GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License

Language support

About GitHub Advisory Database

2,960 advisories

Critical

CVE-2018-16489 was published for just-extend (npm) Feb 7, 2019

Critical

CVE-2018-16486 was published for defaults-deep (npm) Feb 7, 2019

Critical

CVE-2017-17836 was published for apache-airflow (pip) Jan 25, 2019

Critical

CVE-2019-3773 was published for org.springframework.ws:spring-ws (Maven) Jan 25, 2019

Critical

CVE-2017-1002157 was published for modulemd (pip) Jan 17, 2019

Critical

CVE-2018-11788 was published for org.apache.karaf.specs:org.apache.karaf.specs.java.xml (Maven) Jan 7, 2019

Critical

CVE-2018-20433 was published for com.mchange:c3p0 (Maven) Jan 7, 2019

Critical

CVE-2018-14719 was published for com.fasterxml.jackson.core:jackson-databind (Maven) Jan 4, 2019

Critical

CVE-2018-14720 was published for com.fasterxml.jackson.core:jackson-databind (Maven) Jan 4, 2019

Critical

CVE-2018-14721 was published for com.fasterxml.jackson.core:jackson-databind (Maven) Jan 4, 2019

Critical

CVE-2018-19362 was published for com.fasterxml.jackson.core:jackson-databind (Maven) Jan 4, 2019

Critical

CVE-2018-19361 was published for com.fasterxml.jackson.core:jackson-databind (Maven) Jan 4, 2019

Critical

CVE-2018-19360 was published for com.fasterxml.jackson.core:jackson-databind (Maven) Jan 4, 2019

Critical

CVE-2018-14718 was published for com.fasterxml.jackson.core:jackson-databind (Maven) Jan 4, 2019

Critical

CVE-2017-0906 was published for recurly (pip) Jan 4, 2019

Critical

CVE-2018-7753 was published for bleach (pip) Jan 4, 2019

Critical

CVE-2017-18342 was published for pyyaml (pip) Jan 4, 2019

Critical

CVE-2018-20325 was published for definitions (pip) Dec 26, 2018

Critical

CVE-2016-1000031 was published for commons-fileupload:commons-fileupload (Maven) Dec 21, 2018

Critical

CVE-2017-15718 was published for org.apache.hadoop:hadoop-main (Maven) Dec 21, 2018

Critical

CVE-2018-1000844 was published for com.squareup.retrofit2:retrofit (Maven) Dec 21, 2018

Critical

CVE-2018-1000854 was published for org.esigate:esigate-core (Maven) Dec 21, 2018

Critical

CVE-2018-1000836 was published for org.bedework.caleng:bw-calendar-engine (Maven) Dec 20, 2018

Critical

CVE-2018-1000823 was published for org.exist-db:exist-core (Maven) Dec 20, 2018

Critical

CVE-2018-1000822 was published for org.codelibs.fess:fess (Maven) Dec 20, 2018

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,960 advisories