Skip to content

Pull requests: github/advisory-database

New pull request New
39 Open 3,408 Closed
39 Open 3,408 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Assigned to nobody Loading
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

Publish GHSA-5wfc-hjrc-gq87
#7538 opened Apr 28, 2026 by e7457166-a11y Loading…
1
[GHSA-q67f-28xg-22rw] Forge has signature forgery in Ed25519 due to missing S > L check
#7536 opened Apr 28, 2026 by DRAWING99 Loading…
1
Improve GHSA-qx2v-qp2m-jg93 invalid This doesn't seem right
#7535 opened Apr 28, 2026 by asrarmared-ship-it Loading…
4
[GHSA-h7wm-ph43-c39p] Scrapy denial of service vulnerability
#7532 opened Apr 28, 2026 by G-Rath Loading…
[GHSA-q34m-jh98-gwm2] Werkzeug possible resource exhaustion when parsing file data in forms
#7527 opened Apr 28, 2026 by levpachmanov Loading…
1
[GHSA-hrfv-mqp8-q5rw] Werkzeug DoS: High resource usage when parsing multipart/form-data containing a large part with CR/LF character at the beginning
#7526 opened Apr 28, 2026 by levpachmanov Loading…
1
[GHSA-69cc-cv78-qc8g] Apache Tomcat: Configured cipher preference order not preserved
#7524 opened Apr 28, 2026 by aruneko Loading…
1
[GHSA-j39c-c8hj-x4j3] Exposure of Sensitive Information to an Unauthorized Actor in Apache Tomcat
#7523 opened Apr 28, 2026 by hara-satoshi-ymr Loading…
3
[GHSA-95jq-rwvf-vjx4] Apache Tomcat: CLIENT_CERT authentication does not fail as expected
#7522 opened Apr 28, 2026 by aruneko Loading…
[GHSA-653p-vg55-5652] Apache Tomcat Uncontrolled Resource Consumption vulnerability
#7521 opened Apr 28, 2026 by yusuke-koyoshi Loading…
[GHSA-344f-f5vg-2jfj] Potential remote code execution in Apache Tomcat
#7520 opened Apr 28, 2026 by aruneko Loading…
3
[GHSA-563x-q5rq-57qp] Apache Tomcat has an HTTP Request/Response Smuggling vulnerability
#7519 opened Apr 28, 2026 by aruneko Loading…
4
[GHSA-vf77-8h7g-gghp] Improper Restriction of Operations within the Bounds of a Memory Buffer in Apache Tomcat
#7518 opened Apr 28, 2026 by aruneko Loading…
1
[GHSA-q3mw-pvr8-9ggc] Apache Tomcat Open Redirect vulnerability
#7517 opened Apr 28, 2026 by hara-satoshi-ymr Loading…
5
[GHSA-qcxh-w3j9-58qr] Apache Tomcat Denial of Service vulnerability
#7516 opened Apr 28, 2026 by aruneko Loading…
2
[GHSA-24j9-x2wg-9qv6] Apache Tomcat: CLIENT_CERT authentication does not fail as expected
#7515 opened Apr 28, 2026 by aruneko Loading…
1
[GHSA-2mjp-6q6p-2qxm] Undici has an HTTP Request/Response Smuggling issue
#7514 opened Apr 28, 2026 by tijuks Loading…
2
[GHSA-x5gf-qvw8-r2rm] pm2 Regular Expression Denial of Service vulnerability
#7513 opened Apr 27, 2026 by corridormatt Loading…
Add GHSA-fhw2-h46x-v2mj: Arbitrary local file disclosure in @playwright/mcp
#7511 opened Apr 27, 2026 by mmzha2013 Loading…
1
[GHSA-jfwf-28xr-xw6q] RClone: Unauthenticated operations/fsinfo allows attacker-controlled backend instantiation and local command execution
#7510 opened Apr 27, 2026 by augustocesarperin Loading…
1
[GHSA-v92g-xgxw-vvmm] Mako: Path traversal via double-slash URI prefix in TemplateLookup
#7508 opened Apr 26, 2026 by augustocesarperin Loading…
1
[GHSA-rvhj-8chj-8v3c] Mflow: Command Injection when serving models with enable_mlserver=True
#7507 opened Apr 26, 2026 by rotemd-apiiro Loading…
[GHSA-qj8w-gfj5-8c6v] Serialize JavaScript has CPU Exhaustion Denial of Service via crafted array-like objects
#7506 opened Apr 26, 2026 by sealonohana Loading…
1
[GHSA-mw35-8rx3-xf9r] Ray: Remote Code Execution via Parquet Arrow Extension Type Deserialization
#7504 opened Apr 25, 2026 by shakevsky Loading…
1
[GHSA-cw7v-45wm-mcf2] Kirby CMS has Persistent DoS via Malformed Image Upload
#7503 opened Apr 24, 2026 by lukasbestle Loading…
5
ProTip! Find all pull requests that aren't related to any open issues with -linked:issue.