| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2023-24434 | Jenkins Plugin GitHub Pull Request Builder 跨站请求伪造漏洞 | Jenkins Project | Jenkins GitHub Pull Request Builder Plugin | 高危 | - | 2023-01-24 00:00:00 | Deep Dive |
| CVE-2023-24435 | Jenkins Plugin GitHub Pull Request Builder 安全漏洞 | Jenkins Project | Jenkins GitHub Pull Request Builder Plugin | 中危 | - | 2023-01-24 00:00:00 | Deep Dive |
| CVE-2023-24436 | Jenkins Plugin GitHub Pull Request Builder 安全漏洞 | Jenkins Project | Jenkins GitHub Pull Request Builder Plugin | 中危 | - | 2023-01-24 00:00:00 | Deep Dive |
| CVE-2023-24442 | Jenkins Plugin GitHub Pull Request Coverage Status 安全漏洞 | Jenkins Project | Jenkins GitHub Pull Request Coverage Status Plugin | 中危 | - | 2023-01-24 00:00:00 | Deep Dive |
| CVE-2023-22484 | Inefficient Quadratic complexity bug in handle_pointy_brace may lead to a denial of service | github | cmark-gfm | Low | 3.5 | 2023-01-23 22:42:58 | Deep Dive |
| CVE-2023-22483 | cmark-gfm Quadratic complexity bugs may lead to a denial of service | github | cmark-gfm | Low | 3.5 | 2023-01-23 22:36:15 | Deep Dive |
| CVE-2022-23739 | Incorrect authorization check in GitHub Enterprise Server leading to escalation of privileges in GraphQL API requests from GitHub Apps using scoped user-to-server tokens | GitHub | GitHub Enterprise Server | 超危 | - | 2023-01-17 00:00:00 | Deep Dive |
| CVE-2022-46258 | Incorrect Authorization in GitHub Enterprise Server leads to Action Workflow modifications without Workflow Scope | GitHub | GitHub Enterprise Server | 中危 | - | 2023-01-09 00:00:00 | Deep Dive |
| CVE-2022-3347 | Incorrect validation of root DNSSEC public keys in github.com/peterzen/goresolver | github.com/peterzen/goresolver | github.com/peterzen/goresolver | 高危 | - | 2022-12-27 21:17:52 | Deep Dive |
| CVE-2022-3346 | Incorrect DNSSEC validation due to unchecked owner names in github.com/peterzen/goresolver | github.com/peterzen/goresolver | github.com/peterzen/goresolver | 中危 | - | 2022-12-27 21:17:48 | Deep Dive |
| CVE-2021-4239 | Weak encryption and denial of service in github.com/flynn/noise | github.com/flynn/noise | github.com/flynn/noise | 高危 | - | 2022-12-27 21:13:54 | Deep Dive |
| CVE-2022-2584 | Panic when decoding invalid blocks in github.com/ipld/go-codec-dagpb | github.com/ipld/go-codec-dagpb | github.com/ipld/go-codec-dagpb | 高危 | - | 2022-12-27 21:13:52 | Deep Dive |
| CVE-2021-4238 | Insufficient randomness in github.com/Masterminds/goutils | github.com/Masterminds/goutils | github.com/Masterminds/goutils | 超危 | - | 2022-12-27 21:13:50 | Deep Dive |
| CVE-2022-2583 | Race condition in github.com/ntbosscher/gobase | github.com/ntbosscher/gobase | github.com/ntbosscher/gobase/auth/httpauth | 低危 | - | 2022-12-27 21:13:49 | Deep Dive |
| CVE-2022-2582 | Exposure of unencrypted plaintext hash in github.com/aws/aws-sdk-go | github.com/aws/aws-sdk-go | github.com/aws/aws-sdk-go/service/s3/s3crypto | 中危 | - | 2022-12-27 21:13:47 | Deep Dive |
| CVE-2021-4236 | Panic or authentication bypass in github.com/ecnepsnai/web | github.com/ecnepsnai/web | github.com/ecnepsnai/web | 超危 | - | 2022-12-27 21:13:46 | Deep Dive |
| CVE-2020-36566 | Path traversal in github.com/whyrusleeping/tar-utils | github.com/whyrusleeping/tar-utils | github.com/whyrusleeping/tar-utils | 超危 | - | 2022-12-27 21:13:44 | Deep Dive |
| CVE-2021-4235 | Denial of service in gopkg.in/yaml.v2 | gopkg.in/yaml.v2 | gopkg.in/yaml.v2 | 中危 | - | 2022-12-27 21:13:42 | Deep Dive |
| CVE-2020-36564 | Improper input validation in github.com/justinas/nosurf | github.com/justinas/nosurf | github.com/justinas/nosurf | 高危 | - | 2022-12-27 21:13:32 | Deep Dive |
| CVE-2020-36563 | Weak hash (SHA-1) in github.com/RobotsAndPencils/go-saml | github.com/RobotsAndPencils/go-saml | github.com/RobotsAndPencils/go-saml | 中危 | - | 2022-12-27 21:13:29 | Deep Dive |