Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
1,996
Maven
5,000+
npm
3,709
NuGet
661
pip
3,348
Pub
11
RubyGems
885
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

255,714 advisories

Loading
Authentication Weakness in keystone Moderate
GHSA-9xgp-hfw7-73rq was published for keystone (npm) Aug 19, 2020 withdrawn
Command Injection in dns-sync Moderate
GHSA-c6h2-mpc6-232h was published for dns-sync (npm) Aug 27, 2020 withdrawn
Out-of-bounds Read in concat-with-sourcemaps Moderate
GHSA-2xv3-h762-ccxv was published for concat-with-sourcemaps (npm) May 29, 2019
Cross-Site Scripting in bracket-template High
GHSA-jj6g-7j8p-7gf2 was published for bracket-template (npm) May 30, 2019
Cross-Site Scripting in public Low
GHSA-7jfh-2xc9-ccv7 was published for public (npm) May 31, 2019
Prototype Pollution in deap High
GHSA-xrmp-99wj-p6jc was published for deap (npm) May 31, 2019
Regular Expression Denial of Service Moderate
GHSA-7m7q-q53v-j47v was published for marked (npm) Feb 25, 2021 withdrawn
Missing Origin Validation in parcel-bundler Moderate
GHSA-5j4m-89xf-mf5p was published for parcel-bundler (npm) Aug 27, 2020 withdrawn
Withdrawn High
GHSA-wx84-69jh-jjp2 was published for sshpk (npm) Aug 3, 2020 withdrawn
Denial of Service in canvas Moderate
GHSA-vpq5-4rc8-c222 was published for canvas (npm) Jun 5, 2019
Path Traversal in servey Moderate
GHSA-rv49-54qp-fw42 was published for servey (npm) Jun 6, 2019
SQL Injection in typeorm High
GHSA-w7q7-vjp8-7jv4 was published for typeorm (npm) Jun 6, 2019
Withdrawn High
GHSA-p56r-jr4p-4wgh was published for whereis (npm) Aug 3, 2020 withdrawn
Path Traversal in m-server Moderate
GHSA-vc6r-4x6g-mmqc was published for m-server (npm) Jun 11, 2019
Regular Expression Denial of Service Moderate
GHSA-6394-6h9h-cfjg was published for nwmatcher (npm) Jun 7, 2019
Path Traversal in localhost-now High
GHSA-73cw-jxmm-qpgh was published for localhost-now (npm) Jun 11, 2019
Command Injection in macaddress High
GHSA-q9r2-f3vc-rjg8 was published for macaddress (npm) Aug 19, 2020 withdrawn
Insecure Default Configuration in redbird Moderate
GHSA-8948-ffc6-jg52 was published for redbird (npm) Jun 6, 2019
Regular Expression Denial of Service in is-my-json-valid Low
GHSA-4x7c-cx64-49w8 was published for is-my-json-valid (npm) Aug 19, 2020 withdrawn
Remote code execution in Handlebars.js Moderate
GHSA-6r5x-hmgg-7h53 was published for handlebars (npm) Jul 15, 2019 withdrawn
Cross-Site Scripting in ids-enterprise High
GHSA-hpfq-8wx8-cgqw was published for ids-enterprise (npm) Jun 13, 2019
Cross-Site Scripting in ids-enterprise High
GHSA-49r3-3h96-rwj6 was published for ids-enterprise (npm) Jun 13, 2019
Regular Expression Denial of Service Moderate
GHSA-jcgq-xh2f-2hfm was published for eslint (npm) Feb 25, 2021 withdrawn
Sandbox Bypass Leading to Arbitrary Code Execution in constantinople Critical
GHSA-4vmm-mhcq-4x9j was published for constantinople (npm) Jun 14, 2019
Denial of Service in protobufjs Moderate
GHSA-4gpv-cvmq-6526 was published for protobufjs (npm) Aug 19, 2020 withdrawn
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database