Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

25 advisories

Loading
Kubernetes Nil pointer dereference in KCM after v1 HPA patch request High
CVE-2024-0793 was published for k8s.io/kubernetes (Go) Nov 17, 2024
PingCAP TiDB nil pointer dereference Moderate
CVE-2024-37820 was published for github.com/pingcap/tidb (Go) Jun 25, 2024
KubeVirt NULL pointer dereference flaw Moderate
CVE-2024-31420 was published for kubevirt.io/kubevirt (Go) Apr 3, 2024
Parsing JSON serialized payload without protected field can lead to segfault Moderate
CVE-2024-21664 was published for github.com/lestrrat-go/jwx (Go) Jan 9, 2024
frestr hectorj2f
quic-go vulnerable to pointer dereference that can lead to panic High
CVE-2023-46239 was published for github.com/quic-go/quic-go (Go) Oct 30, 2023
Consul Server Panic when Ingress and API Gateways Configured with Peering Connections Moderate
CVE-2023-0845 was published for github.com/hashicorp/consul (Go) Mar 9, 2023
ecnepsnai/web vulnerable to Uncontrolled Resource Consumption Critical
CVE-2021-4236 was published for github.com/ecnepsnai/web (Go) Dec 28, 2022
Helm vulnerable to denial of service through schema file Moderate
CVE-2022-23526 was published for helm.sh/helm/v3 (Go) Dec 14, 2022
DavidKorczynski AdamKorcz
Helm vulnerable to denial of service through through repository index file Moderate
CVE-2022-23525 was published for helm.sh/helm/v3 (Go) Dec 14, 2022
AdamKorcz DavidKorczynski
github.com/russellhaering/gosaml2 is vulnerable to NULL Pointer Dereference High
CVE-2020-7731 was published for github.com/russellhaering/gosaml2 (Go) Nov 15, 2022
stevenjohnstone
goxmldsig vulnerable to crash on nil-pointer dereference caused by sending malformed XML signatures High
CVE-2020-7711 was published for github.com/russellhaering/gosaml2 (Go) Oct 7, 2022
CloudCore UDS Server: Malicious Message can crash CloudCore Moderate
CVE-2022-31076 was published for github.com/kubeedge/kubeedge (Go) Jun 25, 2022
DavidKorczynski AdamKorcz
CloudCore CSI Driver: Malicious response from KubeEdge can crash CSI Driver controller server Moderate
CVE-2022-31077 was published for github.com/kubeedge/kubeedge (Go) Jun 25, 2022
DavidKorczynski AdamKorcz
NULL Pointer Dereference in HyperLedger Fabric High
CVE-2021-43667 was published for github.com/hyperledger/fabric (Go) May 25, 2022
golang.org/x/crypto/ssh NULL Pointer Dereference vulnerability High
CVE-2020-29652 was published for golang.org/x/crypto (Go) May 24, 2022
golang.org/x/net/html NULL Pointer Dereference vulnerability High
CVE-2018-17142 was published for golang.org/x/net (Go) May 13, 2022
golang.org/x/net/html NULL Pointer Dereference vulnerability High
CVE-2018-17075 was published for golang.org/x/net (Go) May 13, 2022
NULL Pointer Dereference in Kubernetes CSI snapshot-controller Moderate
CVE-2020-8569 was published for github.com/kubernetes-csi/external-snapshotter/v2 (Go) Feb 15, 2022
Nil dereference in NATS JWT, DoS of nats-server High
CVE-2020-26521 was published for github.com/nats-io/jwt (Go) Feb 11, 2022
NULL Pointer Dereference in Protocol Buffers High
CVE-2021-22570 was published for Google.Protobuf (Composer) Jan 27, 2022
joshbressers
Denial of Service in Go-Ethereum Moderate
CVE-2021-43668 was published for github.com/ethereum/go-ethereum (Go) Nov 23, 2021
Go Ethereum Denial of Service High
CVE-2018-19184 was published for github.com/ethereum/go-ethereum (Go) Jun 29, 2021
Duplicate Advisory: gosaml2 is vulnerable to NULL Pointer Dereference from malformed XML signatures High
GHSA-gq5r-cc4w-g8xf was published for github.com/russellhaering/gosaml2 (Go) Jun 23, 2021 withdrawn
tdunlap607
Denial-of-Service within Docker container Moderate
CVE-2020-26213 was published for ktbs.dev/teler (Go) May 24, 2021
Nil dereference in NATS JWT causing DoS of nats-server High
GHSA-hmm9-r2m2-qg9w was published for github.com/nats-io/jwt (Go) May 21, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database