GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
14 advisories
Filter by severity
Rancher does not automatically clean up a user deleted or disabled from the configured Authentication Provider
High
CVE-2023-22650
was published
for
github.com/rancher/rancher
(Go)
Jun 17, 2024
Insufficient Session Expiration in github.com/greenpau/caddy-security
Moderate
CVE-2024-21492
was published
for
github.com/greenpau/caddy-security
(Go)
Feb 17, 2024
Argo CD web terminal session doesn't expire
High
CVE-2023-40025
was published
for
github.com/argoproj/argo-cd
(Go)
Aug 23, 2023
Answer Insufficient Session Expiration vulnerability
Moderate
CVE-2023-4126
was published
for
github.com/answerdev/answer
(Go)
Aug 3, 2023
Answer vulnerable to Insufficient Session Expiration
High
CVE-2023-1543
was published
for
github.com/answerdev/answer
(Go)
Mar 21, 2023
Zitadel RefreshToken invalidation vulnerability
Moderate
CVE-2023-22492
was published
for
github.com/zitadel/zitadel
(Go)
Jan 11, 2023
HashiCorp Nomad vulnerable to Insufficient Session Expiration
Low
CVE-2022-3867
was published
for
github.com/hashicorp/nomad
(Go)
Nov 10, 2022
Pinniped Supervisor Insufficient Session Expiration vulnerability
Moderate
CVE-2022-31677
was published
for
go.pinniped.dev
(Go)
Sep 1, 2022
FlyteAdmin Insufficient AccessToken Expiration Check
Moderate
CVE-2022-31145
was published
for
github.com/flyteorg/flyteadmin
(Go)
Jul 15, 2022
Insufficient Session Expiration in Nakama
High
CVE-2022-2306
was published
for
github.com/heroiclabs/nakama
(Go)
Jul 6, 2022
Token leases could outlive their TTL in HashiCorp Vault
Critical
CVE-2020-25816
was published
for
github.com/hashicorp/vault
(Go)
May 24, 2022
Use of a Key Past its Expiration Date and Insufficient Session Expiration in Maddy Mail Server
Moderate
CVE-2022-24732
was published
for
github.com/foxcpp/maddy
(Go)
Mar 7, 2022
Invalid session token expiration
High
CVE-2021-32923
was published
for
github.com/hashicorp/vault
(Go)
Jun 8, 2021
Insufficient Session Expiration in Kiali
High
CVE-2020-1762
was published
for
github.com/kiali/kiali
(Go)
May 18, 2021
ProTip!
Advisories are also available from the
GraphQL API