GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
68 advisories
Django vulnerable to Reflected File Download attack
High
CVE-2022-36359
was published
for
Django
(pip)
Aug 11, 2022
Apache Airflow: DAG Code and Import Error Permissions Ignored
Moderate
CVE-2024-27906
was published
for
apache-airflow
(pip)
Feb 29, 2024
Apache Airflow Path Traversal vulnerability
High
CVE-2023-22887
was published
for
apache-airflow
(pip)
Jul 12, 2023
Apache Airflow Incorrect Authorization vulnerability
High
CVE-2023-35908
was published
for
apache-airflow
(pip)
Jul 12, 2023
Django Vulnerable to Cache Poisoning
Critical
CVE-2014-1418
was published
for
Django
(pip)
May 17, 2022
Django Incorrect Default Permissions
Moderate
CVE-2020-24584
was published
for
django
(pip)
Mar 18, 2021
Improper Access Control in Apache Airflow
High
CVE-2021-26559
was published
for
apache-airflow
(pip)
Apr 7, 2021
Django Denial-of-service possibility in truncatechars_html and truncatewords_html template filters
Low
CVE-2018-7537
was published
for
django
(pip)
Jan 4, 2019
Django allows unintended model editing
High
CVE-2019-19118
was published
for
Django
(pip)
Dec 4, 2019
Apache Airflow: Incorrect Default Permissions in audit logs for Ops and Viewers users
Moderate
CVE-2024-26280
was published
for
apache-airflow
(pip)
Mar 1, 2024
Uncontrolled Resource Consumption in Pillow
High
CVE-2021-28677
was published
for
Pillow
(pip)
Jun 8, 2021
Improper Initialization in Pillow
Moderate
CVE-2022-22815
was published
for
Pillow
(pip)
Jan 12, 2022
DOS attack in Pillow when processing specially crafted image files
High
CVE-2019-16865
was published
for
pillow
(pip)
Oct 22, 2019
Regular Expression Denial of Service (ReDoS) in Pillow
Moderate
CVE-2021-25292
was published
for
Pillow
(pip)
Mar 29, 2021
Pillow Uncontrolled Resource Consumption
High
CVE-2021-27922
was published
for
Pillow
(pip)
Mar 18, 2021
ProTip!
Advisories are also available from the
GraphQL API