Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,846
Erlang
36
GitHub Actions
33
Go
2,467
Maven
5,000+
npm
4,090
NuGet
733
pip
3,907
Pub
12
RubyGems
944
Rust
1,011
Swift
39
Unreviewed advisories
All unreviewed
5,000+

2,467 advisories

Loading
Crash due to malformed relay protocol message Low
CVE-2021-21404 was published for github.com/syncthing/syncthing (Go) May 21, 2021
github.com/nats-io/nats-server Import token permissions checking not enforced High
GHSA-j756-f273-xhp4 was published for github.com/nats-io/nats-server/v2 (Go) May 21, 2021
Import loops in account imports, nats-server DoS Low
GHSA-gwj5-3vfq-q992 was published for github.com/nats-io/nats-server/v2 (Go) May 21, 2021
Nil dereference in NATS JWT causing DoS of nats-server High
GHSA-hmm9-r2m2-qg9w was published for github.com/nats-io/jwt (Go) May 21, 2021
Incorrect handling of credential expiry by /nats-io/nats-server High
GHSA-2c64-vj8g-vwrq was published for github.com/nats-io/jwt (Go) May 21, 2021
Privilege escalation in rbac High
CVE-2021-22538 was published for github.com/google/exposure-notifications-verification-server (Go) May 21, 2021
Network policy may be bypassed by some ICMP Echo Requests Low
GHSA-c66w-hq56-4q97 was published for github.com/cilium/cilium (Go) May 21, 2021
brb kkourt
Possible XSS when using SSO with the CLI in github.com/argoproj/argo-cd/v2 Moderate
CVE-2021-23347 was published for github.com/argoproj/argo-cd/v2 (Go) May 21, 2021
Helm OCI credentials leaked into Argo CD logs Moderate
GHSA-6w87-g839-9wv7 was published for github.com/argoproj/argo-cd (Go) May 21, 2021
Legacy Node API Allows Impersonation in github.com/spiffe/spire/pkg/server/endpoints/node High
CVE-2021-27098 was published for github.com/spiffe/spire (Go) May 21, 2021
c53robin
Local directory executable lookup in sops (Windows-only) Low
GHSA-x5c7-x7m2-rhmf was published for go.mozilla.org/sops/v3 (Go) May 20, 2021
Ry0taK
Path Traversal in Docker Moderate
CVE-2014-9356 was published for github.com/docker/docker (Go) May 18, 2021
picatz neersighted
miekg/dns insecurely generates random numbers Moderate
CVE-2019-19794 was published for github.com/miekg/dns (Go) May 18, 2021
Insufficient Session Expiration in Kiali High
CVE-2020-1762 was published for github.com/kiali/kiali (Go) May 18, 2021
gopkg.in/macaron.v1 Open Redirect vulnerability Moderate
CVE-2020-12666 was published for gopkg.in/macaron.v1 (Go) May 18, 2021
Path traversal in u-root High
CVE-2020-7665 was published for github.com/u-root/u-root (Go) May 18, 2021
rjoleary
Authorization bypass in github.com/dgrijalva/jwt-go High
CVE-2020-26160 was published for github.com/dgrijalva/jwt-go (Go) May 18, 2021
Integer overflow in github.com/gorilla/websocket High
CVE-2020-27813 was published for github.com/gorilla/websocket (Go) May 18, 2021
github.com/tidwall/gjson is vulnerable to Denial of service High
CVE-2020-36066 was published for github.com/tidwall/gjson (Go) May 18, 2021
Podman Origin Validation Error Moderate
CVE-2021-20199 was published for github.com/containers/podman/v3 (Go) May 18, 2021
github.com/pires/go-proxyproto denial of service vulnerability Moderate
CVE-2021-23351 was published for github.com/pires/go-proxyproto (Go) May 18, 2021
Cross-site scripting in bluemonday Moderate
CVE-2021-29272 was published for github.com/microcosm-cc/bluemonday (Go) May 18, 2021
Insecure Permissions in Gogs Moderate
CVE-2020-14958 was published for gogs.io/gogs (Go) May 18, 2021
github.com/unknwon/cae Path Traversal vulnerability High
CVE-2020-7668 was published for github.com/unknwon/cae (Go) May 18, 2021
Path Traversal in github.com/unknwon/cae/zip High
CVE-2020-7664 was published for github.com/unknwon/cae (Go) May 18, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database