Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

63 advisories

Loading
XML External Entity Reference in mchange:c3p0 Critical
CVE-2018-20433 was published for com.mchange:c3p0 (Maven) Jan 7, 2019
XML External Entity Reference (XXE) in jackson-databind Critical
CVE-2018-14720 was published for com.fasterxml.jackson.core:jackson-databind (Maven) Jan 4, 2019
G-Rath
XML External Entity (XXE) vulnerability in Square Retrofit Critical
CVE-2018-1000844 was published for com.squareup.retrofit2:retrofit (Maven) Dec 21, 2018
XML External Entity (XXE) vulnerability in bw-calendar-engine Critical
CVE-2018-1000836 was published for org.bedework.caleng:bw-calendar-engine (Maven) Dec 20, 2018
exist-db:exist-core XML External Entity (XXE) vulnerability Critical
CVE-2018-1000823 was published for org.exist-db:exist-core (Maven) Dec 20, 2018
XML External Entity (XXE) vulnerability in codelibs fess Critical
CVE-2018-1000822 was published for org.codelibs.fess:fess (Maven) Dec 20, 2018
XML External Entity (XXE) vulnerability in neo4j.procedure:apoc Critical
CVE-2018-1000820 was published for org.neo4j.procedure:apoc (Maven) Dec 20, 2018
Improper Restriction of XML External Entity Reference in pippo-core Critical
CVE-2018-20059 was published for ro.pippo:pippo-core (Maven) Dec 19, 2018
MarkLee131
Eclipse RDF4j vulnerable to XML External Entitiy Critical
CVE-2018-1000644 was published for org.eclipse.rdf4j:rdf4j-runtime (Maven) Oct 19, 2018
jackson-dataformat-xml vulnerable to XML external entity (XXE) Critical
CVE-2016-3720 was published for com.fasterxml.jackson.dataformat:jackson-dataformat-xml (Maven) Oct 18, 2018
Remote code execution occurs in Apache Solr Critical
CVE-2017-12629 was published for org.apache.solr:solr-core (Maven) Oct 17, 2018
MarkLee131
JavaMelody has XXE via parseSoapMethodName in bull/javamelody/PayloadNameRequestWrapper.java. Critical
CVE-2018-15531 was published for net.bull.javamelody:javamelody-core (Maven) Oct 17, 2018
Apache is vulnerable to XXE in XSD validation processor Critical
CVE-2018-8027 was published for org.apache.camel:camel-core (Maven) Oct 16, 2018
sunSUNQ
ProTip! Advisories are also available from the GraphQL API