Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,383
Erlang
33
GitHub Actions
22
Go
2,140
Maven
5,000+
npm
3,800
NuGet
687
pip
3,478
Pub
12
RubyGems
897
Rust
898
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,482 advisories

Loading
Denial of Service and Content Injection in i18n-node-angular High
CVE-2016-10524 was published for i18n-node-angular (npm) Feb 18, 2019
CRLF Injection in pypiserver Moderate
CVE-2019-6802 was published for pypiserver (pip) Jan 30, 2019
tdunlap607
Remote Code Execution in esigate-core Critical
CVE-2018-1000854 was published for org.esigate:esigate-core (Maven) Dec 21, 2018
Code injection in dragonfly gem High
CVE-2013-5671 was published for dragonfly (RubyGems) Oct 24, 2017
G-Rath
activesupport in Rails vulnerable to incorrect data conversion High
CVE-2013-0333 was published for activesupport (RubyGems) Oct 24, 2017
HTTParty does not restrict casts of string values High
CVE-2013-1801 was published for httparty (RubyGems) Oct 24, 2017
crack does not properly restrict casts of string values High
CVE-2013-1800 was published for crack (RubyGems) Oct 24, 2017
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database