advisory-database
advisory-database copied to clipboard
github
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
**Updates** - References **Comments** Add two patches: https://github.com/apache/derby/commit/a2027c64e185a9ce46929f352e2db03371c1f95 https://github.com/apache/derby/commit/4da5b2db5f3a60c1fa8ef616d88a7efe28b0c9d. the commit msgs show their intention.
**Updates** - References **Comments** Add a patch https://github.com/apache/portals-pluto/commit/89f6a59a740d0a8318640ca6015e9a381c5c6b50, of which the commit message claims `Changed the temp directory used by the demo portlet.`
**Updates** - References **Comments** Add a patch https://github.com/apache/qpid-broker-j/commit/30ca170c42c400b41340a81c6a69d33aa19bf189, of which the commit message claims `QPID-8046: [Broker-J] Add more tests Cherry picked from ca088c2` Add a patch https://github.com/apache/qpid-broker-j/commit/4b9fb37abbe882193b16595ed7b8e9d8383f59e1, of which the...
**Updates** - Affected products - References **Comments** Add a patch https://github.com/OpenTSDB/opentsdb/commit/a6a9ec4bc8a526951bc25bb19a145782bafaa8b0, of which the commit message claims `Avoid double computing the expressions for the /query/exp endpoint. Also make sure both...
**Updates** - References **Comments** Add a patch https://github.com/apache/ignite/commit/340569b8f4e14a4cb61a9407ed2d9aa4a20bdf49, of which the commit message claims `ignite-6643 Marshalling improvements`
**Updates** - References **Comments** Add a patch https://github.com/apache/hive/commit/63df42966cf44ffdd20d3fcdcfb70738c0432ab, of which the commit message claims `HIVE-18788: Clean up inputs in JDBC PreparedStatement (Daniel Dai, reviewed by Thejas Nair)` Add a patch...
**Updates** - References **Comments** Add a patch https://github.com/spring-projects/spring-data-commons/commit/b1a20ae1e82a63f99b3afc6f2aaedb3bf4dc432, of which the commit message claims `DATACMNS-1282 - Switched to SimpleEvaluationContext in MapDataBinder.` Add a patch https://github.com/spring-projects/spring-data-commons/commit/ae1dd2741ce06d44a0966ecbd6f47beabde2b65, of which the commit message...
[GHSA-p5hg-3xm3-gcjg] Spring Framework allows applications to expose STOMP over WebSocket endpoints
**Updates** - References - Source code location **Comments** Add a patch https://github.com/spring-projects/spring-framework/commit/e0de9126ed8cf25cf141d3e66420da94e350708, of which the commit message claims `Re-use EvaluationContext in DefaultSubscriptionRegistry Rather than create a new EvaluationContext instance per...
This is regarding the User Interface. In my comment to close a _Dependabot Alert_, I created a markdown comment. That comment was saved as a plain-text comment with newlines removed....
It looks like if a repo has an advisory that was not marked to enter the global database, and that advisory is assigned a CVE ID, the CVE ID in...
