Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

68 advisories

Loading
Keycloak vulnerable to infinite loop based Denial of Service High
CVE-2017-2646 was published for org.keycloak:keycloak-core (Maven) Oct 18, 2018
Infinite loop causing Denial of Service in colors High
GHSA-5rqg-jm4f-cqx7 was published for Colors (npm) Jan 10, 2022
G-Rath
Infinite loop in .Net Bond High
CVE-2020-1469 was published for Bond.Core.CSharp (NuGet) Apr 8, 2022
Excessive Iteration in Compress High
CVE-2021-35515 was published for org.apache.commons:commons-compress (Maven) Aug 2, 2021
Uncaught Exception in jsoup High
CVE-2021-37714 was published for org.jsoup:jsoup (Maven) Aug 23, 2021
0roman
Loop with Unreachable Exit Condition in Apache Thrift High
CVE-2019-0205 was published for org.apache.thrift:libthrift (Maven) May 24, 2022
Infinite loop in jpeg-js High
CVE-2022-25851 was published for jpeg-js (npm) Jun 11, 2022
Numpy missing input validation High
CVE-2017-12852 was published for numpy (pip) May 13, 2022
jhutchings1
Denial of Service in Apache POI High
CVE-2017-12626 was published for org.apache.poi:poi (Maven) Jan 14, 2021
file-type vulnerable to Infinite Loop via malformed MKV file High
CVE-2022-36313 was published for file-type (npm) Jul 22, 2022
kiskoza ItalyPaleAle
cumulative-distribution-function Infinite Loop vulnerability High
CVE-2021-29486 was published for cumulative-distribution-function (npm) May 4, 2021
Infinite loop in Tomcat due to parsing error High
CVE-2021-41079 was published for org.apache.tomcat:tomcat (Maven) Sep 20, 2021
Security Update for the OPC UA .NET Standard Stack High
CVE-2022-29862 was published for OPCFoundation.NetStandard.Opc.Ua.Core (NuGet) Jun 17, 2022
mregen
Junrar vulnerable to infinite loop via extracting carefully crafted RAR archive High
CVE-2022-23596 was published for com.github.junrar:junrar (Maven) Feb 1, 2022
occia ZanderHuang
Han0nly
Apache Avro Rust SDK vulnerable to reader looping in cycle endlessly, consuming CPU High
CVE-2022-35724 was published for apache-avro (Rust) Aug 10, 2022
Infinite Loop in Apache Sanselan High
CVE-2018-17202 was published for org.apache.sanselan:sanselan (Maven) May 14, 2019
XStream can cause a Denial of Service. High
CVE-2021-21341 was published for com.thoughtworks.xstream:xstream (Maven) Mar 22, 2021
Infinite loop in Yubico yubihsm-connector High
CVE-2021-28484 was published for github.com/Yubico/yubihsm-connector (Go) Feb 15, 2022
Infinite loop in xz High
CVE-2020-16845 was published for github.com/ulikunitz/xz (Go) Dec 16, 2021
Infinite loop in Apache CFX High
CVE-2021-30468 was published for org.apache.cxf:apache-cxf (Maven) Jan 6, 2022
Infinite Loop in colors.js High
CVE-2021-23567 was published for colors (npm) Jan 21, 2022
socks Infinite Loop vulnerability High
CVE-2013-10005 was published for github.com/btcsuite/go-socks (Go) Dec 28, 2022
Improper calculations in ECC implementation can trigger a Denial-of-Service (DoS) High
CVE-2023-25653 was published for node-jose (npm) Feb 16, 2023
justaugustus bifurcation
Asciidoctor Infinite Loop vulnerability High
CVE-2018-18385 was published for asciidoctor (RubyGems) May 13, 2022
RubyGems Infinite Loop vulnerability High
CVE-2018-1000075 was published for org.jruby:jruby-stdlib (RubyGems) May 13, 2022
ProTip! Advisories are also available from the GraphQL API