Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

21 advisories

Loading
Use-After-Free in puppeteer Moderate
CVE-2019-5786 was published for puppeteer (npm) Sep 2, 2020
Use after free and segfault in shape inference functions Moderate
CVE-2021-37690 was published for tensorflow (pip) Aug 25, 2021
Use after free in actix-service Moderate
CVE-2020-35899 was published for actix-service (Rust) Aug 25, 2021
Reference counting error in pyo3 Moderate
CVE-2020-35917 was published for pyo3 (Rust) Aug 25, 2021
tdunlap607
Memory handling issues in xcb Moderate
CVE-2020-36205 was published for xcb (Rust) Aug 25, 2021
use-after-free vulnerability in Rust array-queue Moderate
CVE-2020-35900 was published for array-queue (Rust) Aug 25, 2021
Use after free in libpulse-binding Moderate
CVE-2018-25001 was published for libpulse-binding (Rust) Aug 30, 2021
Memory Safety Issue when using patch or merge on state and assign the result back to state Moderate
CVE-2021-39228 was published for tremor-script (Rust) Sep 20, 2021
Use after free passing `externref`s to Wasm in Wasmtime Moderate
CVE-2021-39216 was published for wasmtime (pip) Sep 20, 2021
alexcrichton fitzgen
cfallin
Wasmtime vulnerable to Use After Free with `externref`s Moderate
CVE-2022-31146 was published for cranelift-codegen (Rust) Jul 20, 2022
alexcrichton fitzgen
jameysharp
iana-time-zone vulnerable to use after free in MacOS / iOS implementation Moderate
GHSA-3fg9-hcq5-vxrc was published for iana-time-zone (Rust) Aug 30, 2022
Garbage collection issue in BC-FJA in Java 13 and later Moderate
CVE-2022-45146 was published for org.bouncycastle:bc-fips (Maven) Nov 21, 2022
use-after-free in tracing Moderate
GHSA-8f24-6m29-wm2r was published for tracing (Rust) Jan 17, 2024
Use-after-free when setting the locale Moderate
GHSA-c8v3-jhv9-4ppc was published for rust-i18n-support (Rust) Jan 23, 2024
Use after free in libpulse-binding Moderate
GHSA-f56g-chqp-22m9 was published for libpulse-binding (Rust) Feb 3, 2024
Nokogiri update packaged libxml2 to v2.12.5 to resolve CVE-2024-25062 Moderate
GHSA-xc9x-jj77-9p9j was published for nokogiri (RubyGems) Feb 5, 2024
yoshizawa-masatoshi lumaxis
Use-after-free in libxml2 via Nokogiri::XML::Reader Moderate
GHSA-vcc3-rw6f-jv97 was published for nokogiri (RubyGems) Mar 18, 2024
@fastly/js-compute has a use-after-free in some host call implementations Moderate
CVE-2024-38375 was published for @fastly/js-compute (npm) Jun 26, 2024
elliottt
Use After Free in MicroPython Moderate
CVE-2024-8947 was published for micropython-copy (pip) Sep 17, 2024
Duplicate Advisory: PyO3 has a risk of use-after-free in `borrowed` reads from Python weak references Moderate
GHSA-f8x4-f32r-w556 was published for pyo3 (Rust) Oct 15, 2024 withdrawn
PyO3 has a risk of use-after-free in `borrowed` reads from Python weak references Moderate
CVE-2024-9979 was published for pyo3 (Rust) Oct 15, 2024
ProTip! Advisories are also available from the GraphQL API