Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

23 advisories

Loading
Mapbox is vulnerable to Integer Overflow High
CVE-2022-38216 was published for com.mapbox.mapboxsdk:mapbox-android-core (Maven) Aug 17, 2022
billyjbryant Credited to billyjbryant and aruneko aruneko aruneko
Lin CMS vulnerable to Improper Authentication Moderate
CVE-2022-44244 was published for Lin-CMS (Maven) Nov 10, 2022
aruneko Credited to aruneko and richardfan0606 richardfan0606 richardfan0606
XSS vulnerability in Jenkins Markdown Formatter Plugin Moderate
CVE-2021-21660 was published for io.jenkins.plugins:markdown-formatter (Maven) May 24, 2022
NotMyFault Credited to NotMyFault and aruneko aruneko aruneko
json stack overflow vulnerability High
CVE-2022-45688 was published for cn.hutool:hutool-json (Maven) Dec 13, 2022
westonsteimel Credited to westonsteimel and aruneko aruneko aruneko
Spring Framework server Web DoS Vulnerability High
CVE-2024-22233 was published for org.springframework:spring-core (Maven) Jan 22, 2024
aruneko Credited to aruneko, reva, YukiInu, fnxpt, schmidt-fu, tolmaidis, and LukaszGrzesik reva reva
YukiInu YukiInu fnxpt fnxpt schmidt-fu schmidt-fu tolmaidis tolmaidis LukaszGrzesik LukaszGrzesik
PowerJob vulnerable to Incorrect Access Control via the create user/save interface. Moderate
CVE-2023-29922 was published for tech.powerjob:powerjob (Maven) Apr 19, 2023
achibear Credited to achibear and aruneko aruneko aruneko
Apache Tomcat Vulnerable to Improper Neutralization of Escape, Meta, or Control Sequences Low
CVE-2025-55754 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Oct 27, 2025
aruneko Credited to aruneko
Apache Tomcat Vulnerable to Relative Path Traversal High
CVE-2025-55752 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Oct 27, 2025
aruneko Credited to aruneko and tkwilli94 tkwilli94 tkwilli94
Apache Tomcat: CLIENT_CERT authentication does not fail as expected Moderate
CVE-2026-34500 was published for org.apache.tomcat:tomcat-coyote-ffm (Maven) Apr 9, 2026
aruneko Credited to aruneko
Apache Tomcat Denial of Service vulnerability High
CVE-2019-0199 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Jun 15, 2020
aruneko Credited to aruneko
Improper Restriction of Operations within the Bounds of a Memory Buffer in Apache Tomcat High
CVE-2020-13934 was published for org.apache.tomcat:tomcat (Maven) Feb 8, 2022
aruneko Credited to aruneko
Apache Tomcat has an HTTP Request/Response Smuggling vulnerability High
CVE-2026-24880 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Apr 9, 2026
tkwilli94 Credited to tkwilli94 and aruneko aruneko aruneko
Potential remote code execution in Apache Tomcat High
CVE-2020-9484 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) May 21, 2020
sunSUNQ Credited to sunSUNQ and aruneko aruneko aruneko
Apache Tomcat: CLIENT_CERT authentication does not fail as expected Critical
CVE-2026-29145 was published for org.apache.tomcat:tomcat (Maven) Apr 9, 2026
aruneko Credited to aruneko
Apache Tomcat: Configured cipher preference order not preserved High
CVE-2026-29129 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Apr 9, 2026
aruneko Credited to aruneko
Uncontrolled Resource Consumption in Apache Tomcat High
CVE-2020-11996 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Feb 9, 2022
sunSUNQ Credited to sunSUNQ and aruneko aruneko aruneko
Infinite Loop in Apache Tomcat High
CVE-2020-13935 was published for org.apache.tomcat.embed:tomcat-embed-websocket (Maven) Feb 8, 2022
sunSUNQ Credited to sunSUNQ and aruneko aruneko aruneko
Apache Tomcat Incomplete Cleanup vulnerability Moderate
CVE-2023-42795 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Oct 10, 2023
biehl1 Credited to biehl1, mpihelgas, and aruneko mpihelgas mpihelgas
aruneko aruneko
Apache Tomcat Improper Input Validation vulnerability Moderate
CVE-2023-45648 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Oct 10, 2023
biehl1 Credited to biehl1, mpihelgas, and aruneko mpihelgas mpihelgas
aruneko aruneko
Cross-site scripting in Apache Tomcat Moderate
CVE-2019-0221 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) May 30, 2019
sunSUNQ Credited to sunSUNQ and aruneko aruneko aruneko
Apache Tomcat - XSS in generated JSPs Moderate
CVE-2024-52318 was published for org.apache.tomcat.embed:tomcat-embed-jasper (Maven) Nov 18, 2024
aruneko Credited to aruneko
Apache Tomcat vulnerable to Insertion of Sensitive Information into Log File High
CVE-2026-34487 was published for org.apache.tomcat:tomcat (Maven) Apr 9, 2026
aruneko Credited to aruneko
Apache Tomcat vulnerable to Generation of Error Message Containing Sensitive Information Moderate
CVE-2024-21733 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Jan 19, 2024
westonsteimel Credited to westonsteimel and aruneko aruneko aruneko
ProTip! Advisories are also available from the GraphQL API