7 Pull requests merged by 7 people

• [GHSA-v3c8-3pr6-gr7p] Multiple vector store integrations in run-llama...

  #5690 merged Jun 6, 2025

• [GHSA-g3p6-82vc-43jh] Yii 2 Redis may expose AUTH paramters in logs in case of connection failure

  #5693 merged Jun 6, 2025

• [GHSA-wrxf-x8rm-6ggg] Fluent Fluentd and Fluent-ui use default password

  #5686 merged Jun 5, 2025

• [GHSA-jr6h-r7vg-f9mc] org.ini4j allows attackers to cause a Denial of Service (DoS)

  #5687 merged Jun 4, 2025

• [GHSA-rhx6-c78j-4q9w] Unpatched path-to-regexp ReDoS in 0.1.x

  #5685 merged Jun 3, 2025

• [GHSA-rhx6-c78j-4q9w] Unpatched path-to-regexp ReDoS in 0.1.x

  #5603 merged Jun 3, 2025

• [GHSA-4wp7-92pw-q264] CVE-2024-38820 ensured Locale-independent, lowercase...

  #5683 merged Jun 2, 2025

4 Pull requests opened by 4 people

• [GHSA-274v-mgcv-cm8j] Argo CD GitOps Engine does not scrub secret values from patch errors

  #5689 opened Jun 4, 2025

• [GHSA-8j8w-wwqc-x596] Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11...

  #5691 opened Jun 5, 2025

• [GHSA-wrxf-x8rm-6ggg] Fluent Fluentd and Fluent-ui use default password

  #5692 opened Jun 6, 2025

• [GHSA-g92j-qhmh-64v2] Sentry's Python SDK unintentionally exposes environment variables to subprocesses

  #5694 opened Jun 6, 2025

2 Issues opened by 2 people

• Advisory GHSA-g434-3q2j-hj4r lists incorrect fixed version

  #5688 opened Jun 4, 2025

• Correction Required in GHSA-2pcj-76hj-xqhm Advisory

  #5684 opened Jun 2, 2025

1 Unresolved conversation

Sometimes conversations happen on old items that aren’t yet closed. Here is a list of all the Issues and Pull Requests with unresolved conversations.

• [GHSA-c678-jfcj-6jmf] A vulnerability was found in PyTorch 2.6.0+cu124. It has...

  #5512 commented on Jun 3, 2025 • 0 new comments