GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
891 advisories
Filter by severity
Unbounded resource exhaustion in cmark-gfm autolink extension may lead to denial of service
Moderate
GHSA-4qw4-jpp4-8gvp
was published
for
commonmarker
(RubyGems)
Sep 21, 2022
Update bundled libxml2 to v2.10.3 to resolve multiple CVEs
Moderate
GHSA-2qc6-mcvw-92cw
was published
for
nokogiri
(RubyGems)
Oct 18, 2022
Cross-Site Request Forgery (CSRF)
Moderate
GHSA-wj5j-xpcj-45gc
was published
for
devise_invitable
(RubyGems)
Feb 24, 2021
•
withdrawn
Backdoor / Malicious code
Critical
GHSA-q2hm-gx3f-h63q
was published
for
lita-coin
(RubyGems)
Feb 23, 2021
•
withdrawn
Denial of Service in uap-core when processing crafted User-Agent strings
High
GHSA-pcqq-5962-hvcw
was published
for
user_agent_parser
(RubyGems)
Mar 10, 2020
Moderate severity vulnerability that affects actionpack
Moderate
GHSA-23v3-qfrj-wmgh
was published
for
actionpack
(RubyGems)
Sep 17, 2018
•
withdrawn
Low severity vulnerability that affects sensu
Low
CVE-2018-1000060
was published
for
sensu
(RubyGems)
Jul 23, 2018
•
withdrawn
Moderate severity vulnerability that affects rails-html-sanitizer
Moderate
GHSA-77pc-q5q7-qg9h
was published
for
rails-html-sanitizer
(RubyGems)
Sep 17, 2018
•
withdrawn
Moderate severity vulnerability that affects activerecord
Moderate
GHSA-7phj-gmgx-2r66
was published
for
activerecord
(RubyGems)
Sep 17, 2018
•
withdrawn
Moderate severity vulnerability that affects activesupport
Moderate
GHSA-35c4-f3rq-f9g3
was published
for
activesupport
(RubyGems)
Sep 17, 2018
•
withdrawn
High severity vulnerability that affects rubyzip
High
GHSA-3q5q-f79q-7hr2
was published
for
rubyzip
(RubyGems)
Jul 31, 2018
•
withdrawn
Moderate severity vulnerability that affects actionpack
Moderate
GHSA-544j-77x9-h938
was published
for
actionpack
(RubyGems)
Sep 17, 2018
•
withdrawn
Moderate severity vulnerability that affects actionview
Moderate
GHSA-6834-r92f-jj42
was published
for
actionview
(RubyGems)
Sep 17, 2018
•
withdrawn
Moderate severity vulnerability that affects actionview
Moderate
GHSA-2pwf-xwr3-hp55
was published
for
actionview
(RubyGems)
Aug 13, 2018
•
withdrawn
Moderate severity vulnerability that affects archive-tar-minitar and minitar
Moderate
GHSA-cwp3-834g-x79g
was published
for
archive-tar-minitar
(RubyGems)
Aug 21, 2018
•
withdrawn
Moderate severity vulnerability that affects safemode
Moderate
GHSA-44vc-fpcg-5cc5
was published
for
safemode
(RubyGems)
Aug 8, 2018
•
withdrawn
Moderate severity vulnerability that affects actionpack
Moderate
GHSA-5xmj-wm96-fmw8
was published
for
actionpack
(RubyGems)
Sep 17, 2018
•
withdrawn
High severity vulnerability that affects festivaltts4r
High
GHSA-9wv8-jgw4-4g28
was published
for
festivaltts4r
(RubyGems)
Aug 15, 2018
•
withdrawn
Moderate severity vulnerability that affects rack-mini-profiler
Moderate
GHSA-995j-587r-259w
was published
for
rack-mini-profiler
(RubyGems)
Aug 13, 2018
•
withdrawn
High severity vulnerability that affects many_versioned_gem
High
GHSA-hhxm-4f85-rgr8
was published
for
many_versioned_gem
(RubyGems)
Feb 5, 2019
•
withdrawn
Moderate severity vulnerability that affects rack
Moderate
GHSA-9vc2-p34x-jhxh
was published
for
rack
(RubyGems)
Sep 17, 2018
•
withdrawn
Moderate severity vulnerability that affects activerecord
Moderate
GHSA-m8h6-m9p5-p2f8
was published
for
activerecord
(RubyGems)
Aug 13, 2018
•
withdrawn
Moderate severity vulnerability that affects rails-html-sanitizer
Moderate
GHSA-qc8j-m8j3-rjq6
was published
for
rails-html-sanitizer
(RubyGems)
Sep 17, 2018
•
withdrawn
Moderate severity vulnerability that affects rails-html-sanitizer
Moderate
GHSA-mrhj-2g4v-39qx
was published
for
rails-html-sanitizer
(RubyGems)
Sep 17, 2018
•
withdrawn
High severity vulnerability that affects actionpack
High
GHSA-hx46-vwmx-wx95
was published
for
actionpack
(RubyGems)
Aug 13, 2018
•
withdrawn
ProTip!
Advisories are also available from the
GraphQL API