GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
260 advisories
GeoServer has improper ENTITY_RESOLUTION_ALLOWLIST URI validation in XML Processing (SSRF)
Critical
CVE-2024-34711
was published
for
org.geoserver.main:gs-main
(Maven)
Jun 10, 2025
GeoTools has XML External Entity (XXE) Processing Vulnerability in XSD schema handling
Critical
GHSA-826p-4gcg-35vw
was published
for
org.geotools:gt-wfs-ng
(Maven)
Jun 9, 2025
Lucee RCE/XXE Vulnerability
Critical
CVE-2023-38693
was published
for
org.lucee:lucee
(Maven)
Mar 5, 2025
http4k has a potential XXE (XML External Entity Injection) vulnerability
Critical
CVE-2024-55875
was published
for
org.http4k:http4k-format-xml
(Maven)
Dec 12, 2024
ProTip!
Advisories are also available from the
GraphQL API