GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
28 advisories
AsyncHttpClient (AHC) library's `CookieStore` replaces explicitly defined `Cookie`s
Critical
CVE-2024-53990
was published
for
org.asynchttpclient:async-http-client
(Maven)
Dec 2, 2024
OpenAM vulnerable to user impersonation using SAMLv1.x SSO process
Critical
CVE-2023-37471
was published
for
org.openidentityplatform.openam:openam-federation-library
(Maven)
Jul 20, 2023
Authentication cache in Active Directory Jenkins Plugin allows logging in with any password
Critical
CVE-2020-2301
was published
for
org.jenkins-ci.plugins:active-directory
(Maven)
May 24, 2022
Improper Authentication in Jenkins Active Directory Plugin
Critical
CVE-2020-2299
was published
for
org.jenkins-ci.plugins:active-directory
(Maven)
May 24, 2022
Improper Authentication (empty password) in Jenkins Active Directory Plugin
Critical
CVE-2020-2300
was published
for
org.jenkins-ci.plugins:active-directory
(Maven)
May 24, 2022
Improper Authentication in Apache ShenYu Admin
Critical
CVE-2021-37580
was published
for
org.apache.shenyu:shenyu-admin
(Maven)
Nov 17, 2021
Authorization Bypass in Spring Security
Critical
CVE-2014-3527
was published
for
org.springframework.security:spring-security-core
(Maven)
Sep 15, 2020
ProTip!
Advisories are also available from the
GraphQL API