GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
936 advisories
Cross-site Scripting in Mattermost
Moderate
CVE-2021-37860
was published
for
github.com/mattermost/mattermost-server/v5
(Go)
Sep 23, 2021
Improperly Implemented path matching for in-toto-golang
Moderate
CVE-2021-41087
was published
for
github.com/in-toto/in-toto-golang
(Go)
Sep 22, 2021
Path traversal in Grafana Loki
Moderate
CVE-2021-36156
was published
for
github.com/grafana/loki
(Go)
Sep 2, 2021
Improper Certificate Handling
Moderate
CVE-2020-9321
was published
for
github.com/traefik/traefik
(Go)
Sep 2, 2021
Ethereum Contains Consensus Flaw During Block Processing
Moderate
CVE-2021-39137
was published
for
github.com/ethereum/go-ethereum
(Go)
Aug 30, 2021
Archive package allows chmod of file outside of unpack target directory
Moderate
CVE-2021-32760
was published
for
github.com/containerd/containerd
(Go)
Jul 26, 2021
Buildah processes using chroot isolation may leak environment values to intermediate processes
Moderate
CVE-2021-3602
was published
for
github.com/containers/buildah
(Go)
Jul 19, 2021
CRLF vulnerability in Fiber
Moderate
CVE-2020-15111
was published
for
github.com/gofiber/fiber
(Go)
Jun 29, 2021
ProTip!
Advisories are also available from the
GraphQL API