Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,902
Maven
5,000+
npm
3,631
NuGet
638
pip
3,246
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

6 advisories

Loading
CHECK-fail in LSTM with zero-length input in TensorFlow Low
CVE-2020-26270 was published for tensorflow (pip) Dec 10, 2020
VVE-2021-0002: Incorrect `returndatasize` when using simple forwarder proxies deployed prior to EIP-1167 adoption Low
GHSA-375m-5fvv-xq23 was published for vyper (pip) Apr 19, 2021
Incomplete validation in `SparseReshape` Low
CVE-2021-29611 was published for tensorflow (pip) May 21, 2021
Incorrect parsing of nameless cookies leads to __Host- cookies bypass Low
CVE-2023-23934 was published for Werkzeug (pip) Feb 15, 2023
lavish
OpenStack Nova Scheduler denial of service through scheduler_hints Low
CVE-2012-3371 was published for Nova (pip) May 17, 2022
httplib2 incorrectly checks SSL certificate Low
CVE-2013-2037 was published for httplib2 (pip) May 14, 2022
ProTip! Advisories are also available from the GraphQL API