GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
64 advisories
Improper Verification of Cryptographic Signature in matrix-synapse
High
CVE-2019-18835
was published
for
matrix-synapse
(pip)
May 24, 2022
Pac4j token validation bypass if OpenID Connect provider supports none algorithm
High
CVE-2021-44878
was published
for
org.pac4j:pac4j-oidc
(Maven)
Jan 8, 2022
Execution Control List (ECL) Is Insecure in Singularity
High
CVE-2020-13845
was published
for
github.com/sylabs/singularity
(Go)
Dec 20, 2021
Signature verification vulnerability in Stark Bank ecdsa libraries
High
GHSA-9wx7-jrvc-28mm
was published
for
com.starkbank:ecdsa-java
(Maven)
Nov 8, 2021
coreos-installer improperly verifies GPG signature when decompressing gzipped artifact
High
CVE-2021-20319
was published
for
coreos-installer
(Rust)
Oct 12, 2021
ProTip!
Advisories are also available from the
GraphQL API