Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

2,087 advisories

Loading
Duplicate Advisory: k8s.io/kube-state-metrics Exposure of Sensitive Information Moderate
CVE-2019-17110 was published for github.com/kubernetes/kube-state-metrics (Go) May 18, 2021 withdrawn
XML Entity Expansion and Improper Input Validation in Kubernetes API server High
CVE-2019-11253 was published for k8s.io/kubernetes (Go) May 18, 2021
Out-of-bounds read in Apache Thrift High
CVE-2019-0210 was published for github.com/apache/thrift (Go) May 18, 2021
Path Traversal in MHolt Archiver Moderate
CVE-2019-10743 was published for github.com/mholt/archiver (Go) May 18, 2021
Cloud Foundry Routing Improper Input Validation vulnerability High
CVE-2019-11289 was published for code.cloudfoundry.org/gorouter (Go) May 18, 2021
Cross-site Scripting in Documize Moderate
CVE-2019-19619 was published for github.com/documize/community (Go) May 18, 2021
Improper Access Control in Lightning Network Daemon High
CVE-2019-12999 was published for github.com/lightningnetwork/lnd (Go) May 18, 2021
Kubernetes kubectl cp Vulnerable to Symlink Attack Moderate
CVE-2019-11251 was published for k8s.io/kubernetes (Go) May 18, 2021
GPGME Go wrapper contains Use After Free High
CVE-2020-8945 was published for github.com/proglottis/gpgme (Go) May 18, 2021
Improper Verification of Cryptographic Signature in golang.org/x/crypto High
CVE-2020-9283 was published for golang.org/x/crypto (Go) May 18, 2021
Kubernetes Privilege Escalation Critical
CVE-2017-1000056 was published for k8s.io/kubernetes (Go) May 12, 2021
Improper Locking in github.com/containers/storage Moderate
CVE-2021-20291 was published for github.com/containers/storage (Go) May 10, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database