Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

13 advisories

Loading
Karate has vulnerable dependency on json-smart package (CVE-2023-1370) High
GHSA-5x5q-8cgm-2hjq was published for com.intuit.karate:karate-core (Maven) Mar 31, 2023
kdefives
Undertow Denial of Service vulnerability High
CVE-2024-5971 was published for io.undertow:undertow-core (Maven) Jul 8, 2024
fawind
json-smart Uncontrolled Recursion vulnerabilty High
CVE-2023-1370 was published for net.minidev:json-smart (Maven) Mar 23, 2023
Denial of Service in jquery High
CVE-2016-10707 was published for jQuery (RubyGems) Jan 22, 2018
Jettison memory exhaustion High
CVE-2022-40150 was published for org.codehaus.jettison:jettison (Maven) Sep 17, 2022
XStream can cause Denial of Service via stack overflow High
CVE-2022-41966 was published for com.thoughtworks.xstream:xstream (Maven) Dec 29, 2022
Jettison vulnerable to infinite recursion High
CVE-2023-1436 was published for org.codehaus.jettison:jettison (Maven) Mar 22, 2023
Data Amplification in Play Framework High
CVE-2020-26882 was published for com.typesafe.play:play (Maven) Feb 10, 2022
Uncontrolled Recursion in Play Framework High
CVE-2020-26883 was published for com.typesafe.play:play (Maven) Feb 10, 2022
Apache Log4j2 vulnerable to Improper Input Validation and Uncontrolled Recursion High
CVE-2021-45105 was published for org.apache.logging.log4j:log4j-core (Maven) Dec 18, 2021
chrisbloom7 levinebw
Apache ORC vulnerable to Uncontrolled Recursion High
CVE-2018-8015 was published for org.apache.orc:orc (Maven) May 13, 2022
Uncontrolled Recursion in Akka HTTP High
CVE-2021-42697 was published for com.typesafe.akka:akka-http (Maven) May 24, 2022
Logic error in Apache Pinot High
CVE-2022-23974 was published for org.apache.pinot:pinot (Maven) Apr 6, 2022
ProTip! Advisories are also available from the GraphQL API