Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,298
Erlang
31
GitHub Actions
21
Go
2,063
Maven
5,000+
npm
3,744
NuGet
668
pip
3,424
Pub
12
RubyGems
892
Rust
876
Swift
36
Unreviewed advisories
All unreviewed
5,000+

762 advisories

Loading
Incorrect Authorization in runc High
CVE-2019-16884 was published for github.com/opencontainers/runc (Go) Feb 22, 2022
Use of Hard-coded Cryptographic Key in Netmaker High
CVE-2022-0664 was published for github.com/gravitl/netmaker (Go) Feb 19, 2022
Arbitrary file reads in HashiCorp Nomad High
CVE-2022-24683 was published for github.com/hashicorp/nomad (Go) Feb 18, 2022
tdunlap607
Skip the router TLS configuration when the host header is an FQDN High
CVE-2022-23632 was published for github.com/traefik/traefik/v2 (Go) Feb 16, 2022
bawolff
Uncontrolled Resource Consumption in promhttp High
CVE-2022-21698 was published for github.com/prometheus/client_golang (Go) Feb 16, 2022
dgl
Arbitrary File Write in Libcontainer High
CVE-2015-3629 was published for github.com/docker/docker (Go) Feb 15, 2022
Information Exposure in Heketi High
CVE-2017-15104 was published for github.com/heketi/heketi (Go) Feb 15, 2022
Denial of Service in Packetbeat High
CVE-2017-11480 was published for github.com/elastic/beats (Go) Feb 15, 2022
Cryptographic Issues in ECK High
CVE-2020-7010 was published for github.com/elastic/cloud-on-k8s (Go) Feb 15, 2022
Authentication Bypass by Primary Weakness in github.com/kongchuanhujiao/server High
CVE-2021-21403 was published for github.com/kongchuanhujiao/server (Go) Feb 15, 2022
qianjunakasumi
Improper Authentication in Kubernetes High
CVE-2020-8558 was published for k8s.io/kubernetes (Go) Feb 15, 2022
halfcrazy
Denial of Service in Bytom High
CVE-2018-18206 was published for github.com/bytom/bytom (Go) Feb 15, 2022
Istio may not check inbound TCP connections against istio-policy High
CVE-2019-12243 was published for istio.io/istio (Go) Feb 15, 2022
Link Following in Kata Runtime High
CVE-2020-2026 was published for github.com/kata-containers/runtime (Go) Feb 15, 2022
Arbitrary Code Execution High
CVE-2014-9357 was published for github.com/docker/docker (Go) Feb 15, 2022
Infinite loop in Yubico yubihsm-connector High
CVE-2021-28484 was published for github.com/Yubico/yubihsm-connector (Go) Feb 15, 2022
Access Restriction Bypass in go-ldap High
CVE-2017-14623 was published for github.com/go-ldap/ldap (Go) Feb 15, 2022
containernetworking/cni improper limitation of path name High
CVE-2021-20206 was published for github.com/containernetworking/cni (Go) Feb 15, 2022
Reject unauthorized access with GitHub PATs High
CVE-2021-21432 was published for github.com/go-vela/server (Go) Feb 15, 2022
JordanSussman
Authentication bypass by capture-replay in github.com/cosmos/ethermint High
CVE-2021-25835 was published for github.com/cosmos/ethermint (Go) Feb 15, 2022
Pivotal Concourse SQL Injection Vulnerability High
CVE-2019-3792 was published for github.com/concourse/concourse (Go) Feb 15, 2022
Gitea Remote Code Execution High
CVE-2019-11229 was published for github.com/go-gitea/gitea (Go) Feb 15, 2022
Denial of service in github.com/nats-io/nats-server/server High
CVE-2020-28466 was published for github.com/nats-io/nats-server (Go) Feb 15, 2022
Authentication bypass by capture-replay in github.com/cosmos/ethermint High
CVE-2021-25834 was published for github.com/cosmos/ethermint (Go) Feb 15, 2022
Gitea Improper Input Validation High
CVE-2019-11228 was published for github.com/go-gitea/gitea (Go) Feb 15, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database