Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

39 advisories

Loading
ReDOS in Vfsjfilechooser2 High
CVE-2021-29061 was published for com.github.fracpete:vfsjfilechooser2 (Maven) Jan 6, 2022
Denial of Service (DoS) in Jackson Dataformat CBOR High
CVE-2020-28491 was published for com.fasterxml.jackson.dataformat:jackson-dataformat-cbor (Maven) Dec 9, 2021
DmitriyLewen
Improper Handling of Length Parameter Inconsistency in Compress High
CVE-2021-35517 was published for org.apache.commons:commons-compress (Maven) Aug 2, 2021
Improper Handling of Length Parameter Inconsistency in Compress High
CVE-2021-35516 was published for org.apache.commons:commons-compress (Maven) Aug 2, 2021
Allocation of resources without limits or throttling in keycloak-model-infinispan High
CVE-2021-3637 was published for org.keycloak:keycloak-model-infinispan (Maven) Jul 13, 2021
Allocation of Resources Without Limits or Throttling in Undertow High
CVE-2020-10705 was published for io.undertow:undertow-core (Maven) Apr 30, 2021
Unbounded connection acceptance in http4s-blaze-server High
CVE-2021-21294 was published for org.http4s:http4s-blaze-server_2.12 (Maven) Feb 2, 2021
Unbounded connection acceptance leads to file handle exhaustion High
CVE-2021-21293 was published for org.http4s:blaze-core_2.11 (Maven) Feb 2, 2021
Denial of Service in Netty High
CVE-2020-11612 was published for io.netty:netty-handler (Maven) Jun 15, 2020
Denial of Service in Cryptacular High
CVE-2020-7226 was published for org.cryptacular:cryptacular (Maven) Jun 10, 2020
Out-of-Memory Error in Bouncy Castle Crypto High
CVE-2019-17359 was published for org.bouncycastle:bcprov-jdk14 (Maven) Oct 17, 2019
Allocation of Resources Without Limits or Throttling in Apache Tika High
CVE-2019-10088 was published for org.apache.tika:tika-core (Maven) Aug 6, 2019
Allocation of Resources Without Limits or Throttling in Apache Tika High
CVE-2019-10094 was published for org.apache.tika:tika-core (Maven) Aug 6, 2019
Spring Data Commons contain a property path parser vulnerability caused by unlimited resource allocation High
CVE-2018-1274 was published for org.springframework.data:spring-data-commons (Maven) Oct 17, 2018
MarkLee131
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database