7 Pull requests merged by 6 people

• [GHSA-2gh3-rmm4-6rq5] Crash due to uncontrolled recursion in protobuf crate

  #5880 merged Aug 1, 2025

• [GHSA-rxf6-323f-44fc] rust-protobuf crate is vulnerable to Uncontrolled Recursion, potentially leading to DoS

  #5881 merged Aug 1, 2025

• [GHSA-9qm3-6qrr-c76m] A prototype pollution vulnerability exists in @nyariv...

  #5877 merged Jul 31, 2025

• [GHSA-rhrv-645h-fjfh] Apache Avro Java SDK vulnerable to Improper Input Validation

  #5876 merged Jul 31, 2025

• [GHSA-wj6h-64fc-37mp] Minerva timing attack on P-256 in python-ecdsa

  #5864 merged Jul 30, 2025

• [GHSA-xh32-cx6c-cp4v] Gogs XSS allowed by stored call in PDF renderer

  #5871 merged Jul 30, 2025

• [GHSA-jgmv-j7ww-jx2x] Koa Open Redirect via Referrer Header (User-Controlled)

  #5870 merged Jul 30, 2025

2 Pull requests opened by 1 person

• [GHSA-cfgp-2977-2fmm] Connection confusion in gRPC

  #5872 opened Jul 30, 2025

• [GHSA-6628-q6j9-w8vg] gRPC Reachable Assertion issue

  #5873 opened Jul 30, 2025

2 Issues closed by 1 person

• GHSA-w596-4wvx-j9j6 should be withdrawn

  #5878 closed Aug 1, 2025

• Lost assets

  #5874 closed Jul 31, 2025

3 Unresolved conversations

Sometimes conversations happen on old items that aren’t yet closed. Here is a list of all the Issues and Pull Requests with unresolved conversations.

• Support Haskell ecosystem advisories

  #5858 commented on Jul 30, 2025 • 0 new comments

• [GHSA-m8p2-495h-ccmh] The SafeHtml annotation in Hibernate-Validator does not properly guard against XSS attacks

  #5791 commented on Aug 2, 2025 • 0 new comments

• [GHSA-8w3f-4r8f-pf53] Remote code execution through js2py onCaptchaResult

  #5809 commented on Aug 2, 2025 • 0 new comments