Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

33 advisories

Loading
Local Temp Directory Hijacking Vulnerability High
CVE-2020-27216 was published for org.eclipse.jetty:jetty-webapp (Maven) Nov 4, 2020
JLLeitschuh timtebeek
TemporaryFolder on unix-like systems does not limit access to created files Moderate
CVE-2020-15250 was published for junit:junit (Maven) Oct 12, 2020
JLLeitschuh
Improper Neutralization of CRLF Sequences in HTTP Headers in Jooby ('HTTP Response Splitting) Critical
CVE-2020-7622 was published for io.jooby:jooby-netty (Maven) Apr 3, 2020
JLLeitschuh
Micronaut's HTTP client is vulnerable to HTTP Request Header Injection Critical
CVE-2020-7611 was published for io.micronaut:micronaut-http-client (Maven) Mar 30, 2020
JLLeitschuh
HTTP Response Splitting in Styx Moderate
CVE-2020-6858 was published for com.hotels.styx:styx-api (Maven) Mar 3, 2020
JLLeitschuh
XML external entity (XXE) processing ('external-parameter-entities' feature was not fully disabled)) Moderate
CVE-2019-10782 was published for com.puppycrawl.tools:checkstyle (Maven) Jan 31, 2020
JLLeitschuh
Default development error handler in Ratpack is vulnerable to HTML content injection (XSS) Moderate
CVE-2019-10770 was published for io.ratpack:ratpack-core (Maven) Jan 27, 2020
JLLeitschuh
Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') in Armeria Moderate
GHSA-35fr-h7jr-hh86 was published for com.linecorp.armeria:armeria (Maven) Dec 6, 2019
JLLeitschuh
ProTip! Advisories are also available from the GraphQL API