GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
63 advisories
Filter by severity
Denial of Service in Go-Ethereum
High
CVE-2022-23328
was published
for
github.com/ethereum/go-ethereum
(Go)
Mar 5, 2022
Uncontrolled Resource Consumption in promhttp
High
CVE-2022-21698
was published
for
github.com/prometheus/client_golang
(Go)
Feb 16, 2022
Denial of service in github.com/nats-io/nats-server/server
High
CVE-2020-28466
was published
for
github.com/nats-io/nats-server
(Go)
Feb 15, 2022
golang.org/x/net/http2 allows uncontrolled memory consumption
High
CVE-2021-44716
was published
for
golang.org/x/net/http2
(Go)
Jan 2, 2022
github.com/tidwall/gjson Vulnerable to REDoS attack
High
CVE-2021-42836
was published
for
github.com/tidwall/gjson
(Go)
Oct 25, 2021
github.com/pires/go-proxyproto vulnerable to DoS via Connection descriptor exhaustion
High
CVE-2021-23409
was published
for
github.com/pires/go-proxyproto
(Go)
Jul 26, 2021
Denial of Service in miekg-dns
High
CVE-2017-15133
was published
for
github.com/miekg/dns
(Go)
Jun 29, 2021
Denial of service in GJSON
High
CVE-2020-35380
was published
for
github.com/tidwall/gjson
(Go)
Jun 23, 2021
Integer overflow in github.com/gorilla/websocket
High
CVE-2020-27813
was published
for
github.com/gorilla/websocket
(Go)
May 18, 2021
github.com/tidwall/gjson is vulnerable to Denial of service
High
CVE-2020-36066
was published
for
github.com/tidwall/gjson
(Go)
May 18, 2021
miekg/dns parsing error leads to nil pointer dereference and DoS
High
CVE-2018-17419
was published
for
github.com/miekg/dns
(Go)
May 18, 2021
Allocation of Resources Without Limits or Throttling in HashiCorp Nomad
High
CVE-2020-7218
was published
for
github.com/hashicorp/nomad
(Go)
May 18, 2021
Denial of Service (DoS) in HashiCorp Consul
High
CVE-2020-7219
was published
for
github.com/hashicorp/consul
(Go)
May 18, 2021
ProTip!
Advisories are also available from the
GraphQL API