Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

7 advisories

Loading
Critical security issues in XML encoding in github.com/dexidp/dex Critical
CVE-2020-26290 was published for github.com/dexidp/dex (Go) Dec 20, 2021
jupenur ericchiang
justaugustus sagikazarmark
github.com/russellhaering/goxmldsig vulnerable to Signature Validation Bypass Moderate
CVE-2020-15216 was published for github.com/russellhaering/goxmldsig (Go) May 24, 2021
jupenur
Authentication Bypass in github.com/russellhaering/gosaml2 Critical
CVE-2020-29509 was published for github.com/russellhaering/gosaml2 (Go) Feb 11, 2022
jupenur
Denial of Service in graphql-go Moderate
CVE-2022-21708 was published for github.com/graph-gophers/graphql-go (Go) Jan 27, 2022
jupenur
Auth bypass in SAML provider Critical
GHSA-433w-mm6h-rv9p was published for github.com/netlify/gotrue (Go) Jun 23, 2021
jupenur
Signature Validation Bypass Critical
GHSA-rrfw-hg9m-j47h was published for github.com/russellhaering/goxmldsig (Go) May 24, 2021
jupenur russellhaering
Signature Validation Bypass Critical
GHSA-5684-g483-2249 was published for github.com/russellhaering/gosaml2 (Go) May 24, 2021
jupenur
ProTip! Advisories are also available from the GraphQL API