Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+

8 advisories

Loading
skylot jadx affected by Incorrect Behavior Order in vulnerable dependency Moderate
GHSA-fjh6-p566-wr6q was published for io.github.skylot:jadx-core (Maven) Jul 21, 2022
Roulettiq
A potential Denial of Service issue in protobuf-java High
CVE-2021-22569 was published for com.google.protobuf:protobuf-java (RubyGems) Jan 7, 2022
Padding Oracle Attack due to Observable Timing Discrepancy in jose Moderate
CVE-2021-29443 was published for jose (npm) Apr 19, 2021
Padding Oracle Attack due to Observable Timing Discrepancy in jose-node-esm-runtime Moderate
CVE-2021-29445 was published for jose-node-esm-runtime (npm) Apr 19, 2021
Padding Oracle Attack due to Observable Timing Discrepancy in jose-node-cjs-runtime Moderate
CVE-2021-29446 was published for jose-node-cjs-runtime (npm) Apr 19, 2021
ibc-go: Potential Reentrancy using Timeout Callbacks in ibc-hooks Critical
GHSA-j496-crgh-34mx was published for github.com/cosmos/ibc-go (Go) Apr 5, 2024
mdulin2
Potential DoS via the Tudoor mechanism in eventlet and dnspython Moderate
CVE-2023-29483 was published for dnspython (pip) Apr 11, 2024
Authorization bypass in Quarkus High
CVE-2023-6394 was published for io.quarkus:quarkus-smallrye-graphql-client (Maven) Dec 9, 2023
cescoffier
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database