Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

2,504 advisories

Loading
Podman Origin Validation Error Moderate
CVE-2021-20199 was published for github.com/containers/podman/v3 (Go) May 18, 2021
Kubernetes Privilege Escalation Critical
CVE-2017-1000056 was published for k8s.io/kubernetes (Go) May 12, 2021
Symlink Attack in kubectl cp Moderate
CVE-2019-1002101 was published for k8s.io/kubernetes (Go) Feb 15, 2022
Incorrect Permission Assignment for Critical Resource in Singularity High
CVE-2019-11328 was published for github.com/sylabs/singularity (Go) Dec 20, 2021
Denial of Service in Go-Ethereum Moderate
CVE-2021-43668 was published for github.com/ethereum/go-ethereum (Go) Nov 23, 2021
Denial of Service in Go-Ethereum High
CVE-2022-23327 was published for github.com/ethereum/go-ethereum (Go) Mar 5, 2022
Kubernetes Unsafe Cacheing Moderate
CVE-2019-11244 was published for k8s.io/client-go (Go) Feb 15, 2022
SQL Injection in Couchbase Sync Gateway Critical
CVE-2019-9039 was published for github.com/couchbase/sync_gateway (Go) Feb 15, 2022
andrewpollock
Rancher Vulnerable to Cross-site Request Forgery (CSRF) High
CVE-2019-13209 was published for github.com/rancher/rancher (Go) May 18, 2021
Missing Authorization in Harbor Moderate
CVE-2019-16097 was published for github.com/goharbor/harbor (Go) Feb 15, 2022
Improper Authentication in Apache Traffic Control Critical
CVE-2019-12405 was published for github.com/apache/trafficcontrol (Go) May 18, 2021
Kubernetes kubectl cp Vulnerable to Symlink Attack Moderate
CVE-2019-11251 was published for k8s.io/kubernetes (Go) May 18, 2021
dhowden tag panic due to out-of-bounds read Moderate
CVE-2020-29245 was published for github.com/dhowden/tag (Go) May 24, 2022
Server Side Request Forgery (SSRF) in Kubernetes Moderate
CVE-2020-8555 was published for k8s.io/kubernetes (Go) Feb 15, 2022
Allocation of Resources Without Limits or Throttling and Uncontrolled Memory Allocation in Kubernetes Moderate
CVE-2020-8551 was published for k8s.io/kubernetes (Go) Feb 15, 2022
Kubernetes arbitrary file overwrite Moderate
CVE-2017-1002102 was published for k8s.io/kubernetes (Go) May 13, 2022
marquiz
Buildkit credentials inlined to Git URLs could end up in provenance attestation Moderate
CVE-2023-26054 was published for github.com/moby/buildkit (Go) Mar 7, 2023
oatovar
Consul Server Panic when Ingress and API Gateways Configured with Peering Connections Moderate
CVE-2023-0845 was published for github.com/hashicorp/consul (Go) Mar 9, 2023
Kubernetes API Server DoS Via API Requests Moderate
CVE-2020-8552 was published for k8s.io/apiserver (Go) Feb 15, 2022
skitt marquiz
toddtreece
Blst has logical error in SigValidate in Go bindings Moderate
GHSA-8c37-7qx3-4c4p was published for github.com/supranational/blst (Go) Aug 9, 2023
blukat29
Gitea XSS Vulnerability Moderate
CVE-2019-1010261 was published for code.gitea.io/gitea (Go) May 24, 2022
Hashicorp Nomad Access Control Issues Critical
CVE-2019-12618 was published for github.com/hashicorp/nomad (Go) May 24, 2022
Kubernetes kube-apiserver unauthorized access High
CVE-2019-11247 was published for k8s.io/apiextensions-apiserver (Go) May 24, 2022
Podman Symlink Vulnerability Moderate
CVE-2019-18466 was published for github.com/containers/podman/v4 (Go) May 24, 2022
Helm Unsafe Link Following Critical
CVE-2019-18658 was published for helm.sh/helm (Go) May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database