Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
40
Go
2,974
Maven
5,000+
npm
4,621
NuGet
788
pip
4,317
Pub
12
RubyGems
984
Rust
1,131
Swift
49
Unreviewed advisories
All unreviewed
5,000+

107 advisories

Loading
Remote code execution via the `pretty` option. Moderate
CVE-2021-21353 was published for pug (npm) Mar 3, 2021
Code Injection in mquery Moderate
CVE-2020-35149 was published for mquery (npm) Dec 18, 2020
Arbitrary Code Execution in blazar-dashboard Moderate
CVE-2020-26943 was published for blazar-dashboard (pip) Oct 27, 2020
Template Injection in jsrender Moderate
CVE-2016-3942 was published for jsrender (npm) Sep 1, 2020
Object injection in cookie driver in phpfastcache Moderate
CVE-2019-16774 was published for phpfastcache/phpfastcache (Composer) Dec 12, 2019
Geolim4
Credited to Geolim4
Arbitrary Code Injection in mobile-icon-resizer Moderate
GHSA-mxjr-xmcg-fg7w was published for mobile-icon-resizer (npm) Jun 27, 2019
actionpack CRLF injection vulnerability Moderate
CVE-2011-3186 was published for actionpack (RubyGems) Oct 24, 2017
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database