Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

13 advisories

Loading
Discovery uses the same AES/GCM Nonce throughout the session Low
GHSA-w3hj-wr2q-x83g was published for tech.pegasys.discovery:discovery (Maven) Apr 6, 2021
asanso
Inbound TCP Agent Protocol/3 authentication bypass in Jenkins High
CVE-2020-2099 was published for org.jenkins-ci.main:jenkins-core (Maven) May 24, 2022
NotMyFault
Withdrawn: SFTPGo's JWT implmentation lacks certain security measures Moderate
CVE-2024-40430 was published for github.com/drakkan/sftpgo/v2 (Go) Jul 22, 2024 withdrawn
drakkan
PheonixAppAPI has visible Encoding Maps Moderate
CVE-2024-41951 was published for PheonixAppAPI (pip) Jul 31, 2024
AkshuDev
HashiCorp Vault Improper Input Validation vulnerability Moderate
CVE-2023-4680 was published for github.com/hashicorp/vault (Go) Sep 15, 2023
cocoon Reuses a Nonce, Key Pair in Encryption Moderate
CVE-2024-21530 was published for cocoon (Rust) Oct 2, 2024
ProTip! Advisories are also available from the GraphQL API