Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

214 advisories

Loading
Umbraco ApplicationURL Overwrite High
CVE-2022-22690 was published for Umbraco.Cms.Core (NuGet) Jan 21, 2022
Umbraco Persistent Password Reset Poison High
CVE-2022-22691 was published for Umbraco.Cms.Core (NuGet) Jan 21, 2022
HTTP Request Smuggling in actix-http High
CVE-2021-38512 was published for actix-http (Rust) Aug 25, 2021
HTTP Request Smuggling in akka-http-core Moderate
CVE-2021-23339 was published for com.typesafe.akka:akka-http-core (Maven) May 10, 2021
oliverchang
Jetty vulnerable to authorization bypass due to inconsistent HTTP request handling (HTTP Request Smuggling) Critical
CVE-2017-7658 was published for org.eclipse.jetty:jetty-server (Maven) Oct 19, 2018
westonsteimel
Lenient Parsing of Content-Length Header When Prefixed with Plus Sign Low
CVE-2021-32715 was published for hyper (Rust) Jul 12, 2021
mattiasgrenfeldt asta12
tdunlap607
Puma vulnerable to HTTP Request Smuggling Critical
CVE-2022-24790 was published for puma (RubyGems) Mar 30, 2022
zeyu2001
Puma with proxy which forwards LF characters as line endings could allow HTTP request smuggling Low
CVE-2021-41136 was published for puma (RubyGems) Oct 12, 2021
asta12 mattiasgrenfeldt
HTTP Smuggling via Transfer-Encoding Header in Puma High
CVE-2020-11076 was published for puma (RubyGems) May 22, 2020
ZeddYu
HTTP Smuggling via Transfer-Encoding Header in Puma Moderate
CVE-2020-11077 was published for puma (RubyGems) May 22, 2020
ProTip! Advisories are also available from the GraphQL API