Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,956
Erlang
29
GitHub Actions
16
Go
1,740
Maven
4,967
npm
3,507
NuGet
609
pip
3,064
Pub
10
RubyGems
832
Rust
780
Swift
34
Unreviewed advisories
All unreviewed
5,000+

34 advisories

SwiftTerm Code Injection vulnerability High
CVE-2022-23465 was published for github.com/migueldeicaza/SwiftTerm (Swift) Jul 14, 2023
MongoDB Driver may publish events containing authentication-related data Moderate
CVE-2021-32050 was published for github.com/mongodb/mongo-swift-driver (Composer) Aug 29, 2023
Path traversal in ZIPFoundation High
CVE-2023-39138 was published for github.com/weichsel/ZIPFoundation (Swift) Aug 31, 2023
weichsel
Path traversal in Zip Swift High
CVE-2023-39135 was published for github.com/marmelroy/Zip (Swift) Aug 31, 2023
Vapor's incorrect request error handling triggers server crash Moderate
CVE-2023-44386 was published for github.com/vapor/vapor (Swift) Oct 5, 2023
gwynne 0xTim
t0rchwo0d
HTTP/2 Stream Cancellation Attack Moderate
CVE-2023-44487 was published for com.typesafe.akka:akka-http-core (Go) Oct 10, 2023
joakime faroukfaiz10
DuyTran-TomTom derekheld ebickle
pubnub Insufficient Entropy vulnerability Moderate
CVE-2023-26154 was published for Pubnub (RubyGems) Dec 6, 2023
Vapor contains an integer overflow in URI leading to potential host spoofing Moderate
CVE-2024-21631 was published for github.com/vapor/vapor (Swift) Jan 3, 2024
0xTim gwynne
baarde
Un-sanitized metric name or labels can be used to take over exported metrics Moderate
CVE-2024-28867 was published for github.com/swift-server/swift-prometheus (Swift) Mar 29, 2024
ProTip! Advisories are also available from the GraphQL API