Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,963
Erlang
39
GitHub Actions
38
Go
2,614
Maven
5,000+
npm
4,254
NuGet
760
pip
4,031
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,614 advisories

Loading
golang.org/x/text Infinite loop Moderate
CVE-2020-14040 was published for golang.org/x/text (Go) May 18, 2021
miekg/dns parsing error leads to nil pointer dereference and DoS High
CVE-2018-17419 was published for github.com/miekg/dns (Go) May 18, 2021
Information Disclosure in go.elastic.co/apm Low
CVE-2021-22133 was published for go.elastic.co/apm (Go) May 18, 2021
Improper Authorization in github.com/containers/libpod High
CVE-2021-20188 was published for github.com/containers/libpod (Go) May 18, 2021
Path Traversal in Buildah High
CVE-2020-10696 was published for github.com/containers/buildah (Go) May 18, 2021
Predictable SIF UUID Identifiers in github.com/sylabs/sif High
CVE-2021-29499 was published for github.com/sylabs/sif (Go) May 18, 2021
Hard coded cryptographic key in Kiali High
CVE-2020-1764 was published for github.com/kiali/kiali (Go) May 18, 2021
github.com/u-root/u-root/pkg/tarutil Arbitrary File Write via Archive Extraction (Zip Slip) High
CVE-2020-7669 was published for github.com/u-root/u-root (Go) May 18, 2021
leungster
Credited to leungster
Cross-site Request Forgery (CSRF) in Cloud Native Computing Foundation Harbor High
CVE-2019-19025 was published for github.com/goharbor/harbor (Go) May 18, 2021
SQL Injection in Cloud Native Computing Foundation Harbor Moderate
CVE-2019-19026 was published for github.com/goharbor/harbor (Go) May 18, 2021
SQL Injection in Cloud Native Computing Foundation Harbor High
CVE-2019-19029 was published for github.com/goharbor/harbor (Go) May 18, 2021
Privilege Escalation in Cloud Native Computing Foundation Harbor Moderate
CVE-2019-19023 was published for github.com/goharbor/harbor (Go) May 18, 2021
Infinite Loop in jsonparser High
CVE-2020-10675 was published for github.com/buger/jsonparser (Go) May 18, 2021
Improper Authentication in InfluxDB Critical
CVE-2019-20933 was published for github.com/influxdata/influxdb (Go) May 18, 2021
Allocation of Resources Without Limits or Throttling in Hashicorp Consul High
CVE-2020-13250 was published for github.com/hashicorp/consul (Go) May 18, 2021
Improper Input Validation in HashiCorp Consul Moderate
CVE-2020-13170 was published for github.com/hashicorp/consul (Go) May 18, 2021
Information Disclosure in HashiCorp Vault High
CVE-2020-13223 was published for github.com/hashicorp/vault (Go) May 18, 2021
Improper Input Validation in HashiCorp Vault Critical
CVE-2020-12757 was published for github.com/hashicorp/vault-plugin-secrets-gcp (Go) May 18, 2021
Improper Certificate Validation in HashiCorp Nomad High
CVE-2020-7956 was published for github.com/hashicorp/nomad (Go) May 18, 2021
Allocation of Resources Without Limits or Throttling in HashiCorp Nomad High
CVE-2020-7218 was published for github.com/hashicorp/nomad (Go) May 18, 2021
Denial of Service (DoS) in HashiCorp Consul High
CVE-2020-7219 was published for github.com/hashicorp/consul (Go) May 18, 2021
Use of a Broken or Risky Cryptographic Algorithm in Terraform High
CVE-2019-19316 was published for github.com/hashicorp/terraform (Go) May 18, 2021
Integer Overflow or Wraparound in NATS Server High
CVE-2019-13126 was published for github.com/nats-io/nats-server/v2 (Go) May 18, 2021
Insecure Permissions in Gogs Critical
CVE-2019-14544 was published for gogs.io/gogs (Go) May 18, 2021
Improper Input Validation in libseccomp-golang High
CVE-2017-18367 was published for github.com/seccomp/libseccomp-golang (Go) May 18, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database