GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
315 advisories
Apache NiFi: Missing Complete Authorization for Parameter and Service References
Low
CVE-2024-56512
was published
for
org.apache.nifi:nifi-web-api
(Maven)
Dec 28, 2024
QOS.CH logback-core Server-Side Request Forgery vulnerability
Low
CVE-2024-12801
was published
for
ch.qos.logback:logback-core
(Maven)
Dec 19, 2024
Keycloak Denial of Service via account lockout
Low
CVE-2024-1722
was published
for
org.keycloak:keycloak-services
(Maven)
Jun 12, 2024
Duplicate Advisory: Keycloak DoS via account lockout
Low
GHSA-3hrr-xwvg-hxvr
was published
for
org.keycloak:keycloak-core
(Maven)
Feb 29, 2024
•
withdrawn
Keycloak's improper input validation allows using email as username
Low
CVE-2021-3754
was published
for
org.keycloak:keycloak-services
(Maven)
Jun 12, 2024
sigstore-java has a vulnerability with bundle verification
Low
CVE-2024-54140
was published
for
dev.sigstore:sigstore-java
(Maven)
Dec 5, 2024
Jenkins GitHub Pull Request Builder Plugin credential capture vulnerability
Low
CVE-2018-1000186
was published
for
org.jenkins-ci.plugins:ghprb
(Maven)
May 14, 2022
Apache Camel data exposure vulnerability
Low
CVE-2024-22371
was published
for
org.apache.camel:camel-core
(Maven)
Feb 26, 2024
Temporary File Information Disclosure vulnerability in MPXJ
Low
CVE-2022-41954
was published
for
mpxj
(Maven)
Nov 28, 2022
ProTip!
Advisories are also available from the
GraphQL API