Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

15 advisories

Loading
Access Control Bypass in Spring Security Critical
CVE-2023-34034 was published for org.springframework.security:spring-security-config (Maven) Jul 19, 2023
bbossola furti
SaToken privilege escalation vulnerability Critical
CVE-2023-44794 was published for cn.dev33:sa-token-core (Maven) Oct 25, 2023
Remote code execution in Voyager Critical
CVE-2020-36070 was published for tcg/voyager (Composer) Apr 26, 2023
Object state limitation has no effect Critical
GHSA-5x4f-7xgq-r42x was published for ezsystems/ezpublish-kernel (Composer) Apr 29, 2022
tdunlap607
HashiCorp Vault underlying database had excessively broad filesystem permissions from v1.4.0 until v1.8.0 Critical
CVE-2021-38553 was published for github.com/hashicorp/vault (Go) Aug 30, 2021
avivdolev
Object state limitation has no effect Critical
GHSA-gvj8-4cj4-h776 was published for ibexa/core (Composer) Apr 29, 2022
Object state limitation has no effect Critical
GHSA-w8qp-hmh5-4v9v was published for ezsystems/ezplatform-kernel (Composer) Apr 29, 2022
ProTip! Advisories are also available from the GraphQL API