Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

280 advisories

Loading
Rack vulnerable to REDoS Moderate
CVE-2012-6109 was published for rack (RubyGems) Oct 24, 2017
Junrar vulnerable to Infinite Loop Moderate
CVE-2018-12418 was published for com.github.junrar:junrar (Maven) Oct 17, 2018
org.apache.tika:tika-parsers has an Infinite Loop vulnerability Moderate
CVE-2018-1339 was published for org.apache.tika:tika-parsers (Maven) Oct 17, 2018
YVoitiuk
Comparison errorr in org.apache.tika:tika-core Moderate
CVE-2018-8017 was published for org.apache.tika:tika-core (Maven) Oct 17, 2018
MarkLee131
Moderate severity vulnerability that affects org.apache.tika:tika-core Moderate
CVE-2018-1338 was published for org.apache.tika:tika-core (Maven) Oct 17, 2018
Moderate severity vulnerability that affects org.keycloak:keycloak-core Moderate
CVE-2018-10912 was published for org.keycloak:keycloak-core (Maven) Oct 18, 2018
Moderate severity vulnerability that affects org.apache.commons:commons-compress Moderate
CVE-2018-11771 was published for org.apache.commons:commons-compress (Maven) Oct 19, 2018
SunBK201
Moderate severity vulnerability that affects io.undertow:undertow-core Moderate
CVE-2017-2670 was published for io.undertow:undertow-core (Maven) Oct 19, 2018
Apache Tika Denial of Service due to Infinite Loop in Tika's SQLite3Parser Moderate
CVE-2018-17197 was published for org.apache.tika:tika-parsers (Maven) Dec 26, 2018
Apache Commons Compress vulnerable to denial of service due to infinite loop Moderate
CVE-2018-1324 was published for com.liferay:com.liferay.portal.tools.bundle.support (Maven) Mar 14, 2019
wtwhite MarkLee131
Missing Release of Memory after Effective Lifetime in Apache Tika Moderate
CVE-2020-9489 was published for org.apache.tika:tika (Maven) May 7, 2021
tdunlap607
Infinite Loop in Apache Tika Moderate
CVE-2020-1951 was published for org.apache.tika:tika (Maven) May 7, 2021
Infinite loop in Apache Tika Moderate
CVE-2021-28657 was published for org.apache.tika:tika (Maven) May 10, 2021
Use of "infinity" as an input to datetime and date fields causes infinite loop in pydantic Moderate
CVE-2021-29510 was published for pydantic (pip) May 13, 2021
nina-j bluetech
golang.org/x/text Infinite loop Moderate
CVE-2020-14040 was published for golang.org/x/text (Go) May 18, 2021
Infinite Loop in Apache PDFBox Moderate
CVE-2021-31812 was published for org.apache.pdfbox:pdfbox (Maven) Jun 15, 2021
Infinite loop in TFLite Moderate
CVE-2021-37686 was published for tensorflow (pip) Aug 25, 2021
XStream can cause a Denial of Service Moderate
CVE-2021-39140 was published for com.thoughtworks.xstream:xstream (Maven) Aug 25, 2021
Improper Handling of Missing Values in kaml Moderate
CVE-2021-39194 was published for com.charleskorn.kaml:kaml (Maven) Sep 7, 2021
Infinite loop in Apache MINA Moderate
CVE-2021-41973 was published for org.apache.mina:mina-core (Maven) Nov 3, 2021
aikebah
Infinite certificate chain depth results in OctoRPKI running forever Moderate
CVE-2021-3908 was published for github.com/cloudflare/cfrpki (Go) Nov 10, 2021
andrewpollock
An infinite loop vulnerability exists in Gpac 1.0.1 in gf_get_bit_size. Moderate Unreviewed
CVE-2021-45297 was published Dec 22, 2021
Infinite Loop in Apache James Moderate
CVE-2021-40111 was published for org.apache.james:james-server (Maven) Jan 8, 2022
Denial of Service in docker2aci Moderate
CVE-2016-8579 was published for github.com/appc/docker2aci (Go) Feb 15, 2022
ProTip! Advisories are also available from the GraphQL API