13 Pull requests merged by 5 people

• [GHSA-4q53-fqhc-cr46] ember-source Cross-site Scripting vulnerability

  #5987 merged Aug 11, 2025

• [GHSA-m8p2-495h-ccmh] The SafeHtml annotation in Hibernate-Validator does not properly guard against XSS attacks

  #5791 merged Aug 11, 2025

• [GHSA-4q53-fqhc-cr46] ember-source Cross-site Scripting vulnerability

  #5986 merged Aug 11, 2025

• [GHSA-h4h6-vccr-44h2] uptrace pgdriver SQL injection vulnerability

  #5985 merged Aug 11, 2025

• [GHSA-xwmg-2g98-w7v9] Nimbus JOSE + JWT is vulnerable to DoS attacks when processing deeply nested JSON

  #5983 merged Aug 11, 2025

• [GHSA-x5rq-j2xg-h7qm] Regular Expression Denial of Service (ReDoS) in lodash

  #5982 merged Aug 11, 2025

• [GHSA-jf85-cpcp-j695] Prototype Pollution in lodash

  #5981 merged Aug 11, 2025

• [GHSA-4xc9-xhrj-v574] Prototype Pollution in lodash

  #5980 merged Aug 11, 2025

• [GHSA-fvqr-27wr-82fm] Prototype Pollution in lodash

  #5979 merged Aug 11, 2025

• [GHSA-p6mc-m468-83gw] Prototype Pollution in lodash

  #5978 merged Aug 11, 2025

• [GHSA-35jh-r3h4-6jhm] Command Injection in lodash

  #5977 merged Aug 11, 2025

• [GHSA-29mw-wpgm-hmr9] Regular Expression Denial of Service (ReDoS) in lodash

  #5976 merged Aug 11, 2025

• [GHSA-h4h6-vccr-44h2] uptrace pgdriver SQL injection vulnerability

  #5975 merged Aug 11, 2025

1 Pull request opened by 1 person

• [GHSA-m5xw-hwxw-fq3j] Deserialization of untrusted data in IPC and Parquet...

  #5988 opened Aug 12, 2025

1 Unresolved conversation

Sometimes conversations happen on old items that aren’t yet closed. Here is a list of all the Issues and Pull Requests with unresolved conversations.

• [GHSA-34rf-485x-g5h7] Arbitrary Command Injection in Kubernetes Headlamp via macOS Process codeSign

  #5802 commented on Aug 11, 2025 • 0 new comments