GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
25 advisories
Crayfish Allows Remote Code Execution via hypercube X-Islandora-Args Header
Critical
GHSA-c2p2-hgjg-9r3f
was published
for
islandora/crayfish
(Composer)
Feb 12, 2025
Crayfish allows Remote Code Execution via Homarus Authorization header
Critical
CVE-2025-25286
was published
for
islandora/crayfish
(Composer)
Jan 15, 2025
jte's HTML templates containing Javascript template strings are subject to XSS
Moderate
CVE-2025-23026
was published
for
gg.jte:jte
(Maven)
Jan 13, 2025
Jinja has a sandbox breakout through malicious filenames
Moderate
CVE-2024-56201
was published
for
jinja2
(pip)
Dec 23, 2024
gitoxide-core does not neutralize special characters for terminals
Low
CVE-2024-43785
was published
for
gitoxide
(Rust)
Aug 22, 2024
Deno's deno_runtime vulnerable to interactive permission prompt spoofing via improper ANSI stripping
High
CVE-2024-27936
was published
for
deno
(Rust)
Mar 5, 2024
Interactive `run` permission prompt spoofing via improper ANSI neutralization
High
CVE-2023-28446
was published
for
deno
(Rust)
Mar 24, 2023
Possible shell escape sequence injection vulnerability in Rack
Critical
CVE-2022-30123
was published
for
rack
(RubyGems)
May 27, 2022
kubectl ANSI escape characters not filtered
Low
CVE-2021-25743
was published
for
k8s.io/kubernetes
(Go)
Jan 8, 2022
Control character injection in console output in github.com/ipfs/go-ipfs
Moderate
CVE-2020-26283
was published
for
github.com/ipfs/go-ipfs
(Go)
Jun 23, 2021
ProTip!
Advisories are also available from the
GraphQL API