GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,015
Maven
5,000+
npm
3,721
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+
17 advisories
Filter by severity
activesupport Cross-site Scripting vulnerability
Moderate
CVE-2012-3464
was published
for
activesupport
(RubyGems)
Oct 24, 2017
rails Cross-site Scripting vulnerability
Moderate
CVE-2011-2197
was published
for
actionpack
(RubyGems)
Oct 24, 2017
Doorkeeper is vulnerable to stored XSS and code execution
Moderate
CVE-2018-1000088
was published
for
doorkeeper
(RubyGems)
Mar 13, 2018
Cross-site Scripting in loofah
Moderate
CVE-2018-8048
was published
for
loofah
(RubyGems)
Mar 21, 2018
Json-jwt did not verify the cryptographic signature for data
Moderate
CVE-2018-1000539
was published
for
json-jwt
(RubyGems)
Jul 31, 2018
Bootstrap Cross-site Scripting vulnerability
Moderate
CVE-2018-14042
was published
for
bootstrap
(RubyGems)
Sep 13, 2018
XSS vulnerability that affects bootstrap
Moderate
CVE-2018-20676
was published
for
bootstrap
(RubyGems)
Jan 17, 2019
bootstrap Cross-site Scripting vulnerability
Moderate
CVE-2018-20677
was published
for
bootstrap
(RubyGems)
Jan 17, 2019
Loofah Allows Cross-site Scripting
Moderate
CVE-2019-15587
was published
for
loofah
(RubyGems)
Nov 5, 2019
qiita-markdown Cross-site Scripting vulnerability
Moderate
CVE-2021-28833
was published
for
qiita-markdown
(RubyGems)
Aug 2, 2021
ReDoS vulnerability in parser_apache2
Moderate
CVE-2021-41186
was published
for
fluentd
(RubyGems)
Nov 1, 2021
Cross-site Scripting Vulnerability in Action Pack
Moderate
CVE-2022-22577
was published
for
actionpack
(RubyGems)
Apr 27, 2022
Bootstrap vulnerable to Cross-Site Scripting (XSS)
Moderate
CVE-2018-14040
was published
for
bootstrap
(RubyGems)
May 13, 2022
ember-source Cross-site Scripting vulnerability
Moderate
CVE-2014-0014
was published
for
ember-source
(RubyGems)
May 14, 2022
Fat Free CRM Cross-Site Request Forgery vulnerability
Moderate
CVE-2015-1585
was published
for
fat_free_crm
(RubyGems)
May 14, 2022
Rails::Html::Sanitizer vulnerable to Cross-site Scripting
Moderate
CVE-2022-32209
was published
for
rails-html-sanitizer
(RubyGems)
Jun 25, 2022
ProTip!
Advisories are also available from the
GraphQL API