GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
137,186 advisories
Object injection in cookie driver in phpfastcache
Moderate
CVE-2019-16774
was published
for
phpfastcache/phpfastcache
(Composer)
Dec 12, 2019
Opened exploitable ports in default docker-compose.yaml in go-ipfs
Moderate
GHSA-fx5p-f64h-93xc
was published
for
github.com/ipfs/go-ipfs
(Go)
Apr 4, 2022
Inefficient Regular Expression Complexity in Validator.js
Moderate
GHSA-xx4c-jj58-r7x6
was published
for
validator
(npm)
Nov 19, 2021
GitHub CLI can execute a git binary from the current directory
Moderate
GHSA-fqfh-778m-2v32
was published
for
github.com/cli/cli
(Go)
Feb 11, 2022
Arbitrary File Write via Archive Extraction in mholt/archiver
Moderate
CVE-2018-1002207
was published
for
github.com/mholt/archiver
(Go)
Feb 15, 2022
Pannellum Cross-Site Scripting due to data not being sanitized for URIs or vbscript
Moderate
CVE-2019-16763
was published
for
pannellum
(npm)
Nov 22, 2019
ProTip!
Advisories are also available from the
GraphQL API