Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

15 advisories

Loading
user/group information can be corrupted across storing in fsimage and reading back from fsimage High
CVE-2018-11768 was published for org.apache.hadoop:hadoop-main (Maven) Nov 20, 2019
Denial of service in Netty Moderate
CVE-2014-3488 was published for io.netty:netty-handler (Maven) Jun 30, 2020
Improper Restriction of Operations within the Bounds of a Memory Buffer in akka-http-core High
CVE-2017-1000118 was published for com.typesafe.akka:akka-http-core_2.11 (Maven) Oct 22, 2018
Stack Overflow in Apache Mesos High
CVE-2018-11793 was published for org.apache.mesos:mesos (Maven) Mar 6, 2019
Improper Restriction of Operations within the Bounds of a Memory Buffer in Apache Sling Moderate
CVE-2013-2254 was published for org.apache.sling:org.apache.sling.api (Maven) May 17, 2022
Denial of Service in Netty High
CVE-2020-11612 was published for io.netty:netty-handler (Maven) Jun 15, 2020
Improper Restriction of Operations within the Bounds of a Memory Buffer in Apache Tomcat High
CVE-2020-13934 was published for org.apache.tomcat:tomcat (Maven) Feb 8, 2022
Excessive memory allocation Moderate
CVE-2018-12541 was published for io.vertx:vertx-core (Maven) Oct 17, 2018
tdunlap607
Lift Sensitive Information Disclosure Moderate
CVE-2013-3300 was published for net.liftweb:lift-webkit (Maven) May 17, 2022
Apache Tomcat DoS via Malicious Get Request High
CVE-2002-2272 was published for org.apache.tomcat:tomcat (Maven) Apr 30, 2022
Apache Tomcat does not properly handle an invalid Transfer-Encoding header Moderate
CVE-2010-2227 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ
Pivotal Spring Framework DoS Attack with XML Input Moderate
CVE-2015-3192 was published for org.springframework:spring-web (Maven) Oct 17, 2018
sunSUNQ
PartialBufferOutputStream2 flush issues Moderate
CVE-2008-7227 was published for org.geoserver.web:gs-web-app (Maven) May 17, 2022 withdrawn
jodygarnett
Eclipse Vert.x memory leak Moderate
CVE-2024-1023 was published for io.vertx:vertx-core (Maven) Mar 27, 2024
marcelstoer
Improper Restriction of Operations within the Bounds of a Memory Buffer in Apache Tomcat High
CVE-2016-6817 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database