GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,954
Erlang
29
GitHub Actions
16
Go
1,740
Maven
4,967
npm
3,504
NuGet
607
pip
3,064
Pub
10
RubyGems
832
Rust
780
Swift
34
Unreviewed advisories
All unreviewed
5,000+
780 advisories
Filter by severity
Use after free in actix-utils
Critical
CVE-2020-35898
was published
for
actix-utils
(Rust)
Aug 25, 2021
Use after free in actix-service
Moderate
CVE-2020-35899
was published
for
actix-service
(Rust)
Aug 25, 2021
Multiple security issues including data race, buffer overflow, and uninitialized memory drop in arr
Moderate
CVE-2020-35886
was published
for
arr
(Rust)
Aug 25, 2021
HTTP Request smuggling in tiny_http
Moderate
CVE-2020-35884
was published
for
tiny_http
(Rust)
Aug 25, 2021
Multiple security issues including data race, buffer overflow, and uninitialized memory drop in arr
Critical
CVE-2020-35887
was published
for
arr
(Rust)
Aug 25, 2021
Out of bounds read in simple-slab
Critical
CVE-2020-35892
was published
for
simple-slab
(Rust)
Aug 25, 2021
Multiple security issues including data race, buffer overflow, and uninitialized memory drop in arr
Critical
CVE-2020-35888
was published
for
arr
(Rust)
Aug 25, 2021
Off-by-one error in simple-slab
High
CVE-2020-35893
was published
for
simple-slab
(Rust)
Aug 25, 2021
Out of bounds write in traitobject
Critical
CVE-2020-35881
was published
for
traitobject
(Rust)
Aug 25, 2021
os_str_bytes relies on undefined behavior of `char::from_u32_unchecked`
High
CVE-2020-35865
was published
for
os_str_bytes
(Rust)
Aug 25, 2021
ProTip!
Advisories are also available from the
GraphQL API