GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
915 advisories
GitPython vulnerable to Remote Code Execution due to improper user input validation
Critical
CVE-2022-24439
was published
for
GitPython
(pip)
Dec 6, 2022
xmldom allows multiple root nodes in a DOM
Critical
CVE-2022-39353
was published
for
@xmldom/xmldom
(npm)
Nov 1, 2022
Apache Flume vulnerable to remote code execution via deserialization of unsafe providerURL
Critical
CVE-2022-42468
was published
for
org.apache.flume.flume-ng-sources:flume-jms-source
(Maven)
Oct 26, 2022
Insufficient validation when decoding a Socket.IO packet
Critical
CVE-2022-2421
was published
for
socket.io-parser
(npm)
Oct 26, 2022
MySQL JDBC deserialization vulnerability
Critical
CVE-2022-39312
was published
for
io.dataease:dataease-plugin-common
(Maven)
Oct 18, 2022
ProTip!
Advisories are also available from the
GraphQL API