Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

12 advisories

Loading
Critical severity vulnerability that affects org.eclipse.jetty:jetty-server Critical
CVE-2017-7657 was published for org.eclipse.jetty:jetty-server (Maven) Oct 19, 2018
Integer Overflow or Wraparound in Google TensorFlow Critical
CVE-2018-7575 was published for tensorflow (pip) Apr 30, 2019
Overflow in libsecp256k1 Critical
CVE-2021-38195 was published for libsecp256k1 (Rust) Aug 25, 2021
Integer overflow in Pillow Critical
CVE-2020-5310 was published for pillow (pip) Nov 3, 2021
Buffer overrun in CGI.escape_html Critical
CVE-2021-41816 was published for cgi (RubyGems) Dec 14, 2021
kir-b
Mercurial mishandles integer addition and subtraction Critical
CVE-2018-13347 was published for mercurial (pip) May 13, 2022
lz4-sys vulnerable to memory corruption via issue in liblz4 Critical
GHSA-9q5j-jm53-v7vr was published for lz4-sys (Rust) Sep 1, 2022
Integer overflow in publify_core Critical
CVE-2022-1812 was published for publify_core (RubyGems) Jan 14, 2023
Buffer overflow in sponge queue functions Critical
CVE-2022-37454 was published for pysha3 (RubyGems) Apr 26, 2023
transpose: Buffer overflow due to integer overflow Critical
GHSA-5gmm-6m36-r7jh was published for transpose (Rust) Apr 5, 2024
Fiona affected by CVE-2023-45853 related to MiniZip madler-zlib Critical
GHSA-q5fm-55c2-v6j9 was published for fiona (pip) Jul 16, 2024
sgillies
ProTip! Advisories are also available from the GraphQL API