GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
18 advisories
AWS CDK RestApi not generating authorizationScope correctly in resultant CFN template
Moderate
CVE-2024-45037
was published
for
aws-cdk
(npm)
Aug 27, 2024
AWS CDK EKS overly permissive trust policies
Moderate
CVE-2023-35165
was published
for
@aws-cdk/aws-eks
(npm)
Jun 19, 2023
Incorrect Permission Checking for GraphQL Subscriptions
Moderate
CVE-2023-38503
was published
for
directus
(npm)
Jul 25, 2023
GraphQL: Security breach on Viewer query
Moderate
CVE-2020-15126
was published
for
parse-server
(npm)
Jul 22, 2020
NextAuth.js before 4.10.3 and 3.29.10 sending verification requests (magic link) to unwanted emails
Critical
CVE-2022-35924
was published
for
next-auth
(npm)
Aug 2, 2022
Field-level access-control bypass for multiselect field
Critical
CVE-2022-39322
was published
for
@keystone-6/core
(npm)
Oct 18, 2022
Android WebView Universal Cross-site Scripting
Moderate
CVE-2020-6506
was published
for
react-native-webview
(npm)
Oct 2, 2020
Incorrect Authorization in cross-fetch
Moderate
CVE-2022-1365
was published
for
cross-fetch
(npm)
Apr 17, 2022
parse-server new anonymous user session acts as if it's created with password
Moderate
CVE-2021-39138
was published
for
parse-server
(npm)
Aug 23, 2021
ProTip!
Advisories are also available from the
GraphQL API