Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

4 advisories

Loading
Crossplane-runtime contains Improper Input Validation via Compositions Moderate
CVE-2023-27484 was published for github.com/crossplane/crossplane (Go) Mar 10, 2023
phisco AdamKorcz
DavidKorczynski
fieldpath's Paved.SetValue allows growing arrays up to arbitrary sizes in crossplane-runtime Moderate
CVE-2023-27483 was published for github.com/crossplane/crossplane-runtime (Go) Mar 13, 2023
phisco AdamKorcz
DavidKorczynski
Possible image tampering from missing image validation for Packages High
CVE-2023-38495 was published for github.com/crossplane/crossplane (Go) Jul 28, 2023
AdamKorcz DavidKorczynski
phisco
Denial of service from large image Low
CVE-2023-37900 was published for github.com/crossplane/crossplane (Go) Jul 28, 2023
AdamKorcz DavidKorczynski
phisco
ProTip! Advisories are also available from the GraphQL API