Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

98 advisories

Loading
Denial of Service in jquery High
CVE-2016-10707 was published for jQuery (RubyGems) Jan 22, 2018
Keycloak vulnerable to uncontrolled resource consumption High
CVE-2014-3651 was published for org.keycloak:keycloak-core (Maven) Oct 18, 2018
Apache Qpid Broker-J vulnerable to Denial of Service (DoS) via uncontrolled resource consumption High
CVE-2017-15701 was published for org.apache.qpid:qpid-broker (Maven) Oct 19, 2018
High severity vulnerability that affects com.typesafe.akka:akka-http-core_2.11 and com.typesafe.akka:akka-http-core_2.12 High
CVE-2018-16131 was published for com.typesafe.akka:akka-http-core_2.11 (Maven) Oct 22, 2018
Uncontrolled Resource Consumption in spray-json High
CVE-2018-18854 was published for io.spray:spray-json_2.10 (Maven) Nov 9, 2018
Uncontrolled Resource Consumption in spray-json when parsing decimal digit fields High
CVE-2018-18853 was published for io.spray:spray-json_2.10 (Maven) Nov 9, 2018
Uncontrolled Resource Consumption in org.eclipse.jetty:jetty-server High
CVE-2018-12545 was published for org.eclipse.jetty:jetty-server (Maven) Mar 28, 2019
Apache Tomcat Denial of Service vulnerability High
CVE-2019-0199 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Jun 15, 2020
Denial of service in Apache Xerces2 High
CVE-2012-0881 was published for xerces:xercesImpl (Maven) Jun 15, 2020
Denial of Service in Netty High
CVE-2020-11612 was published for io.netty:netty-handler (Maven) Jun 15, 2020
Unbounded connection acceptance leads to file handle exhaustion High
CVE-2021-21293 was published for org.http4s:blaze-core_2.11 (Maven) Feb 2, 2021
Unbounded connection acceptance in http4s-blaze-server High
CVE-2021-21294 was published for org.http4s:http4s-blaze-server_2.12 (Maven) Feb 2, 2021
Uncontrolled Resource Consumption in Apache Thrift High
CVE-2020-13949 was published for org.apache.thrift:libthrift (Maven) Mar 12, 2021
XStream can cause a Denial of Service. High
CVE-2021-21341 was published for com.thoughtworks.xstream:xstream (Maven) Mar 22, 2021
Jetty vulnerable to incorrect handling of invalid large TLS frame, exhausting CPU resources High
CVE-2021-28165 was published for org.eclipse.jetty:jetty-server (Maven) Apr 6, 2021
Regular expression denial of service (ReDoS) in EmailField component in Vaadin 14 and 15-17 High
CVE-2021-31405 was published for com.vaadin:vaadin-bom (Maven) Apr 19, 2021
Regular expression denial of service (ReDoS) in EmailValidator class in Vaadin 7 High
CVE-2020-36320 was published for com.vaadin:vaadin-bom (Maven) Apr 19, 2021
SunBK201
Regular expression denial of service (ReDoS) in EmailField component in Vaadin 14 and 15-17 High
GHSA-crh4-294p-vcfq was published for com.vaadin:vaadin-text-field-flow (Maven) Apr 19, 2021
Regular expression Denial of Service (ReDoS) in EmailValidator class in V7 compatibility module in Vaadin 8 High
CVE-2021-31409 was published for com.vaadin:vaadin-compatibility-server (Maven) May 4, 2021
StefanPenndorf
Authorization service vulnerable to DDos attacks in Apache CFX High
CVE-2021-22696 was published for org.apache.cxf:apache-cxf (Maven) May 13, 2021
Uncontrolled Resource Consumption in Apache OpenMeetings server High
CVE-2021-27576 was published for org.apache.openmeetings:openmeetings-parent (Maven) Jun 16, 2021
Resource Exhaustion in Spring Security High
CVE-2021-22119 was published for org.springframework.security:spring-security-core (Maven) Jul 2, 2021
Bzip2Decoder doesn't allow setting size restrictions for decompressed data High
CVE-2021-37136 was published for io.netty:netty (Maven) Sep 9, 2021
orvdoo westonsteimel
SnappyFrameDecoder doesn't restrict chunk length any may buffer skippable chunks in an unnecessary way High
CVE-2021-37137 was published for io.netty:netty (Maven) Sep 9, 2021
orvdoo westonsteimel
Infinite loop in Apache CFX High
CVE-2021-30468 was published for org.apache.cxf:apache-cxf (Maven) Jan 6, 2022
ProTip! Advisories are also available from the GraphQL API