Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

16 advisories

Loading
Issuer validation regression in Spring Cloud SSO Connector High
CVE-2018-1256 was published for io.pivotal.spring.cloud:spring-cloud-sso-connector (Maven) May 13, 2022
q5438722 MarkLee131
Denial of service in Apache Tomcat Moderate
CVE-2014-0095 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) May 17, 2022
q5438722 sunSUNQ
Shell command injection in Liferay Portal High
CVE-2010-5327 was published for com.liferay.portal:portal-impl (Maven) May 17, 2022
q5438722
Cross-site scripting in yui 2.4.0 Moderate
CVE-2012-5881 was published for yui2 (npm) May 17, 2022
q5438722
Information leak in Gerrit Low
CVE-2020-8920 was published for com.google.gerrit:gerrit-plugin-api (Maven) May 24, 2022
q5438722
Elasticsearch subject to cross site scripting Moderate
CVE-2018-3824 was published for org.elasticsearch:elasticsearch (Maven) May 13, 2022
q5438722
XML External Entity Reference in weixin-java-tools Critical
CVE-2019-5312 was published for com.github.binarywang:weixin-java-common (Maven) May 14, 2022
q5438722
Cross-site Scripting in Pivotal Spring Batch Admin Moderate
CVE-2018-1229 was published for org.springframework.batch:spring-batch-admin-manager (Maven) May 13, 2022
q5438722
Apache Rave information disclosure vulnerability Moderate
CVE-2013-1814 was published for org.apache.rave:rave-core (Maven) May 17, 2022
q5438722
Jenkins build-metrics Plugin reflected cross-site scripting vulnerability Moderate
CVE-2019-10475 was published for org.jenkins-ci.plugins:build-metrics (Maven) May 24, 2022
q5438722
Jenkins Black Duck Detect Plugin information exposure vulnerability Moderate
CVE-2018-1000191 was published for com.synopsys.integration:synopsys-detect (Maven) May 14, 2022
q5438722
Jenkins Credentials Binding Plugin has Insufficiently Protected Credentials Moderate
CVE-2018-1000057 was published for org.jenkins-ci.plugins:credentials-binding (Maven) May 13, 2022
q5438722
Cross-Site Request Forgery in Apache CXF Fediz High
CVE-2017-7662 was published for org.apache.cxf.fediz:fediz-oidc (Maven) May 13, 2022
q5438722
MitM on Jenkins Maven Plugin Moderate
CVE-2017-1000397 was published for org.jenkins-ci.main:maven-plugin (Maven) May 14, 2022
q5438722
Code injection via property expansion in SoapUI High
CVE-2014-1202 was published for com.smartbear.soapui:soapui (Maven) May 17, 2022
q5438722
User confusion in IronJacamar Moderate
CVE-2012-3428 was published for org.jboss.ironjacamar:ironjacamar-jdbc (Maven) May 17, 2022
q5438722
ProTip! Advisories are also available from the GraphQL API