GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
450 advisories
Denial of Service issue in quinn-proto
High
CVE-2023-42805
was published
for
quinn-proto
(Rust)
Sep 21, 2023
Woodpecker does not validate webhook before changing any data
High
CVE-2023-40034
was published
for
github.com/woodpecker-ci/woodpecker
(Go)
Aug 16, 2023
Denial of service in jackson-dataformats-text
High
CVE-2023-3894
was published
for
com.fasterxml.jackson.dataformat:jackson-dataformats-text
(Maven)
Aug 8, 2023
Possible image tampering from missing image validation for Packages
High
CVE-2023-38495
was published
for
github.com/crossplane/crossplane
(Go)
Jul 28, 2023
MechanicalSoup vulnerable to malicious web server reading arbitrary files on client using file input inside HTML form
High
CVE-2023-34457
was published
for
MechanicalSoup
(pip)
Jul 5, 2023
Grav Server-side Template Injection (SSTI) via Twig Default Filters
High
CVE-2023-34448
was published
for
getgrav/grav
(Composer)
Jun 16, 2023
avo possible unsafe reflection / partial DoS vulnerability
High
CVE-2023-34102
was published
for
avo
(RubyGems)
Jun 6, 2023
HTTP Multiline Header Termination
High
CVE-2023-29530
was published
for
laminas/laminas-diactoros
(Composer)
Apr 24, 2023
ProTip!
Advisories are also available from the
GraphQL API