Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,972
Erlang
29
GitHub Actions
16
Go
1,762
Maven
4,983
npm
3,518
NuGet
609
pip
3,094
Pub
10
RubyGems
833
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

17 advisories

Loading
glance-store logs s3 access keys Moderate
CVE-2024-1141 was published for glance-store (pip) Feb 1, 2024
m3t3kh4n
MoinMoin Insertion of Sensitive Information into Log File Moderate
CVE-2007-0902 was published for moin (pip) May 1, 2022
Ansible leaks sensitive information to logs when told not to Moderate
CVE-2019-14858 was published for ansible (pip) May 24, 2022
Ansible Logs Passwords If PowerShell ScriptBlock is Enabled Moderate
CVE-2018-16859 was published for ansible (pip) May 14, 2022
Insertion of Sensitive Information into Log File in ansible Moderate
CVE-2021-20178 was published for ansible (pip) Jun 1, 2021
Potential log injection in reset user endpoint in CKAN Moderate
CVE-2024-27097 was published for ckan (pip) Mar 13, 2024
ZuhairORZaki
Insertion of Sensitive Information into Log File in ansible Moderate
CVE-2021-20191 was published for ansible (pip) Jun 1, 2021
Ansible exposes sensitive data in log files and on the terminal Moderate
CVE-2018-10855 was published for ansible (pip) Oct 10, 2018
oslo.middleware Information Disclosure vulnerability Moderate
CVE-2017-2592 was published for oslo.middleware (pip) Jul 13, 2018
loguru vulnerable to improper privilege management Moderate
CVE-2022-0338 was published for loguru (pip) Jan 26, 2022
python-oslo-utils has improper password parsing Moderate
CVE-2022-0718 was published for oslo-utils (pip) Aug 29, 2022
Insertion of Sensitive Information into Log File and Improper Output Neutralization for Logs in ansible Moderate
CVE-2020-14332 was published for ansible (pip) Feb 9, 2022
jhampson-dbre
Insertion of Sensitive Information into Log File, Invocation of Process Using Visible Sensitive Information, and Exposure of Sensitive Information to an Unauthorized Actor in Ansible Moderate
CVE-2020-1753 was published for ansible (pip) Apr 7, 2021
Inclusion of Sensitive Information in Log Files and Improper Output Neutralization for Logs in Ansible Moderate
CVE-2019-14864 was published for ansible (pip) Feb 26, 2020
Improper Output Neutralization and Improper Encoding or Escaping of Output for Logs in ansible Moderate
CVE-2020-14330 was published for ansible (pip) Feb 9, 2022
Insertion of Sensitive Information into Log File in ansible Moderate
CVE-2021-20180 was published for ansible (pip) Mar 17, 2022
KamilaBorowska
GitHub personal access token leaking into temporary EasyBuild (debug) logs Moderate
CVE-2020-5262 was published for easybuild-framework (pip) Mar 19, 2020
zao boegel
ProTip! Advisories are also available from the GraphQL API