Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,122
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,020
Swift
39
Unreviewed advisories
All unreviewed
5,000+

379 advisories

Loading
Warp vulnerable to Path Traversal via Improper validation of Windows paths High
GHSA-8v4j-7jgf-5rg9 was published for warp (Rust) Jan 31, 2023
tdunlap607
bzip2 allows attackers to cause a denial of service via a large file that triggers an integer overflow High
CVE-2023-22895 was published for bzip2 (Rust) Jan 10, 2023
tdunlap607
Data races in lever High
CVE-2020-36457 was published for lever (Rust) Aug 25, 2021
tdunlap607
Duplicate advisory: Deno vulnerable to Regular Expression Denial of Service High
GHSA-xr9w-x6gw-c9mj was published for deno (Rust) Feb 25, 2023 withdrawn
Integer Overflow in openssl-src High
CVE-2021-23840 was published for openssl-src (Rust) Aug 25, 2021
another-rex
Permissions bypass in pleaser High
CVE-2021-31154 was published for pleaser (Rust) Aug 25, 2021
another-rex
Deno is vulnerable to race condition via interactive permission prompt spoofing High
CVE-2023-22499 was published for deno (Rust) Jan 20, 2023
tristan-f-r another-rex
Permissions bypass in pleaser High
CVE-2021-31155 was published for pleaser (Rust) Aug 25, 2021
michaelkedar
Off-by-one error in simple-slab High
CVE-2020-35893 was published for simple-slab (Rust) Aug 25, 2021
tdunlap607
Integer overflow in solana_rbpf High
CVE-2021-46102 was published for solana_rbpf (Rust) Jan 28, 2022
Out of bounds read in uu_od High
CVE-2021-29934 was published for uu_od (Rust) Aug 25, 2021
tdunlap607
abomonation transmutes &T to and from &[u8] without sufficient constraints High
GHSA-hfxp-p695-629x was published for abomonation (Rust) Jun 16, 2022
`Read` on uninitialized buffer in `fill_buf()` and `read_up_to()` High
GHSA-hv9v-7w3v-rj6f was published for acc_reader (Rust) Jun 16, 2022
Abomonation transmutes &T to and from &[u8] without sufficient constraints High
CVE-2021-45708 was published for abomonation (Rust) Jan 6, 2022
Use of Uninitialized Resource in bite. High
CVE-2020-36511 was published for bite (Rust) Jan 6, 2022
'Read' on uninitialized memory may cause UB High
GHSA-c6px-4grw-hrjr was published for binjs_io (Rust) Jun 16, 2022
`read` on uninitialized buffer may cause UB (bite::read::BiteReadExpandedExt::read_framed_max) High
GHSA-72r2-rg28-47v9 was published for bite (Rust) Jun 16, 2022
Out of bounds write in arenavec High
CVE-2021-29930 was published for arenavec (Rust) Aug 25, 2021
Double free in arenavec High
CVE-2021-29931 was published for arenavec (Rust) Aug 25, 2021
Data races in conquer-once High
CVE-2020-36208 was published for conquer-once (Rust) Aug 25, 2021
Improper Input Validation in cookie High
CVE-2017-18589 was published for cookie (Rust) Aug 25, 2021
crossbeam-channel Undefined Behavior before v0.4.4 High
CVE-2020-15254 was published for crossbeam-channel (Rust) Aug 25, 2021
Denial of Service in ckb High
CVE-2021-45700 was published for ckb (Rust) Jan 6, 2022
Allocation of Resources Without Limits or Throttling in ckb High
CVE-2021-45699 was published for ckb (Rust) Jan 6, 2022
columnar: `Read` on uninitialized buffer may cause UB (ColumnarReadExt::read_typed_vec()) High
GHSA-cxcc-q839-2cw9 was published for columnar (Rust) Jun 16, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database