Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

78 advisories

Loading
HTTP Request Smuggling in ruby webrick High
CVE-2024-47220 was published for webrick (RubyGems) Sep 22, 2024
renatolond bermannoah
twisted.web has disordered HTTP pipeline response High
CVE-2024-41671 was published for twisted (pip) Jul 29, 2024
kenballus twm
adiroiban
Next.js Vulnerable to HTTP Request Smuggling High
CVE-2024-34350 was published for next (npm) May 9, 2024
elifoster-block
Request smuggling leading to endpoint restriction bypass in Gunicorn High
CVE-2024-1135 was published for gunicorn (pip) Apr 16, 2024
chasquid HTTP Request/Response Smuggling vulnerability High
CVE-2023-52354 was published for github.com/albertito/chasquid (Go) Jan 22, 2024
Apache Tomcat Improper Input Validation vulnerability High
CVE-2023-46589 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Nov 28, 2023
biehl1
Apache HTTP Server via mod_proxy_uwsgi HTTP response smuggling High
CVE-2023-27522 was published for uWSGI (pip) Mar 7, 2023
joshbressers
golang.org/x/net/http2/h2c vulnerable to request smuggling attack High
CVE-2022-41721 was published for golang.org/x/net (Go) Jan 14, 2023
Apache Tomcat may reject request containing invalid Content-Length header High
CVE-2022-42252 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Nov 1, 2022
sunSUNQ westonsteimel
ProTip! Advisories are also available from the GraphQL API