GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,656
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
146 advisories
Filter by severity
Kubernetes API Server DoS Via API Requests
Moderate
CVE-2020-8552
was published
for
k8s.io/apiserver
(Go)
Feb 15, 2022
Denial of Service in graphql-go
Moderate
CVE-2022-21708
was published
for
github.com/graph-gophers/graphql-go
(Go)
Jan 27, 2022
golang.org/x/net/http2 allows uncontrolled memory consumption
High
CVE-2021-44716
was published
for
golang.org/x/net/http2
(Go)
Jan 2, 2022
OctoRPKI crashes when processing GZIP bomb returned via malicious repository
Moderate
CVE-2021-3912
was published
for
github.com/cloudflare/cfrpki
(Go)
Nov 10, 2021
Infinite certificate chain depth results in OctoRPKI running forever
Moderate
CVE-2021-3908
was published
for
github.com/cloudflare/cfrpki
(Go)
Nov 10, 2021
Infinite open connection causes OctoRPKI to hang forever
Moderate
CVE-2021-3909
was published
for
github.com/cloudflare/cfrpki
(Go)
Nov 10, 2021
github.com/tidwall/gjson Vulnerable to REDoS attack
High
CVE-2021-42836
was published
for
github.com/tidwall/gjson
(Go)
Oct 25, 2021
github.com/pires/go-proxyproto vulnerable to DoS via Connection descriptor exhaustion
High
CVE-2021-23409
was published
for
github.com/pires/go-proxyproto
(Go)
Jul 26, 2021
Denial of Service in miekg-dns
High
CVE-2017-15133
was published
for
github.com/miekg/dns
(Go)
Jun 29, 2021
Denial of service in github.com/ethereum/go-ethereum
Moderate
CVE-2020-26264
was published
for
github.com/ethereum/go-ethereum
(Go)
Jun 29, 2021
Denial of service in geth
Moderate
CVE-2020-26242
was published
for
github.com/ethereum/go-ethereum
(Go)
Jun 29, 2021
Denial of service in GJSON
High
CVE-2020-35380
was published
for
github.com/tidwall/gjson
(Go)
Jun 23, 2021
Import loops in account imports, nats-server DoS
Low
GHSA-gwj5-3vfq-q992
was published
for
github.com/nats-io/nats-server/v2
(Go)
May 21, 2021
Integer overflow in github.com/gorilla/websocket
High
CVE-2020-27813
was published
for
github.com/gorilla/websocket
(Go)
May 18, 2021
github.com/tidwall/gjson is vulnerable to Denial of service
High
CVE-2020-36066
was published
for
github.com/tidwall/gjson
(Go)
May 18, 2021
github.com/pires/go-proxyproto denial of service vulnerability
Moderate
CVE-2021-23351
was published
for
github.com/pires/go-proxyproto
(Go)
May 18, 2021
golang.org/x/text Infinite loop
Moderate
CVE-2020-14040
was published
for
golang.org/x/text
(Go)
May 18, 2021
miekg/dns parsing error leads to nil pointer dereference and DoS
High
CVE-2018-17419
was published
for
github.com/miekg/dns
(Go)
May 18, 2021
Allocation of Resources Without Limits or Throttling in HashiCorp Nomad
High
CVE-2020-7218
was published
for
github.com/hashicorp/nomad
(Go)
May 18, 2021
Denial of Service (DoS) in HashiCorp Consul
High
CVE-2020-7219
was published
for
github.com/hashicorp/consul
(Go)
May 18, 2021
Improper Locking in github.com/containers/storage
Moderate
CVE-2021-20291
was published
for
github.com/containers/storage
(Go)
May 10, 2021
ProTip!
Advisories are also available from the
GraphQL API