Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

6 advisories

Loading
Authentication Bypass by Spoofing and Insufficient Verification of Data Authenticity in Hashicorp Vault High
CVE-2020-16250 was published for github.com/hashicorp/vault (Go) Aug 2, 2021
Token reuse in Ory fosite High
CVE-2020-15222 was published for github.com/ory/fosite (Go) May 24, 2021
Arduino Create Agent Insufficient Verification of Data Authenticity vulnerability High
CVE-2023-43800 was published for github.com/arduino/arduino-create-agent (Go) Oct 18, 2023
giubby84
Attacker can cause Kyverno user to unintentionally consume insecure image High
CVE-2023-47630 was published for github.com/kyverno/kyverno (Go) Nov 14, 2023
AdamKorcz
go-resolver's DNSSEC validation not performed correctly High
CVE-2022-3347 was published for github.com/peterzen/goresolver (Go) Dec 28, 2022
go-resolver vulnerable to attacker-controlled domains due to unvalidated RRSIG RRs High
CVE-2022-3346 was published for github.com/peterzen/goresolver (Go) Dec 28, 2022
ProTip! Advisories are also available from the GraphQL API