Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

125 advisories

Loading
aiohttp-session creates non-expiring sessions Moderate
CVE-2018-1000814 was published for aiohttp-session (pip) Dec 20, 2018
Server session is not invalidated when logout() helper method of Authentication module is used in Vaadin 18-19 Moderate
CVE-2021-31408 was published for com.vaadin:vaadin-bom (Maven) Apr 22, 2021
Insufficient Session Expiration and TOCTOU Race Condition in OPC FOundation UA .Net Standard Moderate
CVE-2020-8867 was published for OPCFoundation.NetStandard.Opc.Ua (NuGet) Aug 2, 2021
incomplete JupyterHub logout with simultaneous JupyterLab sessions Moderate
CVE-2021-41247 was published for jupyterhub (pip) Nov 8, 2021
fritterhoff
Insufficient Session Expiration in Pterodactyl API Moderate
GHSA-7v3x-h7r2-34jv was published for pterodactyl/panel (Composer) Jan 21, 2022
EgoMaw
Insufficient Session Expiration in Apache NiFi Registry Moderate
CVE-2020-9482 was published for org.apache.nifi.registry:nifi-registry-web-api (Maven) Feb 9, 2022
In JetBrains TeamCity before 2021.2, a logout action didn't remove a Remember Me cookie. Moderate Unreviewed
CVE-2022-24332 was published Feb 26, 2022
Use of a Key Past its Expiration Date and Insufficient Session Expiration in Maddy Mail Server Moderate
CVE-2022-24732 was published for github.com/foxcpp/maddy (Go) Mar 7, 2022
ysf
SurveyKing v0.2.0 was discovered to retain users' session cookies after logout, allowing... Moderate Unreviewed
CVE-2022-25590 was published Mar 26, 2022
SimpleSAMLphp Invalid token creation and validation Moderate
CVE-2017-12867 was published for simplesamlphp/simplesamlphp (Composer) May 13, 2022
Symfony DoS Moderate
CVE-2018-11386 was published for symfony/http-foundation (Composer) May 14, 2022
Philips ISCV application prior to version 2.3.0 has an insufficient session expiration... Moderate Unreviewed
CVE-2018-5438 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API