GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
11 advisories
Apache Wicket: An attacker can intentionally trigger a memory leak
Moderate
CVE-2024-53299
was published
for
org.apache.wicket:wicket-core
(Maven)
Jan 23, 2025
Code injection in Apache Zeppelin Shell
Moderate
CVE-2024-31861
was published
for
org.apache.zeppelin:zeppelin-shell
(Maven)
Apr 11, 2024
Improper escaping in Apache Zeppelin
Critical
CVE-2024-31866
was published
for
org.apache.zeppelin:zeppelin-interpreter
(Maven)
Apr 9, 2024
rabbitmq-connector plugin module in Apache EventMesh platforms allows attackers to send controlled message
Critical
CVE-2023-26512
was published
for
org.apache.eventmesh:eventmesh-connector-rabbitmq
(Maven)
Jul 17, 2023
OS Command Injection in Apache Airflow
High
CVE-2022-41131
was published
for
apache-airflow-providers-apache-hive
(pip)
Nov 22, 2022
Apache Geode vulnerable to Deserialization of Untrusted Data
Critical
CVE-2022-37021
was published
for
org.apache.geode:geode-core
(Maven)
Sep 1, 2022
Remote code execution in Apache Airflow Docker's Provider
High
CVE-2022-38362
was published
for
apache-airflow-providers-docker
(pip)
Aug 17, 2022
Apache MXNet vulnerable to potential denial-of-service by excessive resource consumption
High
CVE-2022-24294
was published
for
mxnet
(pip)
Jul 25, 2022
DNS based denial of service in Apache Wicket
High
CVE-2021-23937
was published
for
org.apache.wicket:wicket-core
(Maven)
May 24, 2022
Improper Input Validation in Parquet-MR
High
CVE-2021-41561
was published
for
org.apache.parquet:parquet
(Maven)
Jan 6, 2022
Improper Input Validation in Apache Camel
High
CVE-2020-11971
was published
for
org.apache.camel:camel
(Maven)
May 21, 2021
ProTip!
Advisories are also available from the
GraphQL API