Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,090
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

782 advisories

Loading
Double free in smallvec Critical
CVE-2018-20991 was published for smallvec (Rust) Aug 25, 2021
Multiple memory safety issues in actix-web Moderate
GHSA-w65j-g6c7-g3m4 was published for actix-web (Rust) Aug 25, 2021
VecStorage Deserialize Allows Violation of Length Invariant Moderate
GHSA-h3mf-4fwp-59c7 was published for nalgebra (Rust) Aug 5, 2021 withdrawn
OS command injection in ripgrep Critical
CVE-2021-3013 was published for grep-cli (Rust) Aug 5, 2021
SMTP command injection in lettre Critical
CVE-2021-38189 was published for lettre (Rust) Jul 12, 2021
paolobarbolini
Integer Overflow in Chunked Transfer-Encoding Moderate
CVE-2021-32714 was published for hyper (Rust) Jul 12, 2021
mattiasgrenfeldt asta12
Lenient Parsing of Content-Length Header When Prefixed with Plus Sign Low
CVE-2021-32715 was published for hyper (Rust) Jul 12, 2021
mattiasgrenfeldt asta12
tdunlap607
ProTip! Advisories are also available from the GraphQL API