Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

34 advisories

Loading
Mattermost Server Resource Exhaustion Low
CVE-2024-28053 was published for github.com/mattermost/mattermost-server (Go) Mar 15, 2024
Eclipse Jetty's PushSessionCacheFilter can cause remote DoS attacks Low
CVE-2024-6762 was published for org.eclipse.jetty:jetty-servlets (Maven) Oct 14, 2024
Plone Denial of Service vulnerability via decompressing large zip archives Low
CVE-2013-4199 was published for plone (pip) May 17, 2022
octo-sts vulnerable to unauthenticated attacker causing unbounded CPU and memory usage Low
CVE-2024-34079 was published for github.com/octo-sts/app (Go) May 13, 2024
enj
Mattermost fails to limit the size of a request path Low
CVE-2024-22091 was published for github.com/mattermost/mattermost-server (Go) Apr 26, 2024
Regular Expression Denial of Service in debug Low
CVE-2017-16137 was published for debug (npm) Aug 9, 2018
G-Rath SamHutchins-Sage
quiche vulnerable to unbounded storage of information related to connection ID retirement Low
CVE-2024-1410 was published for quiche (Rust) Mar 13, 2024
marten-seemann
Rack has possible DoS Vulnerability with Range Header Low
CVE-2024-26141 was published for rack (RubyGems) Feb 28, 2024
ooooooo-q
ReDoS based DoS vulnerability in Action Dispatch Low
CVE-2023-22792 was published for actionpack (RubyGems) Jan 18, 2023
robertoz-01 postmodern
Puppet Denial of Service and Arbitrary File Write Low
CVE-2012-1987 was published for puppet (RubyGems) May 14, 2022
Cosign vulnerable to possible endless data attack from attacker-controlled registry Low
CVE-2023-46737 was published for github.com/sigstore/cosign (Go) Nov 8, 2023
AdamKorcz pdeslaur
eventing-github vulnerable to denial of service caused by improper enforcement of the timeout on individual read operations Low
GHSA-v7hc-87jc-qrrr was published for knative.dev/eventing-github (Go) Dec 6, 2023
RuoYi Uncontrolled Resource Consumption vulnerability Low
CVE-2023-3163 was published for com.ruoyi:ruoyi (Maven) Jun 8, 2023
Fides Webserver Vulnerable to SVG Bomb File Uploads Low
CVE-2023-37481 was published for ethyca-fides (pip) Jul 18, 2023
daveqnet
Denial of service from large image Low
CVE-2023-37900 was published for github.com/crossplane/crossplane (Go) Jul 28, 2023
AdamKorcz DavidKorczynski
phisco
Fides Webserver Vulnerable to Zip Bomb File Uploads Low
CVE-2023-37480 was published for ethyca-fides (pip) Jul 18, 2023
daveqnet
Denial of Service Vulnerability in Rack Content-Disposition parsing Low
CVE-2022-44571 was published for rack (RubyGems) Jan 18, 2023
Denial of service via multipart parsing in Rack Low
CVE-2022-44572 was published for rack (RubyGems) Jan 18, 2023
Regular Expression Denial of Service in jadedown Low
CVE-2016-10520 was published for jadedown (npm) Feb 18, 2019
Regular Expression Denial of Service (ReDoS) in jsx-slack Low
CVE-2021-43838 was published for jsx-slack (npm) Dec 17, 2021
hieki
Regular Expression Denial of Service (ReDoS) in braces Low
CVE-2018-1109 was published for braces (npm) Jan 6, 2022
Denial of service in fast-csv Low
CVE-2020-26256 was published for @fast-csv/parse (npm) Dec 8, 2020
hutool-json vulnerable to memory exhaustion Low
CVE-2022-45689 was published for cn.hutool:hutool-json (Maven) Dec 13, 2022
JBossWS vulnerable to uncontrolled recursion Low
CVE-2011-1483 was published for org.jboss.ws:jbossws-common (Maven) May 13, 2022
EnumStringValues vulnerable to Uncontrolled Resource Consumption Low
CVE-2020-36620 was published for EnumStringValues (NuGet) Dec 21, 2022
ProTip! Advisories are also available from the GraphQL API