GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
9 advisories
BoringSSLAEADContext in Netty Repeats Nonces
Moderate
CVE-2024-36121
was published
for
io.netty.incubator:netty-incubator-codec-ohttp
(Maven)
Jun 5, 2024
HTTP/2 HPACK integer overflow and buffer allocation
High
CVE-2023-36478
was published
for
org.eclipse.jetty.http2:http2-hpack
(Maven)
Oct 10, 2023
snappy-java's Integer Overflow vulnerability in compress leads to DoS
Moderate
CVE-2023-34454
was published
for
org.xerial.snappy:snappy-java
(Maven)
Jun 15, 2023
snappy-java's Integer Overflow vulnerability in shuffle leads to DoS
Moderate
CVE-2023-34453
was published
for
org.xerial.snappy:snappy-java
(Maven)
Jun 15, 2023
Mapbox is vulnerable to Integer Overflow
High
CVE-2022-38216
was published
for
com.mapbox.mapboxsdk:mapbox-android-core
(Maven)
Aug 17, 2022
Integer overflow in BCrypt class in Spring Security
Moderate
CVE-2022-22976
was published
for
org.springframework.security:spring-security-core
(Maven)
May 20, 2022
Integer Overflow or Wraparound in Apache Tomcat
Moderate
CVE-2014-0075
was published
for
org.apache.tomcat:tomcat
(Maven)
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API