GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
819 advisories
Redirect URL matching ignores character casing
Moderate
CVE-2020-15234
was published
for
github.com/ory/fosite
(Go)
May 24, 2021
OAuth2 Redirect URL validity does not respect query parameters and character casing for loopback addresses
Moderate
CVE-2020-15233
was published
for
github.com/ory/fosite
(Go)
May 24, 2021
containerd-shim API Exposed to Host Network Containers
Moderate
CVE-2020-15257
was published
for
github.com/containerd/containerd
(Go)
May 24, 2021
Authentication Bypass in hydra
Moderate
CVE-2020-5300
was published
for
github.com/ory/hydra
(Go)
May 27, 2021
Access Restriction Bypass in kube-apiserver
Moderate
CVE-2021-25735
was published
for
k8s.io/kubernetes
(Go)
May 28, 2021
Action Commands (run/shell/exec) Against Library URIs Ignore Configured Remote Endpoint
Moderate
CVE-2021-32635
was published
for
github.com/sylabs/singularity
(Go)
Jun 1, 2021
Control character injection in console output in github.com/ipfs/go-ipfs
Moderate
CVE-2020-26283
was published
for
github.com/ipfs/go-ipfs
(Go)
Jun 23, 2021
ProTip!
Advisories are also available from the
GraphQL API