GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,866
Erlang
36
GitHub Actions
36
Go
2,492
Maven
5,000+
npm
4,115
NuGet
735
pip
3,939
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+
213 advisories
Filter by severity
Resources Downloaded over Insecure Protocol in igniteui
Low
CVE-2016-10552
was published
for
igniteui
(npm)
Feb 18, 2019
Undefined Behavior in sailsjs-cacheman
Low
GHSA-5w65-6875-rhq8
was published
for
sailsjs-cacheman
(npm)
Sep 11, 2019
Sensitive Data Exposure in sequelize-cli
Low
GHSA-3xc7-xg67-pw99
was published
for
sequelize-cli
(npm)
Jun 5, 2019
Regular Expression Denial of Service in braces
Low
GHSA-g95f-p29q-9xw4
was published
for
braces
(npm)
Jun 6, 2019
Regular Expression Denial of Service in is-my-json-valid
Low
GHSA-4x7c-cx64-49w8
was published
for
is-my-json-valid
(npm)
Aug 19, 2020
•
withdrawn
Open Redirect in hekto
Low
GHSA-c5j4-vw9m-xc95
was published
for
hekto
(npm)
Aug 27, 2020
•
withdrawn
Insecure Credential Storage in web3
Low
GHSA-27v7-qhfv-rqq8
was published
for
web3
(npm)
May 30, 2019
Incorrect default cookie name and recommendation
Low
GHSA-jjmg-x456-w976
was published
for
csrf-csrf
(npm)
Oct 10, 2022
ProTip!
Advisories are also available from the
GraphQL API