Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

339 advisories

Loading
Russh has an OOM Denial of Service due to allocation of untrusted amount High
CVE-2024-43410 was published for russh (Rust) Aug 14, 2024
Noratrieb Eugeny
Diesel vulnerable to Binary Protocol Misinterpretation caused by Truncating or Overflowing Casts High
GHSA-wq9x-qwcq-mmgf was published for diesel (Rust) Aug 23, 2024
Apollo Router Coprocessors may cause Denial-of-Service when handling request bodies High
CVE-2024-43783 was published for apollo-router (Rust) Aug 27, 2024
Cargo prior to Rust 1.26.0 may download the wrong dependency High
CVE-2019-16760 was published for cargo (Rust) May 24, 2022
olm-sys: wrapped library unmaintained, potentially vulnerable High
GHSA-p2q9-36vw-c468 was published for olm-sys (Rust) Sep 3, 2024
Missing connection timeout in Aardvark-dns High
CVE-2024-8418 was published for aardvark-dns (Rust) Sep 4, 2024
panic on parsing crafted phonenumber inputs High
CVE-2024-39697 was published for phonenumber (Rust) Jul 9, 2024
rubdos
ic-cdk has a memory leak when calling a canister method via `ic_cdk::call` High
CVE-2024-7884 was published for ic_cdk (Rust) Sep 5, 2024
adamspofford-dfinity
Denial of service in quinn-proto when using `Endpoint::retry()` High
CVE-2024-45311 was published for quinn-proto (Rust) Sep 3, 2024
finnbear BiagioFesta
BER/CER/DER decoder panics on invalid input High
CVE-2023-39914 was published for bcder (Rust) Sep 13, 2023
Untrusted Query Object Evaluation in RPC API High
GHSA-64f8-pjgr-9wmr was published for surrealdb (Rust) Sep 11, 2024
RaphaelDarley
Pleaser privilege escalation vulnerability High
CVE-2023-46277 was published for pleaser (Rust) Oct 20, 2023
Apollo Query Planner and Apollo Gateway may infinitely loop on sufficiently complex queries High
CVE-2024-43414 was published for @apollo/gateway (npm) Aug 27, 2024
Starship vulnerable to shell injection via undocumented, unpredictable shell expansion in custom commands High
CVE-2024-41815 was published for starship (Rust) Jul 26, 2024
evanbattaglia
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database