GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
818 advisories
Filter by severity
miekg/dns insecurely generates random numbers
Moderate
CVE-2019-19794
was published
for
github.com/miekg/dns
(Go)
May 18, 2021
gopkg.in/macaron.v1 Open Redirect vulnerability
Moderate
CVE-2020-12666
was published
for
gopkg.in/macaron.v1
(Go)
May 18, 2021
Podman Origin Validation Error
Moderate
CVE-2021-20199
was published
for
github.com/containers/podman/v3
(Go)
May 18, 2021
github.com/pires/go-proxyproto denial of service vulnerability
Moderate
CVE-2021-23351
was published
for
github.com/pires/go-proxyproto
(Go)
May 18, 2021
Cross-site scripting in bluemonday
Moderate
CVE-2021-29272
was published
for
github.com/microcosm-cc/bluemonday
(Go)
May 18, 2021
Insecure Permissions in Gogs
Moderate
CVE-2020-14958
was published
for
gogs.io/gogs
(Go)
May 18, 2021
Information Exposure in jaeger
Moderate
CVE-2020-10750
was published
for
github.com/jaegertracing/jaeger
(Go)
May 18, 2021
golang.org/x/text Infinite loop
Moderate
CVE-2020-14040
was published
for
golang.org/x/text
(Go)
May 18, 2021
Cross-site Request Forgery (CSRF) in Cloud Native Computing Foundation Harbor
Moderate
CVE-2019-19025
was published
for
github.com/goharbor/harbor
(Go)
May 18, 2021
SQL Injection in Cloud Native Computing Foundation Harbor
Moderate
CVE-2019-19026
was published
for
github.com/goharbor/harbor
(Go)
May 18, 2021
SQL Injection in Cloud Native Computing Foundation Harbor
Moderate
CVE-2019-19029
was published
for
github.com/goharbor/harbor
(Go)
May 18, 2021
Privilege Escalation in Cloud Native Computing Foundation Harbor
Moderate
CVE-2019-19023
was published
for
github.com/goharbor/harbor
(Go)
May 18, 2021
Improper Input Validation in HashiCorp Consul
Moderate
CVE-2020-13170
was published
for
github.com/hashicorp/consul
(Go)
May 18, 2021
Duplicate Advisory: k8s.io/kube-state-metrics Exposure of Sensitive Information
Moderate
CVE-2019-17110
was published
for
github.com/kubernetes/kube-state-metrics
(Go)
May 18, 2021
•
withdrawn
Path Traversal in MHolt Archiver
Moderate
CVE-2019-10743
was published
for
github.com/mholt/archiver
(Go)
May 18, 2021
Cross-site Scripting in Documize
Moderate
CVE-2019-19619
was published
for
github.com/documize/community
(Go)
May 18, 2021
Kubernetes kubectl cp Vulnerable to Symlink Attack
Moderate
CVE-2019-11251
was published
for
k8s.io/kubernetes
(Go)
May 18, 2021
Improper Locking in github.com/containers/storage
Moderate
CVE-2021-20291
was published
for
github.com/containers/storage
(Go)
May 10, 2021
ProTip!
Advisories are also available from the
GraphQL API