GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
38 advisories
Filter by severity
Stack consumption in trust-dns-server
High
CVE-2020-35857
was published
for
trust-dns-server
(Rust)
Aug 25, 2021
Excessive memory usage in tokio-rustls
High
CVE-2020-35875
was published
for
tokio-rustls
(Rust)
Aug 25, 2021
Mutable reference with immutable provenance in image
Moderate
CVE-2020-35916
was published
for
image
(Rust)
Aug 25, 2021
Error on unsupported architectures in raw-cpuid
Moderate
CVE-2021-26307
was published
for
raw-cpuid
(Rust)
Aug 25, 2021
Uncontrolled Resource Consumption in parse_duration
High
CVE-2021-29932
was published
for
parse_duration
(Rust)
Aug 25, 2021
Unchecked vector pre-allocation
Moderate
GHSA-mcrf-7hf9-f6q5
was published
for
rmpv
(Rust)
Aug 25, 2021
Uncontrolled Resource Consumption in simple_asn1
High
CVE-2021-45711
was published
for
simple_asn1
(Rust)
Jan 6, 2022
Rust's regex crate vulnerable to regular expression denial of service
High
CVE-2022-24713
was published
for
regex
(Rust)
Mar 8, 2022
Unsafe parsing in SWHKD
Moderate
CVE-2022-27819
was published
for
Simple-Wayland-HotKey-Daemon
(Rust)
Apr 8, 2022
Juniper is vulnerable to @DOS GraphQL Nested Fragments overflow
High
CVE-2022-31173
was published
for
juniper
(Rust)
Jul 29, 2022
Rust-WebSocket memory allocation based on untrusted length
High
CVE-2022-35922
was published
for
websocket
(Rust)
Aug 6, 2022
Uncontrolled Resource Consumption in opcua
High
CVE-2022-25888
was published
for
opcua
(Rust)
Aug 24, 2022
Cargo extracting malicious crates can fill the file system
Moderate
CVE-2022-36114
was published
for
cargo
(Rust)
Sep 16, 2022
kamadak-exif vulnerable to Infinite loop when parsing PNG files
Moderate
CVE-2021-21235
was published
for
kamadak-exif
(Rust)
Oct 6, 2022
conduit-hyper vulnerable to Denial of Service from unchecked request length
High
CVE-2022-39294
was published
for
conduit-hyper
(Rust)
Oct 31, 2022
libp2p DoS vulnerability from lack of resource management
High
CVE-2022-23486
was published
for
libp2p
(Rust)
Dec 7, 2022
Comrak vulnerable to quadratic runtime issues when parsing Markdown (GHSL-2023-047)
Moderate
CVE-2023-28626
was published
for
comrak
(Rust)
Mar 28, 2023
rustls-webpki: CPU denial of service in certificate path building
High
GHSA-fh2r-99q2-6mmg
was published
for
rustls-webpki
(Rust)
Aug 22, 2023
webpki: CPU denial of service in certificate path building
High
GHSA-8qv2-5vq6-g2g7
was published
for
webpki
(Rust)
Aug 25, 2023
Tungstenite allows remote attackers to cause a denial of service
High
CVE-2023-43669
was published
for
tungstenite
(Rust)
Sep 21, 2023
ProTip!
Advisories are also available from the
GraphQL API