GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
173 advisories
Filter by severity
Keycloak vulnerable to uncontrolled resource consumption
High
CVE-2014-3651
was published
for
org.keycloak:keycloak-core
(Maven)
Oct 18, 2018
High severity vulnerability that affects com.typesafe.akka:akka-http-core_2.11 and com.typesafe.akka:akka-http-core_2.12
High
CVE-2018-16131
was published
for
com.typesafe.akka:akka-http-core_2.11
(Maven)
Oct 22, 2018
Uncontrolled Resource Consumption in spray-json when parsing decimal digit fields
High
CVE-2018-18853
was published
for
io.spray:spray-json_2.10
(Maven)
Nov 9, 2018
Memory exhaustion in http4s-async-http-client with large or malicious compressed responses
Low
GHSA-8hxh-r6f7-jf45
was published
for
org.http4s:http4s-async-http-client_2.12
(Maven)
Oct 16, 2020
Uncontrolled Resource Consumption in spray-json
High
CVE-2018-18854
was published
for
io.spray:spray-json_2.10
(Maven)
Nov 9, 2018
Regular expression denial of service (ReDoS) in EmailField component in Vaadin 14 and 15-17
High
GHSA-crh4-294p-vcfq
was published
for
com.vaadin:vaadin-text-field-flow
(Maven)
Apr 19, 2021
Denial of service in DataCommunicator class in Vaadin 8
Moderate
GHSA-j23j-q57m-63v3
was published
for
com.vaadin:vaadin-server
(Maven)
Oct 13, 2021
Remote code injection, Improper Input Validation and Uncontrolled Recursion in Log4j library
Critical
GHSA-3qpm-h9ch-px3c
was published
for
org.powernukkit:powernukkit
(Maven)
Jan 6, 2022
Security Advisory for "Log4Shell"
Critical
GHSA-v57x-gxfj-484q
was published
for
com.hazelcast.jet:hazelcast-jet
(Maven)
Jan 21, 2022
Uncontrolled Resource Consumption in org.eclipse.jetty:jetty-server
High
CVE-2018-12545
was published
for
org.eclipse.jetty:jetty-server
(Maven)
Mar 28, 2019
Uncontrolled Resource Consumption in Spray JSON
Moderate
CVE-2018-18855
was published
for
io.spray:spray-json
(Maven)
Jun 28, 2022
RESTEasy 4.5.5.Final in hash flooding
High
CVE-2020-14326
was published
for
org.jboss.resteasy:resteasy-bom
(Maven)
Mar 18, 2022
Uncontrolled Resource Consumption in Apache ZooKeeper
High
CVE-2017-5637
was published
for
org.apache.zookeeper:zookeeper
(Maven)
May 13, 2022
Resource Exhaustion in Spring Security
High
CVE-2021-22119
was published
for
org.springframework.security:spring-security-core
(Maven)
Jul 2, 2021
OutOfMemory Exception by specifically crafted processing instruction in NekoHtml Parser
High
CVE-2022-29546
was published
for
net.sourceforge.htmlunit:neko-htmlunit
(Maven)
Apr 26, 2022
Uncontrolled Resource Consumption in Undertow
Moderate
CVE-2018-1114
was published
for
io.undertow:undertow-core
(Maven)
May 13, 2022
graphql-java vulnerable to Denial of Service via GraphQL query that consumes CPU resources
High
CVE-2022-37734
was published
for
com.graphql-java:graphql-java
(Maven)
Sep 13, 2022
Uncontrolled Resource Consumption in WildFly
Moderate
CVE-2020-25689
was published
for
org.wildfly:wildfly-dist
(Maven)
May 24, 2022
Denial of service binding form from JSON in Play Framework
High
CVE-2022-31018
was published
for
com.typesafe.play:play_2.12
(Maven)
Jun 3, 2022
lite-server vulnerable to Denial of Service
High
CVE-2022-25940
was published
for
lite-server
(Maven)
Dec 20, 2022
Undertow vulnerable to Denial of Service (DoS) attacks
High
CVE-2021-3859
was published
for
io.undertow:undertow-core
(Maven)
Jul 15, 2022
Uncontrolled Resource Consumption in Apache Tika
Moderate
CVE-2020-1950
was published
for
org.apache.tika:tika
(Maven)
May 7, 2021
Protobuf Java vulnerable to Uncontrolled Resource Consumption
High
CVE-2022-3509
was published
for
com.google.protobuf:protobuf-java
(Maven)
Dec 12, 2022
Protobuf Java vulnerable to Uncontrolled Resource Consumption
High
CVE-2022-3510
was published
for
com.google.protobuf:protobuf-java
(Maven)
Dec 12, 2022
Undertow vulnerable to Uncontrolled Resource Consumption
High
CVE-2019-14888
was published
for
io.undertow:undertow-core
(Maven)
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API