-
### Current Behavior
Currently, all vulnerabilities in the GitHub Security Advisories database do not have a CVSS score, even though they are available on the GitHub page.
For instance, `CVE-2019-1…
-
[GHSA-rjhf-4mh8-9xjq](https://github.com/advisories/GHSA-rjhf-4mh8-9xjq) is a duplicate of [GHSA-3mv5-343c-w2qg](https://github.com/advisories/GHSA-3mv5-343c-w2qg) and should be revoked as soon as tha…
-
**Is your feature request related to a problem? Please describe.**
Currently, the challenges with the NVD program are very much in people's minds ([courtesy of](https://github.com/jeremylong/Depend…
-
Impacted component: quay.io/niklaushirt/rs-load
Additional details
--------------------
The CVE-2021-44228, also known as "Log4j 2 Remote Code Execution Vulnerability," is a critical security flaw in…
-
I've tried troubleshooting quite a bit, but I'm having a hard time understanding how everything fits together.
It seems to me that there's a disconnect somehow between the `bundle-css.js` file, `…
-
```
# npm audit report
async 2.0.0 - 2.6.3
Severity: high
Prototype Pollution in async - https://github.com/advisories/GHSA-fwr7-v2mv-hh25
Depends on vulnerable versions of lodash
fix available via …
-
We are subscribes to GHSA and getting many mirroring updates of the GHSA in log:
2022-07-27 23:41:04,684 INFO [GitHubAdvisoryMirrorTask] Starting GitHub Advisory mirroring task
2022-07-27 23:41:07…
-
An outdated version of the `body-parser` dependency has left a vulnerability for a denial of service. Version 1.20.3 resolves this vulnerability, however in numerous platform repositories we have depe…
-
```
# npm audit report
micromatch
-
### Description
jbig2enc 0.28 was discovered to contain a heap use-after-free vulnerability in src/jbig2enc.cc:505 jbig2_add_page(jbig2ctx*, Pix*). This vulnerability can lead to a Denial of Service …