GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,961
Composer 4,055
Erlang 29
GitHub Actions 19
Go 1,889
Maven 5,076
npm 3,605
NuGet 638
pip 3,208
Pub 10
RubyGems 852
Rust 816
Swift 35

Unreviewed advisories

All unreviewed 227,369

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

5 advisories

Filter by severity

Sort by

Least recently updated

Helm dependency management path traversal Moderate

CVE-2024-25620 was published for helm.sh/helm/v3 (Go) Feb 15, 2024

registry-support: decompress can delete files outside scope via relative paths High

CVE-2024-1485 was published for github.com/devfile/registry-support/registry-library (Go) Feb 14, 2024

Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server Moderate

CVE-2023-40026 was published for github.com/argoproj/argo-cd (Go) Sep 27, 2023

Kubernetes vulnerable to path traversal Moderate

CVE-2022-3162 was published for github.com/kubernetes/kubernetes (Go) Mar 1, 2023

Buildah (as part of Podman) vulnerable to Path Traversal Low

CVE-2022-4123 was published for github.com/containers/podman/v4 (Go) Dec 8, 2022

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

5 advisories