Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

4 advisories

Loading
Jetty vulnerable to incorrect handling of invalid large TLS frame, exhausting CPU resources High
CVE-2021-28165 was published for org.eclipse.jetty:jetty-server (Maven) Apr 6, 2021
Dompdf vulnerable to URI validation failure on SVG parsing Critical
CVE-2023-23924 was published for dompdf/dompdf (Composer) Feb 1, 2023
Blaklis
Authorization Before Parsing and Canonicalization in jetty Moderate
CVE-2021-28164 was published for org.eclipse.jetty:jetty-webapp (Maven) Apr 6, 2021
charlesk40
Encoded URIs can access WEB-INF directory in Eclipse Jetty Moderate
CVE-2021-34429 was published for org.eclipse.jetty:jetty-webapp (Maven) Jul 19, 2021
cangqingzhe lachlan-roberts
ProTip! Advisories are also available from the GraphQL API