Insights: github/advisory-database

11 Pull requests merged by 9 people

• [GHSA-g4rg-993r-mgx7] Improper Neutralization of Special Elements used in a Command in Shell-quote

  #766 merged Oct 21, 2022

• [GHSA-g4rg-993r-mgx7] Improper Neutralization of Special Elements used in a Command in Shell-quote

  #748 merged Oct 21, 2022

• [GHSA-2j79-8pqc-r7x6] react-native-reanimated vulnerable to ReDoS

  #765 merged Oct 20, 2022

• [GHSA-8687-vv9j-hgph] Improper Input Validation in Automattic Mongoose

  #763 merged Oct 20, 2022

• [GHSA-w596-4wvx-j9j6] ReDoS in py library

  #761 merged Oct 19, 2022

• [GHSA-9pgh-qqpf-7wqj] Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in @xmldom/xmldom and xmldom

  #759 merged Oct 18, 2022

• [GHSA-9pgh-qqpf-7wqj] Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in @xmldom/xmldom and xmldom

  #754 merged Oct 18, 2022

• [GHSA-56h3-78gp-v83r] Jettison parser crash by stackoverflow

  #758 merged Oct 18, 2022

• [GHSA-jjjh-jjxp-wpff] Uncontrolled Resource Consumption in Jackson-databind

  #755 merged Oct 18, 2022

• [GHSA-9pgh-qqpf-7wqj] Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in @xmldom/xmldom and xmldom

  #753 merged Oct 18, 2022

• [GHSA-9pgh-qqpf-7wqj] Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') in @xmldom/xmldom and xmldom

  #747 merged Oct 17, 2022

6 Pull requests opened by 5 people

• [GHSA-3jfq-g458-7qm9] Arbitrary File Creation/Overwrite due to insufficient absolute path sanitization

  #746 opened Oct 16, 2022

• [GHSA-4h33-v95w-8vh4] A flaw was found in darkhttpd. Invalid error handling...

  #760 opened Oct 19, 2022

• GHSA-w596-4wvx-j9j6: mark as withdrawn

  #762 opened Oct 20, 2022

• [GHSA-3f7h-mf4q-vrm4] XStream Denial of Service due to parser crash

  #764 opened Oct 20, 2022

• [GHSA-crxj-hrmp-4rwf] Labstack Echo Open Redirect vulnerability

  #767 opened Oct 21, 2022

• [GHSA-g4rg-993r-mgx7] Improper Neutralization of Special Elements used in a Command in Shell-quote

  #769 opened Oct 23, 2022

6 Issues closed by 2 people

• .NET CVE backfill - round 3

  #741 closed Oct 21, 2022

• "ansi_term is Unmaintained" is not a security advisory

  #682 closed Oct 18, 2022

• .NET CVE backfill - CVE-2022-24512

  #740 closed Oct 18, 2022

• Informational RustSec Advisory Presentation

  #683 closed Oct 18, 2022

• Phrase

  #757 closed Oct 18, 2022

• gi

  #749 closed Oct 17, 2022

1 Issue opened by 1 person

• Support for ecosystem CTAN

  #756 opened Oct 18, 2022

6 Unresolved conversations

Sometimes conversations happen on old items that aren’t yet closed. Here is a list of all the Issues and Pull Requests with unresolved conversations.

• Backdoor:PHP/Remoteshell.V

  #701 commented on Oct 17, 2022 • 3 new comments

• .NET CVEs backfill - round 2

  #739 commented on Oct 17, 2022 • 1 new comment

• GHSA-w687-f44x-x42j false positive?

  #419 commented on Oct 18, 2022 • 1 new comment

• [GHSA-f7gc-6hcj-wc42] Malicious Package in path-to-regxep

  #705 commented on Oct 20, 2022 • 1 new comment

• [GHSA-r4r9-mgjc-g6q3] Path Traversal in 626

  #706 commented on Oct 20, 2022 • 1 new comment

• [GHSA-jxhc-q857-3j6g] Regular Expression Denial of Service in Addressable templates

  #734 commented on Oct 23, 2022 • 1 new comment