Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

26 advisories

Loading
snapd Race Condition vulnerability Critical
CVE-2022-3328 was published for github.com/snapcore/snapd (Go) Jan 8, 2024
Argo Workflows Controller: Denial of Service via malicious daemon Workflows Moderate
CVE-2024-47827 was published for github.com/argoproj/argo-workflows/v3 (Go) Oct 28, 2024
meln5674 agilgur5
Incorrect delegation lookups can make go-tuf download the wrong artifact High
CVE-2024-47534 was published for github.com/theupdateframework/go-tuf/v2 (Go) Oct 1, 2024
AdamKorcz mamccorm
Policy bypass for Host Firewall policy due to race condition in Cilium agent Moderate
CVE-2024-42488 was published for github.com/cilium/cilium (Go) Aug 15, 2024
skmatti
ACME DNS: Azure Identity Libraries Elevation of Privilege Vulnerability Moderate
GHSA-rvj4-q8q5-8grf was published for github.com/traefik/traefik/v2 (Go) Jun 20, 2024
Grafana Race condition allowing privilege escalation Critical
CVE-2022-39328 was published for github.com/grafana/grafana (Go) May 14, 2024
Azure Identity Libraries and Microsoft Authentication Library Elevation of Privilege Vulnerability Moderate
CVE-2024-35255 was published for @azure/identity (Go) Jun 11, 2024
scottaddie localden
opencontainers runc contains procfs race condition with a shared volume mount Moderate
CVE-2019-19921 was published for github.com/opencontainers/runc (Go) May 27, 2021
Pterodactyl Wings vulnerable to improper isolation of server file access Critical
CVE-2024-27102 was published for github.com/pterodactyl/wings (Go) Mar 15, 2024
KurtThiemann aft2d
matthewpi
Apache Answer Race Condition vulnerability Moderate
CVE-2024-26578 was published for github.com/apache/incubator-answer (Go) Feb 22, 2024
BuildKit vulnerable to possible race condition with accessing subpaths from cache mounts High
CVE-2024-23651 was published for github.com/moby/buildkit (Go) Jan 31, 2024
rmcnamara-snyk
Apache Answer Race Condition vulnerability Low
CVE-2023-49619 was published for github.com/apache/incubator-answer (Go) Jan 10, 2024
github.com/go-resty/resty/v2 HTTP request body disclosure Moderate
CVE-2023-45286 was published for github.com/go-resty/resty/v2 (Go) Nov 28, 2023
shanduur Kryvchun
billinghamj deerbone neilgierman hansmi
Deis Workflow Manager race condition vulnerability Moderate
CVE-2016-15036 was published for github.com/deis/workflow-manager (Go) Dec 23, 2023
Harbor timing attack risk Moderate
CVE-2023-20902 was published for github.com/goharbor/harbor (Go) Oct 10, 2023
Fabric vulnerable to crosslinking transaction attack High
CVE-2023-46132 was published for github.com/hyperledger/fabric (Go) Nov 14, 2023
yacovm
ZITADEL race condition in lockout policy execution High
CVE-2023-47111 was published for github.com/zitadel/zitadel (Go) Nov 8, 2023
itz-d0dgy livio-a
LXD vulnerable to Race Condition High
CVE-2015-1340 was published for github.com/lxc/lxd (Go) May 24, 2022
Beego has a file creation race condition Moderate
CVE-2019-16354 was published for github.com/astaxie/beego (Go) Aug 2, 2021
gobase subject to Incorrect routing of some HTTP requests when using httpauth due to a race condition Low
GHSA-h2x7-2ff6-v32p was published for github.com/ntbosscher/gobase (Go) Feb 11, 2022
mount destinations can be swapped via symlink-exchange to cause mounts outside the rootfs High
CVE-2021-30465 was published for github.com/opencontainers/runc (Go) May 25, 2021
champtar
Answer vulnerable to Race Condition Moderate
CVE-2023-0739 was published for github.com/answerdev/answer (Go) Feb 8, 2023
HashiCorp Nomad Artifact Download Race Condition Moderate
CVE-2022-24686 was published for github.com/hashicorp/nomad (Go) Feb 15, 2022
westonsteimel
efs-utils and aws-efs-csi-driver have race condition during concurrent TLS mounts Moderate
CVE-2022-46174 was published for github.com/kubernetes-sigs/aws-efs-csi-driver (Go) Dec 30, 2022
GoBase Race Condition vulnerability Low
CVE-2022-2583 was published for github.com/ntbosscher/gobase (Go) Dec 28, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database