Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,741
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

14 advisories

Loading
Infinite Loop in Apache PDFBox Moderate
CVE-2021-31812 was published for org.apache.pdfbox:pdfbox (Maven) Jun 15, 2021
Excessive Iteration Denial of Service in Apache PDFBox Moderate
CVE-2021-27807 was published for org.apache.pdfbox:pdfbox (Maven) Jun 16, 2021
Excessive Iteration in Compress High
CVE-2021-35515 was published for org.apache.commons:commons-compress (Maven) Aug 2, 2021
Excessive CPU usage High
CVE-2021-39204 was published for github.com/pomerium/pomerium (Go) Sep 10, 2021
Improper Input Validation and Excessive Iteration in Go Facebook Thrift High
CVE-2019-3564 was published for github.com/facebook/fbthrift (Go) Feb 15, 2022
oliverchang
JOSE vulnerable to resource exhaustion via specifically crafted JWE Moderate
CVE-2022-36083 was published for jose (npm) Sep 16, 2022
TomTervoort panva
Churro
OctoRPKI crashes when max iterations is reached Moderate
CVE-2022-3616 was published for github.com/cloudflare/cfrpki (Go) Oct 31, 2022
Apache Sling Resource Merger has Excessive Iteration vulnerability High
CVE-2023-26513 was published for org.apache.sling:org.apache.sling.resourcemerger (Maven) Mar 20, 2023
Keylime's registrar vulnerable to Denial-of-service attack via a single open connection High
CVE-2023-38200 was published for keylime (pip) Aug 1, 2023
Golang TIFF decoder vulnerable to excessive CPU consumption Moderate
CVE-2023-29407 was published for golang.org/x/image (Go) Aug 2, 2023
Eclipse Parsson Denial of Service vulnerability Moderate
CVE-2023-4043 was published for org.eclipse.parsson:project (Maven) Nov 3, 2023
phpseclib vulnerable to denial of service High
CVE-2023-49316 was published for phpseclib/phpseclib (Composer) Nov 27, 2023
kdambekalns iekadou
Denial of service in HashiCorp Consul High
CVE-2020-25201 was published for github.com/hashicorp/consul (Go) Jan 31, 2024
Liferay Portal denial-of-service vulnerability Moderate
CVE-2024-25144 was published for com.liferay.portal:release.dxp.bom (Maven) Feb 8, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database