GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
25,028 advisories
ONOS vulnerable to reflected cross-site scripting Moderate
CVE-2023-24279 was published for org.onosproject:onos-archetypes (Maven) Mar 14, 2023
fieldpath's Paved.SetValue allows growing arrays up to arbitrary sizes in crossplane-runtime Moderate
CVE-2023-27483 was published for github.com/crossplane/crossplane-runtime (Go) Mar 13, 2023
Missing proper state, nonce and PKCE checks for OAuth authentication High
CVE-2023-27490 was published for next-auth (npm) Mar 13, 2023
Password Shucking Vulnerability Moderate
CVE-2023-27580 was published for codeigniter4/shield (Composer) Mar 13, 2023
github-slug-action vulnerable to arbitrary code execution High
CVE-2023-27581 was published for rlespinasse/github-slug-action (GitHub Actions) Mar 13, 2023
Cross-realm object access in Webpack 5 Critical
CVE-2023-28154 was published for webpack (npm) Mar 13, 2023
Crossplane-runtime contains Improper Input Validation via Compositions Moderate
CVE-2023-27484 was published for github.com/crossplane/crossplane (Go) Mar 10, 2023
HL7 FHIR Partial Path Zip Slip due to bypass of CVE-2023-24057 High
CVE-2023-28465 was published for ca.uhn.hapi.fhir:org.hl7.fhir.convertors (Maven) Mar 10, 2023
Cross site scripting vulnerability in update-center2 Moderate
CVE-2023-27905 was published for org.jenkins-ci:update-center2 (Maven) Mar 10, 2023
Incorrect Authorization in Jenkins Core High
CVE-2023-27899 was published for org.jenkins-ci.main:jenkins-core (Maven) Mar 10, 2023
ProTip! Advisories are also available from the GraphQL API