Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

43 advisories

Loading
~/.config/apport/settings parsing is vulnerable to "billion laughs" attack Moderate Unreviewed
CVE-2022-28652 was published Jun 5, 2024
SilverStripe framework XML Quadratic Blowup Attack Moderate
GHSA-g43w-98wp-m694 was published for silverstripe/framework (Composer) May 23, 2024
LangChain's XMLOutputParser vulnerable to XML Entity Expansion Moderate
CVE-2024-1455 was published for langchain-core (pip) Mar 26, 2024
eyurtsev
Withdrawn Advisory: dom4j XML Entity Expansion vulnerability Moderate
CVE-2023-45960 was published for org.dom4j:dom4j (Maven) Oct 25, 2023 withdrawn
carlosame
Quadratic blowup in Convert::xml2array() Moderate
CVE-2021-41559 was published for silverstripe/framework (Composer) Jun 29, 2022
The Dashboard Editor in Hitachi Vantara Pentaho through 7.x - 8.x contains an XML Entity... Moderate Unreviewed
CVE-2020-24665 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API