Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

45 advisories

Loading
Predictable results in nanoid generation when given non-integer values Moderate
CVE-2024-55565 was published for nanoid (npm) Dec 9, 2024
krassowski katzj
CrzyHAX91
Infinite loop in github.com/gomarkdown/markdown Moderate
CVE-2024-44337 was published for github.com/gomarkdown/markdown (Go) Oct 15, 2024
Bouncy Castle crafted signature and public key can be used to trigger an infinite loop Moderate
CVE-2024-30172 was published for BouncyCastle (Maven) May 14, 2024
levpachmanov amita-seal
Vitess vulnerable to infinite memory consumption and vtgate crash Moderate
CVE-2024-32886 was published for github.com/vitessio/vitess (Go) May 8, 2024
dbussink mattrobenolt
vmg
Golang protojson.Unmarshal function infinite loop when unmarshaling certain forms of invalid JSON Moderate
CVE-2024-24786 was published for google.golang.org/protobuf (Go) Mar 6, 2024
oscerd chancez
Liferay Portal denial-of-service vulnerability Moderate
CVE-2024-25144 was published for com.liferay.portal:release.dxp.bom (Maven) Feb 8, 2024
IPAddress Infinite Loop vulnerability (Disputed) Moderate
CVE-2023-50570 was published for com.github.seancfoley:ipaddress (Maven) Dec 29, 2023 withdrawn
mike-jumper
Possible Infinite Loop when PdfWriter(clone_from) is used with a PDF Moderate
CVE-2023-46250 was published for pypdf (pip) Oct 31, 2023
Alexhuszagh
OpenFGA Vulnerable to DoS from circular relationship definitions Moderate
CVE-2023-43645 was published for github.com/openfga/openfga (Go) Sep 28, 2023
PyPDF2 vulnerable to possible Infinite Loop when reading malformed objects Moderate
CVE-2023-36807 was published for PyPDF2 (pip) Jun 30, 2023
MartinThoma
pypdf and PyPDF2 possible Infinite Loop when a comment isn't followed by a character Moderate
CVE-2023-36464 was published for PyPDF2 (pip) Jun 30, 2023
exiledkingcc
OpenFGA vulnerable to denial of service due to circular relationship Moderate
CVE-2023-35933 was published for github.com/openfga/openfga (Go) Jun 28, 2023
phpseclib Infinite Loop vulnerability Moderate
CVE-2023-27560 was published for phpseclib/phpseclib (Composer) Mar 3, 2023
janedbal
DoS vulnerability in MaliciousCode filter Moderate
CVE-2023-23617 was published for openmage/magento-lts (Composer) Jan 27, 2023
kamadak-exif vulnerable to Infinite loop when parsing PNG files Moderate
CVE-2021-21235 was published for kamadak-exif (Rust) Oct 6, 2022
Designate does not enforce the DNS protocol limit concerning record set sizes Moderate
CVE-2015-5694 was published for designate (pip) May 24, 2022
Loop with Unreachable Exit Condition in Apache POI Moderate
CVE-2014-9527 was published for org.apache.poi:poi (Maven) May 17, 2022
Loop with Unreachable Exit Condition in Apache PDFBox Moderate
CVE-2018-8036 was published for org.apache.pdfbox:pdfbox (Maven) May 13, 2022
Infinite Loop in Jenkins Core Moderate
CVE-2018-1999044 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
Loop with Unreachable Exit Condition in Jenkins Moderate
CVE-2018-1000864 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
Loop with Unreachable Exit Condition in Apache CXF Moderate
CVE-2014-3584 was published for org.apache.cxf:cxf-rt-frontend-jaxrs (Maven) May 13, 2022
sunSUNQ SunBK201
Manipulated inline images can cause Infinite Loop in PyPDF2 Moderate
CVE-2022-24859 was published for PyPDF2 (pip) Apr 22, 2022
Denial of Service in docker2aci Moderate
CVE-2016-8579 was published for github.com/appc/docker2aci (Go) Feb 15, 2022
Infinite Loop in Apache James Moderate
CVE-2021-40111 was published for org.apache.james:james-server (Maven) Jan 8, 2022
Infinite certificate chain depth results in OctoRPKI running forever Moderate
CVE-2021-3908 was published for github.com/cloudflare/cfrpki (Go) Nov 10, 2021
andrewpollock
ProTip! Advisories are also available from the GraphQL API