Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

9 advisories

Loading
panic on parsing crafted phonenumber inputs High
CVE-2024-39697 was published for phonenumber (Rust) Jul 9, 2024
rubdos
phonenumber panics on parsing crafted RFC3966 inputs High
CVE-2023-42444 was published for phonenumber (Rust) Sep 21, 2023
sno2 gferon
blurhash panics on parsing crafted inputs High
CVE-2023-42447 was published for blurhash (Rust) Sep 21, 2023
rubdos
jcvi vulnerable to Configuration Injection due to unsanitized user input High
CVE-2023-35932 was published for jcvi (pip) Jun 23, 2023
Sim4n6
conduit-hyper vulnerable to Denial of Service from unchecked request length High
CVE-2022-39294 was published for conduit-hyper (Rust) Oct 31, 2022
parse-server crashes when receiving file download request with invalid byte range High
CVE-2022-39313 was published for parse-server (npm) Oct 18, 2022
hej2010 tdunlap607
linked_list_allocator vulnerable to out-of-bound writes on `Heap` initialization and `Heap::extend` High
CVE-2022-36086 was published for linked_list_allocator (Rust) Sep 16, 2022
evanrichter
Unauthenticated control plane denial of service attack in Istio High
CVE-2022-23635 was published for istio.io/istio (Go) Feb 23, 2022
AdamKorcz howardjohn
Improper Validation of Specified Quantity in Input in Eclipse Hono High
CVE-2020-27217 was published for org.eclipse.hono:hono-core (Maven) Feb 10, 2022
ProTip! Advisories are also available from the GraphQL API