Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

34 advisories

Loading
A UNIX Symbolic Link (Symlink) Following vulnerability in python-HyperKitty of openSUSE Leap 15.2... High Unreviewed
CVE-2021-25322 was published May 24, 2022
a UNIX Symbolic Link (Symlink) Following vulnerability in python-postorius of openSUSE Leap 15.2,... High Unreviewed
CVE-2021-31997 was published May 24, 2022
OpenVPN Connect installer for macOS version 3.2.6 and older may corrupt system critical files it... High Unreviewed
CVE-2020-15075 was published May 24, 2022
Symlink following allows leaking out-of-bound manifests and JSON files from Argo CD repo-server Moderate
CVE-2022-24904 was published for github.com/argoproj/argo-cd/v2 (Go) May 23, 2022
crenshaw-dev tdunlap607
A UNIX Symbolic Link (Symlink) Following vulnerability in the systemd service file for watchman... High Unreviewed
CVE-2022-21944 was published Jan 27, 2022
@npmcli/arborist vulnerable to UNIX Symbolic Link (Symlink) Following High
CVE-2021-39134 was published for @npmcli/arborist (npm) Aug 31, 2021
ginkoid chen-robert
UNIX Symbolic Link (Symlink) Following in @npmcli/arborist High
CVE-2021-39135 was published for @npmcli/arborist (npm) Aug 31, 2021
JarLob KateCatlin
Kubernetes kubectl cp Vulnerable to Symlink Attack Moderate
CVE-2019-11251 was published for k8s.io/kubernetes (Go) May 18, 2021
Arbitrary File Write in npm High
CVE-2019-16775 was published for npm (npm) Dec 13, 2019
DanielRuf
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database