Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
55
GitHub Actions
50
Go
3,732
Maven
5,000+
npm
5,000+
NuGet
935
pip
4,952
Pub
13
RubyGems
1,055
Rust
1,343
Swift
54
Unreviewed advisories
All unreviewed
5,000+

8 advisories

Loading
Netty Redis Codec Encoder has a CRLF Injection Issue Moderate
CVE-2026-42586 was published for io.netty:netty-codec-redis (Maven) May 7, 2026
Netty: Start-Line Injection in DefaultHttpRequest.setUri() Allows HTTP Request Smuggling and RTSP Request Injection Moderate
CVE-2026-41417 was published for io.netty:netty-codec-http (Maven) May 5, 2026
oxqnd Credited to oxqnd, aest3ra, and mjkim610 aest3ra aest3ra
mjkim610 mjkim610
Netty has a CRLF Injection vulnerability in io.netty.handler.codec.http.HttpRequestEncoder Moderate
CVE-2025-67735 was published for io.netty:netty-codec-http (Maven) Dec 15, 2025
vietj Credited to vietj and nakyamad nakyamad nakyamad
Netty has SMTP Command Injection Vulnerability that Allows Email Forgery High
CVE-2025-59419 was published for io.netty:netty-codec-smtp (Maven) Oct 15, 2025
DepthFirstDisclosures Credited to DepthFirstDisclosures
Keycloak SMTP Inject Vulnerability Moderate
CVE-2025-8419 was published for org.keycloak:keycloak-services (Maven) Sep 17, 2025
Duplicate Advisory: Keycloak-services SMTP Inject Vulnerability Moderate
GHSA-qj5r-2r5p-phc7 was published for org.keycloak:keycloak-services (Maven) Aug 6, 2025 withdrawn
Improper Neutralization of CRLF Sequences in Wildfly Undertow Moderate
CVE-2016-4993 was published for org.wildfly:wildfly-undertow (Maven) May 17, 2022
Moderate severity vulnerability that affects io.vertx:vertx-core Moderate
CVE-2018-12537 was published for io.vertx:vertx-core (Maven) Oct 19, 2018
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database