Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

383 advisories

Loading
Improper exception handling in Aedes High
CVE-2020-13410 was published for aedes (npm) May 6, 2021
Denial of Service (DoS) in restify-paginate High
CVE-2020-27543 was published for restify-paginate (npm) Apr 12, 2021
Jetty vulnerable to incorrect handling of invalid large TLS frame, exhausting CPU resources High
CVE-2021-28165 was published for org.eclipse.jetty:jetty-server (Maven) Apr 6, 2021
Improper Check for Unusual or Exceptional Conditions in Connect2id Nimbus JOSE+JWT Critical
CVE-2019-17195 was published for com.nimbusds:nimbus-jose-jwt (Maven) Oct 16, 2019
ecdsa Denial of Service vulnerability in signature verification and signature malleability High
CVE-2019-14853 was published for ecdsa (pip) Oct 8, 2019
Improper Handling of Exceptional Conditions and Origin Validation Error in Eclipse Paho Java client library Moderate
CVE-2019-11777 was published for org.eclipse.paho:org.eclipse.paho.client.mqttv3 (Maven) Sep 17, 2019
Denial of Service in axios High
CVE-2019-10742 was published for axios (npm) May 29, 2019
tdunlap607
Apache CXF TLS hostname verification does not work correctly with com.sun.net.ssl.* High
CVE-2018-8039 was published for org.apache.cxf:apache-cxf (Maven) Oct 19, 2018
sunSUNQ
ProTip! Advisories are also available from the GraphQL API