Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

13 advisories

Loading
Improper Locking in Apache Tomcat High
CVE-2019-10072 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Jun 26, 2019
sunSUNQ Credited to sunSUNQ
Improper Locking in github.com/containers/storage Moderate
CVE-2021-20291 was published for github.com/containers/storage (Go) May 10, 2021
Data race in va-ts Moderate
CVE-2020-36220 was published for va-ts (Rust) Aug 25, 2021
Deadlock in mutually recursive `tf.function` objects Moderate
CVE-2021-41213 was published for tensorflow (pip) Nov 10, 2021
Denial of Service in Gitea High
CVE-2020-13246 was published for github.com/go-gitea/gitea (Go) Feb 15, 2022
Improper Locking in JetBrains Kotlin Moderate
CVE-2022-24329 was published for org.jetbrains.kotlin:kotlin-stdlib (Maven) Feb 26, 2022
Denial of service by double-checked locking in openssl-src High
CVE-2022-3996 was published for openssl-src (Rust) Dec 13, 2022
AlmogApiiro Credited to AlmogApiiro and westonsteimel westonsteimel westonsteimel
Uniswap Universal Router Incorrect Authorization vulnerability High
CVE-2022-48216 was published for @uniswap/universal-router (npm) Jan 4, 2023
Vyper has incorrect re-entrancy lock when key is empty string Moderate
CVE-2023-42441 was published for vyper (pip) Sep 18, 2023
trocher Credited to trocher
vyper default functions don't respect nonreentrancy keys Moderate
CVE-2024-32648 was published for vyper (pip) Apr 25, 2024
Pterodactyl improperly locks resources allowing raced queries to create more resources than alloted Moderate
CVE-2025-69198 was published for pterodactyl/panel (Composer) Jan 20, 2026
vsevolodmelnyk Credited to vsevolodmelnyk and hymaxo hymaxo hymaxo
Spring MVC and WebFlux has Server Sent Event stream corruption Low
CVE-2026-22735 was published for org.springframework:spring-webflux (Maven) Mar 20, 2026
Concurrent Ruby: ReadWriteLock allows wrong-thread write release and stray read-release counter corruption Low
CVE-2026-54906 was published for concurrent-ruby (RubyGems) Jun 19, 2026
pranjalithakur Credited to pranjalithakur
ProTip! Advisories are also available from the GraphQL API