3 Pull requests merged by 3 people

• [GHSA-fc9h-whq2-v747] Valid ECDSA signatures erroneously rejected in Elliptic

  #5442 merged Jun 27, 2025

• [GHSA-h6gj-6jjq-h8g9] jQuery UI vulnerable to XSS when refreshing a checkboxradio with an HTML-like initial text label

  #5757 merged Jun 27, 2025

• [GHSA-rx97-6c62-55mf] Hashicorp Nomad Incorrect Privilege Assignment vulnerability

  #5759 merged Jun 27, 2025

4 Pull requests opened by 4 people

• [GHSA-vhxf-7vqr-mrjg] DOMPurify allows Cross-site Scripting (XSS)

  #5763 opened Jun 27, 2025

• [GHSA-vv7r-c36w-3prj] Apache Commons FileUpload, Apache Commons FileUpload: FileUpload DoS via part headers

  #5764 opened Jun 27, 2025

• [GHSA-v6h2-p8h4-qcjw] brace-expansion Regular Expression Denial of Service vulnerability

  #5766 opened Jun 28, 2025

• [GHSA-rc42-6c7j-7h5r] Spring Boot EndpointRequest.to() creates wrong matcher if actuator endpoint is not exposed

  #5768 opened Jun 28, 2025

1 Issue closed by 1 person

• Include Mend.io database

  #5727 closed Jun 26, 2025

3 Issues opened by 3 people

• Data

  #5769 opened Jun 28, 2025

• Possible Inaccuracy in XXE Vulnerability: Advisory-[GHSA-jffq-528j-mp6c]

  #5767 opened Jun 28, 2025

• Go: Supported ecosystem

  #5762 opened Jun 27, 2025

2 Unresolved conversations

Sometimes conversations happen on old items that aren’t yet closed. Here is a list of all the Issues and Pull Requests with unresolved conversations.

• julia ecosystem support

  #1689 commented on Jun 27, 2025 • 0 new comments

• [GHSA-9pp5-9c7g-4r83] Spring Security authorization bypass for method security annotations on private methods

  #5747 commented on Jun 26, 2025 • 0 new comments