Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,971
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,091
Pub
10
RubyGems
833
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

6 advisories

Loading
An information disclosure flaw was found in OpenShift's internal image registry operator.... Moderate Unreviewed
CVE-2024-4369 was published May 1, 2024
quarkus-core leaks local environment variables from Quarkus namespace during application's build High
CVE-2024-2700 was published for io.quarkus:quarkus-core (Maven) Apr 4, 2024
bschuhmann
Quarkus does not properly sanitize artifacts created from its use of the Gradle plugin, allowing certain build system information to remain High
CVE-2023-5720 was published for io.quarkus:quarkus-project (Maven) Nov 15, 2023
A CWE-526: Exposure of Sensitive Information Through Environmental Variables vulnerability exists... Low Unreviewed
CVE-2023-47615 was published Nov 9, 2023
Shescape potential environment variable exposure on Windows with CMD Low
CVE-2023-35931 was published for shescape (npm) Jun 22, 2023
Hashicorp Nomad Information Exposure Through Environmental Variables Moderate
CVE-2019-14802 was published for github.com/hashicorp/nomad (Go) Feb 15, 2022
tdunlap607
ProTip! Advisories are also available from the GraphQL API