GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
160 advisories
openapi-python-client Arbitrary Code Generation vulnerability
High
CVE-2020-15142
was published
for
openapi-python-client
(pip)
Aug 20, 2020
Information Exposure in Netty
High
CVE-2015-2156
was published
for
io.netty:netty
(Maven)
Jun 30, 2020
Deserialization of Untrusted Data in jackson-databind
Critical
CVE-2020-8840
was published
for
com.fasterxml.jackson.core:jackson-databind
(Maven)
Mar 4, 2020
Deserialization of Untrusted Data in jackson-databind
Critical
CVE-2019-20330
was published
for
com.fasterxml.jackson.core:jackson-databind
(Maven)
Mar 4, 2020
HTTP Request Smuggling in Netty
Critical
CVE-2019-20444
was published
for
io.netty:netty
(Maven)
Feb 21, 2020
HTTP Request Smuggling in Netty
Moderate
CVE-2019-20445
was published
for
io.netty:netty
(Maven)
Feb 21, 2020
HTTP Request Smuggling in Netty
High
CVE-2019-16869
was published
for
io.netty:netty-all
(Maven)
Oct 11, 2019
Pyspark User Impersonation Vulnerability
Moderate
CVE-2018-11760
was published
for
pyspark
(pip)
Feb 7, 2019
Jetty vulnerable to authorization bypass due to inconsistent HTTP request handling (HTTP Request Smuggling)
Critical
CVE-2017-7658
was published
for
org.eclipse.jetty:jetty-server
(Maven)
Oct 19, 2018
Jetty vulnerable to exposure of sensitive information due to observable discrepancy
High
CVE-2017-9735
was published
for
org.eclipse.jetty:jetty-server
(Maven)
Oct 19, 2018
ProTip!
Advisories are also available from the
GraphQL API