Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

14 advisories

Loading
Authenticated users can exploit an enumeration vulnerability in Harbor Moderate
CVE-2020-13794 was published for github.com/goharbor/harbor (Go) May 24, 2021
Missing Authorization in Harbor Moderate
CVE-2019-16097 was published for github.com/goharbor/harbor (Go) Feb 15, 2022
Mattermost Server Sensitive Data Exposure Moderate
CVE-2020-14457 was published for github.com/mattermost/mattermost (Go) May 24, 2022
OpenFGA subject to Information Disclosure via streamed-list-objects endpoint Moderate
CVE-2022-39340 was published for github.com/openfga/openfga (Go) Oct 25, 2022
Mattermost fails to properly authentication inviter's permissions to private channel Moderate
CVE-2023-1774 was published for github.com/mattermost/mattermost-server (Go) Mar 31, 2023
Duplicate Advisory: Grafana Improper Access Control vulnerability Moderate
GHSA-wm7r-3qxj-5xgq was published for github.com/grafana/grafana (Go) Jun 6, 2023 withdrawn
Mattermost Server Missing Authorization vulnerability Moderate
CVE-2023-2783 was published for github.com/mattermost/mattermost-server/v6 (Go) Jun 16, 2023
Nomad ACL Policies without Label are Applied to Unexpected Resources Moderate
CVE-2023-3072 was published for github.com/hashicorp/nomad (Go) Jul 20, 2023
anonymous4ACL24
Nomad Search API Leaks Information About CSI Plugins Moderate
CVE-2023-3300 was published for github.com/hashicorp/nomad (Go) Jul 20, 2023
anonymous4ACL24
Mattermost fails to check if user is a guest before performing actions on public playbooks Moderate
CVE-2023-4106 was published for github.com/mattermost/mattermost-server/v6 (Go) Aug 11, 2023
Pebble service manager's file pull API allows access by any user Moderate
CVE-2024-3250 was published for github.com/canonical/pebble (Go) Apr 5, 2024
hpidcock benhoyt
Mattermost server allows authenticated user to delete arbitrary post Moderate
CVE-2024-50052 was published for github.com/mattermost/mattermost/server/v8 (Go) Oct 29, 2024
Cilium's Layer 7 policy enforcement may not occur in policies with wildcarded port ranges Moderate
CVE-2024-52529 was published for github.com/cilium/cilium (Go) Nov 25, 2024
ProTip! Advisories are also available from the GraphQL API