The Wayback Machine - http://web.archive.org/web/20210512001401/https://github.com/advisories
Skip to content

GitHub Advisory Database

3,802 advisories

Creation of Temporary File in Directory with Insecure Permissions in auto-generated Java, Scala code
CVE-2021-21430 (Moderate severity) was published May 11, 2021 org.openapitools:openapi-generator (Maven)
JLLeitschuh
Creation of Temporary File in Directory with Insecure Permissions in the OpenAPI-Generator online generator
CVE-2021-21428 (High severity) was published May 11, 2021 org.openapitools:openapi-generator-online (Maven)
JLLeitschuh
Command injection in get-git-data
CVE-2020-7619 (High severity) was published May 10, 2021 get-git-data (npm)
Prototype Pollution in tiny-conf
CVE-2020-7724 (Critical severity) was published May 10, 2021 tiny-conf (npm)
Command Injection in geojson2kml
CVE-2020-28429 (Critical severity) was published May 10, 2021 geojson2kml (npm)
Incorrect Authorization in Spring Cloud Netflix Zuul
CVE-2021-22113 (Moderate severity) was published May 10, 2021 org.springframework.cloud:spring-cloud-netflix-zuul (Maven)
Injection in pomelo-monitor
CVE-2020-7620 (High severity) was published May 10, 2021 pomelo-monitor (npm)
Cross-site Scripting in quill
CVE-2021-3163 (Moderate severity) was published May 10, 2021 quill (npm)
Command Injection in @theia/messages
CVE-2021-28162 (Moderate severity) was published May 10, 2021 @theia/messages (npm)
Prototype Pollution in swiper
CVE-2021-23370 (Critical severity) was published May 10, 2021 swiper (npm)
Regular Expression Denial of Service in postcss
CVE-2021-23368 (Moderate severity) was published May 10, 2021 postcss (npm)
Improper permission handling in Apache Solr
CVE-2021-29262 (High severity) was published May 10, 2021 org.apache.solr:solr-core (Maven)
Path traversal in servey
CVE-2020-8214 (High severity) was published May 7, 2021 servey (npm)
Improper Handling of Highly Compressed Data (Data Amplification) and Memory Allocation with Excessive Size Value in eventlet
CVE-2021-21419 (Moderate severity) was published May 7, 2021 eventlet (pip)
Deserialization of Untrusted Data in bson
CVE-2020-7610 (High severity) was published May 7, 2021 bson (npm)
Buffer overflow in canvas
CVE-2020-8215 (High severity) was published May 7, 2021 canvas (npm)
Path Traversal in marscode
CVE-2020-7681 (High severity) was published May 7, 2021 marscode (npm)
Command Injection in picotts
CVE-2021-23378 (Critical severity) was published May 7, 2021 picotts (npm)
Command Injection in onion-oled-js
CVE-2021-23377 (Critical severity) was published May 7, 2021 onion-oled-js (npm)
Command Injection in ps-visitor
CVE-2021-23374 (Critical severity) was published May 7, 2021 ps-visitor (npm)
SQL Injection in odata4j
CVE-2016-11024 (High severity) was published May 7, 2021 org.odata4j:odata4j-core (Maven)
SQL Injection in odata4j
CVE-2016-11023 (High severity) was published May 7, 2021 org.odata4j:odata4j-core (Maven)
Improper Input Validation in Google Closure Library
CVE-2020-8910 (Moderate severity) was published May 7, 2021 google-closure-library (npm)
Improper Authentication in Apache Shiro
CVE-2020-11989 (High severity) was published May 7, 2021 org.apache.shiro:shiro-core (Maven)
Improper Authentication in Apache Shiro
CVE-2020-1957 (High severity) was published May 7, 2021 org.apache.shiro:shiro-core (Maven)
ProTip! Advisories are also available from the GraphQL API