GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
11 advisories
Filter by severity
Authz Module Non-Determinism
Moderate
CVE-2021-41135
was published
for
github.com/cosmos/cosmos-sdk
(Go)
Oct 21, 2021
Incorrect handling of H2 GOAWAY + SETTINGS frames
High
CVE-2021-39162
was published
for
github.com/pomerium/pomerium
(Go)
Sep 10, 2021
Ory fosite contains Improper Handling of Exceptional Conditions
High
CVE-2020-15223
was published
for
github.com/ory/fosite
(Go)
May 24, 2021
IPFS go-bitfield vulnerable to DoS via malformed size arguments
Moderate
CVE-2023-23626
was published
for
github.com/ipfs/go-bitfield
(Go)
Feb 10, 2023
OctoRPKI crashes when max iterations is reached
Moderate
CVE-2022-3616
was published
for
github.com/cloudflare/cfrpki
(Go)
Oct 31, 2022
Mattermost denial of service vulnerability
Moderate
CVE-2023-5967
was published
for
github.com/mattermost/mattermost-server/v6
(Go)
Nov 6, 2023
BuildKit vulnerable to possible panic when incorrect parameters sent from frontend
Moderate
CVE-2024-23650
was published
for
github.com/moby/buildkit
(Go)
Jan 31, 2024
Mattermost crashes web clients via a malformed custom status
Moderate
CVE-2024-4182
was published
for
github.com/mattermost/mattermost-server
(Go)
Apr 26, 2024
Previous ATX is not checked to be the newest valid ATX by Smesher when validating incoming ATX
High
CVE-2024-34360
was published
for
github.com/spacemeshos/api
(Go)
May 10, 2024
moby docker daemon crash during image pull of malicious image
Moderate
CVE-2021-21285
was published
for
github.com/moby/moby
(Go)
Jan 31, 2024
Mattermost allows a remote actor to permanently delete local data by abusing dangerous error handling
Moderate
CVE-2024-39832
was published
for
github.com/mattermost/mattermost/server/v8
(Go)
Aug 1, 2024
ProTip!
Advisories are also available from the
GraphQL API