Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

5 advisories

Loading
Command Injection Vulnerability with Mercurial in VCS Critical
CVE-2022-21235 was published for github.com/Masterminds/vcs (Go) Apr 1, 2022
dellalibera
Gitea vulnerable to Argument Injection Critical
CVE-2022-42968 was published for github.com/go-gitea/gitea (Go) Oct 16, 2022
HashiCorp go-getter Vulnerable to Argument Injection When Fetching Remote Default Git Branches Critical
CVE-2024-3817 was published for github.com/hashicorp/go-getter (Go) Apr 17, 2024
Duplicate Advisory: github.com/gogs/gogs affected by CVE-2024-39930 Critical
GHSA-p69r-v3h4-rj4f was published for github.com/gogs/gogs (Go) Jul 4, 2024 withdrawn
Gogs has an argument Injection in the built-in SSH server Critical
CVE-2024-39930 was published for gogs.io/gogs (Go) Dec 23, 2024
swapgs
ProTip! Advisories are also available from the GraphQL API