GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
415 advisories
sigstore-java has vulnerability with bundle verification
Moderate
CVE-2024-53267
was published
for
dev.sigstore:sigstore-java
(Maven)
Nov 26, 2024
Bad documentation of error handling in ParseWithClaims can lead to potentially dangerous situations
Low
CVE-2024-51744
was published
for
github.com/golang-jwt/jwt/v4
(Go)
Nov 4, 2024
Laravel Reverb Missing API Signature Verification
High
CVE-2024-50347
was published
for
laravel/reverb
(Composer)
Oct 31, 2024
Agent Dart is missing certificate verification checks
High
CVE-2024-48915
was published
for
agent_dart
(Pub)
Oct 15, 2024
Valid ECDSA signatures erroneously rejected in Elliptic
Low
CVE-2024-48948
was published
for
elliptic
(npm)
Oct 15, 2024
SSOReady has an XML Signature Bypass via differential XML parsing
Critical
CVE-2024-47832
was published
for
github.com/ssoready/ssoready
(Go)
Oct 11, 2024
Elliptic's verify function omits uniqueness validation
Low
CVE-2024-48949
was published
for
elliptic
(npm)
Oct 10, 2024
ProTip!
Advisories are also available from the
GraphQL API