Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

5 advisories

Loading
Microsoft Security Advisory CVE-2023-33170: .NET Security Feature Bypass Vulnerability High
CVE-2023-33170 was published for Microsoft.AspNet.Identity.Owin (NuGet) Jul 11, 2023
DmitriyLewen gillarramendi
SnakeYaml Constructor Deserialization Remote Code Execution High
CVE-2022-1471 was published for org.yaml:snakeyaml (Maven) Dec 12, 2022
justintaft securisec
JLLeitschuh DmitriyLewen yairmzr pjfanning
Regular Expression Denial of Service (ReDoS) in lodash Moderate
CVE-2020-28500 was published for lodash (npm) Jan 6, 2022
mitchell-codecov nitaiapiiro
DmitriyLewen jkmartindale
Denial of Service (DoS) in Jackson Dataformat CBOR High
CVE-2020-28491 was published for com.fasterxml.jackson.dataformat:jackson-dataformat-cbor (Maven) Dec 9, 2021
DmitriyLewen
Improper validation of certificate with host mismatch in Apache Log4j SMTP appender Low
CVE-2020-9488 was published for org.apache.logging.log4j:log4j (Maven) Jun 5, 2020
DmitriyLewen
ProTip! Advisories are also available from the GraphQL API