Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

52 advisories

Loading
Expression Language Injection in Apache Struts Critical
CVE-2021-31805 was published for org.apache.struts:struts2-core (Maven) Apr 13, 2022
SpEL Injection in Spring Data MongoDB Critical
CVE-2022-22980 was published for org.springframework.data:spring-data-mongodb (Maven) Jun 24, 2022
rthorpeii
Nepxion Discovery vulnerable to SpEL Injection leading to Remote Code Execution Critical
CVE-2022-23463 was published for com.nepxion:discovery (Maven) Sep 25, 2022
RichFaces vulnerable to Expression Language Injection Critical
CVE-2018-12532 was published for org.richfaces:richfaces-core (Maven) May 13, 2022
Arbitrary code execution in Richfaces Critical
CVE-2018-12533 was published for org.richfaces:richfaces-core (Maven) May 13, 2022
A operatorgrouptreeselectcontent expression language injection remote code execution... Critical Unreviewed
CVE-2020-7166 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API