Vulnerability Database
Blog
FAQ
Docs
Vulnerability Library
search
All ecosystems
116124
AlmaLinux
2722
Alpine
3397
Android
881
Bitnami
3891
CRAN
10
crates.io
1346
Debian
9846
GIT
32964
GitHub Actions
16
Go
2139
Hackage
18
Hex
29
Linux
13573
Maven
4872
npm
14360
NuGet
581
OSS-Fuzz
3280
Packagist
3394
Pub
8
PyPI
11746
Rocky Linux
1121
RubyGems
786
SwiftURL
31
Ubuntu
5113
ID
Packages
Summary
Affected versions
Published
Fix
GHSA-25w4-hfqg-4r52
Maven/io.quarkus:quarkus-resteasy-reactive-common-deployment
Maven/io.quarkus:quarkus-resteasy-reactive-common
Quarkus: authorization flaw in quarkus resteasy reactive and classic
1.11.0.Beta1
1.11.0.Beta2
1.11.0.CR1
1.11.0.Final
1.11.1.Final
1.11.2.Final
1.11.3.Final
...
2024-04-25T18:30:39Z
Fix available
GHSA-9wmf-xf3h-r8pr
Maven/org.jberet:jberet-core
Jberet: jberet-core logging database credentials
1.0.0.Alpha1
1.0.0.Alpha2
1.0.0.Alpha3
1.0.0.Alpha4
1.0.0.Beta1
1.0.0.Beta2
1.0.0.CR1
...
2024-04-25T18:30:39Z
Fix available
GHSA-mv64-86g8-cqq7
Maven/io.quarkus.resteasy.reactive:resteasy-reactive
Quarkus: security checks in resteasy reactive may trigger a denial of service
3.8.0.CR1
3.3.0
3.3.0.CR1
3.3.1
3.3.2
3.3.3
3.4.0
...
2024-04-25T18:30:39Z
Fix available
GHSA-5xv3-fm7g-865r
Maven/org.open-metadata:openmetadata-service
OpenMetadata vulnerable to a SpEL Injection in `GET /api/v1/policies/validation/condition/<expr>` (`GHSL-2023-236`)
0.12.1
0.12.1.preview
0.12.2
0.12.2-REPUBLISHED
0.13.1
0.13.2
0.13.2-beta
...
2024-04-24T17:06:02Z
Fix available
GHSA-8p5r-6mvv-2435
Maven/org.open-metadata:openmetadata-service
OpenMetadata vulnerable to a SpEL Injection in `PUT /api/v1/events/subscriptions` (`GHSL-2023-251`)
0.12.1
0.12.1.preview
0.12.2
0.12.2-REPUBLISHED
0.13.1
0.13.2
0.13.2-beta
...
2024-04-24T17:06:00Z
Fix available
GHSA-7vf4-x5m2-r6gr
Maven/org.open-metadata:openmetadata-service
OpenMetadata vulnerable to SpEL Injection in `PUT /api/v1/policies` (`GHSL-2023-252`)
0.12.1
0.12.1.preview
0.12.2
0.12.2-REPUBLISHED
0.13.1
0.13.2
0.13.2-beta
...
2024-04-23T21:11:23Z
Fix available
GHSA-hvp5-5x4f-33fq
Maven/io.github.skylot:jadx-core
JADX file override vulnerability
1.3.1
1.3.2
1.3.3
1.3.4
1.3.5
1.4.0
1.4.1
...
2024-04-22T15:56:04Z
Fix available
GHSA-qwhw-hh9j-54f5
Maven/io.antmedia:ant-media-server
Ant Media Server vulnerable to a local privilege escalation
2.6.0
2.6.1
2.6.2
2.6.3
2.6.4
2.7.0
2.8.0
...
2024-04-22T15:51:59Z
Fix available
GHSA-29rc-vq7f-x335
Maven/org.apache.hugegraph:hugegraph-api
Maven/org.apache.hugegraph:hugegraph-core
Apache HugeGraph-Server: Command execution in gremlin
1.0.0
1.2.0
1.0.0
1.2.0
2024-04-22T15:30:41Z
Fix available
GHSA-6mgp-p75r-vhjm
Maven/org.apache.hugegraph:hugegraph-api
Apache HugeGraph-Server: Bypass whitelist in Auth mode
1.0.0
1.2.0
2024-04-22T15:30:41Z
Fix available
GHSA-77x4-55q7-4vmj
Maven/org.apache.hugegraph:hugegraph-hubble
Apache HugeGraph-Hubble: SSRF in Hubble connection page
1.0.0
1.2.0
2024-04-22T15:30:41Z
Fix available
GHSA-7fpj-9hr8-28vh
Maven/org.keycloak:keycloak-services
Keycloak vulnerable to impersonation via logout token exchange
1.0-alpha-1
1.0-alpha-1-12062013
1.0-alpha-2
1.0-alpha-3
1.0-alpha-4
1.0-beta-1
1.0-beta-1-20150521
...
2024-04-17T18:25:59Z
Fix available
GHSA-c9h6-v78w-52wj
Maven/org.keycloak:keycloak-services
Keycloak vulnerable to session hijacking via re-authentication
1.0-alpha-1
1.0-alpha-1-12062013
1.0-alpha-2
1.0-alpha-3
1.0-alpha-4
1.0-beta-1
1.0-beta-1-20150521
...
2024-04-17T18:25:29Z
Fix available
GHSA-72vp-xfrc-42xm
Maven/org.keycloak:keycloak-services
Keycloak path transversal vulnerability in redirection validation
1.0-alpha-1
1.0-alpha-1-12062013
1.0-alpha-2
1.0-alpha-3
1.0-alpha-4
1.0-beta-1
1.0-beta-1-20150521
...
2024-04-17T18:25:08Z
Fix available
GHSA-m6q9-p373-g5q8
Maven/org.keycloak:keycloak-services
Keycloak's unvalidated cross-origin messages in checkLoginIframe leads to DDoS
1.0-alpha-1
1.0-alpha-1-12062013
1.0-alpha-2
1.0-alpha-3
1.0-alpha-4
1.0-beta-1
1.0-beta-1-20150521
...
2024-04-17T18:24:38Z
Fix available
GHSA-j628-q885-8gr5
Maven/org.keycloak:keycloak-services
Keycloak vulnerable to log Injection during WebAuthn authentication or registration
1.0-alpha-1
1.0-alpha-1-12062013
1.0-alpha-2
1.0-alpha-3
1.0-alpha-4
1.0-beta-1
1.0-beta-1-20150521
...
2024-04-17T18:24:03Z
Fix available
Load more...
Maven - OSV