GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
95 advisories
Jetty vulnerable to authorization bypass due to inconsistent HTTP request handling (HTTP Request Smuggling)
Critical
CVE-2017-7658
was published
for
org.eclipse.jetty:jetty-server
(Maven)
Oct 19, 2018
HTTP Request Smuggling in Netty
High
CVE-2019-16869
was published
for
io.netty:netty-all
(Maven)
Oct 11, 2019
HTTP Request Smuggling in Netty
Moderate
CVE-2019-20445
was published
for
io.netty:netty
(Maven)
Feb 21, 2020
HTTP Request Smuggling in Netty
Critical
CVE-2019-20444
was published
for
io.netty:netty
(Maven)
Feb 21, 2020
Micronaut's HTTP client is vulnerable to HTTP Request Header Injection
Critical
CVE-2020-7611
was published
for
io.micronaut:micronaut-http-client
(Maven)
Mar 30, 2020
Improper Neutralization of CRLF Sequences in HTTP Headers in Jooby ('HTTP Response Splitting)
Critical
CVE-2020-7622
was published
for
io.jooby:jooby-netty
(Maven)
Apr 3, 2020
HTTP Smuggling via Transfer-Encoding Header in Puma
High
CVE-2020-11076
was published
for
puma
(RubyGems)
May 22, 2020
ProTip!
Advisories are also available from the
GraphQL API