Vulnerability Database
Blog
FAQ
Docs
Vulnerability Library
search
All ecosystems
116265
AlmaLinux
2722
Alpine
3397
Android
881
Bitnami
3896
CRAN
10
crates.io
1346
Debian
9854
GIT
32986
GitHub Actions
16
Go
2149
Hackage
18
Hex
29
Linux
13573
Maven
4872
npm
14364
NuGet
581
OSS-Fuzz
3278
Packagist
3395
Pub
8
PyPI
11835
Rocky Linux
1121
RubyGems
787
SwiftURL
31
Ubuntu
5116
ID
Packages
Summary
Affected versions
Published
Fix
GHSA-25w4-hfqg-4r52
Maven/io.quarkus:quarkus-resteasy-reactive-common-deployment
Maven/io.quarkus:quarkus-resteasy-reactive-common
Quarkus: authorization flaw in quarkus resteasy reactive and classic
1.11.0.Beta1
1.11.0.Beta2
1.11.0.CR1
1.11.0.Final
1.11.1.Final
1.11.2.Final
1.11.3.Final
...
2024-04-25T18:30:39Z
Fix available
GHSA-9wmf-xf3h-r8pr
Maven/org.jberet:jberet-core
Jberet: jberet-core logging database credentials
1.0.0.Alpha1
1.0.0.Alpha2
1.0.0.Alpha3
1.0.0.Alpha4
1.0.0.Beta1
1.0.0.Beta2
1.0.0.CR1
...
2024-04-25T18:30:39Z
Fix available
GHSA-mv64-86g8-cqq7
Maven/io.quarkus.resteasy.reactive:resteasy-reactive
Quarkus: security checks in resteasy reactive may trigger a denial of service
3.8.0.CR1
3.3.0
3.3.0.CR1
3.3.1
3.3.2
3.3.3
3.4.0
...
2024-04-25T18:30:39Z
Fix available
GHSA-5xv3-fm7g-865r
Maven/org.open-metadata:openmetadata-service
OpenMetadata vulnerable to a SpEL Injection in `GET /api/v1/policies/validation/condition/<expr>` (`GHSL-2023-236`)
0.12.1
0.12.1.preview
0.12.2
0.12.2-REPUBLISHED
0.13.1
0.13.2
0.13.2-beta
...
2024-04-24T17:06:02Z
Fix available
GHSA-8p5r-6mvv-2435
Maven/org.open-metadata:openmetadata-service
OpenMetadata vulnerable to a SpEL Injection in `PUT /api/v1/events/subscriptions` (`GHSL-2023-251`)
0.12.1
0.12.1.preview
0.12.2
0.12.2-REPUBLISHED
0.13.1
0.13.2
0.13.2-beta
...
2024-04-24T17:06:00Z
Fix available
GHSA-7vf4-x5m2-r6gr
Maven/org.open-metadata:openmetadata-service
OpenMetadata vulnerable to SpEL Injection in `PUT /api/v1/policies` (`GHSL-2023-252`)
0.12.1
0.12.1.preview
0.12.2
0.12.2-REPUBLISHED
0.13.1
0.13.2
0.13.2-beta
...
2024-04-23T21:11:23Z
Fix available
GHSA-hvp5-5x4f-33fq
Maven/io.github.skylot:jadx-core
JADX file override vulnerability
1.3.1
1.3.2
1.3.3
1.3.4
1.3.5
1.4.0
1.4.1
...
2024-04-22T15:56:04Z
Fix available
GHSA-qwhw-hh9j-54f5
Maven/io.antmedia:ant-media-server
Ant Media Server vulnerable to a local privilege escalation
2.6.0
2.6.1
2.6.2
2.6.3
2.6.4
2.7.0
2.8.0
...
2024-04-22T15:51:59Z
Fix available
GHSA-29rc-vq7f-x335
Maven/org.apache.hugegraph:hugegraph-api
Maven/org.apache.hugegraph:hugegraph-core
Apache HugeGraph-Server: Command execution in gremlin
1.0.0
1.2.0
1.0.0
1.2.0
2024-04-22T15:30:41Z
Fix available
GHSA-6mgp-p75r-vhjm
Maven/org.apache.hugegraph:hugegraph-api
Apache HugeGraph-Server: Bypass whitelist in Auth mode
1.0.0
1.2.0
2024-04-22T15:30:41Z
Fix available
GHSA-77x4-55q7-4vmj
Maven/org.apache.hugegraph:hugegraph-hubble
Apache HugeGraph-Hubble: SSRF in Hubble connection page
1.0.0
1.2.0
2024-04-22T15:30:41Z
Fix available
GHSA-7fpj-9hr8-28vh
Maven/org.keycloak:keycloak-services
Keycloak vulnerable to impersonation via logout token exchange
1.0-alpha-1
1.0-alpha-1-12062013
1.0-alpha-2
1.0-alpha-3
1.0-alpha-4
1.0-beta-1
1.0-beta-1-20150521
...
2024-04-17T18:25:59Z
Fix available
GHSA-c9h6-v78w-52wj
Maven/org.keycloak:keycloak-services
Keycloak vulnerable to session hijacking via re-authentication
1.0-alpha-1
1.0-alpha-1-12062013
1.0-alpha-2
1.0-alpha-3
1.0-alpha-4
1.0-beta-1
1.0-beta-1-20150521
...
2024-04-17T18:25:29Z
Fix available
GHSA-72vp-xfrc-42xm
Maven/org.keycloak:keycloak-services
Keycloak path transversal vulnerability in redirection validation
1.0-alpha-1
1.0-alpha-1-12062013
1.0-alpha-2
1.0-alpha-3
1.0-alpha-4
1.0-beta-1
1.0-beta-1-20150521
...
2024-04-17T18:25:08Z
Fix available
GHSA-m6q9-p373-g5q8
Maven/org.keycloak:keycloak-services
Keycloak's unvalidated cross-origin messages in checkLoginIframe leads to DDoS
1.0-alpha-1
1.0-alpha-1-12062013
1.0-alpha-2
1.0-alpha-3
1.0-alpha-4
1.0-beta-1
1.0-beta-1-20150521
...
2024-04-17T18:24:38Z
Fix available
GHSA-j628-q885-8gr5
Maven/org.keycloak:keycloak-services
Keycloak vulnerable to log Injection during WebAuthn authentication or registration
1.0-alpha-1
1.0-alpha-1-12062013
1.0-alpha-2
1.0-alpha-3
1.0-alpha-4
1.0-beta-1
1.0-beta-1-20150521
...
2024-04-17T18:24:03Z
Fix available
Load more...
Maven - OSV