GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
14 advisories
Filter by severity
Authenticated users can exploit an enumeration vulnerability in Harbor
Moderate
CVE-2020-13794
was published
for
github.com/goharbor/harbor
(Go)
May 24, 2021
HashiCorp Consul and Consul Enterprise 1.10.1 Txn.Apply endpoint allowed services to register proxies for other services, enabling access to service traffic.
Moderate
CVE-2021-38698
was published
for
github.com/hashicorp/consul
(Go)
Sep 8, 2021
Missing Authorization in Harbor
Moderate
CVE-2019-16097
was published
for
github.com/goharbor/harbor
(Go)
Feb 15, 2022
Mattermost Server Sensitive Data Exposure
Moderate
CVE-2020-14457
was published
for
github.com/mattermost/mattermost
(Go)
May 24, 2022
OpenFGA subject to Information Disclosure via streamed-list-objects endpoint
Moderate
CVE-2022-39340
was published
for
github.com/openfga/openfga
(Go)
Oct 25, 2022
Mattermost fails to properly authentication inviter's permissions to private channel
Moderate
CVE-2023-1774
was published
for
github.com/mattermost/mattermost-server
(Go)
Mar 31, 2023
Duplicate Advisory: Grafana Improper Access Control vulnerability
Moderate
GHSA-wm7r-3qxj-5xgq
was published
for
github.com/grafana/grafana
(Go)
Jun 6, 2023
•
withdrawn
Mattermost Server Missing Authorization vulnerability
Moderate
CVE-2023-2783
was published
for
github.com/mattermost/mattermost-server/v6
(Go)
Jun 16, 2023
Nomad ACL Policies without Label are Applied to Unexpected Resources
Moderate
CVE-2023-3072
was published
for
github.com/hashicorp/nomad
(Go)
Jul 20, 2023
Nomad Search API Leaks Information About CSI Plugins
Moderate
CVE-2023-3300
was published
for
github.com/hashicorp/nomad
(Go)
Jul 20, 2023
Mattermost fails to check if user is a guest before performing actions on public playbooks
Moderate
CVE-2023-4106
was published
for
github.com/mattermost/mattermost-server/v6
(Go)
Aug 11, 2023
Pebble service manager's file pull API allows access by any user
Moderate
CVE-2024-3250
was published
for
github.com/canonical/pebble
(Go)
Apr 5, 2024
Mattermost server allows authenticated user to delete arbitrary post
Moderate
CVE-2024-50052
was published
for
github.com/mattermost/mattermost/server/v8
(Go)
Oct 29, 2024
Cilium's Layer 7 policy enforcement may not occur in policies with wildcarded port ranges
Moderate
CVE-2024-52529
was published
for
github.com/cilium/cilium
(Go)
Nov 25, 2024
ProTip!
Advisories are also available from the
GraphQL API