Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,198
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,702
NuGet
660
pip
3,328
Pub
11
RubyGems
883
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

112 advisories

Loading
Improper input validation in Apache Olingo High
CVE-2019-17555 was published for org.apache.olingo:odata-client-core (Maven) Feb 4, 2020
The REST Plugin in Apache Struts is using an outdated XStream library High
CVE-2017-9793 was published for org.apache.struts:struts2-rest-plugin (Maven) Oct 16, 2018
Denial of service in XStream High
CVE-2017-7957 was published for com.thoughtworks.xstream:xstream (Maven) Jun 30, 2020
Improper Input Validation in async-http-client High
CVE-2017-14063 was published for org.asynchttpclient:async-http-client (Maven) Oct 19, 2018
Vulnerability in RPKI manifest validation High
GHSA-q76j-58cx-wp5v was published for net.ripe.rpki:rpki-validator-3 (Maven) Nov 13, 2020
Improper input validation in Mort Bay Jetty High
CVE-2009-4611 was published for org.mortbay.jetty:jetty (Maven) May 2, 2022
Improper Input Validation in BeanShell High
CVE-2016-2510 was published for org.apache-extras.beanshell:bsh (Maven) May 13, 2022
Improper Input Validation in Jenkins High
CVE-2017-1000391 was published for org.jenkins-ci.main:jenkins-core (Maven) May 14, 2022
Improper Input Validation in Apache Hadoop High
CVE-2017-3162 was published for org.apache.hadoop:hadoop-client (Maven) May 13, 2022
Improper Input Validation in Apache Struts High
CVE-2016-1181 was published for org.apache.struts:struts-core (Maven) May 13, 2022
Improper Input Validation in Jenkins High
CVE-2017-1000394 was published for org.jenkins-ci.main:jenkins-core (Maven) May 14, 2022
Improper Input Validation Apache Commons Email High
CVE-2018-1294 was published for org.apache.commons:commons-email (Maven) May 14, 2022
Improper Input Validation in Apache Struts High
CVE-2015-0899 was published for org.apache.struts:struts-core (Maven) May 14, 2022
Improper Input Validation in Apache Axis2 High
CVE-2010-1632 was published for org.apache.axis2.wso2:axis2 (Maven) May 17, 2022
Improper Input Validation in Apache Kafka High
CVE-2018-17196 was published for org.apache.kafka:kafka (Maven) May 24, 2022
Improper Input Validation in Apache Struts High
CVE-2016-1182 was published for org.apache.struts:struts-core (Maven) May 13, 2022
Improper Input Validation in Apache Commons Email High
CVE-2017-9801 was published for org.apache.commons:commons-email (Maven) May 17, 2022
Improper Input Validation in Drools and jBPM High
CVE-2014-8125 was published for org.drools:drools-core (Maven) May 17, 2022
Improper Input Validation in Apache Qpid AMQP 0-x JMS High
CVE-2016-4974 was published for org.apache.qpid:qpid-jms-client (Maven) May 14, 2022
Improper Input Validation in Undertow High
CVE-2020-1757 was published for io.undertow:undertow-core (Maven) May 24, 2022
yawkat
Improper Input Validation in RESTEasy High
CVE-2020-1695 was published for org.jboss.resteasy:resteasy-client (Maven) May 24, 2022
Improper Handling of Exceptional Conditions and Improper Input Validation in Reactor Netty High
CVE-2020-5403 was published for io.projectreactor.netty:reactor-netty-http (Maven) Feb 10, 2022
Code injection in keycloak High
CVE-2021-20222 was published for org.keycloak:keycloak-parent (Maven) May 13, 2021
Infinite loop in Tomcat due to parsing error High
CVE-2021-41079 was published for org.apache.tomcat:tomcat (Maven) Sep 20, 2021
ballcat-codegen template engine remote code execution injection High
CVE-2022-24881 was published for com.hccake:ballcat-codegen (Maven) Apr 27, 2022
LuckyT0mat0
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database