GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
1,779 advisories
jackson-databind mishandles the interaction between serialization gadgets and typing
High
CVE-2020-10968
was published
for
com.fasterxml.jackson.core:jackson-databind
(Maven)
May 15, 2020
jackson-databind mishandles the interaction between serialization gadgets and typing
High
CVE-2020-11113
was published
for
com.fasterxml.jackson.core:jackson-databind
(Maven)
May 15, 2020
Improper Validation of Certificate with Host Mismatch in Java-WebSocket
High
CVE-2020-11050
was published
for
org.java-websocket:Java-WebSocket
(Maven)
May 8, 2020
jackson-databind mishandles the interaction between serialization gadgets and typing
High
CVE-2020-10969
was published
for
com.fasterxml.jackson.core:jackson-databind
(Maven)
Apr 23, 2020
jackson-databind mishandles the interaction between serialization gadgets and typing
High
CVE-2020-11620
was published
for
com.fasterxml.jackson.core:jackson-databind
(Maven)
Apr 23, 2020
jackson-databind mishandles the interaction between serialization gadgets and typing
High
CVE-2020-10672
was published
for
com.fasterxml.jackson.core:jackson-databind
(Maven)
Apr 23, 2020
Remote Code Execution (RCE) vulnerability in dropwizard-validation
High
CVE-2020-11002
was published
for
io.dropwizard:dropwizard-validation
(Maven)
Apr 10, 2020
Remote Code Execution (RCE) vulnerability in dropwizard-validation
High
CVE-2020-5245
was published
for
io.dropwizard:dropwizard-validation
(Maven)
Feb 24, 2020
RFD attack via Content-Disposition header sourced from request input by Spring MVC or Spring WebFlux Application
High
CVE-2020-5398
was published
for
org.springframework:spring-webflux
(Maven)
Jan 21, 2020
ProTip!
Advisories are also available from the
GraphQL API