Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

4 advisories

Loading
Infinispan REST Server's cache retrieval endpoints do not properly evaluate the necessary admin permissions Moderate
CVE-2023-3629 was published for org.infinispan:infinispan-server-rest (Maven) Dec 30, 2023
Infinispan REST Server's bulk read endpoints do not properly evaluate user permissions Moderate
CVE-2023-3628 was published for org.infinispan:infinispan-server-rest (Maven) Dec 30, 2023
Armeria SAML authentication bypass due to missing validation on unsigned SAML messages Critical
CVE-2024-1735 was published for com.linecorp.armeria:armeria-saml (Maven) Feb 26, 2024
lishiki
Keycloak vulnerable to session takeover with OIDC offline refreshtokens Moderate
CVE-2022-3916 was published for org.keycloak:keycloak-parent (Maven) Dec 13, 2022
Flintholm
ProTip! Advisories are also available from the GraphQL API