GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
5,014 advisories
Moderate severity vulnerability that affects org.apache.cxf.fediz:fediz-spring, org.apache.cxf.fediz:fediz-spring2, and org.apache.cxf.fediz:fediz-spring3
Moderate
CVE-2017-12631
was published
for
org.apache.cxf.fediz:fediz-spring
(Maven)
Oct 18, 2018
Spring Security and Spring Framework may not recognize certain paths that should be protected
High
CVE-2016-5007
was published
for
org.springframework.security:spring-security-core
(Maven)
Oct 17, 2018
Files or Directories Accessible to External Parties in org.springframework:spring-core
High
CVE-2015-5211
was published
for
org.springframework:spring-core
(Maven)
Oct 17, 2018
Pivotal Spring Framework DoS Attack with XML Input
Moderate
CVE-2015-3192
was published
for
org.springframework:spring-web
(Maven)
Oct 17, 2018
Moderate severity vulnerability that affects org.springframework:spring-core
Moderate
CVE-2015-0201
was published
for
org.springframework:spring-core
(Maven)
Oct 17, 2018
Improperly Implemented Security Check for Standard in org.springframework:spring-core
Critical
CVE-2018-1275
was published
for
org.springframework:spring-core
(Maven)
Oct 17, 2018
Path Traversal in org.springframework:spring-core
Moderate
CVE-2018-1271
was published
for
org.springframework:spring-core
(Maven)
Oct 17, 2018
Spring Framework when used in combination with any versions of Spring Security contains an authorization bypass
High
CVE-2018-1258
was published
for
org.springframework:spring-core
(Maven)
Oct 17, 2018
ProTip!
Advisories are also available from the
GraphQL API