Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

10 advisories

Loading
Apache Tomcat Improper Input Validation vulnerability Moderate
CVE-2023-45648 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Oct 10, 2023
biehl1 mpihelgas
Apache Tomcat Incomplete Cleanup vulnerability Moderate
CVE-2023-42795 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Oct 10, 2023
biehl1 mpihelgas
In Reactor Netty HTTP Server a malicious user can send a request using a specially crafted URL that can lead to a directory traversal attack High
CVE-2023-34062 was published for io.projectreactor.netty:reactor-netty-http (Maven) Nov 15, 2023
mpihelgas
Deserialization of untrusted data in Jackson Databind High
CVE-2020-14062 was published for com.fasterxml.jackson.core:jackson-databind (Maven) Jun 18, 2020
mpihelgas
jackson-databind mishandles the interaction between serialization gadgets and typing High
CVE-2020-10969 was published for com.fasterxml.jackson.core:jackson-databind (Maven) Apr 23, 2020
mpihelgas
Serialization gadgets exploit in jackson-databind High
CVE-2020-35491 was published for com.fasterxml.jackson.core:jackson-databind (Maven) Dec 9, 2021
mpihelgas
SQL injection in hibernate-core High
CVE-2020-25638 was published for org.hibernate:hibernate-core (Maven) Feb 9, 2022
vmvarga mpihelgas
SQL Injection in Hibernate ORM Moderate
CVE-2019-14900 was published for org.hibernate:hibernate-core (Maven) Feb 10, 2022
mpihelgas
Reactor Netty HTTP Server denial of service vulnerability High
CVE-2023-34054 was published for io.projectreactor.netty:reactor-netty-core (Maven) Nov 28, 2023
mpihelgas
Bouncy Castle Denial of Service (DoS) Moderate
CVE-2023-33202 was published for org.bouncycastle:bcpkix-jdk18on (Maven) Nov 23, 2023
ind-team ebickle
Ghcml mpihelgas
ProTip! Advisories are also available from the GraphQL API