6 Pull requests merged by 6 people

• [GHSA-rhh4-rh7c-7r5v] Archiver Path Traversal vulnerability

  #5506 merged May 7, 2025

• [GHSA-pfrc-5hhq-6hvr] Showdoc Unauthenticated Access

  #5505 merged May 6, 2025

• [GHSA-9rw2-jf8x-cgwm] Flair allows arbitrary code execution

  #5498 merged May 2, 2025

• [GHSA-fjfg-q662-gm6j] Moderate severity vulnerability that affects rails

  #5497 merged May 1, 2025

• [GHSA-75v8-2h7p-7m2m] Formidable relies on hexoid to prevent guessing of filenames for untrusted executable content

  #5493 merged Apr 30, 2025

• [GHSA-j3g3-5qv5-52mj] net-imap rubygem vulnerable to possible DoS by memory exhaustion

  #5494 merged Apr 30, 2025

5 Pull requests opened by 2 people

• [GHSA-hw58-3793-42gg] Keycloak hostname verification

  #5495 opened Apr 30, 2025

• [GHSA-jfh8-c2jp-5v3q] Remote code injection in Log4j

  #5501 opened May 5, 2025

• Add `pax-logging-log4j2` to CVE-2021-45046

  #5502 opened May 5, 2025

• Add affected `pax-logging-log4j2` to CVE-2021-45105

  #5503 opened May 5, 2025

• Add affected `pax-logging-log4j2` to CVE-2021-44832

  #5504 opened May 5, 2025

2 Unresolved conversations

Sometimes conversations happen on old items that aren’t yet closed. Here is a list of all the Issues and Pull Requests with unresolved conversations.

• [GHSA-qjp7-gvrw-vxmf] An attacker authenticated as an administrator can use an...

  #5462 commented on May 1, 2025 • 0 new comments

• [GHSA-gvwq-6fmx-28xm] node-opcua-alarm-condition prototype pollution vulnerability

  #5474 commented on May 7, 2025 • 0 new comments