Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,902
Maven
5,000+
npm
3,631
NuGet
638
pip
3,246
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

7 advisories

Loading
@strapi/plugin-upload has a Denial-of-Service via Improper Exception Handling Moderate
CVE-2024-31217 was published for @strapi/plugin-upload (npm) Jun 12, 2024
CxDavidepaalte derrickmehaffy
Marc-Roig alexandrebodin
engine.io Uncaught Exception vulnerability Moderate
CVE-2023-31125 was published for engine.io (npm) May 3, 2023
mercurius has Uncaught Exception when using subscriptions Moderate
CVE-2023-22477 was published for mercurius (npm) Jan 9, 2023
marcolanaro
Uncaught exception in engine.io Moderate
CVE-2022-41940 was published for engine.io (npm) Nov 21, 2022
G-Rath
Unexpected server crash in Next.js Moderate
CVE-2022-36046 was published for next (npm) Aug 30, 2022
Denial of Service in node-static Moderate
GHSA-8r4g-cg4m-x23c was published for node-static (npm) Sep 22, 2021
Denial of Service in sequelize Moderate
GHSA-fw4p-36j9-rrj3 was published for sequelize (npm) Sep 3, 2020
ProTip! Advisories are also available from the GraphQL API