GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
89 advisories
JRuby-OpenSSL has hostname verification disabled by default
Moderate
CVE-2025-46551
was published
for
org.jruby:jruby
(Maven)
May 7, 2025
Snowflake Connector .NET does not properly check the Certificate Revocation List (CRL)
Moderate
CVE-2023-51662
was published
for
Snowflake.Data
(NuGet)
Dec 22, 2023
Withdrawn Advisory: Netty-handler does not validate host names by default
Moderate
CVE-2023-4586
was published
for
io.netty:netty-handler
(Maven)
Oct 4, 2023
•
withdrawn
Apache Airflow missing Certificate Validation
Moderate
CVE-2023-39441
was published
for
apache-airflow
(pip)
Aug 23, 2023
Bouncy Castle For Java LDAP injection vulnerability
Moderate
CVE-2023-33201
was published
for
org.bouncycastle:bcprov-debug-jdk14
(Maven)
Jul 5, 2023
Jenkins NS-ND Integration Performance Publisher Plugin disables SSL/TLS certificate validation globally and unconditionally
Moderate
CVE-2022-45391
was published
for
io.jenkins.plugins:cavisson-ns-nd-integration
(Maven)
Nov 16, 2022
SSL/TLS certificate validation unconditionally disabled by Jenkins NS-ND Integration Performance Publisher Plugin
Moderate
CVE-2022-38666
was published
for
org.jenkins-ci.main:cavisson-ns-nd-integration
(Maven)
Nov 16, 2022
ProTip!
Advisories are also available from the
GraphQL API