GitHub 安全公告

**GitHub 安全公告(GHSA)** 是針對易受攻擊的開源套件與生態(如 npm、PyPI、Maven)的權威通告,通常關聯 **CVE**。 使用搜尋框尋找 GHSA 或 CVE,依生態或嚴重度篩選,或在摘要中比對片語。

顯示 214052867 筆公告
GHSA CVE 嚴重度 類型 摘要 公開時間
GHSA-fw4x-gm4m-gfp9 CVE-2026-57022 high unreviewed An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding... 2026-07-10 00:31:26 UTC
GHSA-8p3c-wvj4-2gqc CVE-2026-57023 high unreviewed An Improper Validation of Specified Quantity in Input vulnerability in the TCP proxy plugin of... 2026-07-10 00:31:26 UTC
GHSA-6hx5-3rjf-rm36 CVE-2026-57030 high unreviewed A Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')... 2026-07-10 00:31:26 UTC
GHSA-2xj6-hwhm-5m6g CVE-2026-57027 high unreviewed A Missing Release of Memory after Effective Lifetime vulnerability in the packet forwarding... 2026-07-10 00:31:26 UTC
GHSA-xc4g-8c26-vcmf CVE-2026-33803 medium unreviewed An Improper Restriction of Communication Channel to Intended Endpoints vulnerability in Juniper... 2026-07-10 00:31:25 UTC
GHSA-v2wp-4h2v-wxcx CVE-2026-38076 unknown unreviewed An integer overflow in the jbig2_arith_iaid_ctx_new() function of Artifex commit cc37d0 allows... 2026-07-10 00:31:25 UTC
GHSA-qcj4-cj8p-fhf4 CVE-2026-39245 unknown unreviewed decompress before 4.2.2 contains an improper path containment check that enables directory... 2026-07-10 00:31:25 UTC
GHSA-m5fg-qjq5-56fv CVE-2026-39246 unknown unreviewed decompress before 4.2.2 allows arbitrary symlink creation during archive extraction. When... 2026-07-10 00:31:25 UTC
GHSA-jwp9-9v96-94mx CVE-2026-39243 unknown unreviewed decompress before 4.2.2 allows arbitrary hardlink creation during archive extraction, enabling... 2026-07-10 00:31:25 UTC
GHSA-4c4g-46p8-24mq CVE-2026-33802 medium unreviewed A Missing Authorization vulnerability in the CLI of Juniper Networks Junos OS on EX Series allows... 2026-07-10 00:31:25 UTC
GHSA-whwr-vg23-jrwg CVE-2026-15276 low unreviewed A flaw has been found in pdeljanov Symphonia up to 0.6.0. This vulnerability affects unknown code... 2026-07-10 00:31:24 UTC
GHSA-f8vj-vmgj-67x6 CVE-2026-15271 high unreviewed A security vulnerability has been detected in TOTOLINK A3000RU, A3100R, A950RG, AC1200T10, CP450,... 2026-07-10 00:31:24 UTC
GHSA-35hq-6xqg-g3wv CVE-2026-15274 low unreviewed A vulnerability was detected in lo48576 fbxcel up to 0.9.0. This affects an unknown part of the... 2026-07-10 00:31:24 UTC
GHSA-28jh-g32x-v9v4 CVE-2026-48598 low reviewed Tesla vulnerable to multipart part smuggling via unescaped `content-disposition` values 2026-07-10 00:04:37 UTC
GHSA-h74c-q9j7-mpcm CVE-2026-48597 high reviewed Tesla vulnerable to atom exhaustion via untrusted URL scheme 2026-07-10 00:03:51 UTC
GHSA-9m9w-gxf7-rh8m CVE-2026-48595 high reviewed Tesla: Authorization header leaks on cross-origin redirect via case-sensitive filtering 2026-07-10 00:03:31 UTC
GHSA-mc85-72gr-vm9f CVE-2026-48594 high reviewed Tesla has decompression bomb on response body 2026-07-10 00:03:23 UTC
GHSA-q7jx-v53g-848w CVE-2026-48596 low reviewed Tesla has CRLF injection in request `Content-Type` header via `add_content_type_param` 2026-07-10 00:03:12 UTC
GHSA-qcq2-496w-v96p CVE-2026-49851 high reviewed Mistune: Potential DoS via quadratic-time parsing in parse_link_text 2026-07-09 23:52:27 UTC
GHSA-frrj-87jh-2772 CVE-2026-49838 medium reviewed GoBGP confederation validation panics on empty AS_PATH attribute 2026-07-09 23:21:05 UTC
cvelogic Threat Intelligence