GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
28,101 advisories
Trix Editor Arbitrary Code Execution Vulnerability
Moderate
CVE-2024-34341
was published
for
actiontext
(RubyGems)
May 7, 2024
react-pdf vulnerable to arbitrary JavaScript execution upon opening a malicious PDF with PDF.js
High
CVE-2024-34342
was published
for
react-pdf
(npm)
May 7, 2024
Minder's GitHub Webhook Handler vulnerable to DoS from un-validated requests
High
CVE-2024-34084
was published
for
github.com/stacklok/minder
(Go)
May 7, 2024
PDF.js vulnerable to arbitrary JavaScript execution upon opening a malicious PDF
High
CVE-2024-4367
was published
for
pdfjs-dist
(npm)
May 7, 2024
Arbitrary HTML present after sanitization because of unicode normalization
High
CVE-2024-34078
was published
for
html-sanitizer
(pip)
May 6, 2024
Werkzeug debugger vulnerable to remote execution when interacting with attacker controlled domain
High
CVE-2024-34069
was published
for
Werkzeug
(pip)
May 6, 2024
Jinja vulnerable to HTML attribute injection when passing user input as keys to xmlattr filter
Moderate
CVE-2024-34064
was published
for
Jinja2
(pip)
May 6, 2024
Litestar and Starlite vulnerable to Path Traversal
High
CVE-2024-32982
was published
for
litestar
(pip)
May 6, 2024
WordOps has TOCTOU race condition
Moderate
CVE-2024-34528
was published
for
wordops
(pip)
May 6, 2024
MediaWiki UnlinkedWikibase Cross-site Scripting vulnerability
Moderate
CVE-2024-34500
was published
for
samwilson/unlinked-wikibase
(Composer)
May 5, 2024
ProTip!
Advisories are also available from the
GraphQL API