Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,020 advisories

Loading
bzip2 allows attackers to cause a denial of service via a large file that triggers an integer overflow High
CVE-2023-22895 was published for bzip2 (Rust) Jan 10, 2023
tdunlap607
Data races in lever High
CVE-2020-36457 was published for lever (Rust) Aug 25, 2021
tdunlap607
Duplicate advisory: Deno vulnerable to Regular Expression Denial of Service High
GHSA-xr9w-x6gw-c9mj was published for deno (Rust) Feb 25, 2023 withdrawn
Regular Expression Denial of Service in Deno.upgradeWebSocket API Moderate
CVE-2023-26103 was published for deno (Rust) Apr 3, 2023
dellalibera
Integer Overflow in openssl-src High
CVE-2021-23840 was published for openssl-src (Rust) Aug 25, 2021
another-rex
Permissions bypass in pleaser High
CVE-2021-31154 was published for pleaser (Rust) Aug 25, 2021
another-rex
Deno is vulnerable to race condition via interactive permission prompt spoofing High
CVE-2023-22499 was published for deno (Rust) Jan 20, 2023
tristan-f-r another-rex
Integer Overflow in openssl-src Moderate
CVE-2021-23841 was published for openssl-src (Rust) Aug 25, 2021
another-rex
matrix-sdk-crypto contains potential impersonation via room key forward responses Moderate
CVE-2022-39252 was published for matrix-sdk-crypto (Rust) Sep 30, 2022
michaelkedar
Permissions bypass in pleaser High
CVE-2021-31155 was published for pleaser (Rust) Aug 25, 2021
michaelkedar
Lenient Parsing of Content-Length Header When Prefixed with Plus Sign Low
CVE-2021-32715 was published for hyper (Rust) Jul 12, 2021
mattiasgrenfeldt asta12
tdunlap607
spin-rs initialisation failure in `Once::try_call_once` can lead to undefined behaviour for other initialisers Moderate
GHSA-2qv5-7mw5-j3cg was published for spin (Rust) Apr 3, 2023
Off-by-one error in simple-slab High
CVE-2020-35893 was published for simple-slab (Rust) Aug 25, 2021
tdunlap607
Out of bounds read in bra Critical
CVE-2021-25905 was published for bra (Rust) Aug 25, 2021
tdunlap607
ntru-rs has unsound FFI: Wrong API usage causes write past allocated area Moderate
GHSA-fq33-vmhv-48xh was published for ntru (Rust) Apr 7, 2023
File exposure in pleaser Low
CVE-2021-31153 was published for pleaser (Rust) Aug 25, 2021
another-rex
Space bug in `clean_text` Moderate
GHSA-p2g9-94wh-65c2 was published for ammonia (Rust) Jun 16, 2022
tdunlap607
Read of uninitialized memory in cdr Critical
CVE-2021-26305 was published for cdr (Rust) Aug 25, 2021
tdunlap607
Calculation error in ark-r1cs-std Critical
CVE-2021-38194 was published for ark-r1cs-std (Rust) Aug 25, 2021
tdunlap607
Adverserial use of `make_bitflags!` macro can cause undefined behavior Moderate
GHSA-qvc4-78gw-pv8p was published for enumflags2 (Rust) Apr 24, 2023
Integer overflow in solana_rbpf High
CVE-2021-46102 was published for solana_rbpf (Rust) Jan 28, 2022
Comrak vulnerable to quadratic runtime issues when parsing Markdown (GHSL-2023-047) Moderate
CVE-2023-28626 was published for comrak (Rust) Mar 28, 2023
philipturnbull
Comrak AST node data is not validated (GHSL-2023-049) Moderate
CVE-2023-28631 was published for comrak (Rust) Mar 28, 2023
darakian
Data races in im Moderate
CVE-2020-36204 was published for im (Rust) Aug 25, 2021
bartschuller tdunlap607
h2 vulnerable to denial of service Moderate
CVE-2023-26964 was published for h2 (Rust) Apr 11, 2023
FirelightFlagboy seanmonstar
KisaragiEffective JohnTitor
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database