GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
64 advisories
Filter by severity
Mail Gem CRLF Injection vulnerability
Moderate
CVE-2015-9097
was published
for
mail
(RubyGems)
Oct 24, 2017
Gunicorn contains Improper Neutralization of CRLF sequences in HTTP headers
High
CVE-2018-1000164
was published
for
gunicorn
(pip)
Jul 12, 2018
Moderate severity vulnerability that affects io.vertx:vertx-core
Moderate
CVE-2018-12537
was published
for
io.vertx:vertx-core
(Maven)
Oct 19, 2018
CRLF vulnerability in Fiber
Moderate
CVE-2020-15111
was published
for
github.com/gofiber/fiber
(Go)
Jun 29, 2021
Headers containing newline characters can split messages in hyper
Moderate
CVE-2017-18587
was published
for
hyper
(Rust)
Aug 25, 2021
Cachet vulnerable to new line injection during configuration edition
High
CVE-2021-39172
was published
for
cachethq/cachet
(Composer)
Aug 30, 2021
phpservermon is vulnerable to CRLF Injection
Moderate
CVE-2021-4097
was published
for
phpservermon/phpservermon
(Composer)
Dec 16, 2021
CRLF Injection in microweber
High
CVE-2022-0666
was published
for
microweber/microweber
(Composer)
Feb 19, 2022
CRLF injection vulnerability in phpMyVisites before 2.2 allows remote attackers to inject...
High
Unreviewed
CVE-2007-0892
was published
May 1, 2022
Joomla! vulnerable to CRLF injection
Moderate
CVE-2007-4190
was published
for
joomla/application
(Composer)
May 1, 2022
CRLF injection vulnerability in the web-based management (WBM) interface in Unify (former Siemens...
Moderate
Unreviewed
CVE-2014-9563
was published
May 13, 2022
Improper Neutralization of CRLF Sequences in urllib3 library for Python
Moderate
CVE-2019-11236
was published
for
urllib3
(pip)
May 13, 2022
Possible CRLF injection allowing HTTP response splitting attacks for sites which use mod_userdir....
Moderate
Unreviewed
CVE-2016-4975
was published
May 13, 2022
An issue was discovered in net/http in Go 1.11.5. CRLF injection is possible if the attacker...
Moderate
Unreviewed
CVE-2019-9741
was published
May 13, 2022
An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through...
Moderate
Unreviewed
CVE-2019-9740
was published
May 13, 2022
An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through...
Moderate
Unreviewed
CVE-2019-9947
was published
May 13, 2022
Moodle CRLF Injection Vulnerability in Calendar Component
Moderate
CVE-2011-4203
was published
for
moodle/moodle
(Composer)
May 13, 2022
Kallithea CRLF injection vulnerability
High
CVE-2015-5285
was published
for
kallithea
(pip)
May 13, 2022
A Improper Neutralization of CRLF Sequences vulnerability in Open Build Service allows remote...
High
Unreviewed
CVE-2018-12477
was published
May 13, 2022
Ansible Tower as shipped with Red Hat CloudForms Management Engine 5 is vulnerable to CRLF...
Moderate
Unreviewed
CVE-2017-7528
was published
May 13, 2022
Domoticz before 4.10579 neglects to categorize \n and \r as insecure argument options.
High
Unreviewed
CVE-2019-10678
was published
May 14, 2022
CRLF injection vulnerability in VMware vCenter Server 6.0 before U2 and ESXi 6.0 allows remote...
Moderate
Unreviewed
CVE-2016-5331
was published
May 14, 2022
ProTip!
Advisories are also available from the
GraphQL API