GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
19 advisories
XWiki Platform may retrieve email addresses of all users
High
CVE-2023-34467
was published
for
org.xwiki.platform:xwiki-platform-livetable-ui
(Maven)
Jun 20, 2023
Temporary Directory Hijacking to Local Privilege Escalation Vulnerability in org.springframework.boot:spring-boot
High
CVE-2022-27772
was published
for
org.springframework.boot:spring-boot
(Maven)
Jul 11, 2022
Improper Privilege Management in Spring Framework
High
CVE-2021-22118
was published
for
org.springframework:spring-web
(Maven)
May 24, 2022
Arbitrary filesystem write access from velocity.
High
CVE-2022-24897
was published
for
org.xwiki.commons:xwiki-commons-velocity
(Maven)
Apr 28, 2022
pgjdbc Does Not Check Class Instantiation when providing Plugin Classes
High
CVE-2022-21724
was published
for
org.postgresql:postgresql
(Maven)
Feb 2, 2022
Agent-to-controller security bypass in Jenkins Debian Package Builder Plugin
High
CVE-2022-23118
was published
for
ru.yandex.jenkins.plugins.debuilder:debian-package-builder
(Maven)
Jan 13, 2022
ProTip!
Advisories are also available from the
GraphQL API