Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,703
NuGet
661
pip
3,329
Pub
11
RubyGems
884
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

156 advisories

Loading
Command Injection in opencv Low
GHSA-f698-m2v9-5fh3 was published for opencv (npm) Jun 4, 2019
Regular Expression Denial of Service in is-my-json-valid Low
GHSA-4x7c-cx64-49w8 was published for is-my-json-valid (npm) Aug 19, 2020 withdrawn
Cross-Site Scripting in public Low
GHSA-7jfh-2xc9-ccv7 was published for public (npm) May 31, 2019
Open Redirect in hekto Low
GHSA-c5j4-vw9m-xc95 was published for hekto (npm) Aug 27, 2020 withdrawn
Insecure Credential Storage in web3 Low
GHSA-27v7-qhfv-rqq8 was published for web3 (npm) May 30, 2019
Incorrect default cookie name and recommendation Low
GHSA-jjmg-x456-w976 was published for csrf-csrf (npm) Oct 10, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database