GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,846
Erlang
36
GitHub Actions
33
Go
2,467
Maven
5,000+
npm
4,090
NuGet
733
pip
3,907
Pub
12
RubyGems
944
Rust
1,011
Swift
39
Unreviewed advisories
All unreviewed
5,000+
2,467 advisories
Filter by severity
Integer Overflow or Wraparound in NATS Server
High
CVE-2019-13126
was published
for
github.com/nats-io/nats-server/v2
(Go)
May 18, 2021
Insecure Permissions in Gogs
Critical
CVE-2019-14544
was published
for
gogs.io/gogs
(Go)
May 18, 2021
Improper Input Validation in libseccomp-golang
High
CVE-2017-18367
was published
for
github.com/seccomp/libseccomp-golang
(Go)
May 18, 2021
Rancher Vulnerable to Cross-site Request Forgery (CSRF)
High
CVE-2019-13209
was published
for
github.com/rancher/rancher
(Go)
May 18, 2021
Improper Authentication in Apache Traffic Control
Critical
CVE-2019-12405
was published
for
github.com/apache/trafficcontrol
(Go)
May 18, 2021
Duplicate Advisory: k8s.io/kube-state-metrics Exposure of Sensitive Information
Moderate
CVE-2019-17110
was published
for
github.com/kubernetes/kube-state-metrics
(Go)
May 18, 2021
•
withdrawn
XML Entity Expansion and Improper Input Validation in Kubernetes API server
High
CVE-2019-11253
was published
for
k8s.io/kubernetes
(Go)
May 18, 2021
Out-of-bounds read in Apache Thrift
High
CVE-2019-0210
was published
for
github.com/apache/thrift
(Go)
May 18, 2021
Path Traversal in MHolt Archiver
Moderate
CVE-2019-10743
was published
for
github.com/mholt/archiver
(Go)
May 18, 2021
Cloud Foundry Routing Improper Input Validation vulnerability
High
CVE-2019-11289
was published
for
code.cloudfoundry.org/gorouter
(Go)
May 18, 2021
Cross-site Scripting in Documize
Moderate
CVE-2019-19619
was published
for
github.com/documize/community
(Go)
May 18, 2021
Improper Access Control in Lightning Network Daemon
High
CVE-2019-12999
was published
for
github.com/lightningnetwork/lnd
(Go)
May 18, 2021
Kubernetes kubectl cp Vulnerable to Symlink Attack
Moderate
CVE-2019-11251
was published
for
k8s.io/kubernetes
(Go)
May 18, 2021
GPGME Go wrapper contains Use After Free
High
CVE-2020-8945
was published
for
github.com/proglottis/gpgme
(Go)
May 18, 2021
Improper Verification of Cryptographic Signature in golang.org/x/crypto
High
CVE-2020-9283
was published
for
golang.org/x/crypto
(Go)
May 18, 2021
Kubernetes Privilege Escalation
Critical
CVE-2017-1000056
was published
for
k8s.io/kubernetes
(Go)
May 12, 2021
Improper Locking in github.com/containers/storage
Moderate
CVE-2021-20291
was published
for
github.com/containers/storage
(Go)
May 10, 2021
ProTip!
Advisories are also available from the
GraphQL API