GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
45 advisories
Filter by severity
Soot Infinite Loop vulnerability
High
CVE-2023-46442
was published
for
org.soot-oss:soot
(Maven)
May 24, 2024
Bouncy Castle crafted signature and public key can be used to trigger an infinite loop
Moderate
CVE-2024-30172
was published
for
BouncyCastle
(Maven)
May 14, 2024
Apache Commons Compress: Denial of service caused by an infinite loop for a corrupted DUMP file
High
CVE-2024-25710
was published
for
org.apache.commons:commons-compress
(Maven)
Feb 19, 2024
Liferay Portal denial-of-service vulnerability
Moderate
CVE-2024-25144
was published
for
com.liferay.portal:release.dxp.bom
(Maven)
Feb 8, 2024
IPAddress Infinite Loop vulnerability (Disputed)
Moderate
CVE-2023-50570
was published
for
com.github.seancfoley:ipaddress
(Maven)
Dec 29, 2023
•
withdrawn
hutool-core discovered to contain an infinite loop in the StrSplitter.splitByRegex function
High
CVE-2023-51075
was published
for
cn.hutool:hutool-core
(Maven)
Dec 27, 2023
Undertow denial of service vulnerability
High
CVE-2023-1108
was published
for
io.undertow:undertow-core
(Maven)
Sep 14, 2023
Loop with Unreachable Exit Condition in Apache Thrift
High
CVE-2019-0205
was published
for
org.apache.thrift:libthrift
(Maven)
May 24, 2022
Loop with Unreachable Exit Condition in Apache POI
Moderate
CVE-2014-9527
was published
for
org.apache.poi:poi
(Maven)
May 17, 2022
Improper Restriction of Operations within the Bounds of a Memory Buffer in Apache Tomcat
High
CVE-2016-6817
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
Loop with Unreachable Exit Condition in Apache PDFBox
Moderate
CVE-2018-8036
was published
for
org.apache.pdfbox:pdfbox
(Maven)
May 13, 2022
Infinite Loop in Jenkins Core
Moderate
CVE-2018-1999044
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 13, 2022
Loop with Unreachable Exit Condition in Jenkins
Moderate
CVE-2018-1000864
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 13, 2022
RubyGems Infinite Loop vulnerability
High
CVE-2018-1000075
was published
for
org.jruby:jruby-stdlib
(RubyGems)
May 13, 2022
Loop with Unreachable Exit Condition in Netty
High
CVE-2016-4970
was published
for
io.netty:netty-handler
(Maven)
May 13, 2022
Loop with Unreachable Exit Condition in Apache CXF
Moderate
CVE-2014-3584
was published
for
org.apache.cxf:cxf-rt-frontend-jaxrs
(Maven)
May 13, 2022
Infinite Loop in Apache Tomcat
High
CVE-2020-13935
was published
for
org.apache.tomcat:tomcat
(Maven)
Feb 8, 2022
Junrar vulnerable to infinite loop via extracting carefully crafted RAR archive
High
CVE-2022-23596
was published
for
com.github.junrar:junrar
(Maven)
Feb 1, 2022
Infinite Loop in Apache James
Moderate
CVE-2021-40111
was published
for
org.apache.james:james-server
(Maven)
Jan 8, 2022
Infinite loop in Apache CFX
High
CVE-2021-30468
was published
for
org.apache.cxf:apache-cxf
(Maven)
Jan 6, 2022
Infinite loop in Apache MINA
Moderate
CVE-2021-41973
was published
for
org.apache.mina:mina-core
(Maven)
Nov 3, 2021
Infinite loop in Tomcat due to parsing error
High
CVE-2021-41079
was published
for
org.apache.tomcat:tomcat
(Maven)
Sep 20, 2021
Improper Handling of Missing Values in kaml
Moderate
CVE-2021-39194
was published
for
com.charleskorn.kaml:kaml
(Maven)
Sep 7, 2021
XStream can cause a Denial of Service
Moderate
CVE-2021-39140
was published
for
com.thoughtworks.xstream:xstream
(Maven)
Aug 25, 2021
Uncaught Exception in jsoup
High
CVE-2021-37714
was published
for
org.jsoup:jsoup
(Maven)
Aug 23, 2021
ProTip!
Advisories are also available from the
GraphQL API