GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
3 advisories
SnakeYaml Constructor Deserialization Remote Code Execution
High
CVE-2022-1471
was published
for
org.yaml:snakeyaml
(Maven)
Dec 12, 2022
Improper validation of certificate with host mismatch in Apache Log4j SMTP appender
Low
CVE-2020-9488
was published
for
org.apache.logging.log4j:log4j
(Maven)
Jun 5, 2020
Denial of Service (DoS) in Jackson Dataformat CBOR
High
CVE-2020-28491
was published
for
com.fasterxml.jackson.dataformat:jackson-dataformat-cbor
(Maven)
Dec 9, 2021
ProTip!
Advisories are also available from the
GraphQL API