Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

11 advisories

Loading
Improper Input Validation in Jakarta Expression Language Moderate
CVE-2021-28170 was published for com.sun.el:el-ri (Maven) Oct 6, 2021
Apache Tiles Vulnerable to XSS via EL Expression Injection Moderate
CVE-2009-1275 was published for org.apache.tiles:tiles-core (Maven) May 2, 2022
TYPO3 CMS vulnerable to Sensitive Information Disclosure via YAML Placeholder Expressions in Site Configuration Moderate
CVE-2022-23504 was published for typo3/cms (Composer) Dec 13, 2022
ohader darth-hader
Spring Framework vulnerable to denial of service via specially crafted SpEL expression Moderate
CVE-2023-20861 was published for org.springframework:spring-expression (Maven) Mar 23, 2023
amita-seal sunSUNQ
Arbitrary javascript injection in Apache Jena Moderate
CVE-2023-22665 was published for org.apache.jena:jena (Maven) Apr 25, 2023
ProTip! Advisories are also available from the GraphQL API