Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,026 advisories

Loading
Potential segfault in `localtime_r` invocations Moderate
GHSA-cqpr-pcm7-m3jc was published for chrono (Rust) Jun 16, 2022 withdrawn
sugar700 penberg
InputStream::read_exact : `Read` on uninitialized buffer causes UB High
GHSA-hmx9-jm3v-33hv was published for buffoon (Rust) Jun 16, 2022
`Read` on uninitialized buffer can cause UB (impl of `ReadKVExt`) High
GHSA-5phc-849h-vcxg was published for bronzedb-protocol (Rust) Jun 16, 2022
`read` on uninitialized buffer may cause UB (bite::read::BiteReadExpandedExt::read_framed_max) High
GHSA-72r2-rg28-47v9 was published for bite (Rust) Jun 16, 2022
'Read' on uninitialized memory may cause UB High
GHSA-c6px-4grw-hrjr was published for binjs_io (Rust) Jun 16, 2022
Arrow2 allows double free in `safe` code High
GHSA-5j8w-r7g8-5472 was published for arrow2 (Rust) Jun 16, 2022
`FixedSizeBinaryArray` does not perform bound checks on accessing values and offsets High
GHSA-qgrp-8f3v-q85p was published for arrow (Rust) Jun 16, 2022
`DecimalArray` does not perform bound checks on accessing values and offsets High
GHSA-h588-76vg-prgj was published for arrow (Rust) Jun 16, 2022
Reading on uninitialized memory may cause UB ( `util::read_spv()` ) High
GHSA-qj69-c89v-jwq2 was published for ash (Rust) Jun 16, 2022
`BinaryArray` does not perform bound checks on reading values and offsets High
GHSA-r7cj-wmwv-hfw5 was published for arrow (Rust) Jun 16, 2022
`array!` macro is unsound when its length is impure constant Moderate
GHSA-7v4j-8wvr-v55r was published for array-macro (Rust) Jun 16, 2022
sugar700
`array!` macro is unsound in presence of traits that implement methods it calls internally Moderate
GHSA-83gg-pwxf-jr89 was published for array-macro (Rust) Jun 16, 2022
sugar700
Space bug in `clean_text` Moderate
GHSA-p2g9-94wh-65c2 was published for ammonia (Rust) Jun 16, 2022
tdunlap607
`Read` on uninitialized buffer in `fill_buf()` and `read_up_to()` High
GHSA-hv9v-7w3v-rj6f was published for acc_reader (Rust) Jun 16, 2022
abomonation transmutes &T to and from &[u8] without sufficient constraints High
GHSA-hfxp-p695-629x was published for abomonation (Rust) Jun 16, 2022
Library exclusively intended to obfuscate code. Moderate
GHSA-gfg9-x6px-r7gr was published for plutonium (Rust) Jun 16, 2022
Duplicate Advisory: Integer Overflow in HeaderMap::reserve() can cause Denial of Service High
CVE-2019-25008 was published for http (Rust) Jun 16, 2022 withdrawn
matveybaykalov
Type confusion if __private_get_type_id__ is overriden Critical
CVE-2020-25575 was published for failure (Rust) Jun 16, 2022
michaelkedar
Link Following in Deno High
CVE-2021-41641 was published for deno (Rust) Jun 13, 2022
`MsQueue` `push`/`pop` use the wrong orderings Moderate
GHSA-rwf4-gx62-rqfw was published for crossbeam (Rust) Jun 8, 2022
Observable Timing Discrepancy in totp-rs Moderate
CVE-2022-29185 was published for totp-rs (Rust) May 24, 2022
tdunlap607
Routinator infinite loop vulnerability High
CVE-2021-43172 was published for routinator (Rust) May 24, 2022
SM2 Decryption Buffer Overflow Critical
CVE-2021-3711 was published for openssl-src (Rust) May 24, 2022
another-rex
Read buffer overruns processing ASN.1 strings High
CVE-2021-3712 was published for openssl-src (Rust) May 24, 2022
another-rex
Exposure of Sensitive Information to an Unauthorized Actor in MongoDB Rust Driver Moderate
CVE-2021-20332 was published for mongodb (Rust) May 24, 2022
alex-semenyuk richardfan0606
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database