Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,354
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,779
NuGet
681
pip
3,460
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

781 advisories

Loading
Improper Privilege Management in HashiCorp Nomad High
CVE-2021-3283 was published for github.com/hashicorp/nomad (Go) Jun 24, 2021
Arbitrary Code Execution High
CVE-2014-9357 was published for github.com/docker/docker (Go) Feb 15, 2022
Caddy-SSH vulnerable to Authorization Bypass due to incorrect usage of PAM library High
GHSA-gmhj-xjfh-cf6m was published for github.com/mohammed90/caddy-ssh (Go) Sep 23, 2022
porcupineyhairs
lakeFS vulnerable to authenticated users deleting files they are not authorized to delete High
GHSA-28q9-9c3g-v3f9 was published for github.com/treeverse/lakefs (Go) Sep 23, 2022
Prometheus vulnerable to basic authentication bypass High
GHSA-4v48-4q5m-8vx4 was published for github.com/prometheus/prometheus (Go) Dec 5, 2022
chunklhit
Potential inter-blockchain communication (IBC) protocol compromise via "Dragonberry" vulnerability in cheqd High
GHSA-j92c-mmf7-j5x5 was published for github.com/cheqd/cheqd-node (Go) Oct 18, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database