GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
207 advisories
Potential Remote Code Execution in TYPO3 with mediace extension
Critical
CVE-2020-15086
was published
for
friendsoftypo3/mediace
(Composer)
Jul 29, 2020
Insecure default config of Celery worker in Apache Airflow
Critical
CVE-2020-11982
was published
for
apache-airflow
(pip)
Jul 27, 2020
jackson-databind mishandles the interaction between serialization gadgets and typing
Critical
CVE-2020-9548
was published
for
com.fasterxml.jackson.core:jackson-databind
(Maven)
May 15, 2020
Deserialization of Untrusted Data in jackson-databind
Critical
CVE-2020-8840
was published
for
com.fasterxml.jackson.core:jackson-databind
(Maven)
Mar 4, 2020
Deserialization of Untrusted Data in jackson-databind
Critical
CVE-2019-20330
was published
for
com.fasterxml.jackson.core:jackson-databind
(Maven)
Mar 4, 2020
Deserialization of Untrusted Data in Log4j
Critical
CVE-2019-17571
was published
for
log4j:log4j
(Maven)
Jan 6, 2020
Polymorphic Typing in FasterXML jackson-databind
Critical
CVE-2019-16942
was published
for
com.fasterxml.jackson.core:jackson-databind
(Maven)
Oct 28, 2019
Polymorphic Typing issue in FasterXML jackson-databind
Critical
CVE-2019-14540
was published
for
com.fasterxml.jackson.core:jackson-databind
(Maven)
Sep 23, 2019
ProTip!
Advisories are also available from the
GraphQL API