GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,017
Maven
5,000+
npm
3,722
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
857
Swift
36
Unreviewed advisories
All unreviewed
5,000+
13 advisories
Filter by severity
Sensitive Data Exposure in sequelize-cli
Low
GHSA-3xc7-xg67-pw99
was published
for
sequelize-cli
(npm)
Jun 5, 2019
Information Exposure in Snyk Broker
High
CVE-2020-7654
was published
for
snyk-broker
(npm)
Jun 3, 2020
npm CLI exposing sensitive information through logs
Moderate
CVE-2020-15095
was published
for
npm
(npm)
Jul 7, 2020
Information Exposure in cordova-android
High
CVE-2016-6799
was published
for
cordova-android
(npm)
Sep 11, 2020
next-auth before v4.10.2 and v3.29.9 leaks excessive information into log
Low
CVE-2022-31186
was published
for
next-auth
(npm)
Aug 6, 2022
directus vulnerable to Insertion of Sensitive Information into Log File
Moderate
CVE-2023-28443
was published
for
directus
(npm)
Mar 23, 2023
@mittwald/kubernetes's secret contents leaked via debug logging
Moderate
GHSA-g35x-j6jj-8g7j
was published
for
@mittwald/kubernetes
(npm)
May 2, 2023
MongoDB Driver may publish events containing authentication-related data
Moderate
CVE-2021-32050
was published
for
github.com/mongodb/mongo-swift-driver
(Composer)
Aug 29, 2023
Logging of the firestore key within nodejs-firestore
Moderate
CVE-2023-6460
was published
for
@google-cloud/firestore
(npm)
Dec 4, 2023
react-native-mmkv Insertion of Sensitive Information into Log File vulnerability
Moderate
CVE-2024-21668
was published
for
react-native-mmkv
(npm)
Jan 9, 2024
@valtimo/components exposes access token to form.io
Critical
CVE-2024-34706
was published
for
@valtimo/components
(npm)
May 13, 2024
@workos-inc/authkit-nextjs refresh tokens are logged when the debug flag is enabled
Low
CVE-2024-51752
was published
for
@workos-inc/authkit-nextjs
(npm)
Nov 5, 2024
@workos-inc/authkit-remix refresh tokens are logged when the debug flag is enabled
Low
CVE-2024-51753
was published
for
@workos-inc/authkit-remix
(npm)
Nov 5, 2024
ProTip!
Advisories are also available from the
GraphQL API