GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
108 advisories
QOS.CH logback-core Expression Language Injection vulnerability
Moderate
CVE-2024-12798
was published
for
ch.qos.logback:logback-core
(Maven)
Dec 19, 2024
Spring Framework vulnerable to denial of service
High
CVE-2023-20863
was published
for
org.springframework:spring-expression
(Maven)
Apr 13, 2023
Spring Framework vulnerable to denial of service via specially crafted SpEL expression
Moderate
CVE-2023-20861
was published
for
org.springframework:spring-expression
(Maven)
Mar 23, 2023
TYPO3 CMS vulnerable to Sensitive Information Disclosure via YAML Placeholder Expressions in Site Configuration
Moderate
CVE-2022-23504
was published
for
typo3/cms
(Composer)
Dec 13, 2022
SpEL Injection in Spring Data MongoDB
Critical
CVE-2022-22980
was published
for
org.springframework.data:spring-data-mongodb
(Maven)
Jun 24, 2022
ProTip!
Advisories are also available from the
GraphQL API