Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,971
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,091
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

261 advisories

Loading
Cross-site Scripting in ammonia Moderate
CVE-2021-38193 was published for ammonia (Rust) Aug 25, 2021
Data races in noise_search Moderate
CVE-2020-36461 was published for noise_search (Rust) Aug 25, 2021
Data races in cgc Moderate
CVE-2020-36466 was published for cgc (Rust) Aug 25, 2021
Multiple soundness issues in cgc Moderate
CVE-2020-36467 was published for cgc (Rust) Aug 25, 2021
HTTP Request Smuggling in hyper Moderate
CVE-2021-21299 was published for hyper (Rust) Aug 25, 2021
ZeddYu
Segmentation fault in time Moderate
CVE-2020-26235 was published for time (Rust) Aug 25, 2021
quininer JamieMagee
fenhl KamilaBorowska jhpratt michaelkedar
Argument injection in lettre Moderate
CVE-2020-28247 was published for lettre (Rust) Aug 25, 2021
vin01
Non-atomic writes in cgc Moderate
CVE-2020-36468 was published for cgc (Rust) Aug 25, 2021
Data race in disrustor Moderate
CVE-2020-36470 was published for disrustor (Rust) Aug 25, 2021
J3rry-1729
Data races in appendix Moderate
CVE-2020-36469 was published for appendix (Rust) Aug 25, 2021
Data races in generator Moderate
CVE-2020-36471 was published for generator (Rust) Aug 25, 2021
Uncaught Exception in libpulse-binding Moderate
GHSA-wcxc-jf6c-8rx9 was published for libpulse-binding (Rust) Aug 25, 2021
Data races in max7301 Moderate
CVE-2020-36472 was published for max7301 (Rust) Aug 25, 2021
Data races in model Moderate
GHSA-8q64-wrfr-q48c was published for model (Rust) Aug 25, 2021 withdrawn
MvccRwLock allows data races & aliasing violations Moderate
GHSA-mgg8-9pvp-6qcw was published for noise_search (Rust) Aug 25, 2021 withdrawn
Compiler optimisation leads to SEGFAULT Moderate
GHSA-r6ff-2q3c-v3pv was published for pnet (Rust) Aug 25, 2021
Send/Sync bound needed on T for Send/Sync impl of RcuCell<T> Moderate
GHSA-jh2g-xhqq-x4w9 was published for rcu_cell (Rust) Aug 25, 2021 withdrawn
Unchecked vector pre-allocation Moderate
GHSA-mcrf-7hf9-f6q5 was published for rmpv (Rust) Aug 25, 2021
Singleton lacks bounds on Send and Sync. Moderate
GHSA-vj88-5667-w56p was published for ruspiro-singleton (Rust) Aug 25, 2021 withdrawn
Queue<T> should have a Send bound on its Send/Sync traits Moderate
GHSA-v42f-j8fx-99f3 was published for scottqueue (Rust) Aug 25, 2021 withdrawn
Uncontrolled recursion leads to abort in deserialization Moderate
GHSA-39vw-qp34-rmwf was published for serde_yaml (Rust) Aug 25, 2021
Assumed memory layout of std::net::SocketAddr Moderate
GHSA-p5w9-856p-8q4g was published for socket2 (Rust) Aug 25, 2021 withdrawn
smallvec creates uninitialized value of any type Moderate
GHSA-66p5-j55p-32r9 was published for smallvec (Rust) Aug 25, 2021
WITHDRAWN Moderate
GHSA-8q5c-93vg-c747 was published for toolshed (Rust) Aug 25, 2021 withdrawn
Data races in unicycle Moderate
GHSA-7mg7-m5c3-3hqj was published for unicycle (Rust) Aug 25, 2021 withdrawn
ProTip! Advisories are also available from the GraphQL API