GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,088
Composer 4,077
Erlang 29
GitHub Actions 19
Go 1,901
Maven 5,098
npm 3,631
NuGet 638
pip 3,244
Pub 10
RubyGems 863
Rust 818
Swift 35

Unreviewed advisories

All unreviewed 228,413

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

5 advisories

Filter by severity

Sort by

Least recently updated

Data Amplification in Play Framework Low

CVE-2020-28923 was published for com.typesafe.play:play (Maven) Feb 9, 2022

Improper Input Validation in Jenkins Low

CVE-2017-1000401 was published for org.jenkins-ci.main:jenkins-core (Maven) May 14, 2022

Jenkins Resource Disposer Plugin allows attacker to stop tracking specified resource Low

CVE-2018-1999037 was published for org.jenkins-ci.plugins:resource-disposer (Maven) May 14, 2022

Jetty invalid URI parsing may produce invalid HttpURI.authority Low

CVE-2022-2047 was published for org.eclipse.jetty:jetty-http (Maven) Jul 7, 2022

Apache Druid: Users can provide MySQL JDBC properties not on allow list Low

CVE-2024-45537 was published for org.apache.druid:druid (Maven) Sep 17, 2024

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

5 advisories