GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
76 advisories
Filter by severity
Improper Locking in github.com/containers/storage
Moderate
CVE-2021-20291
was published
for
github.com/containers/storage
(Go)
May 10, 2021
golang.org/x/text Infinite loop
Moderate
CVE-2020-14040
was published
for
golang.org/x/text
(Go)
May 18, 2021
github.com/pires/go-proxyproto denial of service vulnerability
Moderate
CVE-2021-23351
was published
for
github.com/pires/go-proxyproto
(Go)
May 18, 2021
Denial of service in geth
Moderate
CVE-2020-26242
was published
for
github.com/ethereum/go-ethereum
(Go)
Jun 29, 2021
Denial of service in github.com/ethereum/go-ethereum
Moderate
CVE-2020-26264
was published
for
github.com/ethereum/go-ethereum
(Go)
Jun 29, 2021
Infinite open connection causes OctoRPKI to hang forever
Moderate
CVE-2021-3909
was published
for
github.com/cloudflare/cfrpki
(Go)
Nov 10, 2021
Infinite certificate chain depth results in OctoRPKI running forever
Moderate
CVE-2021-3908
was published
for
github.com/cloudflare/cfrpki
(Go)
Nov 10, 2021
OctoRPKI crashes when processing GZIP bomb returned via malicious repository
Moderate
CVE-2021-3912
was published
for
github.com/cloudflare/cfrpki
(Go)
Nov 10, 2021
Denial of Service in graphql-go
Moderate
CVE-2022-21708
was published
for
github.com/graph-gophers/graphql-go
(Go)
Jan 27, 2022
Kubernetes API Server DoS Via API Requests
Moderate
CVE-2020-8552
was published
for
k8s.io/apiserver
(Go)
Feb 15, 2022
Denial of Service (DoS) in HashiCorp Consul
Moderate
CVE-2020-12758
was published
for
github.com/hashicorp/consul
(Go)
Feb 15, 2022
Denial of service in Grafana
Moderate
CVE-2021-27358
was published
for
github.com/grafana/grafana
(Go)
Feb 15, 2022
Nomad Spread Job Stanza May Trigger Panic in Servers
Moderate
CVE-2022-24684
was published
for
github.com/hashicorp/nomad
(Go)
Feb 16, 2022
HashiCorp Consul Ingress Gateway Panic Can Shutdown Servers
Moderate
CVE-2022-24687
was published
for
github.com/hashicorp/consul
(Go)
Feb 25, 2022
Uncontrolled Resource Consumption in github.com/google/fscrypt
Moderate
CVE-2022-25326
was published
for
github.com/google/fscrypt
(Go)
Feb 26, 2022
Resource exhaustion in Mattermost
Moderate
CVE-2022-1337
was published
for
github.com/mattermost/mattermost-server/v6
(Go)
Apr 14, 2022
DoS via malicious p2p message in Go Ethereum
Moderate
CVE-2022-29177
was published
for
github.com/ethereum/go-ethereum
(Go)
May 24, 2022
Uncontrolled Resource Consumption in Mattermost server
Moderate
CVE-2022-1982
was published
for
github.com/mattermost/mattermost-server
(Go)
Jun 3, 2022
containerd CRI plugin: Host memory exhaustion through ExecSync
Moderate
CVE-2022-31030
was published
for
github.com/containerd/containerd
(Go)
Jun 6, 2022
DoS through large manifest files in Argo CD
Moderate
CVE-2022-31016
was published
for
github.com/argoproj/argo-cd
(Go)
Jun 21, 2022
Malformed CAR panics and excessive memory usage
Moderate
GHSA-9x4h-8wgm-8xfg
was published
for
github.com/ipld/go-car
(Go)
Jul 6, 2022
DOS and excessive memory usage when passing untrusted user input to to dag import
Moderate
GHSA-f2gr-7299-487h
was published
for
github.com/ipfs/go-ipfs
(Go)
Jul 6, 2022
KubeEdge Edge ServiceBus module DoS
Moderate
CVE-2022-31073
was published
for
github.com/kubeedge/kubeedge
(Go)
Jul 11, 2022
KubeEdge Cloud AdmissionController component DoS
Moderate
CVE-2022-31074
was published
for
github.com/kubeedge/kubeedge
(Go)
Jul 11, 2022
KubeEdge DoS when signing the CSR from EdgeCore
Moderate
CVE-2022-31075
was published
for
github.com/kubeedge/kubeedge
(Go)
Jul 11, 2022
ProTip!
Advisories are also available from the
GraphQL API