GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
12 advisories
nfpm has incorrect default permissions
High
CVE-2023-32698
was published
for
github.com/goreleaser/nfpm
(Go)
May 24, 2023
cilium-agent container can access the host via `hostPath` mount
Moderate
CVE-2023-27593
was published
for
github.com/cilium/cilium
(Go)
Mar 17, 2023
Access to Unix domain socket can lead to privileges escalation in Cilium
High
CVE-2022-29178
was published
for
github.com/cilium/cilium
(Go)
May 24, 2022
Default inheritable capabilities for linux container should be empty
Moderate
CVE-2022-29162
was published
for
github.com/opencontainers/runc
(Go)
May 24, 2022
Incorrect Default Permissions in CRI-O
Moderate
CVE-2022-27652
was published
for
github.com/cri-o/cri-o
(Go)
Apr 22, 2022
Podman's default inheritable capabilities for linux container not empty
High
CVE-2022-27649
was published
for
github.com/containers/podman/v4
(Go)
Apr 1, 2022
Non-empty default inheritable capabilities for linux container in Buildah
Moderate
CVE-2022-27651
was published
for
github.com/containers/buildah
(Go)
Apr 1, 2022
User login denial of service in github.com/google/fscrypt
Moderate
CVE-2022-25327
was published
for
github.com/google/fscrypt
(Go)
Feb 26, 2022
ProTip!
Advisories are also available from the
GraphQL API