8 Pull requests merged by 7 people

• Improve GHSA-274v-mgcv-cm8j

  #5723 merged Jun 17, 2025

• [GHSA-274v-mgcv-cm8j] Argo CD GitOps Engine does not scrub secret values from patch errors

  #5689 merged Jun 17, 2025

• [GHSA-qvjc-g5vr-mfgr] Regular Expression Denial of Service in papaparse

  #5719 merged Jun 16, 2025

• [GHSA-h4j7-5rxr-p4wc] Microsoft.Build.Tasks.Core .NET Spoofing Vulnerability

  #5718 merged Jun 16, 2025

• [GHSA-2865-hh9g-w894] Microsoft Security Advisory CVE-2025-24070: .NET Elevation of Privilege Vulnerability

  #5722 merged Jun 13, 2025

• [GHSA-rf6q-vx79-mjxr] Undertow Uncontrolled Resource Consumption

  #5715 merged Jun 12, 2025

• [GHSA-v6h2-p8h4-qcjw] brace-expansion Regular Expression Denial of Service vulnerability

  #5716 merged Jun 11, 2025

• [GHSA-pfq8-rq6v-vf5m] kangax html-minifier REDoS vulnerability

  #5695 merged Jun 11, 2025

2 Pull requests opened by 2 people

• [GHSA-9v35-4xcr-w9ph] NetBird uses a static initialization vector (IV)

  #5714 opened Jun 11, 2025

• [GHSA-4h8f-2wvx-gg5w] Bouncy Castle Java Cryptography API vulnerable to DNS poisoning

  #5717 opened Jun 12, 2025

1 Issue closed by 1 person

• Advisory GHSA-g434-3q2j-hj4r lists incorrect fixed version

  #5688 closed Jun 17, 2025

1 Issue opened by 1 person

• Include Mend.io database

  #5727 opened Jun 16, 2025

2 Unresolved conversations

Sometimes conversations happen on old items that aren’t yet closed. Here is a list of all the Issues and Pull Requests with unresolved conversations.

• [GHSA-jrwv-mv4h-7rrq] A vulnerability was found in OpenSSH when the...

  #5308 commented on Jun 17, 2025 • 0 new comments

• [GHSA-6vhp-hp77-6w52] Trac HTML WikiProcessor cross-site scripting (XSS) vulnerability

  #5636 commented on Jun 12, 2025 • 0 new comments