Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

12 advisories

Loading
Information disclosure of source code in SimpleSAMLphp Low
CVE-2020-5301 was published for simplesamlphp/simplesamlphp (Composer) Apr 22, 2020
slawn
Redirect URL matching ignores character casing Moderate
CVE-2020-15234 was published for github.com/ory/fosite (Go) May 24, 2021
mitar
Authorization Policy Bypass Due to Case Insensitive Host Comparison High
CVE-2021-39155 was published for istio.io/istio (Go) Aug 30, 2021
yangminzhu avivdolev
tdunlap607
@npmcli/arborist vulnerable to UNIX Symbolic Link (Symlink) Following High
CVE-2021-39134 was published for @npmcli/arborist (npm) Aug 31, 2021
ginkoid chen-robert
Improper handling of case sensitivity in Spring Framework High
CVE-2022-22968 was published for org.springframework:spring-context (Maven) Apr 15, 2022
tdunlap607 amita-seal
SunBK201
Privilege escalation in MOSN Critical
CVE-2021-32163 was published for mosn.io/mosn (Go) Feb 17, 2023
Arbitrary File Overwrite in Eclipse JGit High
CVE-2023-4759 was published for org.eclipse.jgit:org.eclipse.jgit (Maven) Sep 18, 2023
mattberry3
social-auth-app-django affected by Improper Handling of Case Sensitivity Moderate
CVE-2024-32879 was published for social-auth-app-django (pip) Apr 24, 2024
bradenmacdonald nijel
Spring Framework DataBinder Case Sensitive Match Exception Moderate
CVE-2024-38820 was published for org.springframework:spring-context (Maven) Oct 18, 2024
jw123023
Spring LDAP data exposure vulnerability Moderate
CVE-2024-38829 was published for org.springframework.ldap:spring-ldap-core (Maven) Dec 4, 2024
Drupal core Access bypass Moderate
CVE-2024-55634 was published for drupal/core (Composer) Dec 10, 2024
ProTip! Advisories are also available from the GraphQL API