Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

95 advisories

Loading
robrichards/xmlseclibs XPath injection High
GHSA-2g98-f9jv-w8c5 was published for robrichards/xmlseclibs (Composer) May 20, 2024
veraPDF has potential XSLT injection vulnerability when using policy files High
CVE-2024-28109 was published for org.verapdf:core (Maven) May 20, 2024
codehaus-plexus vulnerable to XML injection Moderate
CVE-2022-4245 was published for org.codehaus.plexus:plexus-utils (Maven) Sep 25, 2023
ReportLab vulnerable to remote code execution via paraparser Critical
CVE-2019-19450 was published for reportlab (pip) Sep 20, 2023
Withdrawn: ConcreteCMS vulnerable to Xpath injection attacks High
CVE-2022-46464 was published for concrete5/concrete5 (Composer) Dec 6, 2022 withdrawn
LisaCISO
Magento XML Injection vulnerability in the Widgets Module Critical
CVE-2022-34253 was published for magento/community-edition (Composer) Aug 17, 2022
ProTip! Advisories are also available from the GraphQL API