GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
43 advisories
Insecure default config of Celery worker in Apache Airflow
Critical
CVE-2020-11982
was published
for
apache-airflow
(pip)
Jul 27, 2020
Arbitrary code execution in clickhouse-driver
Critical
CVE-2020-26759
was published
for
clickhouse-driver
(pip)
Apr 7, 2021
remote code execution via git repo provider
Critical
CVE-2021-39159
was published
for
binderhub
(pip)
Aug 30, 2021
Lacking Protection against HTTP Request Smuggling in mitmproxy
Critical
CVE-2021-39214
was published
for
mitmproxy
(pip)
Sep 20, 2021
Improper Neutralization of Argument Delimiters in a Decompiling Package Process in APKLeaks
Critical
CVE-2021-21386
was published
for
APKLeaks
(pip)
Jan 21, 2022
Insufficient Protection against HTTP Request Smuggling in mitmproxy
Critical
CVE-2022-24766
was published
for
mitmproxy
(pip)
Mar 22, 2022
jsonpickle unsafe deserialization
Critical
CVE-2020-22083
was published
for
jsonpickle
(pip)
May 24, 2022
Path Traversal in django-s3file
Critical
CVE-2022-24840
was published
for
django-s3file
(pip)
Jun 6, 2022
CairoSVG improperly processes SVG files loaded from external resources
Critical
CVE-2023-27586
was published
for
CairoSVG
(pip)
Mar 20, 2023
Apache Spark vulnerable to Improper Privilege Management
Critical
CVE-2023-22946
was published
for
org.apache.spark:spark-core_2.12
(Maven)
Apr 17, 2023
PyArrow: Arbitrary code execution when loading a malicious data file
Critical
CVE-2023-47248
was published
for
pyarrow
(pip)
Nov 9, 2023
ProTip!
Advisories are also available from the
GraphQL API