GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
757 advisories
Code execution via deserialization in org.apache.ignite:ignite-core
Critical
CVE-2018-8018
was published
for
org.apache.ignite:ignite-core
(Maven)
Oct 16, 2018
Apache Struts 2.0.1 uses an unintentional expression in a Freemarker tag instead of string literal
Critical
CVE-2017-12611
was published
for
org.apache.struts:struts2-core
(Maven)
Oct 16, 2018
FasterXML jackson-databind allows unauthenticated remote code execution
Critical
CVE-2018-7489
was published
for
com.fasterxml.jackson.core:jackson-databind
(Maven)
Oct 16, 2018
Apache Camel's camel-snakeyaml component is vulnerable to Java object de-serialization
Critical
CVE-2017-3159
was published
for
org.apache.camel:camel-snakeyaml
(Maven)
Oct 16, 2018
jackson-databind is vulnerable to a deserialization flaw
Critical
CVE-2017-7525
was published
for
com.fasterxml.jackson.core:jackson-databind
(Maven)
Oct 16, 2018
ProTip!
Advisories are also available from the
GraphQL API