Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

102 advisories

Loading
Apollo Query Planner and Apollo Gateway may infinitely loop on sufficiently complex queries High
CVE-2024-43414 was published for @apollo/gateway (npm) Aug 27, 2024
Secure Boot Security Feature Bypass Vulnerability High Unreviewed
CVE-2024-37973 was published Jul 9, 2024
Undertow Denial of Service vulnerability High
CVE-2024-5971 was published for io.undertow:undertow-core (Maven) Jul 8, 2024
fawind
Rhai stack overflow vulenrability High
CVE-2024-36760 was published for rhai (Rust) Jun 13, 2024
Duplicate Advisory: sqlparse parsing heavily nested list leads to Denial of Service High
GHSA-62qf-jcq8-8gxw was published for sqlparse (pip) Apr 30, 2024 withdrawn
sqlparse parsing heavily nested list leads to Denial of Service High
CVE-2024-4340 was published for sqlparse (pip) Apr 15, 2024
uriyay-jfrog
orjson does not limit recursion for deeply nested JSON documents High
CVE-2024-27454 was published for orjson (pip) Feb 26, 2024
msgpackr's conversion of property names to strings can trigger infinite recursion High
CVE-2023-52079 was published for msgpackr (npm) Dec 28, 2023
o5k
Vapor vulnerable to denial of service in URLEncodedFormDecoder High
CVE-2022-31019 was published for github.com/vapor/vapor (Swift) Jun 7, 2023
weissi
Karate has vulnerable dependency on json-smart package (CVE-2023-1370) High
GHSA-5x5q-8cgm-2hjq was published for com.intuit.karate:karate-core (Maven) Mar 31, 2023
kdefives
json-smart Uncontrolled Recursion vulnerabilty High
CVE-2023-1370 was published for net.minidev:json-smart (Maven) Mar 23, 2023
ProTip! Advisories are also available from the GraphQL API