GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
55 advisories
Filter by severity
Helm Controller denial of service
High
CVE-2022-36049
was published
for
github.com/fluxcd/flux2
(Go)
Sep 16, 2022
Denial of service in Mattermost
Moderate
CVE-2022-4044
was published
for
github.com/mattermost/mattermost-server
(Go)
Nov 23, 2022
Denial of service in Mattermost
Moderate
CVE-2022-4045
was published
for
github.com/mattermost/mattermost-server
(Go)
Nov 23, 2022
Asymmetric Resource Consumption (Amplification) in Docker containers created by Wings
Moderate
CVE-2021-32699
was published
for
github.com/pterodactyl/wings
(Go)
Jun 23, 2021
HashiCorp Nomad vulnerable to Allocation of Resources Without Limits or Throttling
High
CVE-2022-24685
was published
for
github.com/hashicorp/nomad
(Go)
Mar 1, 2022
OctoRPKI crashes when processing GZIP bomb returned via malicious repository
Moderate
CVE-2021-3912
was published
for
github.com/cloudflare/cfrpki
(Go)
Nov 10, 2021
crewjam/saml vulnerable to Denial Of Service Via Deflate Decompression Bomb
High
CVE-2023-28119
was published
for
github.com/crewjam/saml
(Go)
Mar 22, 2023
github.com/ipfs/kubo affected by DOS Bitswap unbounded persistent memory leak
Moderate
GHSA-qvqg-6rp8-4p9h
was published
for
github.com/ipfs/kubo
(Go)
May 11, 2023
github.com/ipfs/go-bitswap vulnerable to DOS unbounded persistent memory leak
High
GHSA-q3j6-22wf-3jh9
was published
for
github.com/ipfs/go-bitswap
(Go)
May 11, 2023
notation-go has excessive memory allocation on verification
High
CVE-2023-25656
was published
for
github.com/notaryproject/notation-go
(Go)
Feb 22, 2023
Resource exhaustion in Mattermost
Moderate
CVE-2022-1337
was published
for
github.com/mattermost/mattermost-server/v6
(Go)
Apr 14, 2022
DoS through large manifest files in Argo CD
Moderate
CVE-2022-31016
was published
for
github.com/argoproj/argo-cd
(Go)
Jun 21, 2022
KubeEdge CloudCore Router memory exhaustion vulnerability
Moderate
CVE-2022-31078
was published
for
github.com/kubeedge/kubeedge
(Go)
Jul 11, 2022
KubeEdge Cloud Stream and Edge Stream DoS from large stream message
Moderate
CVE-2022-31079
was published
for
github.com/kubeedge/kubeedge
(Go)
Jul 11, 2022
Node DOS by way of memory exhaustion through ExecSync request in CRI-O
High
CVE-2022-1708
was published
for
github.com/cri-o/cri-o
(Go)
Jun 6, 2022
DoS in KubeEdge's Websocket Client in package Viaduct
Moderate
CVE-2022-31080
was published
for
github.com/kubeedge/kubeedge
(Go)
Jul 11, 2022
KubeEdge DoS when signing the CSR from EdgeCore
Moderate
CVE-2022-31075
was published
for
github.com/kubeedge/kubeedge
(Go)
Jul 11, 2022
Helm Vulnerable to denial of service through string value parsing
Moderate
CVE-2022-36055
was published
for
helm.sh/helm/v3
(Go)
Aug 30, 2022
Allocation of Resources Without Limits or Throttling and Uncontrolled Memory Allocation in Kubernetes
Moderate
CVE-2020-8551
was published
for
k8s.io/kubernetes
(Go)
Feb 15, 2022
Kubernetes API Server DoS Via API Requests
Moderate
CVE-2020-8552
was published
for
k8s.io/apiserver
(Go)
Feb 15, 2022
Kubernetes DoS Vulnerability
Moderate
CVE-2019-1002100
was published
for
k8s.io/kubernetes
(Go)
May 13, 2022
Allocation of Resources Without Limits or Throttling in HashiCorp Nomad
High
CVE-2020-7218
was published
for
github.com/hashicorp/nomad
(Go)
May 18, 2021
Golang Facebook Thrift servers vulnerable to denial of service
High
CVE-2019-11939
was published
for
github.com/facebook/fbthrift
(Go)
May 24, 2022
Allocation of Resources Without Limits or Throttling in Hashicorp Consul
High
CVE-2020-13250
was published
for
github.com/hashicorp/consul
(Go)
May 18, 2021
Docker Registry has Allocation of Resources Without Limits or Throttling
High
CVE-2017-11468
was published
for
github.com/docker/distribution
(Go)
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API