Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

2,504 advisories

Loading
etcd Cross-site Request Forgery (CSRF) High
CVE-2018-1098 was published for go.etcd.io/etcd/v3 (Go) Feb 15, 2022
Pivotal Concourse SQL Injection Vulnerability High
CVE-2019-3792 was published for github.com/concourse/concourse (Go) Feb 15, 2022
Gitea Remote Code Execution High
CVE-2019-11229 was published for github.com/go-gitea/gitea (Go) Feb 15, 2022
Gitea Remote Code Execution (RCE) Critical
CVE-2018-18926 was published for code.gitea.io/gitea (Go) Feb 15, 2022
Gitea Exposes Private Email Addresses Moderate
CVE-2018-1000803 was published for github.com/go-gitea/gitea (Go) Feb 15, 2022
Kubernetes Arbitrary Command Injection Moderate
CVE-2018-1002101 was published for k8s.io/kubernetes (Go) Feb 15, 2022
Improper Input Validation in vault-ssh-helper High
CVE-2020-24359 was published for github.com/hashicorp/vault-ssh-helper (Go) Feb 15, 2022
Gitea Improper Input Validation High
CVE-2019-11228 was published for github.com/go-gitea/gitea (Go) Feb 15, 2022
Authentication bypass by capture-replay in github.com/cosmos/ethermint High
CVE-2021-25835 was published for github.com/cosmos/ethermint (Go) Feb 15, 2022
Symlink Attack in kubectl cp Moderate
CVE-2019-1002101 was published for k8s.io/kubernetes (Go) Feb 15, 2022
containers/image library Insufficiently Protects Credentials Moderate
CVE-2019-10214 was published for github.com/containers/image (Go) Feb 15, 2022
Allocation of Resources Without Limits or Throttling and Uncontrolled Memory Allocation in Kubernetes Moderate
CVE-2020-8551 was published for k8s.io/kubernetes (Go) Feb 15, 2022
Arbitrary File Write via Archive Extraction in mholt/archiver Moderate
CVE-2018-1002207 was published for github.com/mholt/archiver (Go) Feb 15, 2022
avivdolev
Arbitrary redirects under /new endpoint Moderate
CVE-2021-29622 was published for github.com/prometheus/prometheus (Go) Feb 15, 2022
dodek
Access Restriction Bypass in go-ldap High
CVE-2017-14623 was published for github.com/go-ldap/ldap (Go) Feb 15, 2022
Privilege Escalation in Kubernetes Critical
CVE-2018-1002105 was published for github.com/kubernetes/kubernetes (Go) Feb 15, 2022
Kubernetes API Server DoS Via API Requests Moderate
CVE-2020-8552 was published for k8s.io/apiserver (Go) Feb 15, 2022
skitt marquiz
toddtreece
Information Exposure in Docker Engine High
CVE-2015-3630 was published for github.com/docker/docker (Go) Feb 15, 2022
neersighted
Access Restriction Bypass in kubernetes High
CVE-2016-1905 was published for github.com/kubernetes/kubernetes (Go) Feb 15, 2022
Exposure of Sensitive Information to an Unauthorized Actor and Insertion of Sensitive Information Into Sent Data in Calico Moderate
CVE-2020-13597 was published for github.com/projectcalico/calico (Go) Feb 15, 2022
richardfan0606 luhring
Arbitrary File Override in Docker Engine Moderate
CVE-2015-3631 was published for github.com/docker/docker (Go) Feb 15, 2022
neersighted
Arbitrary File Write in Libcontainer High
CVE-2015-3629 was published for github.com/docker/docker (Go) Feb 15, 2022
Symlink Attack in Libcontainer and Docker Engine Moderate
CVE-2015-3627 was published for github.com/docker/docker (Go) Feb 15, 2022
Improper input validation in umoci Moderate
CVE-2021-29136 was published for github.com/opencontainers/umoci (Go) Feb 15, 2022
Hub Package Arbitrary File Overwrite Moderate
CVE-2014-0177 was published for github.com/github/hub (RubyGems) Feb 15, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database