GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
11 advisories
Filter by severity
Harbor fails to validate the user permissions when updating tag immutability policies
Moderate
CVE-2022-31669
was published
for
github.com/goharbor/harbor
(Go)
Sep 16, 2022
Harbor fails to validate the user permissions when updating tag retention policies
High
CVE-2022-31670
was published
for
github.com/goharbor/harbor
(Go)
Sep 16, 2022
Type confusion if __private_get_type_id__ is overriden
Critical
CVE-2020-25575
was published
for
failure
(Rust)
Jun 16, 2022
openssl-src's infinite loop in `BN_mod_sqrt()` reachable when parsing certificates
High
CVE-2022-0778
was published
for
openssl-src
(Rust)
Mar 16, 2022
openssl-src contains Double free after calling `PEM_read_bio_ex`
High
CVE-2022-4450
was published
for
openssl-src
(Rust)
Feb 8, 2023
Grafana vulnerable to Stored Cross-site Scripting in Text plugin
Moderate
CVE-2023-22462
was published
for
github.com/grafana/grafana
(Go)
Mar 1, 2023
Infinite open connection causes OctoRPKI to hang forever
Moderate
CVE-2021-3909
was published
for
github.com/cloudflare/cfrpki
(Go)
Nov 10, 2021
matrix-sdk-crypto contains potential impersonation via room key forward responses
Moderate
CVE-2022-39252
was published
for
matrix-sdk-crypto
(Rust)
Sep 30, 2022
Duplicate Advisory: KubeVirt arbitrary host file read from the VM
Moderate
CVE-2022-1798
was published
for
kubevirt.io/kubevirt
(Go)
Aug 18, 2022
•
withdrawn
ProTip!
Advisories are also available from the
GraphQL API