GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
15 advisories
Filter by severity
Cilium's Layer 7 policy enforcement may not occur in policies with wildcarded port ranges
Moderate
CVE-2024-52529
was published
for
github.com/cilium/cilium
(Go)
Nov 25, 2024
Bad documentation of error handling in ParseWithClaims can lead to potentially dangerous situations
Low
CVE-2024-51744
was published
for
github.com/golang-jwt/jwt/v4
(Go)
Nov 4, 2024
github.com/nats-io/nats-server Import token permissions checking not enforced
High
GHSA-j756-f273-xhp4
was published
for
github.com/nats-io/nats-server/v2
(Go)
May 21, 2021
Authorization bypass in github.com/dgrijalva/jwt-go
High
CVE-2020-26160
was published
for
github.com/dgrijalva/jwt-go
(Go)
May 18, 2021
Traefik vulnerable to denial of service with Content-length header
High
CVE-2024-28869
was published
for
github.com/traefik/traefik
(Go)
Apr 12, 2024
SpiceDB: LookupSubjects may return partial results if a specific kind of relation is used
Low
CVE-2024-32001
was published
for
github.com/authzed/spicedb
(Go)
Apr 10, 2024
Denial of Service in http-swagger
High
CVE-2022-24863
was published
for
github.com/swaggo/http-swagger
(Go)
Apr 22, 2022
Calico Typha denial of service vulnerability
High
CVE-2023-41378
was published
for
github.com/projectcalico/calico
(Go)
Nov 6, 2023
Specific Cilium configurations vulnerable to DoS via Kubernetes annotations
Low
CVE-2023-41332
was published
for
github.com/cilium/cilium
(Go)
Sep 27, 2023
Improper random reading in CIRCL
Moderate
CVE-2023-1732
was published
for
github.com/cloudflare/circl
(Go)
May 11, 2023
Improper Input Validation and Excessive Iteration in Go Facebook Thrift
High
CVE-2019-3564
was published
for
github.com/facebook/fbthrift
(Go)
Feb 15, 2022
Traefik HTTP/2 connections management could cause a denial of service
High
CVE-2022-39271
was published
for
github.com/traefik/traefik/v2
(Go)
Oct 10, 2022
Cilium eBPF filters may be temporarily removed during agent restart
Moderate
CVE-2023-27595
was published
for
github.com/cilium/cilium
(Go)
Mar 17, 2023
Ory fosite contains Improper Handling of Exceptional Conditions
High
CVE-2020-15223
was published
for
github.com/ory/fosite
(Go)
May 24, 2021
go-merkledag's ProtoNode may be modified such that common method calls may panic
High
CVE-2022-23495
was published
for
github.com/ipfs/go-merkledag
(Go)
Dec 8, 2022
ProTip!
Advisories are also available from the
GraphQL API