github.com Open in urlscan Pro
140.82.121.3  Public Scan

Submitted URL: https://www.npmjs.com/advisories
Effective URL: https://github.com/advisories
Submission: On June 22 via manual from ES — Scanned from ES

Form analysis 2 forms found in the DOM

GET /search

<form class="js-site-search-form" role="search" aria-label="Site" data-unscoped-search-url="/search" data-turbo="false" action="/search" accept-charset="UTF-8" method="get">
  <label class="form-control header-search-wrapper input-sm p-0 js-chromeless-input-container header-search-wrapper-jump-to position-relative d-flex flex-justify-between flex-items-center">
    <input type="text" class="form-control js-site-search-focus header-search-input jump-to-field js-jump-to-field" data-hotkey="s,/" name="q" placeholder="Search GitHub" data-unscoped-placeholder="Search GitHub" data-scoped-placeholder="Search"
      autocapitalize="off" role="combobox" aria-haspopup="listbox" aria-expanded="false" aria-autocomplete="list" aria-controls="jump-to-results" aria-label="Search GitHub" data-jump-to-suggestions-path="/_graphql/GetSuggestedNavigationDestinations"
      spellcheck="false" autocomplete="off">
    <input type="hidden" data-csrf="true" class="js-data-jump-to-suggestions-path-csrf" value="9Avvvj8kQ6mHOaVarNSeBJDmCU61X+Qm1bkK8wBbvrx6GUhQnI6pE1GmX7cN7uSn6dbf8PY5P6WWHnRY5vzQFA==">
    <input type="hidden" class="js-site-search-type-field" name="type">
    <svg xmlns="http://www.w3.org/2000/svg" width="22" height="20" aria-hidden="true" class="mr-1 header-search-key-slash">
      <path fill="none" stroke="#979A9C" opacity=".4" d="M3.5.5h12c1.7 0 3 1.3 3 3v13c0 1.7-1.3 3-3 3h-12c-1.7 0-3-1.3-3-3v-13c0-1.7 1.3-3 3-3z"></path>
      <path fill="#979A9C" d="M11.8 6L8 15.1h-.9L10.8 6h1z"></path>
    </svg>
    <div class="Box position-absolute overflow-hidden d-none jump-to-suggestions js-jump-to-suggestions-container">
      <ul class="d-none js-jump-to-suggestions-template-container">
        <li class="d-flex flex-justify-start flex-items-center p-0 f5 navigation-item js-navigation-item js-jump-to-suggestion" role="option">
          <a tabindex="-1" class="no-underline d-flex flex-auto flex-items-center jump-to-suggestions-path js-jump-to-suggestion-path js-navigation-open p-2" href="" data-item-type="suggestion">
    <div class="jump-to-octicon js-jump-to-octicon flex-shrink-0 mr-2 text-center d-none">
      <svg title="Repository" aria-label="Repository" role="img" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-repo js-jump-to-octicon-repo d-none flex-shrink-0">
    <path d="M2 2.5A2.5 2.5 0 0 1 4.5 0h8.75a.75.75 0 0 1 .75.75v12.5a.75.75 0 0 1-.75.75h-2.5a.75.75 0 0 1 0-1.5h1.75v-2h-8a1 1 0 0 0-.714 1.7.75.75 0 1 1-1.072 1.05A2.495 2.495 0 0 1 2 11.5Zm10.5-1h-8a1 1 0 0 0-1 1v6.708A2.486 2.486 0 0 1 4.5 9h8ZM5 12.25a.25.25 0 0 1 .25-.25h3.5a.25.25 0 0 1 .25.25v3.25a.25.25 0 0 1-.4.2l-1.45-1.087a.249.249 0 0 0-.3 0L5.4 15.7a.25.25 0 0 1-.4-.2Z"></path>
</svg>
      <svg title="Project" aria-label="Project" role="img" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-project js-jump-to-octicon-project d-none flex-shrink-0">
    <path d="M1.75 0h12.5C15.216 0 16 .784 16 1.75v12.5A1.75 1.75 0 0 1 14.25 16H1.75A1.75 1.75 0 0 1 0 14.25V1.75C0 .784.784 0 1.75 0ZM1.5 1.75v12.5c0 .138.112.25.25.25h12.5a.25.25 0 0 0 .25-.25V1.75a.25.25 0 0 0-.25-.25H1.75a.25.25 0 0 0-.25.25ZM11.75 3a.75.75 0 0 1 .75.75v7.5a.75.75 0 0 1-1.5 0v-7.5a.75.75 0 0 1 .75-.75Zm-8.25.75a.75.75 0 0 1 1.5 0v5.5a.75.75 0 0 1-1.5 0ZM8 3a.75.75 0 0 1 .75.75v3.5a.75.75 0 0 1-1.5 0v-3.5A.75.75 0 0 1 8 3Z"></path>
</svg>
      <svg title="Search" aria-label="Search" role="img" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-search js-jump-to-octicon-search d-none flex-shrink-0">
    <path d="M10.68 11.74a6 6 0 0 1-7.922-8.982 6 6 0 0 1 8.982 7.922l3.04 3.04a.749.749 0 0 1-.326 1.275.749.749 0 0 1-.734-.215ZM11.5 7a4.499 4.499 0 1 0-8.997 0A4.499 4.499 0 0 0 11.5 7Z"></path>
</svg>
    </div>

    <img class="avatar mr-2 flex-shrink-0 js-jump-to-suggestion-avatar d-none" alt="" aria-label="Team" src="" width="28" height="28">

    <div class="jump-to-suggestion-name js-jump-to-suggestion-name flex-auto overflow-hidden text-left no-wrap css-truncate css-truncate-target">
    </div>

    <div class="border rounded-2 flex-shrink-0 color-bg-subtle px-1 color-fg-muted ml-1 f6 d-none js-jump-to-badge-search">
      <span class="js-jump-to-badge-search-text-default d-none" aria-label="in all of GitHub">
        Search
      </span>
      <span class="js-jump-to-badge-search-text-global d-none" aria-label="in all of GitHub">
        All GitHub
      </span>
      <span aria-hidden="true" class="d-inline-block ml-1 v-align-middle">↵</span>
    </div>

    <div aria-hidden="true" class="border rounded-2 flex-shrink-0 color-bg-subtle px-1 color-fg-muted ml-1 f6 d-none d-on-nav-focus js-jump-to-badge-jump">
      Jump to
      <span class="d-inline-block ml-1 v-align-middle">↵</span>
    </div>
  </a>
        </li>
      </ul>
      <ul class="d-none js-jump-to-no-results-template-container">
        <li class="d-flex flex-justify-center flex-items-center f5 d-none js-jump-to-suggestion p-2">
          <span class="color-fg-muted">No suggested jump to results</span>
        </li>
      </ul>
      <ul id="jump-to-results" role="listbox" class="p-0 m-0 js-navigation-container jump-to-suggestions-results-container js-jump-to-suggestions-results-container">
        <li class="d-flex flex-justify-start flex-items-center p-0 f5 navigation-item js-navigation-item js-jump-to-scoped-search d-none" role="option">
          <a tabindex="-1" class="no-underline d-flex flex-auto flex-items-center jump-to-suggestions-path js-jump-to-suggestion-path js-navigation-open p-2" href="" data-item-type="scoped_search">
    <div class="jump-to-octicon js-jump-to-octicon flex-shrink-0 mr-2 text-center d-none">
      <svg title="Repository" aria-label="Repository" role="img" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-repo js-jump-to-octicon-repo d-none flex-shrink-0">
    <path d="M2 2.5A2.5 2.5 0 0 1 4.5 0h8.75a.75.75 0 0 1 .75.75v12.5a.75.75 0 0 1-.75.75h-2.5a.75.75 0 0 1 0-1.5h1.75v-2h-8a1 1 0 0 0-.714 1.7.75.75 0 1 1-1.072 1.05A2.495 2.495 0 0 1 2 11.5Zm10.5-1h-8a1 1 0 0 0-1 1v6.708A2.486 2.486 0 0 1 4.5 9h8ZM5 12.25a.25.25 0 0 1 .25-.25h3.5a.25.25 0 0 1 .25.25v3.25a.25.25 0 0 1-.4.2l-1.45-1.087a.249.249 0 0 0-.3 0L5.4 15.7a.25.25 0 0 1-.4-.2Z"></path>
</svg>
      <svg title="Project" aria-label="Project" role="img" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-project js-jump-to-octicon-project d-none flex-shrink-0">
    <path d="M1.75 0h12.5C15.216 0 16 .784 16 1.75v12.5A1.75 1.75 0 0 1 14.25 16H1.75A1.75 1.75 0 0 1 0 14.25V1.75C0 .784.784 0 1.75 0ZM1.5 1.75v12.5c0 .138.112.25.25.25h12.5a.25.25 0 0 0 .25-.25V1.75a.25.25 0 0 0-.25-.25H1.75a.25.25 0 0 0-.25.25ZM11.75 3a.75.75 0 0 1 .75.75v7.5a.75.75 0 0 1-1.5 0v-7.5a.75.75 0 0 1 .75-.75Zm-8.25.75a.75.75 0 0 1 1.5 0v5.5a.75.75 0 0 1-1.5 0ZM8 3a.75.75 0 0 1 .75.75v3.5a.75.75 0 0 1-1.5 0v-3.5A.75.75 0 0 1 8 3Z"></path>
</svg>
      <svg title="Search" aria-label="Search" role="img" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-search js-jump-to-octicon-search d-none flex-shrink-0">
    <path d="M10.68 11.74a6 6 0 0 1-7.922-8.982 6 6 0 0 1 8.982 7.922l3.04 3.04a.749.749 0 0 1-.326 1.275.749.749 0 0 1-.734-.215ZM11.5 7a4.499 4.499 0 1 0-8.997 0A4.499 4.499 0 0 0 11.5 7Z"></path>
</svg>
    </div>

    <img class="avatar mr-2 flex-shrink-0 js-jump-to-suggestion-avatar d-none" alt="" aria-label="Team" src="" width="28" height="28">

    <div class="jump-to-suggestion-name js-jump-to-suggestion-name flex-auto overflow-hidden text-left no-wrap css-truncate css-truncate-target">
    </div>

    <div class="border rounded-2 flex-shrink-0 color-bg-subtle px-1 color-fg-muted ml-1 f6 d-none js-jump-to-badge-search">
      <span class="js-jump-to-badge-search-text-default d-none" aria-label="in all of GitHub">
        Search
      </span>
      <span class="js-jump-to-badge-search-text-global d-none" aria-label="in all of GitHub">
        All GitHub
      </span>
      <span aria-hidden="true" class="d-inline-block ml-1 v-align-middle">↵</span>
    </div>

    <div aria-hidden="true" class="border rounded-2 flex-shrink-0 color-bg-subtle px-1 color-fg-muted ml-1 f6 d-none d-on-nav-focus js-jump-to-badge-jump">
      Jump to
      <span class="d-inline-block ml-1 v-align-middle">↵</span>
    </div>
  </a>
        </li>
        <li class="d-flex flex-justify-start flex-items-center p-0 f5 navigation-item js-navigation-item js-jump-to-owner-scoped-search d-none" role="option">
          <a tabindex="-1" class="no-underline d-flex flex-auto flex-items-center jump-to-suggestions-path js-jump-to-suggestion-path js-navigation-open p-2" href="" data-item-type="owner_scoped_search">
    <div class="jump-to-octicon js-jump-to-octicon flex-shrink-0 mr-2 text-center d-none">
      <svg title="Repository" aria-label="Repository" role="img" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-repo js-jump-to-octicon-repo d-none flex-shrink-0">
    <path d="M2 2.5A2.5 2.5 0 0 1 4.5 0h8.75a.75.75 0 0 1 .75.75v12.5a.75.75 0 0 1-.75.75h-2.5a.75.75 0 0 1 0-1.5h1.75v-2h-8a1 1 0 0 0-.714 1.7.75.75 0 1 1-1.072 1.05A2.495 2.495 0 0 1 2 11.5Zm10.5-1h-8a1 1 0 0 0-1 1v6.708A2.486 2.486 0 0 1 4.5 9h8ZM5 12.25a.25.25 0 0 1 .25-.25h3.5a.25.25 0 0 1 .25.25v3.25a.25.25 0 0 1-.4.2l-1.45-1.087a.249.249 0 0 0-.3 0L5.4 15.7a.25.25 0 0 1-.4-.2Z"></path>
</svg>
      <svg title="Project" aria-label="Project" role="img" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-project js-jump-to-octicon-project d-none flex-shrink-0">
    <path d="M1.75 0h12.5C15.216 0 16 .784 16 1.75v12.5A1.75 1.75 0 0 1 14.25 16H1.75A1.75 1.75 0 0 1 0 14.25V1.75C0 .784.784 0 1.75 0ZM1.5 1.75v12.5c0 .138.112.25.25.25h12.5a.25.25 0 0 0 .25-.25V1.75a.25.25 0 0 0-.25-.25H1.75a.25.25 0 0 0-.25.25ZM11.75 3a.75.75 0 0 1 .75.75v7.5a.75.75 0 0 1-1.5 0v-7.5a.75.75 0 0 1 .75-.75Zm-8.25.75a.75.75 0 0 1 1.5 0v5.5a.75.75 0 0 1-1.5 0ZM8 3a.75.75 0 0 1 .75.75v3.5a.75.75 0 0 1-1.5 0v-3.5A.75.75 0 0 1 8 3Z"></path>
</svg>
      <svg title="Search" aria-label="Search" role="img" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-search js-jump-to-octicon-search d-none flex-shrink-0">
    <path d="M10.68 11.74a6 6 0 0 1-7.922-8.982 6 6 0 0 1 8.982 7.922l3.04 3.04a.749.749 0 0 1-.326 1.275.749.749 0 0 1-.734-.215ZM11.5 7a4.499 4.499 0 1 0-8.997 0A4.499 4.499 0 0 0 11.5 7Z"></path>
</svg>
    </div>

    <img class="avatar mr-2 flex-shrink-0 js-jump-to-suggestion-avatar d-none" alt="" aria-label="Team" src="" width="28" height="28">

    <div class="jump-to-suggestion-name js-jump-to-suggestion-name flex-auto overflow-hidden text-left no-wrap css-truncate css-truncate-target">
    </div>

    <div class="border rounded-2 flex-shrink-0 color-bg-subtle px-1 color-fg-muted ml-1 f6 d-none js-jump-to-badge-search">
      <span class="js-jump-to-badge-search-text-default d-none" aria-label="in all of GitHub">
        Search
      </span>
      <span class="js-jump-to-badge-search-text-global d-none" aria-label="in all of GitHub">
        All GitHub
      </span>
      <span aria-hidden="true" class="d-inline-block ml-1 v-align-middle">↵</span>
    </div>

    <div aria-hidden="true" class="border rounded-2 flex-shrink-0 color-bg-subtle px-1 color-fg-muted ml-1 f6 d-none d-on-nav-focus js-jump-to-badge-jump">
      Jump to
      <span class="d-inline-block ml-1 v-align-middle">↵</span>
    </div>
  </a>
        </li>
        <li class="d-flex flex-justify-start flex-items-center p-0 f5 navigation-item js-navigation-item js-jump-to-global-search d-none" role="option">
          <a tabindex="-1" class="no-underline d-flex flex-auto flex-items-center jump-to-suggestions-path js-jump-to-suggestion-path js-navigation-open p-2" href="" data-item-type="global_search">
    <div class="jump-to-octicon js-jump-to-octicon flex-shrink-0 mr-2 text-center d-none">
      <svg title="Repository" aria-label="Repository" role="img" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-repo js-jump-to-octicon-repo d-none flex-shrink-0">
    <path d="M2 2.5A2.5 2.5 0 0 1 4.5 0h8.75a.75.75 0 0 1 .75.75v12.5a.75.75 0 0 1-.75.75h-2.5a.75.75 0 0 1 0-1.5h1.75v-2h-8a1 1 0 0 0-.714 1.7.75.75 0 1 1-1.072 1.05A2.495 2.495 0 0 1 2 11.5Zm10.5-1h-8a1 1 0 0 0-1 1v6.708A2.486 2.486 0 0 1 4.5 9h8ZM5 12.25a.25.25 0 0 1 .25-.25h3.5a.25.25 0 0 1 .25.25v3.25a.25.25 0 0 1-.4.2l-1.45-1.087a.249.249 0 0 0-.3 0L5.4 15.7a.25.25 0 0 1-.4-.2Z"></path>
</svg>
      <svg title="Project" aria-label="Project" role="img" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-project js-jump-to-octicon-project d-none flex-shrink-0">
    <path d="M1.75 0h12.5C15.216 0 16 .784 16 1.75v12.5A1.75 1.75 0 0 1 14.25 16H1.75A1.75 1.75 0 0 1 0 14.25V1.75C0 .784.784 0 1.75 0ZM1.5 1.75v12.5c0 .138.112.25.25.25h12.5a.25.25 0 0 0 .25-.25V1.75a.25.25 0 0 0-.25-.25H1.75a.25.25 0 0 0-.25.25ZM11.75 3a.75.75 0 0 1 .75.75v7.5a.75.75 0 0 1-1.5 0v-7.5a.75.75 0 0 1 .75-.75Zm-8.25.75a.75.75 0 0 1 1.5 0v5.5a.75.75 0 0 1-1.5 0ZM8 3a.75.75 0 0 1 .75.75v3.5a.75.75 0 0 1-1.5 0v-3.5A.75.75 0 0 1 8 3Z"></path>
</svg>
      <svg title="Search" aria-label="Search" role="img" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-search js-jump-to-octicon-search d-none flex-shrink-0">
    <path d="M10.68 11.74a6 6 0 0 1-7.922-8.982 6 6 0 0 1 8.982 7.922l3.04 3.04a.749.749 0 0 1-.326 1.275.749.749 0 0 1-.734-.215ZM11.5 7a4.499 4.499 0 1 0-8.997 0A4.499 4.499 0 0 0 11.5 7Z"></path>
</svg>
    </div>

    <img class="avatar mr-2 flex-shrink-0 js-jump-to-suggestion-avatar d-none" alt="" aria-label="Team" src="" width="28" height="28">

    <div class="jump-to-suggestion-name js-jump-to-suggestion-name flex-auto overflow-hidden text-left no-wrap css-truncate css-truncate-target">
    </div>

    <div class="border rounded-2 flex-shrink-0 color-bg-subtle px-1 color-fg-muted ml-1 f6 d-none js-jump-to-badge-search">
      <span class="js-jump-to-badge-search-text-default d-none" aria-label="in all of GitHub">
        Search
      </span>
      <span class="js-jump-to-badge-search-text-global d-none" aria-label="in all of GitHub">
        All GitHub
      </span>
      <span aria-hidden="true" class="d-inline-block ml-1 v-align-middle">↵</span>
    </div>

    <div aria-hidden="true" class="border rounded-2 flex-shrink-0 color-bg-subtle px-1 color-fg-muted ml-1 f6 d-none d-on-nav-focus js-jump-to-badge-jump">
      Jump to
      <span class="d-inline-block ml-1 v-align-middle">↵</span>
    </div>
  </a>
        </li>
      </ul>
    </div>
  </label>
</form>

GET /advisories

<form class="d-flex flex-column flex-md-row mb-3 mt-3 mt-lg-0" data-pjax="true" data-turbo="false" action="/advisories" accept-charset="UTF-8" method="get">
  <div class="subnav-search flex-auto d-flex mx-0">
    <input aria-label="Search by CVE/GHSA ID, package, severity, ecosystem, credit…" placeholder="Search by CVE/GHSA ID, package, severity, ecosystem, credit…" autocapitalize="off" autocomplete="off"
      class="form-control input-block flex-auto input-lg subnav-search-input" spellcheck="false" type="text" name="query" value="">
    <svg aria-hidden="true" height="16" viewBox="0 0 16 16" version="1.1" width="16" data-view-component="true" class="octicon octicon-search subnav-search-icon">
      <path d="M10.68 11.74a6 6 0 0 1-7.922-8.982 6 6 0 0 1 8.982 7.922l3.04 3.04a.749.749 0 0 1-.326 1.275.749.749 0 0 1-.734-.215ZM11.5 7a4.499 4.499 0 1 0-8.997 0A4.499 4.499 0 0 0 11.5 7Z"></path>
    </svg>
  </div>
  <button type="submit" data-view-component="true" class="flex-shrink-0 btn ml-md-2 mt-2 mt-md-0 d-lg-none"> Search </button>
</form>

Text Content

Skip to content
Toggle navigation
Sign up

GitHub Advisory Database
 * Product
    * Actions
      Automate any workflow
    * Packages
      Host and manage packages
    * Security
      Find and fix vulnerabilities
    * Codespaces
      Instant dev environments
    * Copilot
      Write better code with AI
    * Code review
      Manage code changes
    * Issues
      Plan and track work
    * Discussions
      Collaborate outside of code
   
   Explore
    * All features
    * Documentation
    * GitHub Skills
    * Blog

 * Solutions
   For
    * Enterprise
    * Teams
    * Startups
    * Education
   
   By Solution
    * CI/CD & Automation
    * DevOps
    * DevSecOps
   
   Case Studies
    * Customer Stories
    * Resources

 * Open Source
    * GitHub Sponsors
      Fund open source developers
   
    * The ReadME Project
      GitHub community articles
   
   Repositories
    * Topics
    * Trending
    * Collections

 * Pricing

 * Search All GitHub ↵
   Jump to ↵

 * No suggested jump to results

 * Search All GitHub ↵
   Jump to ↵
 * Search All GitHub ↵
   Jump to ↵
 * Search All GitHub ↵
   Jump to ↵

Sign in
Sign up
You signed in with another tab or window. Reload to refresh your session. You
signed out in another tab or window. Reload to refresh your session. You
switched accounts on another tab or window. Reload to refresh your session.

{{ message }}


GITHUB ADVISORY DATABASE

Security vulnerability database inclusive of CVEs and GitHub originated security
advisories from the world of open source software.


GITHUB REVIEWED ADVISORIES

 * All reviewed 12,643
 * Composer 1,620
 * Erlang 21
 * GitHub Actions 10
 * Go 1,072
 * Maven 3,607
 * npm 3,020
 * NuGet 293
 * pip 1,745
 * Pub 5
 * RubyGems 703
 * Rust 627
 * Swift 25


UNREVIEWED ADVISORIES

 * All unreviewed 191,708

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not
connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories


FILTER ADVISORIES

GitHub reviewed advisories
All reviewed
5,000+
Composer
1,620
Erlang
21
GitHub Actions
10
Go
1,072
Maven
3,607
npm
3,020
NuGet
293
pip
1,745
Pub
5
RubyGems
703
Rust
627
Swift
25
Unreviewed advisories
All unreviewed
5,000+

Search


12,643 ADVISORIES

Filter by severity Filter by CWE Sort by
Severity
Filter by severity
All severities
Low
Moderate
High
Critical
CWE
Sort
Sort by
Newest
Oldest
Recently updated
Least recently updated
Silver vulnerable to MitM attack against implants due to a cryptography
vulnerability High
CVE-2023-35170 was published for github.com/bishopfox/sliver (Go) Jun 21, 2023
`openssl` `X509VerifyParamRef::set_host` buffer over-read Moderate
GHSA-xcf7-rvmh-g6q4 was published for openssl (Rust) Jun 21, 2023
Livebook Desktop's protocol handler can be exploited to execute arbitrary
command on Windows High
CVE-2023-35174 was published for livebook (Erlang) Jun 21, 2023

memoffset allows reading uninitialized memory Moderate
GHSA-wfg4-322g-9vqv was published for memoffset (Rust) Jun 21, 2023
passport-wsfed-saml2 Signature Bypass vulnerability High
GHSA-5wrg-8fxp-cx9r was published for passport-wsfed-saml2 (npm) Jun 21, 2023
Backstage Scaffolder plugin has insecure sandbox High
CVE-2023-35926 was published for @backstage/plugin-scaffolder-backend (npm) Jun
21, 2023
passport-wsfed-saml2 vulnerable to Signature Bypass in SAML2 token High
CVE-2017-16897 was published for passport-wsfed-saml2 (npm) Jun 21, 2023
php-imap vulnerable to RCE through a directory traversal vulnerability Critical
CVE-2023-35169 was published for webklex/laravel-imap (Composer) Jun 21, 2023

urlnorm vulnerable to Regular Expression Denial of Service Moderate
CVE-2023-33289 was published for urlnorm (Rust) Jun 21, 2023
Tauri vulnerable to Regression on Filesystem Scope Checks for Dotfiles Moderate
CVE-2023-34460 was published for tauri (Rust) Jun 21, 2023

Broadleaf vulnerable to Cross-site Scripting Moderate
CVE-2023-33725 was published for org.broadleafcommerce:broadleaf (Maven) Jun 21,
2023
Apache Tomcat vulnerable to information leak Moderate
CVE-2023-34981 was published for org.apache.tomcat:tomcat (Maven) Jun 21, 2023
Apache Accumulo Improper Authentication vulnerability Moderate
CVE-2023-34340 was published for org.apache.accumulo:accumulo-shell (Maven) Jun
21, 2023
XWiki Platform vulnerable to privilege escalation (PR) from account through
TipsPanel Critical
CVE-2023-35166 was published for org.xwiki.platform:xwiki-platform-help-ui
(Maven) Jun 20, 2023
When setting EntityOptions.apiPrefilter to a function, the filter is not applied
to API requests for a resource by Id Moderate
CVE-2023-35167 was published for remult (npm) Jun 20, 2023

XPlatform Wiki vulnerable to cross-site scripting via xcontinue parameter in
previewactions template Critical
CVE-2023-35162 was published for
org.xwiki.platform:xwiki-platform-flamingo-skin-resources (Maven) Jun 20, 2023
XWiki Platform vulnerable to cross-site scripting in target parameter via share
page by email High
CVE-2023-35155 was published for org.xwiki.platform:xwiki-platform-sharepage-api
(Maven) Jun 20, 2023
XWiki Platform vulnerable to stored cross-site scripting in ClassEditSheet page
via name parameters Critical
CVE-2023-35153 was published for
org.xwiki.platform:xwiki-platform-appwithinminutes-ui (Maven) Jun 20, 2023

XWiki Platform vulnerable to privilege escalation (PR) from account through like
LiveTableResults Critical
CVE-2023-35152 was published for org.xwiki.platform:xwiki-platform-like-ui
(Maven) Jun 20, 2023
XWiki Platform may show email addresses in clear in REST results High
CVE-2023-35151 was published for org.xwiki.platform:xwiki-platform-rest-server
(Maven) Jun 20, 2023
XWiki Platform vulnerable to privilege escalation (PR) from view right via
Invitation application Critical
CVE-2023-35150 was published for org.xwiki.platform:xwiki-platform-invitation-ui
(Maven) Jun 20, 2023
XWiki Platform may retrieve email addresses of all users High
CVE-2023-34467 was published for org.xwiki.platform:xwiki-platform-livetable-ui
(Maven) Jun 20, 2023

XWiki Platform's tags on non-viewable pages can be revealed to users Moderate
CVE-2023-34466 was published for org.xwiki.platform:xwiki-platform-tag-api
(Maven) Jun 20, 2023
XWiki Platform's Mail.MailConfig can be edited by any user with edit rights
Critical
CVE-2023-34465 was published for
org.xwiki.platform:xwiki-platform-mail-send-default (Maven) Jun 20, 2023
XWiki vulnerable to stored cross-site scripting via any wiki document and the
displaycontent/rendercontent template Critical
CVE-2023-34464 was published for org.xwiki.platform:xwiki-platform-web (Maven)
Jun 20, 2023
Previous 1 2 3 4 5 … 399 400 Next
ProTip! Advisories are also available from the GraphQL API


FOOTER

© 2023 GitHub, Inc.


FOOTER NAVIGATION

 * Terms
 * Privacy
 * Security
 * Status
 * Docs
 * Contact GitHub
 * Pricing
 * API
 * Training
 * Blog
 * About


You can’t perform that action at this time.