Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

42 advisories

Loading
sequoia-openpgp vulnerable to out-of-bounds array access leading to panic Low
GHSA-25mx-8f3v-8wh7 was published for sequoia-openpgp (Rust) Jun 6, 2023
Undefined Behavior in Rust runtime functions Low
CVE-2023-30624 was published for wasmtime (Rust) Apr 27, 2023
guidovranken alexcrichton
wasmtime vulnerable to miscompilation of `i8x16.select` with the same inputs on x86_64 Low
CVE-2023-27477 was published for cranelift-codegen (Rust) Mar 9, 2023
afonso360
Race Condition Enabling Link Following and Time-of-check Time-of-use (TOCTOU) Race Condition in remove_dir_all Low
GHSA-mc8h-8q98-g5hr was published for remove_dir_all (Rust) Feb 24, 2023
Nervos CKB vulnerable to low-resource flood DDoS attacks through network message Low
GHSA-p2gm-ffr3-w2xw was published for ckb (Rust) Feb 8, 2023
Nervos CKB calculation of program load cycles may be missed when executing in resume mode Low
GHSA-fjj4-2q73-jvgc was published for ckb (Rust) Feb 8, 2023
`tokio::io::ReadHalf<T>::unsplit` is Unsound Low
GHSA-4q83-7cq4-p6wg was published for tokio (Rust) Feb 4, 2023
linux-loader reading beyond EOF could lead to infinite loop Low
CVE-2022-23523 was published for linux-loader (Rust) Dec 12, 2022
likebreath
Tauri Filesystem Scope can be Partially Bypassed Low
CVE-2022-41874 was published for Tauri (Rust) Nov 8, 2022
personnummer/rust vulnerable to Improper Input Validation Low
GHSA-28r9-pq4c-wp3c was published for personnummer (Rust) Sep 21, 2022
ansi_term is Unmaintained Low
GHSA-74w3-p89x-ffgh was published for ansi_term (Rust) Sep 16, 2022 withdrawn
kornelski Emilgardis
Cargo extracting malicious crates can corrupt arbitrary files Low
CVE-2022-36113 was published for cargo (Rust) Sep 16, 2022
pietroalbini litios
Threshold value is ignored (all shares are n=3) Low
GHSA-978j-88f3-p5j3 was published for shamir (Rust) Jun 17, 2022
Exposure of Resource to Wrong Sphere in Simple-Wayland-HotKey-Daemon Low
CVE-2022-27814 was published for Simple-Wayland-HotKey-Daemon (Rust) Apr 15, 2022
Shinyzenith
Chrono has potential segfault issue in SPIFFE authenticator Low
GHSA-45w3-v3g4-54pm was published for parsec-service (Rust) Feb 11, 2022
File exposure in pleaser Low
CVE-2021-31153 was published for pleaser (Rust) Aug 25, 2021
another-rex
Lenient Parsing of Content-Length Header When Prefixed with Plus Sign Low
CVE-2021-32715 was published for hyper (Rust) Jul 12, 2021
mattiasgrenfeldt asta12
tdunlap607
ProTip! Advisories are also available from the GraphQL API