Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

6 advisories

Loading
QOS.CH logback-core Expression Language Injection vulnerability Moderate
CVE-2024-12798 was published for ch.qos.logback:logback-core (Maven) Dec 19, 2024
HTHou perexis
GoetzGoerisch
TYPO3 CMS vulnerable to Sensitive Information Disclosure via YAML Placeholder Expressions in Site Configuration Moderate
CVE-2022-23504 was published for typo3/cms (Composer) Dec 13, 2022
ohader darth-hader
Spring Framework vulnerable to denial of service via specially crafted SpEL expression Moderate
CVE-2023-20861 was published for org.springframework:spring-expression (Maven) Mar 23, 2023
amita-seal sunSUNQ
Apache Tiles Vulnerable to XSS via EL Expression Injection Moderate
CVE-2009-1275 was published for org.apache.tiles:tiles-core (Maven) May 2, 2022
Arbitrary javascript injection in Apache Jena Moderate
CVE-2023-22665 was published for org.apache.jena:jena (Maven) Apr 25, 2023
Improper Input Validation in Jakarta Expression Language Moderate
CVE-2021-28170 was published for com.sun.el:el-ri (Maven) Oct 6, 2021
ProTip! Advisories are also available from the GraphQL API