GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
58 advisories
Deserialization of Untrusted Data in Jenkins
Moderate
CVE-2017-1000355
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 14, 2022
Spring Framework and Spring Security vulnerable to Deserialization of Untrusted Data
Moderate
CVE-2011-2894
was published
for
org.springframework.security:spring-security-core
(Maven)
May 14, 2022
DoS vulnerability in bundled XStream library in Jenkins Core
Moderate
CVE-2022-0538
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
Feb 10, 2022
Deserialization of Untrusted Data in logback
Moderate
CVE-2021-42550
was published
for
ch.qos.logback:logback-core
(Maven)
Dec 17, 2021
Deserialization of Untrusted Data in Spring AMQP
Moderate
CVE-2021-22095
was published
for
org.springframework.amqp:spring-amqp
(Maven)
Dec 1, 2021
Deserialization of Untrusted Data in ParlAI
Moderate
CVE-2021-24040
was published
for
parlai
(pip)
Sep 13, 2021
Deserialization of Untrusted Data in parlai
Moderate
CVE-2021-39207
was published
for
parlai
(pip)
Sep 13, 2021
Deserialization of Untrusted Data in Flask-Caching
Moderate
CVE-2021-33026
was published
for
Flask-Caching
(pip)
Jun 18, 2021
XStream is vulnerable to an Arbitrary Code Execution attack
Moderate
CVE-2021-21351
was published
for
com.thoughtworks.xstream:xstream
(Maven)
Mar 22, 2021
XStream is vulnerable to an Arbitrary Code Execution attack
Moderate
CVE-2021-21346
was published
for
com.thoughtworks.xstream:xstream
(Maven)
Mar 22, 2021
ProTip!
Advisories are also available from the
GraphQL API