Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,354
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,779
NuGet
681
pip
3,460
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

337 advisories

Loading
Exposure of class information in RESTEasy Moderate
CVE-2021-20289 was published for org.jboss.resteasy:resteasy-core (Maven) Apr 7, 2021
ApiKey secret could be revelated on network issue High
CVE-2021-21421 was published for node-etsy-client (npm) Apr 6, 2021
boly38
Potential sensitive information disclosed in error reports Low
CVE-2021-21416 was published for django-registration (pip) Apr 6, 2021
martinmo tdunlap607
Information Exposure in type-graphql Low
GHSA-xf64-2f9p-6pqq was published for type-graphql (npm) Sep 4, 2020
Reset Password / Login vulnerability in Sulu Moderate
CVE-2020-15132 was published for sulu/sulu (Composer) Aug 5, 2020
Synacktiv-contrib TomKeur
Prokyonn
Authorization header is not sanitized in an error object in auth0 High
CVE-2020-15125 was published for auth0 (npm) Jul 29, 2020
osdiab
Exceptions displayed in non-debug configurations in Symfony Moderate
CVE-2020-5274 was published for symfony/error-handler (Composer) Mar 30, 2020
yceruto jderusse
LukaSikic
Internal exception message exposure for login action in Sylius Low
CVE-2019-16768 was published for sylius/sylius (Composer) Dec 5, 2019
Sensitive Data Exposure in seneca Low
CVE-2019-5483 was published for seneca (npm) Sep 11, 2019
Sensitive Data Exposure in parse-server Moderate
CVE-2019-1020013 was published for parse-server (npm) Jul 11, 2019
fastrde acinader
Critical severity vulnerability that affects Auth0-WCF-Service-JWT Critical
CVE-2019-7644 was published for Auth0-WCF-Service-JWT (NuGet) Apr 18, 2019
Eclipse Jetty Server generates error message containing sensitive information Moderate
CVE-2018-12536 was published for org.eclipse.jetty:jetty-server (Maven) Oct 19, 2018
joshbressers
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database