GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
17 advisories
Improper Input Validation in Jakarta Expression Language
Moderate
CVE-2021-28170
was published
for
com.sun.el:el-ri
(Maven)
Oct 6, 2021
TYPO3 CMS vulnerable to Sensitive Information Disclosure via YAML Placeholder Expressions in Site Configuration
Moderate
CVE-2022-23504
was published
for
typo3/cms
(Composer)
Dec 13, 2022
Spring Framework vulnerable to denial of service via specially crafted SpEL expression
Moderate
CVE-2023-20861
was published
for
org.springframework:spring-expression
(Maven)
Mar 23, 2023
QOS.CH logback-core Expression Language Injection vulnerability
Moderate
CVE-2024-12798
was published
for
ch.qos.logback:logback-core
(Maven)
Dec 19, 2024
Caddy CVE-2026-30852 Fix Bypass
Moderate
GHSA-wwhq-w58m-w29c
was published
for
github.com/caddyserver/caddy/v2
(Go)
May 19, 2026
ProTip!
Advisories are also available from the
GraphQL API