Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,055
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,605
NuGet
638
pip
3,208
Pub
10
RubyGems
852
Rust
816
Swift
35
Unreviewed advisories
All unreviewed
5,000+

288 advisories

Loading
Key Caching behavior in the DynamoDB Encryption Client. Low
GHSA-4ph2-8337-hm62 was published for dynamodb-encryption-sdk (pip) Feb 8, 2021
Regular Expression Denial of Service (REDoS) in httplib2 Low
CVE-2021-21240 was published for httplib2 (pip) Feb 8, 2021
b-c-ds
Timing attack Low
GHSA-xm8r-5wh6-f46f was published for autobahn (pip) Feb 24, 2021 withdrawn
`aiohttp` Open Redirect vulnerability (`normalize_path_middleware` middleware) Low
CVE-2021-21330 was published for aiohttp (pip) Feb 26, 2021
jelmer g147
Open redirects on some federation and push requests Low
CVE-2021-21273 was published for matrix-synapse (pip) Feb 26, 2021
mscherer
URL Redirection to Untrusted Site ('Open Redirect') in Products.PluggableAuthService Low
CVE-2021-21337 was published for Products.PluggableAuthService (pip) Mar 8, 2021
jugmac00 xoffense
Exposure of Sensitive Information to an Unauthorized Actor in Products.GenericSetup Low
CVE-2021-21360 was published for Products.GenericSetup (pip) Mar 9, 2021
chutchut
Potential sensitive information disclosed in error reports Low
CVE-2021-21416 was published for django-registration (pip) Apr 6, 2021
martinmo tdunlap607
Exposure of Sensitive Information to an Unauthorized Actor in Ansible Low
CVE-2020-1739 was published for ansible (pip) Apr 7, 2021
CSRF Vuln can expose user's QRcode Low
GHSA-fxq4-r6mr-9x64 was published for Flask-Security-Too (pip) Apr 8, 2021
VVE-2021-0002: Incorrect `returndatasize` when using simple forwarder proxies deployed prior to EIP-1167 adoption Low
GHSA-375m-5fvv-xq23 was published for vyper (pip) Apr 19, 2021
Denial of service attack via push rule patterns in matrix-synapse Low
CVE-2021-29471 was published for matrix-synapse (pip) May 13, 2021
Use of "infinity" as an input to datetime and date fields causes infinite loop in pydantic Low
CVE-2021-29510 was published for pydantic (pip) May 13, 2021
nina-j bluetech
Open Redirect in Flask-Security-Too Low
CVE-2021-32618 was published for Flask-Security-Too (pip) May 17, 2021
tdunlap607
Heap buffer overflow in `RaggedBinCount` Low
CVE-2021-29512 was published for tensorflow (pip) May 21, 2021
Type confusion during tensor casts lead to dereferencing null pointers Low
CVE-2021-29513 was published for tensorflow (pip) May 21, 2021
Heap out of bounds write in `RaggedBinCount` Low
CVE-2021-29514 was published for tensorflow (pip) May 21, 2021
Reference binding to null pointer in `MatrixDiag*` ops Low
CVE-2021-29515 was published for tensorflow (pip) May 21, 2021
Null pointer dereference via invalid Ragged Tensors Low
CVE-2021-29516 was published for tensorflow (pip) May 21, 2021
Division by zero in `Conv3D` Low
CVE-2021-29517 was published for tensorflow (pip) May 21, 2021
Session operations in eager mode lead to null pointer dereferences Low
CVE-2021-29518 was published for tensorflow (pip) May 21, 2021
CHECK-fail in SparseCross due to type confusion Low
CVE-2021-29519 was published for tensorflow (pip) May 21, 2021
Heap buffer overflow in `Conv3DBackprop*` Low
CVE-2021-29520 was published for tensorflow (pip) May 21, 2021
Segfault in SparseCountSparseOutput Low
CVE-2021-29521 was published for tensorflow (pip) May 21, 2021
Division by 0 in `Conv3DBackprop*` Low
CVE-2021-29522 was published for tensorflow (pip) May 21, 2021
ProTip! Advisories are also available from the GraphQL API