Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

50 advisories

Loading
Docling: Unsafe Archive Extraction and XML Parsing in METS-GBS Backend Moderate
CVE-2026-44018 was published for docling (pip) Jun 3, 2026
brodmart Credited to brodmart
A vulnerability in the XML handling component of AOS-8 DHCP services could allow an... Moderate Unreviewed
CVE-2026-23822 was published May 12, 2026
pypdf: Manipulated XMP metadata entity declarations can exhaust RAM Moderate
CVE-2026-40260 was published for pypdf (pip) Apr 10, 2026
kodareef5 Credited to kodareef5 and stefan6419846 stefan6419846 stefan6419846
~/.config/apport/settings parsing is vulnerable to "billion laughs" attack Moderate Unreviewed
CVE-2022-28652 was published Jun 5, 2024
SilverStripe framework XML Quadratic Blowup Attack Moderate
GHSA-g43w-98wp-m694 was published for silverstripe/framework (Composer) May 23, 2024
LangChain's XMLOutputParser vulnerable to XML Entity Expansion Moderate
CVE-2024-1455 was published for langchain-core (pip) Mar 26, 2024
eyurtsev Credited to eyurtsev
Withdrawn Advisory: dom4j XML Entity Expansion vulnerability Moderate
CVE-2023-45960 was published for org.dom4j:dom4j (Maven) Oct 25, 2023 withdrawn
carlosame Credited to carlosame
Quadratic blowup in Convert::xml2array() Moderate
CVE-2021-41559 was published for silverstripe/framework (Composer) Jun 29, 2022
The Dashboard Editor in Hitachi Vantara Pentaho through 7.x - 8.x contains an XML Entity... Moderate Unreviewed
CVE-2020-24665 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API