GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
226 advisories
Remote Code Execution in Spring Framework
Critical
CVE-2022-22965
was published
for
org.springframework.boot:spring-boot-starter-web
(Maven)
Mar 31, 2022
Langchain SQL Injection vulnerability
Critical
CVE-2023-32785
was published
for
langchain
(pip)
Oct 21, 2023
Improper Neutralization of Special Elements in Output Used by a Downstream Component in Apache Groovy
Critical
CVE-2015-3253
was published
for
org.codehaus.groovy:groovy
(Maven)
May 13, 2022
Arbitrary expression injection in Pillow
Critical
CVE-2022-22817
was published
for
Pillow
(pip)
Jan 12, 2022
llama-index vulnerable to arbitrary code execution
Critical
CVE-2023-39662
was published
for
llama-index
(pip)
Aug 15, 2023
Command injection in libvcs and vcspull
Critical
CVE-2022-21187
was published
for
libvcs
(pip)
Mar 15, 2022
LangChain vulnerable to arbitrary code execution
Critical
CVE-2023-39659
was published
for
langchain
(pip)
Aug 15, 2023
DataEase's H2 datasource has a remote command execution risk
Critical
CVE-2024-46997
was published
for
io.dataease:common
(Maven)
Sep 23, 2024
ProTip!
Advisories are also available from the
GraphQL API