Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

12 advisories

Loading
quic-go vulnerable to pointer dereference that can lead to panic High
CVE-2023-46239 was published for github.com/quic-go/quic-go (Go) Oct 30, 2023
github.com/russellhaering/gosaml2 is vulnerable to NULL Pointer Dereference High
CVE-2020-7731 was published for github.com/russellhaering/gosaml2 (Go) Nov 15, 2022
stevenjohnstone
goxmldsig vulnerable to crash on nil-pointer dereference caused by sending malformed XML signatures High
CVE-2020-7711 was published for github.com/russellhaering/gosaml2 (Go) Oct 7, 2022
NULL Pointer Dereference in HyperLedger Fabric High
CVE-2021-43667 was published for github.com/hyperledger/fabric (Go) May 25, 2022
golang.org/x/crypto/ssh NULL Pointer Dereference vulnerability High
CVE-2020-29652 was published for golang.org/x/crypto (Go) May 24, 2022
golang.org/x/net/html NULL Pointer Dereference vulnerability High
CVE-2018-17142 was published for golang.org/x/net (Go) May 13, 2022
golang.org/x/net/html NULL Pointer Dereference vulnerability High
CVE-2018-17075 was published for golang.org/x/net (Go) May 13, 2022
Nil dereference in NATS JWT, DoS of nats-server High
CVE-2020-26521 was published for github.com/nats-io/jwt (Go) Feb 11, 2022
NULL Pointer Dereference in Protocol Buffers High
CVE-2021-22570 was published for Google.Protobuf (Composer) Jan 27, 2022
joshbressers
Go Ethereum Denial of Service High
CVE-2018-19184 was published for github.com/ethereum/go-ethereum (Go) Jun 29, 2021
Duplicate Advisory: gosaml2 is vulnerable to NULL Pointer Dereference from malformed XML signatures High
GHSA-gq5r-cc4w-g8xf was published for github.com/russellhaering/gosaml2 (Go) Jun 23, 2021 withdrawn
tdunlap607
Nil dereference in NATS JWT causing DoS of nats-server High
GHSA-hmm9-r2m2-qg9w was published for github.com/nats-io/jwt (Go) May 21, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database