GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
16 advisories
Filter by severity
Use after free in string-interner
High
CVE-2019-16882
was published
for
string-interner
(Rust)
Aug 25, 2021
Improper Input Validation in once_cell
High
CVE-2019-16141
was published
for
once_cell
(Rust)
Aug 25, 2021
Out of bounds write in serde_cbor
High
CVE-2019-25001
was published
for
serde_cbor
(Rust)
Aug 25, 2021
Array size is not checked in sized-chunks
High
CVE-2020-25792
was published
for
sized-chunks
(Rust)
Aug 25, 2021
Stack consumption in trust-dns-server
High
CVE-2020-35857
was published
for
trust-dns-server
(Rust)
Aug 25, 2021
Off-by-one error in simple-slab
High
CVE-2020-35893
was published
for
simple-slab
(Rust)
Aug 25, 2021
Use of Uninitialized Resource in smallvec
High
CVE-2018-25023
was published
for
smallvec
(Rust)
Jan 6, 2022
Slack Morphism for Rust before 0.41.0 can leak Slack OAuth client information in application debug logs
High
CVE-2022-31162
was published
for
slack-morphism
(Rust)
Jul 20, 2022
bzip2 allows attackers to cause a denial of service via a large file that triggers an integer overflow
High
CVE-2023-22895
was published
for
bzip2
(Rust)
Jan 10, 2023
Warp vulnerable to Path Traversal via Improper validation of Windows paths
High
GHSA-8v4j-7jgf-5rg9
was published
for
warp
(Rust)
Jan 31, 2023
ProTip!
Advisories are also available from the
GraphQL API