GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
16 advisories
Filter by severity
Warp vulnerable to Path Traversal via Improper validation of Windows paths
High
GHSA-8v4j-7jgf-5rg9
was published
for
warp
(Rust)
Jan 31, 2023
bzip2 allows attackers to cause a denial of service via a large file that triggers an integer overflow
High
CVE-2023-22895
was published
for
bzip2
(Rust)
Jan 10, 2023
Off-by-one error in simple-slab
High
CVE-2020-35893
was published
for
simple-slab
(Rust)
Aug 25, 2021
Improper Input Validation in once_cell
High
CVE-2019-16141
was published
for
once_cell
(Rust)
Aug 25, 2021
Out of bounds write in serde_cbor
High
CVE-2019-25001
was published
for
serde_cbor
(Rust)
Aug 25, 2021
Use after free in string-interner
High
CVE-2019-16882
was published
for
string-interner
(Rust)
Aug 25, 2021
Slack Morphism for Rust before 0.41.0 can leak Slack OAuth client information in application debug logs
High
CVE-2022-31162
was published
for
slack-morphism
(Rust)
Jul 20, 2022
Use of Uninitialized Resource in smallvec
High
CVE-2018-25023
was published
for
smallvec
(Rust)
Jan 6, 2022
Stack consumption in trust-dns-server
High
CVE-2020-35857
was published
for
trust-dns-server
(Rust)
Aug 25, 2021
Array size is not checked in sized-chunks
High
CVE-2020-25792
was published
for
sized-chunks
(Rust)
Aug 25, 2021
ProTip!
Advisories are also available from the
GraphQL API