GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,096
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,654
NuGet
638
pip
3,263
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
112 advisories
Filter by severity
Pylons Colander Denial of Service vulnerability
High
CVE-2017-18361
was published
for
colander
(pip)
Feb 7, 2019
Apache Tika Denial of Service due to Infinite Loop in Tika's SQLite3Parser
Moderate
CVE-2018-17197
was published
for
org.apache.tika:tika-parsers
(Maven)
Dec 26, 2018
Moderate severity vulnerability that affects io.undertow:undertow-core
Moderate
CVE-2017-2670
was published
for
io.undertow:undertow-core
(Maven)
Oct 19, 2018
Moderate severity vulnerability that affects org.apache.commons:commons-compress
Moderate
CVE-2018-11771
was published
for
org.apache.commons:commons-compress
(Maven)
Oct 19, 2018
Moderate severity vulnerability that affects org.keycloak:keycloak-core
Moderate
CVE-2018-10912
was published
for
org.keycloak:keycloak-core
(Maven)
Oct 18, 2018
Keycloak vulnerable to infinite loop based Denial of Service
High
CVE-2017-2646
was published
for
org.keycloak:keycloak-core
(Maven)
Oct 18, 2018
In Apache Tomcat there is an improper handing of overflow in the UTF-8 decoder
High
CVE-2018-1336
was published
for
org.apache.tomcat.embed:tomcat-embed-core
(Maven)
Oct 17, 2018
Moderate severity vulnerability that affects org.apache.tika:tika-core
Moderate
CVE-2018-1338
was published
for
org.apache.tika:tika-core
(Maven)
Oct 17, 2018
Comparison errorr in org.apache.tika:tika-core
Moderate
CVE-2018-8017
was published
for
org.apache.tika:tika-core
(Maven)
Oct 17, 2018
org.apache.tika:tika-parsers has an Infinite Loop vulnerability
Moderate
CVE-2018-1339
was published
for
org.apache.tika:tika-parsers
(Maven)
Oct 17, 2018
Junrar vulnerable to Infinite Loop
Moderate
CVE-2018-12418
was published
for
com.github.junrar:junrar
(Maven)
Oct 17, 2018
ProTip!
Advisories are also available from the
GraphQL API