Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,466
Erlang
33
GitHub Actions
23
Go
2,166
Maven
5,000+
npm
3,830
NuGet
696
pip
3,507
Pub
12
RubyGems
909
Rust
904
Swift
38
Unreviewed advisories
All unreviewed
5,000+

989 advisories

Loading
Podman Origin Validation Error Moderate
CVE-2021-20199 was published for github.com/containers/podman/v3 (Go) May 18, 2021
github.com/pires/go-proxyproto denial of service vulnerability Moderate
CVE-2021-23351 was published for github.com/pires/go-proxyproto (Go) May 18, 2021
Cross-site scripting in bluemonday Moderate
CVE-2021-29272 was published for github.com/microcosm-cc/bluemonday (Go) May 18, 2021
Insecure Permissions in Gogs Moderate
CVE-2020-14958 was published for gogs.io/gogs (Go) May 18, 2021
Information Exposure in jaeger Moderate
CVE-2020-10750 was published for github.com/jaegertracing/jaeger (Go) May 18, 2021
golang.org/x/text Infinite loop Moderate
CVE-2020-14040 was published for golang.org/x/text (Go) May 18, 2021
SQL Injection in Cloud Native Computing Foundation Harbor Moderate
CVE-2019-19026 was published for github.com/goharbor/harbor (Go) May 18, 2021
Privilege Escalation in Cloud Native Computing Foundation Harbor Moderate
CVE-2019-19023 was published for github.com/goharbor/harbor (Go) May 18, 2021
Improper Input Validation in HashiCorp Consul Moderate
CVE-2020-13170 was published for github.com/hashicorp/consul (Go) May 18, 2021
Duplicate Advisory: k8s.io/kube-state-metrics Exposure of Sensitive Information Moderate
CVE-2019-17110 was published for github.com/kubernetes/kube-state-metrics (Go) May 18, 2021 withdrawn
Path Traversal in MHolt Archiver Moderate
CVE-2019-10743 was published for github.com/mholt/archiver (Go) May 18, 2021
Cross-site Scripting in Documize Moderate
CVE-2019-19619 was published for github.com/documize/community (Go) May 18, 2021
Kubernetes kubectl cp Vulnerable to Symlink Attack Moderate
CVE-2019-11251 was published for k8s.io/kubernetes (Go) May 18, 2021
Improper Locking in github.com/containers/storage Moderate
CVE-2021-20291 was published for github.com/containers/storage (Go) May 10, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database