GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
217 advisories
Webcache Poisoning in symfony/http-kernel
Moderate
CVE-2021-41267
was published
for
symfony/http-kernel
(Composer)
Nov 24, 2021
Puma HTTP Request/Response Smuggling vulnerability
Moderate
CVE-2024-21647
was published
for
puma
(RubyGems)
Jan 8, 2024
@fastify/reply-from JSON Content-Type parsing confusion
Moderate
CVE-2023-51701
was published
for
@fastify/reply-from
(npm)
Jan 8, 2024
aiohttp has vulnerable dependency that is vulnerable to request smuggling
Moderate
GHSA-pjjw-qhg8-p2p9
was published
for
aiohttp
(pip)
Nov 27, 2023
yt-dlp Generic Extractor MITM Vulnerability via Arbitrary Proxy Injection
Moderate
CVE-2023-46121
was published
for
yt-dlp
(pip)
Nov 15, 2023
protocol-http1 HTTP Request/Response Smuggling vulnerability
Moderate
CVE-2023-38697
was published
for
protocol-http1
(RubyGems)
Aug 3, 2023
Puma HTTP Request/Response Smuggling vulnerability
Critical
CVE-2023-40175
was published
for
puma
(RubyGems)
Aug 18, 2023
Micronaut's HTTP client is vulnerable to HTTP Request Header Injection
Critical
CVE-2020-7611
was published
for
io.micronaut:micronaut-http-client
(Maven)
Mar 30, 2020
Apache HTTP Server via mod_proxy_uwsgi HTTP response smuggling
High
CVE-2023-27522
was published
for
uWSGI
(pip)
Mar 7, 2023
ProTip!
Advisories are also available from the
GraphQL API