GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
264 advisories
Eclipse Jetty URI parsing of invalid authority
Low
CVE-2024-6763
was published
for
org.eclipse.jetty:jetty-http
(Maven)
Oct 14, 2024
Apache Hadoop: Temporary File Local Information Disclosure
Low
CVE-2024-23454
was published
for
org.apache.hadoop:hadoop-common
(Maven)
Sep 25, 2024
DSpace Cross Site Scripting (XSS) via a deposited HTML/XML document
Low
CVE-2024-38364
was published
for
org.dspace:dspace-server-webapp
(Maven)
Jun 25, 2024
Keycloak leaks configured LDAP bind credentials through the Keycloak admin console
Low
CVE-2024-5967
was published
for
org.keycloak:keycloak-ldap-federation
(Maven)
Jun 21, 2024
Bouncy Castle Java Cryptography API vulnerable to DNS poisoning
Low
CVE-2024-34447
was published
for
org.bouncycastle:bcprov-jdk12
(Maven)
May 3, 2024
XMLUnit for Java has Insecure Defaults when Processing XSLT Stylesheets
Low
CVE-2024-31573
was published
for
org.xmlunit:xmlunit-core
(Maven)
May 1, 2024
JADX file override vulnerability
Low
GHSA-hvp5-5x4f-33fq
was published
for
io.github.skylot:jadx-core
(Maven)
Apr 22, 2024
Keycloak DoS via account lockout
Low
CVE-2024-1722
was published
for
org.keycloak:keycloak-core
(Maven)
Feb 29, 2024
Apache Camel data exposure vulnerability
Low
CVE-2024-22371
was published
for
org.apache.camel:camel-core
(Maven)
Feb 26, 2024
Vulnerability affecting the org.openjfx:javafx-media maven component of the OpenJFX project
Low
CVE-2024-20925
was published
for
org.openjfx:javafx-media
(Maven)
Feb 17, 2024
ProTip!
Advisories are also available from the
GraphQL API