Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

29 advisories

Loading
Missing hostname validation in Kroxylicious Moderate
CVE-2024-8285 was published for io.kroxylicious:kroxylicious-runtime (Maven) Aug 31, 2024
casdoor's use of`ssh.InsecureIgnoreHostKey()` disables host key verification Moderate
CVE-2024-41264 was published for github.com/casdoor/casdoor (Go) Aug 1, 2024
Allow attackers to intercept or falsify data exchanges between the client and the server Unknown Unreviewed
CVE-2024-2462 was published Jun 11, 2024
ZITADEL's Improper Lockout Mechanism Leads to MFA Bypass High
CVE-2024-32868 was published for github.com/zitadel/zitadel (Go) Apr 25, 2024
livio-a Skelmis
itz-d0dgy amit-laish muhlemmer peintnermax
Missing hostname validation in Jenkins View26 Test-Reporting Plugin Moderate
CVE-2022-41244 was published for org.jenkins-ci.plugins:view26 (Maven) Sep 22, 2022
NotMyFault
Jenkins SmallTest Plugin missing hostname validation Moderate
CVE-2022-41243 was published for com.smalltest:smalltest (Maven) Sep 22, 2022
NotMyFault
Improper Validation of Certificate with Host Mismatch in Not Yet Commons SSL Moderate
CVE-2014-3604 was published for ca.juliusdavies:not-yet-commons-ssl (Maven) May 14, 2022
Improper Validation of Certificate with Host Mismatch in Shibboleth Identity Provider and OpenSAML Java Moderate
CVE-2014-3603 was published for edu.internet2.middleware:shibboleth-identityprovider (Maven) May 14, 2022
Improper Certificate Validation and Improper Validation of Certificate with Host Mismatch in Keycloak Moderate
CVE-2020-1758 was published for org.keycloak:keycloak-parent (Maven) Feb 9, 2022
Improper Certificate Validation and Improper Validation of Certificate with Host Mismatch in Apache Sling Commons Messaging Mail High
CVE-2021-44549 was published for org.apache.sling:org.apache.sling.commons.messaging.mail (Maven) Dec 16, 2021
ProTip! Advisories are also available from the GraphQL API