Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,458
Erlang
33
GitHub Actions
22
Go
2,156
Maven
5,000+
npm
3,818
NuGet
693
pip
3,497
Pub
12
RubyGems
903
Rust
903
Swift
38
Unreviewed advisories
All unreviewed
5,000+

985 advisories

Loading
Denial of service in github.com/ethereum/go-ethereum Moderate
CVE-2020-26264 was published for github.com/ethereum/go-ethereum (Go) Jun 29, 2021
lukaszmatczak
Denial of service in geth Moderate
CVE-2020-26242 was published for github.com/ethereum/go-ethereum (Go) Jun 29, 2021
Shallow copy bug in geth Moderate
CVE-2020-26241 was published for github.com/ethereum/go-ethereum (Go) Jun 29, 2021
johnyangk
Erroneous Proof of Work calculation in geth Moderate
CVE-2020-26240 was published for github.com/ethereum/go-ethereum (Go) Jun 29, 2021
slavikus
Cross-site Scripting in Gogs Moderate
CVE-2014-8683 was published for gogs.io/gogs (Go) Jun 29, 2021
SQL Injection in gogs.io/gogs Moderate
CVE-2014-8681 was published for github.com/gogits/gogs (Go) Jun 29, 2021
Open Redirect Moderate
CVE-2018-15178 was published for gogs.io/gogs (Go) Jun 29, 2021
Improper network isolation in Hashicorp Nomad Moderate
CVE-2021-32575 was published for github.com/hashicorp/nomad (Go) Jun 24, 2021
Improper Neutralization of Special Elements in Output in helm.sh/helm/v3 Moderate
CVE-2021-21303 was published for helm.sh/helm/v3 (Go) Jun 23, 2021
Duplicate Advisory: Helm passes repository credentials to alternate domain Moderate
GHSA-7jr6-prv4-5wf5 was published for helm.sh/helm/v3 (Go) Jun 23, 2021 withdrawn
Helm passes repository credentials to alternate domain Moderate
CVE-2021-32690 was published for helm.sh/helm/v3 (Go) Jun 23, 2021
Unchecked hostname resolution could allow access to local network resources by users outside the local network Moderate
GHSA-6rg3-8h8x-5xfv was published for github.com/pterodactyl/wings (Go) Jun 23, 2021
Asymmetric Resource Consumption (Amplification) in Docker containers created by Wings Moderate
CVE-2021-32699 was published for github.com/pterodactyl/wings (Go) Jun 23, 2021
Access Control Bypass Moderate
CVE-2018-20321 was published for github.com/rancher/rancher (Go) Jun 23, 2021
Incorrect Permission Assignment for Critical Resource in Hashicorp Consul Moderate
CVE-2020-12797 was published for github.com/hashicorp/consul (Go) Jun 23, 2021
Control character injection in console output in github.com/ipfs/go-ipfs Moderate
CVE-2020-26283 was published for github.com/ipfs/go-ipfs (Go) Jun 23, 2021
tintinweb
Websocket requests did not call AuthenticateMethod Moderate
GHSA-5gjg-jgh4-gppm was published for github.com/ecnepsnai/web (Go) Jun 23, 2021
Improper input validation in CNCF Cortex Moderate
CVE-2021-31232 was published for github.com/cortexproject/cortex (Go) Jun 23, 2021
Privilege Escalation in fscrypt Moderate
CVE-2018-6558 was published for github.com/google/fscrypt (Go) Jun 23, 2021
Cache Manipulation Attack in Apache Traffic Control Moderate
CVE-2020-17522 was published for github.com/apache/trafficcontrol (Go) Jun 18, 2021
go.mongodb.org/mongo-driver improperly validates cstrings when marshalling Go objects into BSON Moderate
CVE-2021-20329 was published for go.mongodb.org/mongo-driver (Go) Jun 15, 2021
Improper Input Validation Moderate
CVE-2021-3499 was published for github.com/ovn-org/ovn-kubernetes (Go) Jun 8, 2021
Kiali Authentication Bypass vulnerability Moderate
CVE-2021-20278 was published for github.com/kiali/kiali (Go) Jun 1, 2021
Action Commands (run/shell/exec) Against Library URIs Ignore Configured Remote Endpoint Moderate
CVE-2021-32635 was published for github.com/sylabs/singularity (Go) Jun 1, 2021
EmmEff
Action Commands (run/shell/exec) Against Library URIs Ignore Configured Remote Endpoint Moderate
GHSA-jq42-hfch-42f3 was published for github.com/hpcng/singularity (Go) Jun 1, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database