GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
10 advisories
Apache Struts Extras Before 2 has an Improper Output Neutralization for Logs Vulnerability
Moderate
CVE-2025-54656
was published
for
org.apache.struts:struts-extras
(Maven)
Jul 30, 2025
Apache Commons FileUpload, Apache Commons FileUpload: FileUpload DoS via part headers
High
CVE-2025-48976
was published
for
commons-fileupload:commons-fileupload
(Maven)
Jun 16, 2025
Spring Framework DataBinder Case Sensitive Match Exception
Low
CVE-2025-22233
was published
for
org.springframework:spring-context
(Maven)
May 16, 2025
Querydsl vulnerable to HQL injection through orderBy
High
CVE-2024-49203
was published
for
com.querydsl:querydsl-apt
(Maven)
Nov 27, 2024
Apache Tiles: Unvalidated input may lead to path traversal and XXE
High
CVE-2023-49735
was published
for
org.apache.struts:struts-tiles
(Maven)
Dec 1, 2023
Denial of service in jackson-dataformat-toml
High
CVE-2023-3894
was published
for
com.fasterxml.jackson.dataformat:jackson-dataformat-toml
(Maven)
Aug 8, 2023
Apache Struts vulnerable to memory exhaustion
High
CVE-2023-34396
was published
for
org.apache.struts:struts-core
(Maven)
Jun 14, 2023
Improper Input Validation in Apache Struts
High
CVE-2015-0899
was published
for
org.apache.struts:struts-core
(Maven)
May 14, 2022
Improper Input Validation in Apache Struts
High
CVE-2016-1181
was published
for
org.apache.struts:struts-core
(Maven)
May 13, 2022
Improper Input Validation in Apache Struts
High
CVE-2016-1182
was published
for
org.apache.struts:struts-core
(Maven)
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API