzzle)
#8100 opened Jun 23, 2026 by EchoTydes Loading…
[GHSA-jxfc-8wcq-xxcg] The Gravity SMTP plugin for WordPress is vulnerable to...
#8099 opened Jun 23, 2026 by nickpelton Loading…
5
[GHSA-7m2p-62gw-p8qq] Due to incorrect host parsing, applications that rely on...
#8097 opened Jun 23, 2026 by julianladisch Loading…
[GHSA-3prj-6hqw-cm82] PHP JWT Library: PBES2-HS*+A*KW unwrap accepts an unbounded p2c iteration count, enabling CPU-amplification denial of service
#8096 opened Jun 23, 2026 by hostep Loading…
2
[GHSA-jc38-x7x8-2xc8] PHP JWT Framework: JWSVerifier uses algorithm from unprotected header, enabling algorithm confusion attacks
#8095 opened Jun 23, 2026 by hostep Loading…
1
[GHSA-293q-567p-wmwq] SubjectDnX509PrincipalExtractor does not correctly handle...
#8094 opened Jun 23, 2026 by julianladisch Loading…
[GHSA-g3pr-3p32-fp23] In Micrometer, it is possible for a user to provide...
#8092 opened Jun 23, 2026 by julianladisch Loading…
[GHSA-w737-wx49-qj23] In Micrometer, it is possible for a user to provide...
#8091 opened Jun 23, 2026 by julianladisch Loading…
[GHSA-42jc-v69j-g38f] Gophish through 0.12.1 contains a denial of service...
#8090 opened Jun 23, 2026 by ashikmd7 Loading…
Add LangSmith SDK 0.8.18 fix references
#8089 opened Jun 22, 2026 by krotname Loading…
[GHSA-c8q4-9h32-2ww8] Spinnaker has uon-safe yaml deserialization, allowing RCE when using specific types
#8088 opened Jun 22, 2026 by connorshea Loading…
2
[GHSA-5xgj-pmjj-gw49] RISC Zero zkVM notes on zero-knowledge
#8087 opened Jun 22, 2026 by v-sdingari Loading…
2
[GHSA-5xgj-pmjj-gw49] RISC Zero zkVM notes on zero-knowledge
#8083 opened Jun 22, 2026 by Saireddy453 Loading…
3
ProTip! Find all pull requests that aren't related to any open issues with -linked:issue.