Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

13 advisories

Loading
Bad documentation of error handling in ParseWithClaims can lead to potentially dangerous situations Low
CVE-2024-51744 was published for github.com/golang-jwt/jwt/v4 (Go) Nov 4, 2024
yuligesec
Valid ECDSA signatures erroneously rejected in Elliptic Low
CVE-2024-48948 was published for elliptic (npm) Oct 15, 2024
martincostello IchordeDionysos
Elliptic's verify function omits uniqueness validation Low
CVE-2024-48949 was published for elliptic (npm) Oct 10, 2024
Markus-MS
druid-pac4j, Apache Druid extension, has Padding Oracle vulnerability Low
CVE-2024-45384 was published for org.apache.druid.extensions:druid-pac4j (Maven) Sep 17, 2024
Elliptic allows BER-encoded signatures Low
CVE-2024-42461 was published for elliptic (npm) Aug 2, 2024
BlazingWizard
Elliptic's EDDSA missing signature length check Low
CVE-2024-42459 was published for elliptic (npm) Aug 2, 2024
BlazingWizard
Keycloak vulnerable to impersonation via logout token exchange Low
CVE-2023-0657 was published for org.keycloak:keycloak-services (Maven) Apr 17, 2024
Microsoft Edge (Chromium-based) Spoofing Vulnerability Low Unreviewed
CVE-2024-21383 was published Jan 26, 2024
Incorrect signature verification in django-ses Low
CVE-2023-33185 was published for django-ses (pip) May 22, 2023
josephsurin
ProTip! Advisories are also available from the GraphQL API