9 Pull requests merged by 8 people

• [GHSA-cj7v-w2c7-cp7c] nest allows a remote attacker to execute arbitrary code via the Content-Type header

  #5455 merged Apr 11, 2025

• [GHSA-cj7v-w2c7-cp7c] nest allows a remote attacker to execute arbitrary code via the Content-Type header

  #5453 merged Apr 11, 2025

• [GHSA-mh63-6h87-95cp] jwt-go allows excessive memory allocation during header parsing

  #5447 merged Apr 10, 2025

• [GHSA-mh63-6h87-95cp] jwt-go allows excessive memory allocation during header parsing

  #5427 merged Apr 10, 2025

• [GHSA-gvwq-6fmx-28xm] A prototype pollution in the function fieldsToJson of...

  #5448 merged Apr 10, 2025

• [GHSA-pgr7-mhp5-fgjp] vLLM deserialization vulnerability in vllm.distributed.GroupCoordinator.recv_object

  #5444 merged Apr 9, 2025

• [GHSA-fh2c-86xm-pm2x] LiteLLM Vulnerable to Denial of Service (DoS) via Crafted HTTP Request

  #5446 merged Apr 8, 2025

• [GHSA-428q-q3vv-3fq3] GraphQL grant on a property might be cached with different objects

  #5445 merged Apr 8, 2025

• [GHSA-r7jx-5m6m-cpg9] eazy-logger prototype pollution

  #5443 merged Apr 7, 2025

3 Pull requests opened by 2 people

• [GHSA-fc9h-whq2-v747] Valid ECDSA signatures erroneously rejected in Elliptic

  #5442 opened Apr 7, 2025

• [GHSA-jr5f-v2jv-69x6] axios Requests Vulnerable To Possible SSRF and Credential Leakage via Absolute URL

  #5451 opened Apr 11, 2025

• [GHSA-vjh7-7g9h-fjfh] Elliptic's private key extraction in ECDSA upon signing a malformed input (e.g. a string)

  #5452 opened Apr 11, 2025

1 Issue opened by 1 person

• My

  #5454 opened Apr 11, 2025

1 Unresolved conversation

Sometimes conversations happen on old items that aren’t yet closed. Here is a list of all the Issues and Pull Requests with unresolved conversations.

• [GHSA-g73c-fw68-pwx3] pgAdmin 4 Vulnerable to Remote Code Execution

  #5439 commented on Apr 5, 2025 • 0 new comments