OSV - Open Source Vulnerabilities

CGA-mqpq-rvmw-8rpr

Chainguard/ansible-operator
Chainguard/ansible-operator-fips
Chainguard/apm-server-8.17
Chainguard/apm-server-8.18
Chainguard/apm-server-9.0
... 934 more

See record for full details

2 days ago

Fix available

GHSA-rfjg-6m84-crj2

Go/code.vikunja.io/api

Vikunja Vulnerable to Account Takeover via Password Reset Token Reuse

2 days ago

No fix available
Severity - 9.8 (Critical)

GHSA-42wg-38gx-85rh

Go/code.vikunja.io/api

Vikunja has Path Traversal in CLI Restore

4 days ago

No fix available
Severity - 7.2 (High)

CGA-9996-3fqh-33r8

Chainguard/actions-runner-controller
Chainguard/actions-runner-controller-fips
Chainguard/amazon-ssm-agent
Chainguard/amazon-ssm-agent-ecs-exec-fips
Chainguard/amazon-ssm-agent-fips
... 504 more

See record for full details

4 days ago

Fix available

GO-2026-4531

Go/github.com/QuantumNous/new-api

New API has an SQL LIKE Wildcard Injection DoS via Token Search in github.com/QuantumNous/new-api

4 days ago

Fix available

GO-2026-4532

Go/github.com/QuantumNous/new-api

New API has Potential XSS in its MarkdownRenderer component in github.com/QuantumNous/new-api

4 days ago

Fix available

GHSA-7jp5-298q-jg98

Go/code.vikunja.io/api

Vikunja: Stored XSS via Unsanitized SVG Attachment Upload Leads to Token Exposure

4 days ago

No fix available
Severity - 7.3 (High)

GHSA-3ccg-x393-96v8

Go/code.vikunja.io/api

Vijkunja has Weak Password Policy Combined with Persistent Sessions After Password Change

4 days ago

No fix available
Severity - 9.1 (Critical)

GHSA-4qgr-4h56-8895

Go/code.vikunja.io/api

Vikunja has Reflected HTML Injection via filter Parameter in its Projects Module

4 days ago

No fix available
Severity - 6.1 (Medium)

CGA-xc4m-wx96-8cfw

Chainguard/aactl
Chainguard/actions-runner-controller
Chainguard/actions-runner-controller-compat
Chainguard/actions-runner-controller-fips
Chainguard/actions-runner-controller-fips-compat
... 3623 more

See record for full details

6 days ago

Fix available

CGA-wphq-vqjw-gwmr

Chainguard/aactl
Chainguard/actions-runner-controller
Chainguard/actions-runner-controller-compat
Chainguard/actions-runner-controller-fips
Chainguard/actions-runner-controller-fips-compat
... 3623 more

See record for full details

6 days ago

Fix available

CGA-r689-g8v8-3x7q

Chainguard/aactl
Chainguard/actions-runner-controller
Chainguard/actions-runner-controller-compat
Chainguard/actions-runner-controller-fips
Chainguard/actions-runner-controller-fips-compat
... 3625 more

See record for full details

6 days ago

Fix available

GHSA-299v-8pq9-5gjq

Go/github.com/QuantumNous/new-api

New API has Potential XSS in its MarkdownRenderer component

6 days ago

Fix available
Severity - 7.6 (High)

GHSA-w6x6-9fp7-fqm4

Go/github.com/QuantumNous/new-api

New API has an SQL LIKE Wildcard Injection DoS via Token Search

6 days ago

Fix available
Severity - 7.1 (High)

CGA-4mrr-cgvh-9w95

Chainguard/actions-runner
Chainguard/arangodb-3.11
Chainguard/arangodb-3.12
Chainguard/code-server
Chainguard/emscripten
... 45 more

See record for full details

20 Feb

Fix available

CGA-3mq6-2fwj-jgmr

Chainguard/arangodb-3.11
Chainguard/arangodb-3.12
Chainguard/argo-workflows-ui-3.6
Chainguard/argo-workflows-ui-3.7
Chainguard/code-server
... 78 more

See record for full details

17 Feb

Fix available