Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

311 advisories

Loading
Uncontrolled Resource Consumption in github.com/google/fscrypt Moderate
CVE-2022-25326 was published for github.com/google/fscrypt (Go) Feb 26, 2022
tdunlap607
HashiCorp Consul Ingress Gateway Panic Can Shutdown Servers Moderate
CVE-2022-24687 was published for github.com/hashicorp/consul (Go) Feb 25, 2022
Nomad Spread Job Stanza May Trigger Panic in Servers Moderate
CVE-2022-24684 was published for github.com/hashicorp/nomad (Go) Feb 16, 2022
westonsteimel
Kubernetes API Server DoS Via API Requests Moderate
CVE-2020-8552 was published for k8s.io/apiserver (Go) Feb 15, 2022
skitt marquiz
toddtreece
Denial of service in Grafana Moderate
CVE-2021-27358 was published for github.com/grafana/grafana (Go) Feb 15, 2022
Denial of Service (DoS) in HashiCorp Consul Moderate
CVE-2020-12758 was published for github.com/hashicorp/consul (Go) Feb 15, 2022
Memory exhaustion in Tensorflow Moderate
CVE-2022-21733 was published for tensorflow (pip) Feb 10, 2022
Memory exhaustion in Tensorflow Moderate
CVE-2022-21732 was published for tensorflow (pip) Feb 10, 2022
Abort caused by allocating a vector that is too large in Tensorflow Moderate
CVE-2022-23580 was published for tensorflow (pip) Feb 7, 2022
Denial of Service Vulnerability in next.js Moderate
CVE-2022-21721 was published for next (npm) Jan 28, 2022
ijjk
Denial of Service in graphql-go Moderate
CVE-2022-21708 was published for github.com/graph-gophers/graphql-go (Go) Jan 27, 2022
jupenur
Memory leak in micronaut-core Moderate
CVE-2022-21700 was published for io.micronaut:micronaut-http (Maven) Jan 21, 2022
chrischiappe larrycarasco
Uncontrolled Resource Consumption in markdown-it Moderate
CVE-2022-21670 was published for markdown-it (npm) Jan 12, 2022
makenowjust
Regular Expression Denial of Service in postcss Moderate
CVE-2021-23382 was published for postcss (npm) Jan 7, 2022
DeeDeeG Towerism
Hash collision in typelevel jawn Moderate
CVE-2022-21653 was published for org.typelevel:jawn-parser (Maven) Jan 6, 2022
nrktkt
Regular expression deinal of service (ReDoS) in is-my-json-valid Moderate
CVE-2018-1107 was published for is-my-json-valid (npm) Jan 6, 2022
Regular Expression Denial of Service (ReDoS) in lodash Moderate
CVE-2020-28500 was published for lodash (npm) Jan 6, 2022
mitchell-codecov nitaiapiiro
DmitriyLewen jkmartindale
jsx-slack insufficient patch for CVE-2021-43838 ReDoS Moderate
CVE-2021-43843 was published for jsx-slack (npm) Jan 6, 2022
hieki
A vulnerability in Atomix v3.1.5 allows attackers to cause a denial of service (DoS) via a Raft session flooding attack using Raft OpenSessionRequest messages. Moderate
CVE-2020-35210 was published for io.atomix:atomix (Maven) Dec 17, 2021
Prototype pollution in paypal-adaptive Moderate
CVE-2020-7643 was published for paypal-adaptive (npm) Dec 10, 2021
Uncontrolled Resource Consumption in strapi Moderate
CVE-2020-8123 was published for strapi-admin (npm) Dec 10, 2021
J3rry-1729
OctoRPKI crashes when processing GZIP bomb returned via malicious repository Moderate
CVE-2021-3912 was published for github.com/cloudflare/cfrpki (Go) Nov 10, 2021
Infinite certificate chain depth results in OctoRPKI running forever Moderate
CVE-2021-3908 was published for github.com/cloudflare/cfrpki (Go) Nov 10, 2021
andrewpollock
Infinite open connection causes OctoRPKI to hang forever Moderate
CVE-2021-3909 was published for github.com/cloudflare/cfrpki (Go) Nov 10, 2021
michaelkedar
ReDoS vulnerability in parser_apache2 Moderate
CVE-2021-41186 was published for fluentd (RubyGems) Nov 1, 2021
tdunlap607
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database