Skip to content

Actions: github/advisory-database

Actions

All workflows

Actions

Loading...
Loading

Showing runs from all workflows
2,073 workflow run results
2,073 workflow run results

Filter by Event

Filter by Status

Filter by Branch

Filter by Actor

[GHSA-65fx-pmw6-rcfm] An issue was discovered in Python 3.11 through 3.11.4. If... Delete PR staging and head branches #3429: Pull request #3896 closed by darakian
March 6, 2024 23:59 54s
March 6, 2024 23:59 54s
[GHSA-cqpc-x2c6-2gmf] Unsecured WMS dynamic styling sld=<url> parameter affords blind unauthenticated SSRF Delete PR staging and head branches #3428: Pull request #3483 closed by advisory-database bot
March 6, 2024 23:57 57s
March 6, 2024 23:57 57s
[GHSA-c8v6-786g-vjx6] json-jwt allows bypass of identity checks via a sign/encryption confusion attack Delete PR staging and head branches #3427: Pull request #3944 closed by advisory-database bot
March 6, 2024 23:50 58s
March 6, 2024 23:50 58s
[GHSA-hm9r-7f84-25c9] Apache Airflow allows authenticated and DAG-view authorized users to modify some DAG run detail values when submitting notes Delete PR staging and head branches #3426: Pull request #3917 closed by advisory-database bot
March 6, 2024 23:48 56s
March 6, 2024 23:48 56s
[GHSA-fpxx-xv4c-gxqp] Apache Airflow vulnerable to sensitive information exposure when expose-config is set to non-sensitive-only Delete PR staging and head branches #3425: Pull request #3918 closed by advisory-database bot
March 6, 2024 23:47 55s
March 6, 2024 23:47 55s
[GHSA-cgx2-rrmr-jx43] Apache Airflow vulnerable to sensitive information exposure when users list warnings for all DAGs Delete PR staging and head branches #3424: Pull request #3919 closed by advisory-database bot
March 6, 2024 23:37 56s
March 6, 2024 23:37 56s
[GHSA-c8v6-786g-vjx6] json-jwt allows bypass of identity checks via a sign/encryption confusion attack Create PR staging branch #3742: Pull request #3944 opened by Capncavedan
March 6, 2024 23:32 1m 12s
March 6, 2024 23:32 1m 12s
[GHSA-wpg8-mf6h-gm92] Apache Airflow Incorrect Authorization vulnerability Delete PR staging and head branches #3423: Pull request #3920 closed by advisory-database bot
March 6, 2024 23:31 57s
March 6, 2024 23:31 57s
[GHSA-5f35-pq34-c87q] Apache Airflow missing Certificate Validation Delete PR staging and head branches #3422: Pull request #3921 closed by advisory-database bot
March 6, 2024 23:29 1m 4s
March 6, 2024 23:29 1m 4s
[GHSA-2h84-3crq-vgfj] Apache Airflow Incorrect Authorization vulnerability Delete PR staging and head branches #3421: Pull request #3922 closed by advisory-database bot
March 6, 2024 23:25 1m 18s
March 6, 2024 23:25 1m 18s
[GHSA-ggwr-4vr8-g7wv] Apache Airflow Path Traversal vulnerability Delete PR staging and head branches #3420: Pull request #3923 closed by advisory-database bot
March 6, 2024 23:24 1m 16s
March 6, 2024 23:24 1m 16s
[GHSA-rg94-84xj-7gq3] Apache Airflow Contains Open Redirect Delete PR staging and head branches #3419: Pull request #3924 closed by advisory-database bot
March 6, 2024 23:10 1m 27s
March 6, 2024 23:10 1m 27s
[GHSA-3q8r-f3pj-3gc4] Apache Airflow may allow authenticated users who have been deactivated to continue using the UI or API Delete PR staging and head branches #3418: Pull request #3925 closed by advisory-database bot
March 6, 2024 23:04 55s
March 6, 2024 23:04 55s
[GHSA-5rp4-749p-vx26] Apache Airflow vulnerable to Use of Externally-Controlled Format String Delete PR staging and head branches #3417: Pull request #3926 closed by advisory-database bot
March 6, 2024 22:56 55s
March 6, 2024 22:56 55s
[GHSA-7wqf-h36w-47mc] OS Command Injection in Apache Airflow Delete PR staging and head branches #3416: Pull request #3927 closed by advisory-database bot
March 6, 2024 22:53 1m 1s
March 6, 2024 22:53 1m 1s
[GHSA-fvw2-2pf7-77vw] Apache Airflow subject to Exposure of Sensitive Information Delete PR staging and head branches #3415: Pull request #3928 closed by advisory-database bot
March 6, 2024 22:52 53s
March 6, 2024 22:52 53s
[GHSA-65xw-pcqw-hjrh] Cross site scripting in apache airflow Delete PR staging and head branches #3414: Pull request #3929 closed by advisory-database bot
March 6, 2024 22:40 1m 10s
March 6, 2024 22:40 1m 10s
[GHSA-3xxv-p78r-4fc6] Cross-site Scripting in Apache Airflow Delete PR staging and head branches #3413: Pull request #3930 closed by advisory-database bot
March 6, 2024 22:36 1m 15s
March 6, 2024 22:36 1m 15s
[GHSA-ffw3-6mp6-jmvj] Improper Access Control in Apache Airflow Delete PR staging and head branches #3412: Pull request #3931 closed by advisory-database bot
March 6, 2024 22:34 54s
March 6, 2024 22:34 54s
[GHSA-hhx9-p69v-cx2j] Authentication bypass in Apache Airflow Delete PR staging and head branches #3411: Pull request #3932 closed by advisory-database bot
March 6, 2024 22:31 2m 28s
March 6, 2024 22:31 2m 28s
[GHSA-8p7v-2jvj-v54r] Apache Airflow vulnerable to Stored XSS Delete PR staging and head branches #3410: Pull request #3934 closed by advisory-database bot
March 6, 2024 22:26 1m 9s
March 6, 2024 22:26 1m 9s
[GHSA-8fg4-j562-mjrc] Improper Input Validation in Apache Airflow resulting in Remote Code Execution Delete PR staging and head branches #3409: Pull request #3935 closed by advisory-database bot
March 6, 2024 22:13 59s
March 6, 2024 22:13 59s
[GHSA-65x7-c272-7g7r] Use After Free in SixLabors.ImageSharp Delete PR staging and head branches #3408: Pull request #3936 closed by advisory-database bot
March 6, 2024 21:57 3m 28s
March 6, 2024 21:57 3m 28s
[GHSA-6f9g-cxwr-q5jr] Arbitrary file read vulnerability through the Jenkins CLI can lead to RCE Delete PR staging and head branches #3407: Pull request #3938 closed by darakian
March 6, 2024 21:54 1m 0s
March 6, 2024 21:54 1m 0s
[GHSA-86p9-x5pw-94qx] Improper Restriction of XML External Entity Reference in iText Delete PR staging and head branches #3406: Pull request #3939 closed by advisory-database bot
March 6, 2024 21:45 54s
March 6, 2024 21:45 54s