GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
380 advisories
Follow Redirects improperly handles URLs in the url.parse() function
Moderate
CVE-2023-26159
was published
for
follow-redirects
(npm)
Jan 2, 2024
Denial of service caused by infinite recursion when parsing SVG images
Moderate
CVE-2023-50262
was published
for
dompdf/dompdf
(Composer)
Dec 13, 2023
Improper Input Validation in mindsdb
Moderate
CVE-2023-49796
was published
for
mindsdb
(pip)
Dec 12, 2023
Traefik incorrectly processes fragment in the URL, leads to Authorization Bypass
Moderate
CVE-2023-47106
was published
for
github.com/traefik/traefik/v2
(Go)
Dec 5, 2023
aiohttp's ClientSession is vulnerable to CRLF injection via version
Moderate
CVE-2023-49081
was published
for
aiohttp
(pip)
Nov 27, 2023
aiohttp's ClientSession is vulnerable to CRLF injection via method
Moderate
CVE-2023-49082
was published
for
aiohttp
(pip)
Nov 27, 2023
Apache Tomcat Improper Input Validation vulnerability
Moderate
CVE-2023-45648
was published
for
org.apache.tomcat.embed:tomcat-embed-core
(Maven)
Oct 10, 2023
Microsoft Common Data Model SDK Denial of Service Vulnerability
Moderate
CVE-2023-36566
was published
for
Microsoft.CommonDataModel.ObjectModel
(Maven)
Oct 10, 2023
Prevent injection of invalid entity ids for "autocomplete" fields
Moderate
CVE-2023-41336
was published
for
symfony/ux-autocomplete
(Composer)
Sep 11, 2023
PrestaShop file deletion via CustomerMessage
Moderate
CVE-2023-39530
was published
for
prestashop/prestashop
(Composer)
Aug 9, 2023
PrestaShop file deletion via attachment API
Moderate
CVE-2023-39529
was published
for
prestashop/prestashop
(Composer)
Aug 9, 2023
ProTip!
Advisories are also available from the
GraphQL API