Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,703
NuGet
661
pip
3,329
Pub
11
RubyGems
884
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

52 advisories

Loading
Low severity vulnerability that affects com.linecorp.armeria:armeria Moderate
CVE-2019-16771 was published for com.linecorp.armeria:armeria (Maven) Dec 5, 2019
SunBK201
Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') in Armeria Moderate
GHSA-35fr-h7jr-hh86 was published for com.linecorp.armeria:armeria (Maven) Dec 6, 2019
JLLeitschuh
Limited header injection when using dynamic overrides with user input in RubyGems secure_headers Moderate
CVE-2020-5216 was published for secure_headers (RubyGems) Jan 23, 2020
HTTP Response Splitting in Puma Moderate
CVE-2020-5247 was published for puma (RubyGems) Feb 28, 2020
HTTP Response Splitting (Early Hints) in Puma Moderate
CVE-2020-5249 was published for puma (RubyGems) Mar 3, 2020
Inconsistent Interpretation of HTTP Requests in github.com/gin-gonic/gin High
CVE-2020-28483 was published for github.com/gin-gonic/gin (Go) Jun 23, 2021
HTTP Response Splitting in WSO2 transport-http Moderate
CVE-2019-10797 was published for org.wso2.transport.http:org.wso2.transport.http.netty (Maven) Feb 9, 2022
CRLF injection vulnerability in the drupal_goto function in includes/common.inc Drupal 4.7.x... Moderate Unreviewed
CVE-2007-5595 was published May 1, 2022
phpMyAdmin HTTP Response Splitting Vulnerability High
CVE-2009-1149 was published for phpmyadmin/phpmyadmin (Composer) May 2, 2022
An exploitable HTTP header injection vulnerability exists in the remote servers of Samsung... High Unreviewed
CVE-2018-3911 was published May 13, 2022
Moodle CRLF Injection Vulnerability in Calendar Component Moderate
CVE-2011-4203 was published for moodle/moodle (Composer) May 13, 2022
Improper Neutralization of CRLF Sequences in HTTP Headers in Undertow Moderate
CVE-2018-1067 was published for org.jboss.eap:wildfly-undertow (Maven) May 13, 2022
Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0... Moderate Unreviewed
CVE-2017-17742 was published May 13, 2022
A vulnerability in the Cisco Email Security Appliance (ESA) could allow an unauthenticated,... Moderate Unreviewed
CVE-2017-12309 was published May 13, 2022
Improper Neutralization of CRLF Sequences in HTTP Headers in Apache Tomcat Moderate
CVE-2014-0099 was published for org.apache.tomcat:tomcat (Maven) May 14, 2022
sunSUNQ
HTTP header injection vulnerability in SEIKO EPSON printers and scanners (DS-570W firmware... High Unreviewed
CVE-2018-0689 was published May 14, 2022
CRLF injection vulnerability in the HTTPConnection.putheader function in urllib2 and urllib in... Moderate Unreviewed
CVE-2016-5699 was published May 14, 2022
The YunoHost 2.7.2 through 2.7.14 web application is affected by one HTTP Response Header... High Unreviewed
CVE-2018-11347 was published May 14, 2022
HTTP header injection vulnerability in i-FILTER Ver.9.50R05 and earlier may allow remote... Moderate Unreviewed
CVE-2018-16181 was published May 14, 2022
Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting')... High Unreviewed
CVE-2018-7830 was published May 14, 2022
Monstra CMS V3.0.4 allows HTTP header injection in the plugins/captcha/crypt/cryptographp.php cfg... Moderate Unreviewed
CVE-2018-16979 was published May 14, 2022
CRLF injection vulnerability in the ServerResponse#writeHead function in Node.js 0.10.x before 0... Moderate Unreviewed
CVE-2016-5325 was published May 14, 2022
IBM Security Guardium 10.0 is vulnerable to HTTP response splitting attacks. A remote attacker... Moderate Unreviewed
CVE-2017-1262 was published May 14, 2022
HTTP header injection in the httpd package in fli4l before 3.10.1 and 4.0 before 2015-01-30. High Unreviewed
CVE-2015-1445 was published May 17, 2022
Improper neutralization of CRLF sequences in HTTP headers vulnerability in Intel Security... High Unreviewed
CVE-2016-8024 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database