Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

5 advisories

Loading
@tdurieux/anonymous_github Vulnerable to XSS via Unsanitized GitHub Repository Content Rendering in Anonymous GitHub Origin High
GHSA-g485-8j3v-p6x8 was published for @tdurieux/anonymous_github (npm) May 5, 2026
jackfromeast Credited to jackfromeast and P3ngu1nW P3ngu1nW P3ngu1nW
org.eclipse.jetty:jetty-http has different parsing of invalid URIs Low
CVE-2025-11143 was published for org.eclipse.jetty:jetty-http (Maven) Mar 5, 2026
zer0yu Credited to zer0yu and P3ngu1nW P3ngu1nW P3ngu1nW
jose vulnerable to resource exhaustion via specifically crafted JWE with compressed plaintext Moderate
CVE-2024-28176 was published for jose (npm) Mar 7, 2024
P3ngu1nW Credited to P3ngu1nW and panva panva panva
JWCrypto vulnerable to JWT bomb Attack in `deserialize` function Moderate
CVE-2024-28102 was published for jwcrypto (pip) Mar 6, 2024
P3ngu1nW Credited to P3ngu1nW
lestrrat-go/jwx's malicious parameters in JWE can cause a DOS Moderate
CVE-2023-49290 was published for github.com/lestrrat-go/jwx (Go) Dec 5, 2023
P3ngu1nW Credited to P3ngu1nW
ProTip! Advisories are also available from the GraphQL API