Pulse · github/advisory-database · GitHub

June 4, 2025 – June 11, 2025

Overview

14 Active pull requests

2 Active issues

7 Pull requests merged by 6 people

[GHSA-cvx7-x8pj-x2gw] CoreDNS Vulnerable to DoQ Memory Exhaustion via Stream Amplification
#5696 merged Jun 9, 2025
[GHSA-g92j-qhmh-64v2] Sentry's Python SDK unintentionally exposes environment variables to subprocesses
#5694 merged Jun 6, 2025
[GHSA-8j8w-wwqc-x596] Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11...
#5691 merged Jun 6, 2025
[GHSA-v3c8-3pr6-gr7p] Multiple vector store integrations in run-llama...
#5690 merged Jun 6, 2025
[GHSA-g3p6-82vc-43jh] Yii 2 Redis may expose AUTH paramters in logs in case of connection failure
#5693 merged Jun 6, 2025
[GHSA-wrxf-x8rm-6ggg] Fluent Fluentd and Fluent-ui use default password
#5686 merged Jun 5, 2025
[GHSA-jr6h-r7vg-f9mc] org.ini4j allows attackers to cause a Denial of Service (DoS)
#5687 merged Jun 4, 2025

7 Pull requests opened by 7 people

[GHSA-274v-mgcv-cm8j] Argo CD GitOps Engine does not scrub secret values from patch errors
#5689 opened Jun 4, 2025
[GHSA-wrxf-x8rm-6ggg] Fluent Fluentd and Fluent-ui use default password
#5692 opened Jun 6, 2025
[GHSA-pfq8-rq6v-vf5m] kangax html-minifier REDoS vulnerability
#5695 opened Jun 7, 2025
[GHSA-v6h2-p8h4-qcjw] brace-expansion Regular Expression Denial of Service vulnerability
#5701 opened Jun 11, 2025
[GHSA-v6h2-p8h4-qcjw] brace-expansion Regular Expression Denial of Service vulnerability
#5702 opened Jun 11, 2025
[GHSA-v6h2-p8h4-qcjw] brace-expansion Regular Expression Denial of Service vulnerability
#5706 opened Jun 11, 2025
[GHSA-2865-hh9g-w894] Microsoft Security Advisory CVE-2025-24070: .NET Elevation of Privilege Vulnerability
#5707 opened Jun 11, 2025

1 Issue closed by 1 person

Correction Required in GHSA-2pcj-76hj-xqhm Advisory
#5684 closed Jun 9, 2025

1 Issue opened by 1 person

Advisory GHSA-g434-3q2j-hj4r lists incorrect fixed version
#5688 opened Jun 4, 2025