Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

12 advisories

Loading
Server Side Request Forgery in Apache Axis High
CVE-2019-0227 was published for axis:axis (Maven) May 14, 2019
ebickle
Observable Differences in Behavior to Error Inputs in Bouncy Castle Moderate
CVE-2020-26939 was published for org.bouncycastle:bc-fips (Maven) Apr 22, 2021
ebickle
Denial of service in Spring Security OAuth2 Moderate
CVE-2022-22969 was published for org.springframework.security.oauth:spring-security-oauth2 (Maven) Apr 22, 2022
ebickle SunBK201
Improper Certificate Validation in Apache Commons HttpClient Moderate
CVE-2012-5783 was published for commons-httpclient:commons-httpclient (Maven) May 13, 2022
ebickle
Denial of service in Apache Struts Moderate
CVE-2016-3093 was published for ognl:ognl (Maven) May 17, 2022
ebickle
Apache Axis 1.x (EOL) may allow RCE when untrusted input is passed to getService Critical
CVE-2023-40743 was published for axis:axis (Maven) Sep 5, 2023
jkmartindale ebickle
HTTP/2 Stream Cancellation Attack Moderate
CVE-2023-44487 was published for com.typesafe.akka:akka-http-core (Go) Oct 10, 2023
joakime faroukfaiz10
DuyTran-TomTom derekheld ebickle westonsteimel
Bouncy Castle Denial of Service (DoS) Moderate
CVE-2023-33202 was published for org.bouncycastle:bcpkix-jdk18on (Maven) Nov 23, 2023
ind-team ebickle
Ghcml mpihelgas
Ion Java StackOverflow vulnerability High
CVE-2024-21634 was published for com.amazon.ion:ion-java (Maven) Jan 3, 2024
ebickle
Apache Axis Improper Input Validation vulnerability High
CVE-2023-51441 was published for axis:axis (Maven) Jan 6, 2024
ebickle
Denial of Service in Connect2id Nimbus JOSE+JWT High
CVE-2023-52428 was published for com.nimbusds:nimbus-jose-jwt (Maven) Feb 11, 2024
ebickle
Withdrawn: JJWT improperly generates signing keys Moderate
CVE-2024-31033 was published for io.jsonwebtoken:jjwt-impl (Maven) Apr 1, 2024 withdrawn
ebickle
ProTip! Advisories are also available from the GraphQL API