Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

14 advisories

Loading
Use of a Key Past its Expiration Date and Insufficient Session Expiration in Maddy Mail Server Moderate
CVE-2022-24732 was published for github.com/foxcpp/maddy (Go) Mar 7, 2022
ysf
Contao Does Not Expire Tokens Correctly Critical
CVE-2019-10643 was published for contao/contao (Composer) May 13, 2022
OpenStack Keystone Insufficient token expiration High
CVE-2012-5563 was published for keystone (pip) May 17, 2022
python-keystoneclient missing expiration check in PKI token validation High
CVE-2013-2104 was published for python-keystoneclient (pip) May 17, 2022
Moodle uses the same key for QR login and auto-login Moderate
CVE-2024-38277 was published for moodle/moodle (Composer) Jun 18, 2024
Keycloak Uses a Key Past its Expiration Date Moderate
CVE-2024-7318 was published for org.keycloak:keycloak-core (Maven) Sep 9, 2024
One Time Passcode (OTP) is valid longer than expiration timeSeverity Moderate
GHSA-xmmm-jw76-q7vg was published for org.keycloak:keycloak-core (Maven) Oct 14, 2024
ProTip! Advisories are also available from the GraphQL API