Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

7 advisories

Loading
Improper Verification of Cryptographic Signature in org.apache.httpcomponents:httpclient Moderate
CVE-2014-3577 was published for org.apache.httpcomponents:httpclient (Maven) Oct 17, 2018
MarkLee131
Improper Verification of Cryptographic Signature in keycloak Moderate
CVE-2019-10201 was published for org.keycloak:keycloak-core (Maven) Sep 23, 2019
Improper Verification of Cryptographic Signature in aws-encryption-sdk-java Moderate
GHSA-55xh-53m6-936r was published for com.amazonaws:aws-encryption-sdk-java (Maven) Jun 1, 2021
Missing SSH host key validation in Mac Plugin Moderate
CVE-2020-2146 was published for fr.edf.jenkins.plugins:mac (Maven) May 24, 2022
NotMyFault
light-oauth2 missing public key verification Moderate
CVE-2023-31580 was published for com.networknt:light-oauth2 (Maven) Oct 25, 2023
Improper Verification of Cryptographic Signature in aws-encryption-sdk-java Moderate
CVE-2024-23680 was published for com.amazonaws:aws-encryption-sdk-java (Maven) Jan 19, 2024
oscerd
Signature forgery in Spring Boot's Loader Moderate
CVE-2024-38807 was published for org.springframework.boot:spring-boot-loader (Maven) Aug 23, 2024
ProTip! Advisories are also available from the GraphQL API