GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
56 advisories
Filter by severity
Eclipse Parsson stack overflow when parsing deeply nested input
Critical
CVE-2023-7272
was published
for
org.eclipse.parsson:parsson
(Maven)
Jul 17, 2024
Elasticsearch StackOverflow vulnerability
Moderate
CVE-2024-37280
was published
for
org.elasticsearch:elasticsearch
(Maven)
Jun 13, 2024
Decompressors can crash the JVM and leak memory content in Aircompressor
High
CVE-2024-36114
was published
for
io.airlift:aircompressor
(Maven)
Jun 2, 2024
Apache Commons Configuration: StackOverflowError adding property in AbstractListDelimiterHandler.flattenIterator()
Moderate
CVE-2024-29131
was published
for
org.apache.commons:commons-configuration2
(Maven)
Mar 21, 2024
Apache Commons Configuration: StackOverflowError calling ListDelimiterHandler.flatten(Object, int) with a cyclical object tree
Moderate
CVE-2024-29133
was published
for
org.apache.commons:commons-configuration2
(Maven)
Mar 21, 2024
JLine vulnerable to out of memory error
Moderate
CVE-2023-50572
was published
for
org.jline:jline-parent
(Maven)
Dec 29, 2023
json-path Out-of-bounds Write vulnerability
Moderate
CVE-2023-51074
was published
for
com.jayway.jsonpath:json-path
(Maven)
Dec 27, 2023
hyavijava stack overflow vulnerability
Critical
CVE-2023-51084
was published
for
com.github:hyavijava
(Maven)
Dec 27, 2023
hutool-core was discovered to contain a stack overflow via NumberUtil.toBigDecimal method
High
CVE-2023-51080
was published
for
cn.hutool:hutool-core
(Maven)
Dec 27, 2023
Elasticsearch vulnerable to stack overflow in the search API
Moderate
CVE-2023-31419
was published
for
org.elasticsearch:elasticsearch
(Maven)
Oct 26, 2023
Denial of service in jackson-dataformats-text
High
CVE-2023-3894
was published
for
com.fasterxml.jackson.dataformat:jackson-dataformats-text
(Maven)
Aug 8, 2023
Jettison parser crash by stackoverflow
Moderate
GHSA-xqcq-j8w9-3pxv
was published
for
com.tencyle.fixes:org.codehaus.jettison--jettison
(Maven)
Aug 1, 2023
jjson vulnerable to stack exhaustion
High
CVE-2023-35110
was published
for
de.grobmeier.json:jjson
(Maven)
Jun 14, 2023
JSONUtil vulnerable to stack exhaustion
Critical
CVE-2023-34615
was published
for
net.pwall.json:jsonutil
(Maven)
Jun 14, 2023
hjson stack exhaustion vulnerability
High
CVE-2023-34620
was published
for
org.hjson:hjson
(Maven)
Jun 14, 2023
pbjson vulnerable to stack exhaustion
High
CVE-2023-34616
was published
for
com.progsbase.libraries:JSON
(Maven)
Jun 14, 2023
jsonij vulnerable to stack exhaustion
High
CVE-2023-34614
was published
for
cc.plural:jsonij
(Maven)
Jun 14, 2023
sojo vulnerable to stack exhaustion
High
CVE-2023-34613
was published
for
net.sf.sojo:sojo
(Maven)
Jun 14, 2023
ph-json vulnerable to stack exhaustion
High
CVE-2023-34612
was published
for
com.helger.commons:ph-json
(Maven)
Jun 14, 2023
json-io vulnerable to stack exhaustion
High
CVE-2023-34610
was published
for
com.cedarsoftware:json-io
(Maven)
Jun 14, 2023
htmlcleaner vulnerable to stack exhaustion
High
CVE-2023-34624
was published
for
net.sourceforge.htmlcleaner:htmlcleaner
(Maven)
Jun 14, 2023
genson vulnerable to stack exhaustion
High
CVE-2023-34617
was published
for
com.owlike:genson
(Maven)
Jun 14, 2023
janino vulnerable to denial of service due to stack overflow
Moderate
CVE-2023-33546
was published
for
org.codehaus.janino:janino-parent
(Maven)
Jun 1, 2023
Unrestricted recursion in htmlunit
High
CVE-2023-2798
was published
for
org.htmlunit:htmlunit
(Maven)
May 25, 2023
Jenkins Pipeline Utility Steps Plugin arbitrary file write vulnerability
Moderate
CVE-2023-32981
was published
for
org.jenkins-ci.plugins:pipeline-utility-steps
(Maven)
May 16, 2023
ProTip!
Advisories are also available from the
GraphQL API