GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
5 advisories
Ollama does not validate the format of the digest (sha256 with 64 hex digits)
Moderate
CVE-2024-37032
was published
for
github.com/ollama/ollama
(Go)
May 31, 2024
NATS server TLS missing ciphersuite settings when CLI flags used
Low
CVE-2021-32026
was published
for
github.com/nats-io/nats-server/v2
(Go)
May 14, 2024
User-provided environment values allow execution on macOS agents
High
GHSA-vfxf-76hv-v4w4
was published
for
github.com/gravitational/teleport
(Go)
Jan 3, 2024
•
withdrawn
Marvin Attack: potential key recovery through timing sidechannels
Moderate
CVE-2023-49092
was published
for
rsa
(Rust)
Nov 28, 2023
Marvin Attack: potential key recovery through timing sidechannels
Moderate
GHSA-4grx-2x9w-596c
was published
for
rsa
(Rust)
Nov 28, 2023
ProTip!
Advisories are also available from the
GraphQL API