GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
140 advisories
sigstore-java has vulnerability with bundle verification
Moderate
CVE-2024-53267
was published
for
dev.sigstore:sigstore-java
(Maven)
Nov 26, 2024
Invalid root may become trusted root in The Update Framework (TUF)
Moderate
CVE-2020-15163
was published
for
tuf
(pip)
Sep 9, 2020
ASAR Integrity bypass via filetype confusion in electron
Moderate
CVE-2023-44402
was published
for
electron
(npm)
Dec 1, 2023
ProTip!
Advisories are also available from the
GraphQL API