Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

2,504 advisories

Loading
Cross-site scripting in Dutchcoders transfer.sh Moderate
CVE-2021-33496 was published for github.com/dutchcoders/transfer.sh (Go) Jun 29, 2021
CRLF vulnerability in Fiber Moderate
CVE-2020-15111 was published for github.com/gofiber/fiber (Go) Jun 29, 2021
hsblhsn abdshaleh
Go Ethereum Denial of Service High
CVE-2018-19184 was published for github.com/ethereum/go-ethereum (Go) Jun 29, 2021
Consensus flaw during block processing in github.com/ethereum/go-ethereum Moderate
CVE-2020-26265 was published for github.com/ethereum/go-ethereum (Go) Jun 29, 2021
johnyangk
Denial of service in github.com/ethereum/go-ethereum Moderate
CVE-2020-26264 was published for github.com/ethereum/go-ethereum (Go) Jun 29, 2021
lukaszmatczak
Denial of service in go-ethereum due to CVE-2020-28362 Critical
GHSA-m6gx-rhvj-fh52 was published for github.com/ethereum/go-ethereum (Go) Jun 29, 2021
Denial of service in geth Moderate
CVE-2020-26242 was published for github.com/ethereum/go-ethereum (Go) Jun 29, 2021
Shallow copy bug in geth Moderate
CVE-2020-26241 was published for github.com/ethereum/go-ethereum (Go) Jun 29, 2021
johnyangk
Erroneous Proof of Work calculation in geth Moderate
CVE-2020-26240 was published for github.com/ethereum/go-ethereum (Go) Jun 29, 2021
slavikus
Cross-site Scripting in Gogs Moderate
CVE-2014-8683 was published for gogs.io/gogs (Go) Jun 29, 2021
SQL Injection in Gogs High
CVE-2014-8682 was published for gogs.io/gogs (Go) Jun 29, 2021
SQL Injection in gogs.io/gogs Moderate
CVE-2014-8681 was published for github.com/gogits/gogs (Go) Jun 29, 2021
Open Redirect Moderate
CVE-2018-15178 was published for gogs.io/gogs (Go) Jun 29, 2021
Improper Privilege Management in HashiCorp Nomad High
CVE-2021-3283 was published for github.com/hashicorp/nomad (Go) Jun 24, 2021
Improper network isolation in Hashicorp Nomad Moderate
CVE-2021-32575 was published for github.com/hashicorp/nomad (Go) Jun 24, 2021
Incorrect Authorization in ORY Oathkeeper High
CVE-2021-32701 was published for github.com/ory/oathkeeper (Go) Jun 24, 2021
Improper Neutralization of Special Elements in Output in helm.sh/helm/v3 Moderate
CVE-2021-21303 was published for helm.sh/helm/v3 (Go) Jun 23, 2021
Plugin archive directory traversal in Helm Low
CVE-2020-4053 was published for helm.sh/helm/v3 (Go) Jun 23, 2021
snoopysecurity
Duplicate Advisory: Helm passes repository credentials to alternate domain Moderate
GHSA-7jr6-prv4-5wf5 was published for helm.sh/helm/v3 (Go) Jun 23, 2021 withdrawn
Helm passes repository credentials to alternate domain Moderate
CVE-2021-32690 was published for helm.sh/helm/v3 (Go) Jun 23, 2021
Unchecked hostname resolution could allow access to local network resources by users outside the local network Moderate
GHSA-6rg3-8h8x-5xfv was published for github.com/pterodactyl/wings (Go) Jun 23, 2021
Asymmetric Resource Consumption (Amplification) in Docker containers created by Wings Moderate
CVE-2021-32699 was published for github.com/pterodactyl/wings (Go) Jun 23, 2021
Helm uses crypto package vulnerable to panic from malformed X.509 certificate High
CVE-2020-7919 was published for github.com/helm/helm (Go) Jun 23, 2021
Possible bypass of token claim validation when OAuth2 Introspection caching is enabled High
GHSA-qvp4-rpmr-xwrr was published for github.com/ory/oathkeeper (Go) Jun 23, 2021
flusflas
Access Control Bypass Moderate
CVE-2018-20321 was published for github.com/rancher/rancher (Go) Jun 23, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database