Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

10 advisories

Loading
Misinterpretation of malicious XML input Moderate
CVE-2021-21366 was published for xmldom (npm) Mar 12, 2021
jupenur karfau
brodycj
REXML round-trip instability High
CVE-2021-28965 was published for rexml (RubyGems) Apr 30, 2021
XML Processing error in github.com/crewjam/saml Critical
CVE-2020-27846 was published for github.com/crewjam/saml (Go) Jun 23, 2021
Authentication Bypass in github.com/russellhaering/gosaml2 Critical
CVE-2020-29509 was published for github.com/russellhaering/gosaml2 (Go) Feb 11, 2022
jupenur
URL Confusion When Scheme Not Supplied in medialize/uri.js Moderate
CVE-2022-1233 was published for urijs (npm) Apr 5, 2022
parse-url parses http URLs incorrectly, making it vulnerable to host name spoofing Moderate
CVE-2022-3224 was published for parse-url (npm) Sep 16, 2022
Misinterpretation of Input in thorsten/phpmyfaq Moderate
CVE-2023-0880 was published for thorsten/phpmyfaq (Composer) Feb 17, 2023
ProTip! Advisories are also available from the GraphQL API