Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

38 advisories

Loading
Kubernetes apimachinery packages vulnerable to unbounded recursion in JSON or YAML parsing High
GHSA-74fp-r6jw-h4mp was published for k8s.io/apimachinery (Go) Feb 8, 2023
Symfony XML Entity Expansion security vulnerability High
GHSA-q2gc-gg3x-7942 was published for symfony/symfony (Composer) May 30, 2024
symfony/translation XML Entity Expansion vulnerability High
GHSA-f75p-x5vm-83qp was published for symfony/translation (Composer) May 30, 2024
symfony/validator XML Entity Expansion vulnerability High
GHSA-4vf2-qfg3-7598 was published for symfony/validator (Composer) May 30, 2024
Zendframework Denial of Service vector via XEE injection High
GHSA-2jx7-xg83-j2m7 was published for zendframework/zendframework1 (Composer) Jun 7, 2024
ebookmeta XML External Entity vulnerability High
CVE-2024-36827 was published for ebookmeta (pip) Jun 7, 2024
ebookmeta XML External Entity vulnerability High
CVE-2024-37388 was published for ebookmeta (pip) Jun 7, 2024
REXML denial of service vulnerability High
CVE-2024-43398 was published for rexml (RubyGems) Aug 22, 2024
untangle vulnerable to XML Entity Expansion High
CVE-2022-33977 was published for untangle (pip) Aug 6, 2022
XML2Dict XML Entity Expansion Vulnerability High
CVE-2021-25951 was published for XML2Dict (pip) Jul 2, 2021
ProTip! Advisories are also available from the GraphQL API