Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

16 advisories

Loading
Prototype Pollution in immer High
CVE-2020-28477 was published for immer (npm) Jan 20, 2021
levpachmanov
Prototype Pollution in immer High
CVE-2021-3757 was published for immer (npm) Sep 7, 2021
levpachmanov
Django vulnerable to Reflected File Download attack High
CVE-2022-36359 was published for Django (pip) Aug 11, 2022
sunSUNQ levpachmanov
hoek subject to prototype pollution via the clone function. High
CVE-2020-36604 was published for @hapi/hoek (npm) Sep 25, 2022
levpachmanov
fast-xml-parser vulnerable to Regex Injection via Doctype Entities High
CVE-2023-34104 was published for fast-xml-parser (npm) Jun 6, 2023
7085 levpachmanov
Excessive Iteration in gRPC High
CVE-2023-33953 was published for grpc (RubyGems) Aug 9, 2023
levpachmanov
Duplicate Advisory: FastAPI Content-Type Header ReDoS High
GHSA-qf9m-vfgh-m389 was published for fastapi (pip) Feb 5, 2024 withdrawn
nicecatch2000 huonw
garyd203 levpachmanov
Pytorch use-after-free vulnerability High
CVE-2024-31583 was published for torch (pip) Apr 17, 2024
levpachmanov
PyTorch heap buffer overflow vulnerability High
CVE-2024-31580 was published for torch (pip) Apr 17, 2024
levpachmanov
DNSJava DNSSEC Bypass High
CVE-2024-25638 was published for dnsjava:dnsjava (Maven) Jul 22, 2024
bellebaum schanzen
milux levpachmanov
DNSJava affected by KeyTrap - NSEC3 closest encloser proof can exhaust CPU resources High
GHSA-mmwx-rj87-vfgr was published for dnsjava:dnsjava (Maven) Jul 22, 2024
levpachmanov amita-seal
DNSJava vulnerable to KeyTrap - Denial-of-Service Algorithmic Complexity Attacks High
GHSA-crjg-w57m-rqqf was published for dnsjava:dnsjava (Maven) Jul 22, 2024
levpachmanov amita-seal
Server-Side Request Forgery in axios High
CVE-2024-39338 was published for axios (npm) Aug 12, 2024
levpachmanov
ProTip! Advisories are also available from the GraphQL API