GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,972
Erlang
29
GitHub Actions
16
Go
1,762
Maven
4,983
npm
3,518
NuGet
609
pip
3,094
Pub
10
RubyGems
833
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
1,439 advisories
Filter by severity
Jupyter Notebook XSS via directory name
Moderate
CVE-2018-19352
was published
for
notebook
(pip)
Nov 21, 2018
Cross site scripting in flask-admin
Moderate
CVE-2018-16516
was published
for
flask-admin
(pip)
Dec 19, 2018
aiohttp-session creates non-expiring sessions
Moderate
CVE-2018-1000814
was published
for
aiohttp-session
(pip)
Dec 20, 2018
PyKMIP Denial of service vulnerability
Moderate
CVE-2018-1000872
was published
for
pykmip
(pip)
Dec 21, 2018
Moderate severity vulnerability that affects moin
Moderate
CVE-2017-5934
was published
for
moin
(pip)
Jan 4, 2019
mistune Cross-site scripting (XSS) vulnerability
Moderate
CVE-2017-16876
was published
for
mistune
(pip)
Jan 4, 2019
Django Denial-of-service possibility in truncatechars_html and truncatewords_html template filters
Moderate
CVE-2018-7537
was published
for
django
(pip)
Jan 4, 2019
Django Denial-of-service possibility in urlize and urlizetrunc template filters
Moderate
CVE-2018-7536
was published
for
django
(pip)
Jan 4, 2019
Django Open redirect and possible XSS attack via user-supplied numeric redirect URLs
Moderate
CVE-2017-7233
was published
for
django
(pip)
Jan 4, 2019
Django vulnerable to XSS on 500 pages
Moderate
CVE-2017-12794
was published
for
django
(pip)
Jan 4, 2019
Improper Input Validation in Django
Moderate
CVE-2019-3498
was published
for
django
(pip)
Jan 14, 2019
Pyspark User Impersonation Vulnerability
Moderate
CVE-2018-11760
was published
for
pyspark
(pip)
Feb 7, 2019
Moderate severity vulnerability that affects aioxmpp
Moderate
GHSA-32f7-cmr3-vpjv
was published
for
aioxmpp
(pip)
Feb 7, 2019
•
withdrawn
Apache Airflow vulnerable to Stored XSS
Moderate
CVE-2018-20244
was published
for
apache-airflow
(pip)
Mar 6, 2019
Open Redirect vulnerability in jupyterhub and notebook
Moderate
CVE-2019-10255
was published
for
jupyterhub
(pip)
Apr 2, 2019
Moderate severity vulnerability that affects roundup
Moderate
CVE-2019-10904
was published
for
roundup
(pip)
Apr 9, 2019
Jupyter Notebook open redirect vulnerability
Moderate
CVE-2019-10856
was published
for
notebook
(pip)
Apr 9, 2019
Apache Airflow vulnerable to Stored XSS
Moderate
CVE-2019-0216
was published
for
apache-airflow
(pip)
Apr 12, 2019
Ansible Path Traversal vulnerability
Moderate
CVE-2019-3828
was published
for
ansible
(pip)
Apr 15, 2019
Null pointer dereference in TensorFlow leads to exploitation
Moderate
CVE-2018-7576
was published
for
tensorflow
(pip)
Apr 24, 2019
ProTip!
Advisories are also available from the
GraphQL API