Skip to content

Pull requests: github/advisory-database

New pull request New
59 Open 6,547 Closed
59 Open 6,547 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Assigned to nobody Loading
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

fix: correct GHSA-pfr9-2p92-qrhq dbn fixed version 0.22.0 -> 0.22.1
#7483 opened Apr 21, 2026 by DEVSOG12 Loading…
3
fix: correct GHSA-4j5j-58j7-6c3w dulwich fixed version 0.9.9 -> 0.10.0
#7482 opened Apr 21, 2026 by DEVSOG12 Loading…
1
[GHSA-cq8v-f236-94qc] Rand is unsound with a custom logger using rand::rng()
#7481 opened Apr 21, 2026 by nbagnard Loading…
4
[GHSA-hcp2-x6j4-29j7] RustCrypto: Signatures has timing side-channel in ML-DSA decomposition
#7479 opened Apr 21, 2026 by tarcieri Loading…
1
[GHSA-wjxp-xrpv-xpff] Tekton Pipelines: Git resolver API mode leaks system-configured API token to user-controlled serverURL
#7478 opened Apr 21, 2026 by stenzopolis1986-art Loading…
1
[GHSA-9hxg-w7qf-hh93] Use Go pseudo-version for fixed version
#7477 opened Apr 21, 2026 by cookesan Loading…
[GHSA-r4q5-vmmm-2653] follow-redirects leaks Custom Authentication Headers to Cross-Domain Redirect Targets
#7476 opened Apr 21, 2026 by ljharb Loading…
3
[GHSA-cxjh-pqwp-8mfp] follow-redirects' Proxy-Authorization header kept across hosts
#7475 opened Apr 21, 2026 by ljharb Loading…
3
[GHSA-jchw-25xp-jwwc] Follow Redirects improperly handles URLs in the url.parse() function
#7474 opened Apr 21, 2026 by ljharb Loading…
2
[GHSA-pw2r-vq6v-hr8c] Exposure of Sensitive Information to an Unauthorized Actor in follow-redirects
#7473 opened Apr 21, 2026 by ljharb Loading…
2
[GHSA-74fj-2j2h-c42q] Exposure of sensitive information in follow-redirects
#7472 opened Apr 21, 2026 by ljharb Loading…
1
[GHSA-6qvv-pj99-48qm] @adonisjs/http-server has an Open Redirect vulnerability
#7471 opened Apr 21, 2026 by TheAdamGalloway Loading…
1
[GHSA-p93r-85wp-75v3] Covert timing channel vulnerability in Legion of the...
#7470 opened Apr 21, 2026 by marcelstoer Loading…
2
Exploited
#7469 opened Apr 21, 2026 by SunShineHead Loading…
[GHSA-4hmj-39m8-jwc7] OpenClaw has ACP CLI approval prompt ANSI escape sequence injection
#7468 opened Apr 20, 2026 by anlakii Loading…
1
[GHSA-xq7p-g2vc-g82p] Homograph attack allows Unicode lookalike characters to bypass validation.
#7466 opened Apr 20, 2026 by Wenxin-Jiang Loading…
1
[GHSA-px4h-xg32-q955] ReDoS in normalize-url
#7465 opened Apr 20, 2026 by Wenxin-Jiang Loading…
[GHSA-mwv9-gp5h-frr4] Sveltejs devalue's devalue.parse and devalue.unflatten emit objects with __proto__ own properties
#7464 opened Apr 20, 2026 by Wenxin-Jiang Loading…
7
[GHSA-hx9m-jf43-8ffr] seroval affected by Denial of Service via RegExp serialization
#7463 opened Apr 20, 2026 by Wenxin-Jiang Loading…
2
[GHSA-gpvj-q7fp-jcch] simplehttpserver allows directory traversal and file listing
#7462 opened Apr 20, 2026 by Wenxin-Jiang Loading…
[GHSA-ff7x-qrg7-qggm] dot-prop Prototype Pollution vulnerability
#7461 opened Apr 20, 2026 by Wenxin-Jiang Loading…
[GHSA-f6v4-cf5j-vf3w] dset Prototype Pollution vulnerability
#7460 opened Apr 20, 2026 by Wenxin-Jiang Loading…
1
[GHSA-92fh-27vv-894w] nanotar is vulnerable to path traversal in parseTar() and parseTarGzip()
#7458 opened Apr 20, 2026 by Wenxin-Jiang Loading…
[GHSA-8r6j-v8pm-fqw3] Code injection in fsevents
#7457 opened Apr 20, 2026 by Wenxin-Jiang Loading…
[GHSA-8j4w-5fw4-rm27] Prototype Pollution in deeply
#7456 opened Apr 20, 2026 by Wenxin-Jiang Loading…
ProTip! no:milestone will show everything without a milestone.