Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

14 advisories

Loading
Local Privilege Escalation in Windows High
CVE-2023-49797 was published for pyinstaller (pip) Dec 9, 2023
Planet's secret file is created with excessive permissions High
CVE-2023-32303 was published for planet (pip) May 12, 2023
tripleo-ansible may disclose important configuration details from an OpenStack deployment Moderate
CVE-2022-3101 was published for tripleo-ansible (pip) Mar 23, 2023
tripleo-ansible may disclose important configuration details from an OpenStack deployment Moderate
CVE-2022-3146 was published for tripleo-ansible (pip) Mar 23, 2023
SaltStack Salt Allows creating certificates with weak file permissions Moderate
CVE-2020-17490 was published for salt (pip) May 24, 2022
Cobbler Improper Validation of Security Tokens Critical
CVE-2018-1000226 was published for cobbler (pip) May 13, 2022
Mercurial Incorrect Access Control vulnerability Critical
CVE-2018-1000132 was published for mercurial (pip) May 13, 2022
SaltStack Salt Permissions Bypass High
CVE-2022-22941 was published for salt (pip) Mar 30, 2022
Incorrect Permission Assignment for Critical Resource in Ansible Low
CVE-2020-1736 was published for ansible (pip) Feb 9, 2022
Incorrect Permission Assignment for Critical Resource in OnionShare Moderate
CVE-2022-21694 was published for onionshare-cli (pip) Jan 21, 2022
Incorrect Permission Assignment for Critical Resource in Plone Critical
CVE-2021-33509 was published for Plone (pip) Jun 15, 2021
Paramiko Authentication Bypass vulnerability High
CVE-2018-1000805 was published for paramiko (pip) Oct 10, 2018
Mercurial has Incorrect Permission Assignment for Critical Resource High
CVE-2017-9462 was published for mercurial (pip) Jul 13, 2018
Koji hub call does not perform correct access checks Critical
CVE-2018-1002150 was published for koji (pip) Jul 12, 2018
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database