GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
43 advisories
Filter by severity
Infinite loop in github.com/gomarkdown/markdown
Moderate
CVE-2024-44337
was published
for
github.com/gomarkdown/markdown
(Go)
Oct 15, 2024
Bouncy Castle crafted signature and public key can be used to trigger an infinite loop
Moderate
CVE-2024-30172
was published
for
BouncyCastle
(Maven)
May 14, 2024
Vitess vulnerable to infinite memory consumption and vtgate crash
Moderate
CVE-2024-32886
was published
for
github.com/vitessio/vitess
(Go)
May 8, 2024
Golang protojson.Unmarshal function infinite loop when unmarshaling certain forms of invalid JSON
Moderate
CVE-2024-24786
was published
for
google.golang.org/protobuf
(Go)
Mar 6, 2024
Liferay Portal denial-of-service vulnerability
Moderate
CVE-2024-25144
was published
for
com.liferay.portal:release.dxp.bom
(Maven)
Feb 8, 2024
IPAddress Infinite Loop vulnerability (Disputed)
Moderate
CVE-2023-50570
was published
for
com.github.seancfoley:ipaddress
(Maven)
Dec 29, 2023
•
withdrawn
Possible Infinite Loop when PdfWriter(clone_from) is used with a PDF
Moderate
CVE-2023-46250
was published
for
pypdf
(pip)
Oct 31, 2023
OpenFGA Vulnerable to DoS from circular relationship definitions
Moderate
CVE-2023-43645
was published
for
github.com/openfga/openfga
(Go)
Sep 28, 2023
PyPDF2 vulnerable to possible Infinite Loop when reading malformed objects
Moderate
CVE-2023-36807
was published
for
PyPDF2
(pip)
Jun 30, 2023
pypdf and PyPDF2 possible Infinite Loop when a comment isn't followed by a character
Moderate
CVE-2023-36464
was published
for
PyPDF2
(pip)
Jun 30, 2023
OpenFGA vulnerable to denial of service due to circular relationship
Moderate
CVE-2023-35933
was published
for
github.com/openfga/openfga
(Go)
Jun 28, 2023
phpseclib Infinite Loop vulnerability
Moderate
CVE-2023-27560
was published
for
phpseclib/phpseclib
(Composer)
Mar 3, 2023
DoS vulnerability in MaliciousCode filter
Moderate
CVE-2023-23617
was published
for
openmage/magento-lts
(Composer)
Jan 27, 2023
kamadak-exif vulnerable to Infinite loop when parsing PNG files
Moderate
CVE-2021-21235
was published
for
kamadak-exif
(Rust)
Oct 6, 2022
Loop with Unreachable Exit Condition in Apache POI
Moderate
CVE-2014-9527
was published
for
org.apache.poi:poi
(Maven)
May 17, 2022
Loop with Unreachable Exit Condition in Apache PDFBox
Moderate
CVE-2018-8036
was published
for
org.apache.pdfbox:pdfbox
(Maven)
May 13, 2022
Infinite Loop in Jenkins Core
Moderate
CVE-2018-1999044
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 13, 2022
Loop with Unreachable Exit Condition in Jenkins
Moderate
CVE-2018-1000864
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 13, 2022
Loop with Unreachable Exit Condition in Apache CXF
Moderate
CVE-2014-3584
was published
for
org.apache.cxf:cxf-rt-frontend-jaxrs
(Maven)
May 13, 2022
Manipulated inline images can cause Infinite Loop in PyPDF2
Moderate
CVE-2022-24859
was published
for
PyPDF2
(pip)
Apr 22, 2022
Denial of Service in docker2aci
Moderate
CVE-2016-8579
was published
for
github.com/appc/docker2aci
(Go)
Feb 15, 2022
Infinite Loop in Apache James
Moderate
CVE-2021-40111
was published
for
org.apache.james:james-server
(Maven)
Jan 8, 2022
Infinite certificate chain depth results in OctoRPKI running forever
Moderate
CVE-2021-3908
was published
for
github.com/cloudflare/cfrpki
(Go)
Nov 10, 2021
Infinite loop in Apache MINA
Moderate
CVE-2021-41973
was published
for
org.apache.mina:mina-core
(Maven)
Nov 3, 2021
Improper Handling of Missing Values in kaml
Moderate
CVE-2021-39194
was published
for
com.charleskorn.kaml:kaml
(Maven)
Sep 7, 2021
ProTip!
Advisories are also available from the
GraphQL API