Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

69 advisories

Loading
Apache Pulsar SASL Authentication Provider observable timing discrepancy vulnerability High
CVE-2023-51437 was published for org.apache.pulsar:pulsar-broker-auth-sasl (Maven) Feb 7, 2024
Python Cryptography package vulnerable to Bleichenbacher timing oracle attack High
CVE-2023-50782 was published for cryptography (pip) Feb 5, 2024
Minerva timing attack on P-256 in python-ecdsa High
CVE-2024-23342 was published for ecdsa (pip) Jan 22, 2024
tomato42
Marvin Attack of RSA and RSAOAEP decryption in jsrsasign High
CVE-2024-21484 was published for jsrsasign (npm) Jan 19, 2024
tomato42
PyCryptodome and pycryptodomex side-channel leakage for OAEP decryption High
CVE-2023-52323 was published for pycryptodome (pip) Jan 5, 2024
CubeFS timing attack can leak user passwords High
CVE-2023-46739 was published for github.com/cubefs/cubefs (Go) Jan 3, 2024
AdamKorcz
ProTip! Advisories are also available from the GraphQL API