Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

6 advisories

Loading
Signature forgery in Biscuit Critical
CVE-2022-31053 was published for biscuit-auth (Go) Jun 17, 2022
avivdolev Churro
RubyGems Improper Verification of Cryptographic Signature vulnerability Critical
CVE-2018-1000076 was published for org.jruby:jruby-stdlib (RubyGems) May 14, 2022
Missing certificate validation in Apache JMeter Critical
CVE-2018-1287 was published for org.apache.jmeter:ApacheJMeter (Maven) May 13, 2022
Improper Verification of Cryptographic Signature in starkbank-ecdsa Critical
CVE-2021-43570 was published for com.starkbank:starkbank-ecdsa (Maven) Nov 10, 2021
tdunlap607
Improper Verification of Cryptographic Signature in Apache Pulsar in TensorFlow Critical
CVE-2021-22160 was published for org.apache.pulsar:pulsar (Maven) Jun 1, 2021
Missing validation of JWT signature in `ManyDesigns/Portofino` Critical
CVE-2021-29451 was published for com.manydesigns:portofino-core (Maven) Apr 19, 2021
intrigus-lgtm
ProTip! Advisories are also available from the GraphQL API