GHSA-x768-cvr2-345r
- SwiftURL/github.com/swift-server/swift-prometheus
Un-sanitized metric name or labels can be used to take over exported metrics
29 Mar
GHSA-r6r4-5pr8-gjcp
- SwiftURL/github.com/vapor/vapor
Vapor contains an integer overflow in URI leading to potential host spoofing
03 Jan
GHSA-5844-q3fc-56rh
- npm/pubnub
- Maven/com.pubnub:pubnub-kotlin
- Maven/com.pubnub:pubnub
- Go/github.com/pubnub/go/v7
- Go/github.com/pubnub/go
- Go/github.com/pubnub/go/v6
- Go/github.com/pubnub/go/v5
- NuGet/Pubnub
- SwiftURL/github.com/pubnub/swift
- RubyGems/pubnub
- crates.io/pubnub
- Packagist/pubnub/pubnub
- Pub/pubnub
- PyPI/pubnub
pubnub Insufficient Entropy vulnerability
06 Dec 2023
GHSA-qppj-fm5r-hxr3
- SwiftURL/github.com/apple/swift-nio-http2
- Go/golang.org/x/net
- Go/google.golang.org/grpc
- Maven/org.apache.tomcat:tomcat
- Maven/org.apache.tomcat.embed:tomcat-embed-core
- Maven/org.eclipse.jetty.http2:http2-common
- Maven/org.eclipse.jetty.http2:http2-server
- Maven/org.eclipse.jetty.http2:jetty-http2-common
- Maven/org.eclipse.jetty.http2:jetty-http2-server
- Maven/com.typesafe.akka:akka-http-core
- Maven/com.typesafe.akka:akka-http-core_2.13
- Maven/com.typesafe.akka:akka-http-core_2.12
- Maven/com.typesafe.akka:akka-http-core_2.11
HTTP/2 Stream Cancellation Attack
10 Oct 2023
GHSA-3mwq-h3g6-ffhm
- SwiftURL/github.com/vapor/vapor
Vapor's incorrect request error handling triggers server crash
05 Oct 2023
GHSA-c2cc-3569-6jh2
- SwiftURL/github.com/weichsel/ZIPFoundation
Path traversal in ZIPFoundation
31 Aug 2023
GHSA-vxvm-qww3-2fh7
- Packagist/mongodb/mongodb
- npm/mongodb
- SwiftURL/github.com/mongodb/mongo-swift-driver
MongoDB Driver may publish events containing authentication-related data
29 Aug 2023
GHSA-jq43-q8mx-r7mq
- SwiftURL/github.com/migueldeicaza/SwiftTerm
SwiftTerm Code Injection vulnerability
14 Jul 2023
GHSA-r6ww-5963-7r95
- SwiftURL/github.com/grpc/grpc-swift
Denial of Service via reachable assertion
09 Jun 2023
GHSA-q36x-r5x4-h4q6
- SwiftURL/github.com/apple/swift-nio-http2
Denial of service via HTTP/2 HEADERS frames padding
09 Jun 2023
GHSA-rv3x-xq3r-8j9h
- SwiftURL/github.com/vapor/leaf-kit
LeafKit allows XSS with untrusted user input
09 Jun 2023
GHSA-2jx2-qcm4-rf9h
- SwiftURL/github.com/grpc/grpc-swift
Incomplete Internal State Distinction in GRPCWebToHTTP2ServerCodec
09 Jun 2023
GHSA-rxmj-hg9v-vp3p
- SwiftURL/github.com/grpc/grpc-swift
Uncontrolled Resource Consumption in LengthPrefixedMessageReader
09 Jun 2023
GHSA-pqwh-c2f3-vxmq
- SwiftURL/github.com/vapor/vapor
Untrusted data fed into `Data.init(base32Encoded:)` can result in exposing server memory and/or crash
09 Jun 2023
GHSA-gcj9-jj38-hwmc
- SwiftURL/github.com/vapor/vapor
Vapor's Metrics integration could cause a system drain
09 Jun 2023
SwiftURL - OSV