GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
76 advisories
Filter by severity
Mattermost fails to strip `embeds` from `metadata` when broadcasting `posted` events
Moderate
CVE-2024-47003
was published
for
github.com/mattermost/mattermost/server/v8
(Go)
Sep 26, 2024
OCI image importer memory exhaustion in github.com/containerd/containerd
Moderate
CVE-2023-25153
was published
for
github.com/containerd/containerd
(Go)
Feb 16, 2023
CWA-2023-004: Excessive number of function parameters in compiled Wasm
Moderate
GHSA-75qh-gg76-p2w4
was published
for
cosmwasm-vm
(Go)
Aug 27, 2024
Mattermost Plugin Channel Export excessive resource consumption
Moderate
CVE-2024-43105
was published
for
github.com/mattermost/mattermost-plugin-channel-export
(Go)
Aug 23, 2024
HTTP/2 Stream Cancellation Attack
Moderate
CVE-2023-44487
was published
for
com.typesafe.akka:akka-http-core
(Go)
Oct 10, 2023
Podman vulnerable to memory-based denial of service
Moderate
CVE-2024-3056
was published
for
github.com/containers/podman
(Go)
Aug 2, 2024
Mattermost fails to limit the number of role names
Moderate
CVE-2024-1953
was published
for
github.com/mattermost/mattermost/server/v8
(Go)
Feb 29, 2024
Mattermost denial of service through long emoji value
Moderate
CVE-2024-24988
was published
for
github.com/mattermost/mattermost/server/v8
(Go)
Feb 29, 2024
Mattermost vulnerable to denial of service via large number of emoji reactions
Moderate
CVE-2024-1402
was published
for
github.com/mattermost/mattermost/server/v8
(Go)
Feb 9, 2024
Mattermost Server doesn't limit the number of user preferences
Moderate
CVE-2024-28949
was published
for
github.com/mattermost/mattermost/server/v8
(Go)
Apr 5, 2024
Denial of service when decrypting attack controlled input in github.com/dvsekhvalnov/jose2go
Moderate
GHSA-mhpq-9638-x6pw
was published
for
github.com/dvsekhvalnov/jose2go
(Go)
Dec 20, 2023
gqlparser denial of service vulnerability via the parserDirectives function
Moderate
CVE-2023-49559
was published
for
github.com/vektah/gqlparser
(Go)
Jun 12, 2024
Minder affected by denial of service from maliciously configured Git repository
Moderate
CVE-2024-37904
was published
for
github.com/stacklok/minder
(Go)
Jun 18, 2024
Denial of service in Kubernetes
Moderate
CVE-2020-8557
was published
for
k8s.io/kubernetes/pkg/kubelet
(Go)
Apr 24, 2024
moby docker daemon crash during image pull of malicious image
Moderate
CVE-2021-21285
was published
for
github.com/moby/moby
(Go)
Jan 31, 2024
Tendermint Core vulnerable to Uncontrolled Resource Consumption
Moderate
CVE-2021-21271
was published
for
github.com/tendermint/tendermint
(Go)
Oct 7, 2022
Stacklok Minder vulnerable to denial of service from maliciously crafted templates
Moderate
CVE-2024-35194
was published
for
github.com/stacklok/minder
(Go)
May 20, 2024
Uncontrolled Resource Consumption in golang.org/x/image
Moderate
CVE-2022-41727
was published
for
golang.org/x/image
(Go)
Feb 17, 2023
Denial of service via HAMT Decoding Panics
Moderate
CVE-2023-23625
was published
for
github.com/ipfs/go-unixfs
(Go)
Feb 10, 2023
revel is vulnerable to resource exhaustion
Moderate
CVE-2020-36568
was published
for
github.com/revel/revel
(Go)
Dec 28, 2022
golang.org/x/text Infinite loop
Moderate
CVE-2020-14040
was published
for
golang.org/x/text
(Go)
May 18, 2021
Denial of service of Minder Server with attacker-controlled REST endpoint
Moderate
CVE-2024-35185
was published
for
github.com/stacklok/minder
(Go)
May 16, 2024
Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences
Moderate
CVE-2024-32476
was published
for
github.com/argoproj/argo-cd/v2
(Go)
Apr 26, 2024
net/http, x/net/http2: close connections when receiving too many headers
Moderate
CVE-2023-45288
was published
for
golang.org/x/net
(Go)
Apr 4, 2024
Mattermost fails to limit the number of active sessions
Moderate
CVE-2024-4183
was published
for
github.com/mattermost/mattermost-server
(Go)
Apr 26, 2024
ProTip!
Advisories are also available from the
GraphQL API