GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
12 advisories
Withdrawn: JJWT improperly generates signing keys
Moderate
CVE-2024-31033
was published
for
io.jsonwebtoken:jjwt-impl
(Maven)
Apr 1, 2024
•
withdrawn
Denial of Service in Connect2id Nimbus JOSE+JWT
High
CVE-2023-52428
was published
for
com.nimbusds:nimbus-jose-jwt
(Maven)
Feb 11, 2024
Apache Axis Improper Input Validation vulnerability
High
CVE-2023-51441
was published
for
axis:axis
(Maven)
Jan 6, 2024
Ion Java StackOverflow vulnerability
High
CVE-2024-21634
was published
for
com.amazon.ion:ion-java
(Maven)
Jan 3, 2024
Bouncy Castle Denial of Service (DoS)
Moderate
CVE-2023-33202
was published
for
org.bouncycastle:bcpkix-jdk18on
(Maven)
Nov 23, 2023
HTTP/2 Stream Cancellation Attack
Moderate
CVE-2023-44487
was published
for
com.typesafe.akka:akka-http-core
(Go)
Oct 10, 2023
Apache Axis 1.x (EOL) may allow RCE when untrusted input is passed to getService
Critical
CVE-2023-40743
was published
for
axis:axis
(Maven)
Sep 5, 2023
Denial of service in Apache Struts
Moderate
CVE-2016-3093
was published
for
ognl:ognl
(Maven)
May 17, 2022
Improper Certificate Validation in Apache Commons HttpClient
Moderate
CVE-2012-5783
was published
for
commons-httpclient:commons-httpclient
(Maven)
May 13, 2022
Denial of service in Spring Security OAuth2
Moderate
CVE-2022-22969
was published
for
org.springframework.security.oauth:spring-security-oauth2
(Maven)
Apr 22, 2022
Observable Differences in Behavior to Error Inputs in Bouncy Castle
Moderate
CVE-2020-26939
was published
for
org.bouncycastle:bc-fips
(Maven)
Apr 22, 2021
Server Side Request Forgery in Apache Axis
High
CVE-2019-0227
was published
for
axis:axis
(Maven)
May 14, 2019
ProTip!
Advisories are also available from the
GraphQL API