Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

5 advisories

Loading
KaTeX missing normalization of the protocol in URLs allows bypassing forbidden protocols Moderate
CVE-2024-28246 was published for katex (npm) Mar 25, 2024
7085 edemaine
jupenur
Apache NiFi Insufficient Property Validation vulnerability Moderate
CVE-2023-40037 was published for org.apache.nifi:nifi-dbcp-base (Maven) Aug 19, 2023
Cortex's Alertmanager can expose local files content via specially crafted config Moderate
CVE-2022-23536 was published for github.com/cortexproject/cortex (Go) Dec 19, 2022
aus
Incomplete List of Disallowed Inputs in Kubernetes Moderate
CVE-2021-25737 was published for k8s.io/kubernetes (Go) Sep 7, 2021
Incomplete List of Disallowed Inputs in Jenkins Moderate
CVE-2017-2602 was published for org.jenkins-ci.main:jenkins-core (Maven) May 13, 2022
ProTip! Advisories are also available from the GraphQL API