The Wayback Machine - https://web.archive.org/web/20210509215947/https://github.com/advisories
Skip to content

GitHub Advisory Database

3,752 advisories

Path traversal in servey
CVE-2020-8214 (High severity) was published May 7, 2021 servey (npm)
Improper Handling of Highly Compressed Data (Data Amplification) and Memory Allocation with Excessive Size Value in eventlet
CVE-2021-21419 (Moderate severity) was published May 7, 2021 eventlet (pip)
Deserialization of Untrusted Data in bson
CVE-2020-7610 (High severity) was published May 7, 2021 bson (npm)
Buffer overflow in canvas
CVE-2020-8215 (High severity) was published May 7, 2021 canvas (npm)
Path Traversal in marscode
CVE-2020-7681 (High severity) was published May 7, 2021 marscode (npm)
Command Injection in picotts
CVE-2021-23378 (Critical severity) was published May 7, 2021 picotts (npm)
Command Injection in onion-oled-js
CVE-2021-23377 (Critical severity) was published May 7, 2021 onion-oled-js (npm)
Command Injection in ps-visitor
CVE-2021-23374 (Critical severity) was published May 7, 2021 ps-visitor (npm)
SQL Injection in odata4j
CVE-2016-11024 (High severity) was published May 7, 2021 org.odata4j:odata4j-core (Maven)
SQL Injection in odata4j
CVE-2016-11023 (High severity) was published May 7, 2021 org.odata4j:odata4j-core (Maven)
Improper Input Validation in Google Closure Library
CVE-2020-8910 (Moderate severity) was published May 7, 2021 google-closure-library (npm)
Improper Authentication in Apache Shiro
CVE-2020-11989 (High severity) was published May 7, 2021 org.apache.shiro:shiro-core (Maven)
Improper Authentication in Apache Shiro
CVE-2020-1957 (High severity) was published May 7, 2021 org.apache.shiro:shiro-core (Maven)
Path Traversal in marked-tree
CVE-2020-7682 (High severity) was published May 7, 2021 marked-tree (npm)
Code injection in mock2easy
CVE-2020-7697 (Critical severity) was published May 6, 2021 mock2easy (npm)
Command injection in Gerapy
CVE-2020-7698 (Critical severity) was published May 6, 2021 gerapy (pip)
SQL Injection in Apache SkyWalking
CVE-2020-13921 (Critical severity) was published May 7, 2021 org.apache.skywalking:oap-server (Maven)
Path traversal in Tempfile on Windows
CVE-2021-28966 (Moderate severity) was published May 6, 2021 tmpdir (RubyGems)
Missing Release of Memory after Effective Lifetime in Apache Tika
CVE-2020-9489 (Moderate severity) was published May 7, 2021 org.apache.tika:tika (Maven)
Uncontrolled Resource Consumption in Apache Tika
CVE-2020-1950 (Moderate severity) was published May 7, 2021 org.apache.tika:tika (Maven)
Infinite Loop in Apache Tika
CVE-2020-1951 (Moderate severity) was published May 7, 2021 org.apache.tika:tika (Maven)
Validation bypass in jpv
CVE-2020-17479 (Critical severity) was published May 6, 2021 jpv (npm)
Exposure of Sensitive Information to an Unauthorized Actor in Apache Wicket
CVE-2020-11976 (High severity) was published May 7, 2021 org.apache.wicket:wicket-core (Maven)
Improper Restriction of XML External Entity Reference in svglib
CVE-2020-10799 (High severity) was published May 6, 2021 svglib (pip)
Cross-site scripting in TinyMCE
CVE-2020-17480 (Moderate severity) was published May 6, 2021 tinymce (npm)
ProTip! Advisories are also available from the GraphQL API