Skip to content

Pull requests: github/advisory-database

New pull request New
22 Open 6,333 Closed
22 Open 6,333 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Assigned to nobody Loading
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

merge update
#7174 opened Mar 15, 2026 by kristentr Loading…
[GHSA-q9hv-hpm4-hj6x] CIRCL has an incorrect calculation in secp384r1 CombinedMult
#7173 opened Mar 15, 2026 by yusuke-koyoshi Loading…
3
[GHSA-f38f-5xpm-9r7c] Add missing reporter credit
#7172 opened Mar 15, 2026 by SnailSploit Loading…
Nike4565 ghsa g353 mgv3 8pcj
#7171 opened Mar 14, 2026 by nike4565 Loading…
Reclaiming PR after account suspension — restoring authorship and continuing GHSA work
#7169 opened Mar 14, 2026 by nike4565 Loading…
6
[GHSA-gmq8-994r-jv83] yauzl contains an off-by-one error
#7168 opened Mar 14, 2026 by adalinesimonian Loading…
1
[GHSA-mq3p-rrmp-79jg] go-ethereum is vulnerable to high CPU usage leading to DoS via malicious p2p message
#7167 opened Mar 14, 2026 by nike4565 Loading…
1
Improve GHSA-g353-mgv3-8pcj chore(security): merge all branches and consolidate npm vulnerability fixes into main
#7166 opened Mar 14, 2026 by nike4565 Loading…
[GHSA-g353-mgv3-8pcj] OpenClaw: Feishu webhook mode accepted forged events when only verificationToken was configured
#7165 opened Mar 14, 2026 by nike4565 Loading…
5
Revise details and severity for GHSA-xrf6-v8xr-fg2f
#7164 opened Mar 14, 2026 by Jarrettgohxz Loading…
[GHSA-r353-4845-pr5p] simplesamlphp/xml-security: Missing AES-GCM Authentication Tag Validation on Encrypted Nodes Allows for Unauthorized Decryption
#7162 opened Mar 14, 2026 by tvdijen Loading…
3
[GHSA-mw8w-q3f7-2v85] Podinfo affected by Arbitrary File Upload that leads to Stored Cross-Site Scripting (XSS)
#7160 opened Mar 14, 2026 by stefanprodan Loading…
2
[GHSA-w3pf-28jm-x86v] A Time-of-check Time-of-use (TOCTOU) Race Condition...
#7158 opened Mar 14, 2026 by Tone675929 Loading…
[GHSA-mq3p-rrmp-79jg] go-ethereum is vulnerable to high CPU usage leading to DoS via malicious p2p message
#7103 opened Mar 4, 2026 by timothyfraser1955-del Loading…
5
[GHSA-r6q2-hw4h-h46w] Race Condition in node-tar Path Reservations via Unicode Ligature Collisions on macOS APFS
#7095 opened Mar 2, 2026 by urielcos Loading…
3
[GHSA-h2f4-v4c4-6wx4] Uncontrolled Resource Consumption in org.eclipse.jetty:jetty-server
#7093 opened Mar 2, 2026 by Meet003118 Loading…
2
[GHSA-mw96-cpmx-2vgc] Rollup 4 has Arbitrary File Write via Path Traversal
#7089 opened Mar 1, 2026 by JaclynCodes Loading…
1
[GHSA-7r86-cg39-jmmj] minimatch has ReDoS: matchOne() combinatorial backtracking via multiple non-adjacent GLOBSTAR segments
#7087 opened Feb 28, 2026 by ljharb Loading…
3
[GHSA-qq67-mvv5-fw3g] Astro has Full-Read SSRF in error rendering via Host: header injection Keep
#7055 opened Feb 24, 2026 by kytta Loading…
8
[GHSA-8398-gmmx-564h] n8n has a Python sandbox escape Stale
#7029 opened Feb 23, 2026 by c0rydoras Loading…
5
[GHSA-632q-77qj-c89q] Improve advisory details: reference incomplete fix for CVE-2024-28709 Stale
#6787 opened Feb 6, 2026 by decsecre583 Loading…
5
[GHSA-r6q2-hw4h-h46w] Race Condition in node-tar Path Reservations via Unicode Ligature Collisions on macOS APFS Stale
#6733 opened Jan 28, 2026 by ssushant0011 Loading…
6
ProTip! no:milestone will show everything without a milestone.