GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
418 advisories
Duplicate Advisory: WildFly Elytron OpenID Connect Client Extension authorization code injection attack
Moderate
GHSA-4v5x-9m47-cqr2
was published
for
org.wildfly:wildfly-elytron-oidc-client-subsystem
(Maven)
Dec 9, 2024
•
withdrawn
sigstore-java has vulnerability with bundle verification
Moderate
CVE-2024-53267
was published
for
dev.sigstore:sigstore-java
(Maven)
Nov 26, 2024
OpenStack Neutron can use an incorrect ID during policy enforcement
Moderate
CVE-2024-53916
was published
for
neutron
(pip)
Nov 25, 2024
Laravel Reverb Missing API Signature Verification
High
CVE-2024-50347
was published
for
laravel/reverb
(Composer)
Oct 31, 2024
Gradio lacks integrity checking on the downloaded FRP client
High
CVE-2024-47867
was published
for
gradio
(pip)
Oct 10, 2024
HTTP client can manipulate custom HTTP headers that are added by Traefik
Critical
CVE-2024-45410
was published
for
github.com/traefik/traefik
(Go)
Sep 19, 2024
ProTip!
Advisories are also available from the
GraphQL API