GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
29 advisories
Filter by severity
openssl-src contains Double free after calling `PEM_read_bio_ex`
High
CVE-2022-4450
was published
for
openssl-src
(Rust)
Feb 8, 2023
move_elements can double-free objects on panic
Critical
CVE-2021-28031
was published
for
scratchpad
(Rust)
May 24, 2022
insert_slice_clone can double drop if Clone panics.
Moderate
CVE-2021-26954
was published
for
qwutils
(Rust)
May 24, 2022
Use after free and double free in bitvec
Critical
CVE-2020-35862
was published
for
bitvec
(Rust)
Aug 25, 2021
Arrow2 allows double free in `safe` code
High
GHSA-5j8w-r7g8-5472
was published
for
arrow2
(Rust)
Jun 16, 2022
Double free in basic_dsp_matrix
High
CVE-2021-25906
was published
for
basic_dsp_matrix
(Rust)
Aug 25, 2021
ProTip!
Advisories are also available from the
GraphQL API