GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,732
Composer 4,028
Erlang 29
GitHub Actions 16
Go 1,830
Maven 5,045
npm 3,573
NuGet 632
pip 3,157
Pub 10
RubyGems 847
Rust 796
Swift 34

Unreviewed advisories

All unreviewed 224,743

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

4 advisories

Filter by severity

Sort by

Least recently updated

Path traversal in Reposilite javadoc file expansion (arbitrary file creation/overwrite) (`GHSL-2024-073`) High

CVE-2024-36116 was published for com.reposilite:reposilite-backend (Maven) Aug 2, 2024

Reposilite artifacts vulnerable to Stored Cross-site Scripting High

CVE-2024-36115 was published for com.reposilite:reposilite-backend (Maven) Aug 2, 2024

Keycloak vulnerable to Improper Client Certificate Validation for OAuth/OpenID clients High

CVE-2023-2422 was published for org.keycloak:keycloak-services (Maven) Jun 30, 2023

acryl-datahub missing JWT signature check Critical

CVE-2022-39366 was published for acryl-datahub (pip) Oct 31, 2022

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

4 advisories