Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

2 advisories

Loading
tonghuaroot Credited to tonghuaroot and jonesbusy jonesbusy jonesbusy
ORAS Java: Path traversal in pullArtifact via attacker-controlled org.opencontainers.image.title annotation High
GHSA-xm96-gfjx-jcrc was published for land.oras:oras-java-sdk (Maven) May 19, 2026
ChipWolf Credited to ChipWolf and jonesbusy jonesbusy jonesbusy
ProTip! Advisories are also available from the GraphQL API