GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
367 advisories
Denial of service (DoS) via deformation `multipart/form-data` boundary
High
CVE-2024-53981
was published
for
python-multipart
(pip)
Dec 2, 2024
Tornado has an HTTP cookie parsing DoS vulnerability
High
CVE-2024-52804
was published
for
tornado
(pip)
Nov 22, 2024
Litestar allows unbounded resource consumption (DoS vulnerability)
High
CVE-2024-52581
was published
for
litestar
(pip)
Nov 20, 2024
Regular Expression Denial of Service (ReDoS) in @eslint/plugin-kit
Low
CVE-2024-21539
was published
for
@eslint/plugin-kit
(npm)
Nov 15, 2024
zlib-rs stack overflow during decompression with malicious input
Moderate
GHSA-j3px-q95c-9683
was published
for
libz-rs-sys
(Rust)
Nov 14, 2024
Starlette Denial of service (DoS) via multipart/form-data
High
CVE-2024-47874
was published
for
starlette
(pip)
Oct 15, 2024
Eclipse Jetty's ThreadLimitHandler.getRemote() vulnerable to remote DoS attacks
Moderate
CVE-2024-8184
was published
for
org.eclipse.jetty:jetty-server
(Maven)
Oct 14, 2024
async-graphql Directive Overload
High
CVE-2024-47614
was published
for
async-graphql
(Rust)
Oct 3, 2024
Miniscript allows stack consumption
Moderate
CVE-2024-44073
was published
for
miniscript
(Rust)
Aug 19, 2024
Russh has an OOM Denial of Service due to allocation of untrusted amount
High
CVE-2024-43410
was published
for
russh
(Rust)
Aug 14, 2024
ProTip!
Advisories are also available from the
GraphQL API