advisory-database
advisory-database copied to clipboard
github
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
**Updates** - Affected products **Comments** Security Reasons.
To create a new pull request by comparing changes across two branches, you can follow these steps: 1. Go to the repository on GitHub. 2. Click on the "Pull requests"...
## Description Hello all! Thanks for your work! I detected that some `nuget` vulnerabilities use different package names for same packages. e.g. `Microsoft.NETCore.App.Runtime.linux-arm` and `Microsoft.NetCore.App.Runtime.linux-arm` (`NET` and `Net`). Example for...
**Updates** - Affected products **Comments** Add Starlite (v1) fix version
Repository: https://github.com/haskell/security-advisories They had an issue to created to add the database to this repo, but was closed and I'm not sure if conversations ever happened: https://github.com/haskell/security-advisories/issues/11
This demo package was published by an authorized pen tester working with Vendavo, Inc. It was not downloaded by anyone; the pezzi package is only consumed from an internal package...
Hello team, I've recently started working at BigID, the company that owns the package reported in https://github.com/advisories/GHSA-7jmm-gqgx-fq9m. This package is used solely in our product and was removed from npm...
**Updates** - Affected products - References **Comments** Add a patch https://github.com/apache/tapestry-5/commit/95846b173d83c2eb42db75dae3e7d5e13a633946, of which the commit message claims `TAP5-2008: Implement HMAC signatures on object streams stored on the client`, which use...
**Updates** - Affected products - CWEs - Description **Comments** This proposes two changes, with separate rationales, that I think are best made together: - While working on the newer advisory...
