GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
4 advisories
uv allows ZIP payload obfuscation through parsing differentials
Moderate
GHSA-pqhf-p39g-3x64
was published
for
uv
(pip)
Oct 29, 2025
astral-tokio-tar has a path traversal in tar extraction
Moderate
CVE-2025-59825
was published
for
astral-tokio-tar
(Rust)
Sep 23, 2025
uv allows ZIP payload obfuscation through parsing differentials
Moderate
CVE-2025-54368
was published
for
uv
(pip)
Aug 7, 2025
markdown2 is vulnerable to cross-site scripting
Moderate
CVE-2018-5773
was published
for
markdown2
(pip)
Jul 12, 2018
ProTip!
Advisories are also available from the
GraphQL API