Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,902
Maven
5,000+
npm
3,631
NuGet
638
pip
3,246
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

81 advisories

Loading
Moderate severity vulnerability that affects org.apache.ignite:ignite-core Moderate
CVE-2016-6805 was published for org.apache.ignite:ignite-core (Maven) Oct 16, 2018
Apache Camel XML External Entity vulnerability Moderate
CVE-2015-0263 was published for org.apache.camel:camel-core (Maven) Oct 16, 2018
sunSUNQ
Moderate severity vulnerability that affects io.vertx:vertx-core Moderate
CVE-2018-12544 was published for io.vertx:vertx-core (Maven) Oct 17, 2018
MarkLee131
XML external entity expansion in org.apache.solr:solr-core Moderate
CVE-2018-8026 was published for org.apache.solr:solr-core (Maven) Oct 17, 2018
MarkLee131
There is a XML external entity expansion (XXE) vulnerability in Apache Solr config files Moderate
CVE-2018-8010 was published for org.apache.solr:solr-core (Maven) Oct 17, 2018
MarkLee131
Moderate severity vulnerability that affects com.puppycrawl.tools:checkstyle Moderate
CVE-2019-9658 was published for com.puppycrawl.tools:checkstyle (Maven) Mar 14, 2019
Information disclosure through processing of external XML entities Moderate
CVE-2019-8126 was published for magento/community-edition (Composer) Nov 12, 2019
Apache NiFi information disclosure by XXE Moderate
CVE-2019-10080 was published for org.apache.nifi:nifi (Maven) Dec 2, 2019
XML external entity (XXE) processing ('external-parameter-entities' feature was not fully disabled)) Moderate
CVE-2019-10782 was published for com.puppycrawl.tools:checkstyle (Maven) Jan 31, 2020
JLLeitschuh
Improper Restriction of XML External Entity Reference in Apache Olingo Moderate
CVE-2019-17554 was published for org.apache.olingo:odata-client-core (Maven) Feb 4, 2020
Authenticated XML External Entity Processing Moderate
GHSA-8xv9-qcr9-ww9j was published for shopware/core (Composer) Oct 19, 2020
dahua966
Nokogiri::XML::Schema trusts input by default, exposing risk of XXE vulnerability Moderate
CVE-2020-26247 was published for nokogiri (RubyGems) Dec 30, 2020
eric-therond
XXE vulnerability in Jenkins Selenium HTML report Plugin Moderate
CVE-2021-21672 was published for org.jenkins-ci.plugins:seleniumhtmlreport (Maven) Jul 2, 2021
NotMyFault
XML External Entity Reference in Glances Moderate
CVE-2021-23418 was published for Glances (pip) Aug 9, 2021
XML External Entity Reference in org.opencms:opencms-core Moderate
CVE-2021-3312 was published for org.opencms:opencms-core (Maven) Oct 12, 2021
Improper Restriction of XML External Entity Reference in Apache NiFi Moderate
CVE-2020-13940 was published for org.apache.nifi:nifi (Maven) Jan 6, 2022
XML External Entity Reference in edu.stanford.nlp:stanford-corenlp Moderate
CVE-2022-0198 was published for edu.stanford.nlp:stanford-corenlp (Maven) Jan 14, 2022
Improper Restriction of XML External Entity Reference in skylot/jadx Moderate
CVE-2022-0219 was published for io.github.skylot:jadx-core (Maven) Jan 21, 2022
Haxatron
Improper Restriction of XML External Entity Reference in trytond and proteus Moderate
CVE-2022-26661 was published for proteus (pip) Mar 11, 2022
XML External Entities Vulnerability in CVRF-CSAF-Converter Moderate
CVE-2022-27193 was published for cvrf2csaf (pip) Mar 16, 2022
Improper Restriction of XML External Entity Reference in wutka jox Moderate
CVE-2021-43142 was published for com.wutka:jox (Maven) Apr 1, 2022
Arbitrary file access through XML parsing in org.xwiki.commons:xwiki-commons-xml Moderate
CVE-2022-24898 was published for org.xwiki.commons:xwiki-commons-xml (Maven) Apr 28, 2022
Improper Restriction of XML External Entity Reference in Castor Moderate
CVE-2014-3004 was published for org.codehaus.castor:castor (Maven) May 13, 2022
Moodle Arbitrary File Read via XML External Entity vulnerability Moderate
CVE-2014-3543 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
Apache POI's XLSX2CSV Example XML External Entity (XXE) Vulnerability Moderate
CVE-2016-5000 was published for org.apache.poi:poi-examples (Maven) May 13, 2022
ProTip! Advisories are also available from the GraphQL API