Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

6 advisories

Loading
Cache Manipulation Attack in Apache Traffic Control Moderate
CVE-2020-17522 was published for github.com/apache/trafficcontrol (Go) Jun 18, 2021
Rack-Cache caches sensitive headers Moderate
CVE-2012-2671 was published for rack-cache (RubyGems) May 17, 2022
Apache Airflow does not return the "Cache-Control" header for dynamic content Low
CVE-2024-25142 was published for apache-airflow (pip) Jun 14, 2024
Flask-AppBuilder's login form allows browser to cache sensitive fields Moderate
CVE-2024-45314 was published for flask-appbuilder (pip) Sep 4, 2024
NextJS-Auth0 SDK Vulnerable to CDN Caching of Session Cookies High
CVE-2025-48947 was published for @auth0/nextjs-auth0 (npm) Jun 4, 2025
Better Call routing bug can lead to Cache Deception Moderate
GHSA-hq75-xg7r-rx6c was published for better-call (npm) Jul 11, 2025
mwlik
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database