Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,051
Erlang
29
GitHub Actions
19
Go
1,887
Maven
5,000+
npm
3,602
NuGet
638
pip
3,205
Pub
10
RubyGems
852
Rust
816
Swift
35
Unreviewed advisories
All unreviewed
5,000+

14 advisories

Loading
CWA-2023-004: Excessive number of function parameters in compiled Wasm Moderate
GHSA-75qh-gg76-p2w4 was published for cosmwasm-vm (Go) Aug 27, 2024
Stack overflow when parsing specially crafted JSON ABI strings Moderate
GHSA-8327-84cj-8xjm was published for alloy-json-abi (Rust) Aug 15, 2024
h2 servers vulnerable to degradation of service with CONTINUATION Flood Moderate
GHSA-q6cp-qfwq-4gcv was published for h2 (Rust) Apr 5, 2024
quiche vulnerable to unlimited resource allocation by QUIC CRYPTO frames flooding Moderate
CVE-2024-1765 was published for quiche (Rust) Mar 13, 2024
Unbounded queuing of path validation messages in cloudflare-quiche Moderate
CVE-2023-6193 was published for quiche (Rust) Dec 13, 2023
LPardue marten-seemann
tokio-boring vulnerable to resource exhaustion via memory leak Moderate
CVE-2023-6180 was published for tokio-boring (Rust) Dec 5, 2023
ehaydenr
rustix's `rustix::fs::Dir` iterator with the `linux_raw` backend can cause memory explosion Moderate
CVE-2024-43806 was published for rustix (Rust) Oct 18, 2023
cyqsimon sigmaSd
popey
Comrak vulnerable to quadratic runtime issues when parsing Markdown (GHSL-2023-047) Moderate
CVE-2023-28626 was published for comrak (Rust) Mar 28, 2023
philipturnbull
kamadak-exif vulnerable to Infinite loop when parsing PNG files Moderate
CVE-2021-21235 was published for kamadak-exif (Rust) Oct 6, 2022
Cargo extracting malicious crates can fill the file system Moderate
CVE-2022-36114 was published for cargo (Rust) Sep 16, 2022
pietroalbini litios
Unsafe parsing in SWHKD Moderate
CVE-2022-27819 was published for Simple-Wayland-HotKey-Daemon (Rust) Apr 8, 2022
J3rry-1729
Unchecked vector pre-allocation Moderate
GHSA-mcrf-7hf9-f6q5 was published for rmpv (Rust) Aug 25, 2021
Error on unsupported architectures in raw-cpuid Moderate
CVE-2021-26307 was published for raw-cpuid (Rust) Aug 25, 2021
tdunlap607
Mutable reference with immutable provenance in image Moderate
CVE-2020-35916 was published for image (Rust) Aug 25, 2021
tdunlap607
ProTip! Advisories are also available from the GraphQL API