GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
45 advisories
Filter by severity
Junrar vulnerable to Infinite Loop
Moderate
CVE-2018-12418
was published
for
com.github.junrar:junrar
(Maven)
Oct 17, 2018
org.apache.tika:tika-parsers has an Infinite Loop vulnerability
Moderate
CVE-2018-1339
was published
for
org.apache.tika:tika-parsers
(Maven)
Oct 17, 2018
Comparison errorr in org.apache.tika:tika-core
Moderate
CVE-2018-8017
was published
for
org.apache.tika:tika-core
(Maven)
Oct 17, 2018
Moderate severity vulnerability that affects org.apache.tika:tika-core
Moderate
CVE-2018-1338
was published
for
org.apache.tika:tika-core
(Maven)
Oct 17, 2018
Moderate severity vulnerability that affects org.keycloak:keycloak-core
Moderate
CVE-2018-10912
was published
for
org.keycloak:keycloak-core
(Maven)
Oct 18, 2018
Moderate severity vulnerability that affects org.apache.commons:commons-compress
Moderate
CVE-2018-11771
was published
for
org.apache.commons:commons-compress
(Maven)
Oct 19, 2018
Moderate severity vulnerability that affects io.undertow:undertow-core
Moderate
CVE-2017-2670
was published
for
io.undertow:undertow-core
(Maven)
Oct 19, 2018
Apache Tika Denial of Service due to Infinite Loop in Tika's SQLite3Parser
Moderate
CVE-2018-17197
was published
for
org.apache.tika:tika-parsers
(Maven)
Dec 26, 2018
Apache Commons Compress vulnerable to denial of service due to infinite loop
Moderate
CVE-2018-1324
was published
for
com.liferay:com.liferay.portal.tools.bundle.support
(Maven)
Mar 14, 2019
Missing Release of Memory after Effective Lifetime in Apache Tika
Moderate
CVE-2020-9489
was published
for
org.apache.tika:tika
(Maven)
May 7, 2021
Infinite Loop in Apache Tika
Moderate
CVE-2020-1951
was published
for
org.apache.tika:tika
(Maven)
May 7, 2021
Infinite loop in Apache Tika
Moderate
CVE-2021-28657
was published
for
org.apache.tika:tika
(Maven)
May 10, 2021
Use of "infinity" as an input to datetime and date fields causes infinite loop in pydantic
Moderate
CVE-2021-29510
was published
for
pydantic
(pip)
May 13, 2021
golang.org/x/text Infinite loop
Moderate
CVE-2020-14040
was published
for
golang.org/x/text
(Go)
May 18, 2021
Infinite Loop in Apache PDFBox
Moderate
CVE-2021-31812
was published
for
org.apache.pdfbox:pdfbox
(Maven)
Jun 15, 2021
XStream can cause a Denial of Service
Moderate
CVE-2021-39140
was published
for
com.thoughtworks.xstream:xstream
(Maven)
Aug 25, 2021
Improper Handling of Missing Values in kaml
Moderate
CVE-2021-39194
was published
for
com.charleskorn.kaml:kaml
(Maven)
Sep 7, 2021
Infinite loop in Apache MINA
Moderate
CVE-2021-41973
was published
for
org.apache.mina:mina-core
(Maven)
Nov 3, 2021
Infinite certificate chain depth results in OctoRPKI running forever
Moderate
CVE-2021-3908
was published
for
github.com/cloudflare/cfrpki
(Go)
Nov 10, 2021
Infinite Loop in Apache James
Moderate
CVE-2021-40111
was published
for
org.apache.james:james-server
(Maven)
Jan 8, 2022
Denial of Service in docker2aci
Moderate
CVE-2016-8579
was published
for
github.com/appc/docker2aci
(Go)
Feb 15, 2022
Manipulated inline images can cause Infinite Loop in PyPDF2
Moderate
CVE-2022-24859
was published
for
PyPDF2
(pip)
Apr 22, 2022
Loop with Unreachable Exit Condition in Apache CXF
Moderate
CVE-2014-3584
was published
for
org.apache.cxf:cxf-rt-frontend-jaxrs
(Maven)
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API