GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
25 advisories
Filter by severity
Elasticsearch StackOverflow vulnerability
Moderate
CVE-2024-37280
was published
for
org.elasticsearch:elasticsearch
(Maven)
Jun 13, 2024
Apache Commons Configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree
Moderate
CVE-2024-29133
was published
for
org.apache.commons:commons-configuration2
(Maven)
Mar 21, 2024
Apache Commons Configuration: StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator()
Moderate
CVE-2024-29131
was published
for
org.apache.commons:commons-configuration2
(Maven)
Mar 21, 2024
JLine vulnerable to out of memory error
Moderate
CVE-2023-50572
was published
for
org.jline:jline-parent
(Maven)
Dec 29, 2023
json-path Out-of-bounds Write vulnerability
Moderate
CVE-2023-51074
was published
for
com.jayway.jsonpath:json-path
(Maven)
Dec 27, 2023
Elasticsearch vulnerable to stack overflow in the search API
Moderate
CVE-2023-31419
was published
for
org.elasticsearch:elasticsearch
(Maven)
Oct 26, 2023
Jettison parser crash by stackoverflow
Moderate
GHSA-xqcq-j8w9-3pxv
was published
for
com.tencyle.fixes:org.codehaus.jettison--jettison
(Maven)
Aug 1, 2023
janino vulnerable to denial of service due to stack overflow
Moderate
CVE-2023-33546
was published
for
org.codehaus.janino:janino-parent
(Maven)
Jun 1, 2023
Jenkins Pipeline Utility Steps Plugin arbitrary file write vulnerability
Moderate
CVE-2023-32981
was published
for
org.jenkins-ci.plugins:pipeline-utility-steps
(Maven)
May 16, 2023
XWiki Platform subject to Uncontrolled Resource Consumption
Moderate
CVE-2023-26470
was published
for
org.xwiki.platform:xwiki-platform-oldcore
(Maven)
Mar 3, 2023
Apiman Manager API affected by Jackson denial of service vulnerability
Moderate
GHSA-q95j-488q-5q3p
was published
for
io.apiman:apiman-manager-api-impl
(Maven)
Jan 9, 2023
Snakeyaml vulnerable to Stack overflow leading to denial of service
Moderate
CVE-2022-41854
was published
for
org.yaml:snakeyaml
(Maven)
Nov 11, 2022
JXPath Out-of-bounds Write vulnerability
Moderate
CVE-2022-40160
was published
for
commons-jxpath:commons-jxpath
(Maven)
Oct 6, 2022
•
withdrawn
JXPath Out-of-bounds Write vulnerability
Moderate
CVE-2022-40158
was published
for
commons-jxpath:commons-jxpath
(Maven)
Oct 6, 2022
•
withdrawn
JXPath Out-of-bounds Write vulnerability
Moderate
CVE-2022-40159
was published
for
commons-jxpath:commons-jxpath
(Maven)
Oct 6, 2022
•
withdrawn
JXPath Out-of-bounds Write vulnerability
Moderate
CVE-2022-40157
was published
for
commons-jxpath:commons-jxpath
(Maven)
Oct 6, 2022
•
withdrawn
JXPath Out-of-bounds Write vulnerability
Moderate
CVE-2022-40161
was published
for
commons-jxpath:commons-jxpath
(Maven)
Oct 6, 2022
•
withdrawn
Jettison parser crash by stackoverflow
Moderate
CVE-2022-40149
was published
for
org.codehaus.jettison:jettison
(Maven)
Sep 17, 2022
snakeYAML before 1.31 vulnerable to Denial of Service due to Out-of-bounds Write
Moderate
CVE-2022-38751
was published
for
org.yaml:snakeyaml
(Maven)
Sep 6, 2022
snakeYAML before 1.31 vulnerable to Denial of Service due to Out-of-bounds Write
Moderate
CVE-2022-38749
was published
for
be.cylab:snakeyaml
(Maven)
Sep 6, 2022
snakeYAML before 1.31 vulnerable to Denial of Service due to Out-of-bounds Write
Moderate
CVE-2022-38750
was published
for
org.yaml:snakeyaml
(Maven)
Sep 6, 2022
snakeYAML before 1.32 vulnerable to Denial of Service due to Out-of-bounds Write
Moderate
CVE-2022-38752
was published
for
org.yaml:snakeyaml
(Maven)
Sep 6, 2022
org.apache.activemq:artemis-core-client Vulnerable to Out-of-Bounds Write
Moderate
CVE-2021-4040
was published
for
org.apache.activemq:artemis-core-client
(Maven)
Aug 25, 2022
Out-of-bounds Write in iText
Moderate
CVE-2022-24197
was published
for
com.itextpdf:itext7-core
(Maven)
Feb 2, 2022
Reflected Cross-site Scripting (XSS) in ACS Commons
Moderate
CVE-2021-21043
was published
for
com.adobe.acs:acs-aem-commons
(Maven)
May 13, 2021
ProTip!
Advisories are also available from the
GraphQL API