GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
52 advisories
RoadRunner is at risk of HTTP Request/Response Smuggling through vulnerable dependency
Critical
CVE-2025-22871
was published
for
spiral/roadrunner
(Composer)
Apr 8, 2025
Microsoft Security Advisory CVE-2025-55315: .NET Security Feature Bypass Vulnerability
Critical
CVE-2025-55315
was published
for
Microsoft.AspNetCore.App.Runtime.linux-arm
(NuGet)
Oct 14, 2025
HTTP Request Smuggling in Netty
Critical
CVE-2019-20444
was published
for
io.netty:netty
(Maven)
Feb 21, 2020
h11 accepts some malformed Chunked-Encoding bodies
Critical
CVE-2025-43859
was published
for
h11
(pip)
Apr 24, 2025
X-Forwarded-For header allows brute-forcing autoblocked IP addresses
Critical
CVE-2023-29141
was published
for
mediawiki/core
(Composer)
Mar 31, 2023
Waitress has request processing race condition in HTTP pipelining with invalid first request
Critical
CVE-2024-49768
was published
for
waitress
(pip)
Oct 29, 2024
Inconsistent Interpretation of HTTP Requests in twisted.web
Critical
CVE-2022-24801
was published
for
twisted
(pip)
Apr 4, 2022
Insufficient Protection against HTTP Request Smuggling in mitmproxy
Critical
CVE-2022-24766
was published
for
mitmproxy
(pip)
Mar 22, 2022
Lacking Protection against HTTP Request Smuggling in mitmproxy
Critical
CVE-2021-39214
was published
for
mitmproxy
(pip)
Sep 20, 2021
HTTP Handling Vulnerability in the Bare server
Critical
CVE-2024-27922
was published
for
@tomphttp/bare-server-node
(npm)
Mar 5, 2024
ProTip!
Advisories are also available from the
GraphQL API