Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

76 advisories

Loading
DOS and excessive memory usage when passing untrusted user input to to dag import Moderate
GHSA-f2gr-7299-487h was published for github.com/ipfs/go-ipfs (Go) Jul 6, 2022
Jorropo avivdolev
Uncontrolled Resource Consumption in Mattermost server Moderate
CVE-2022-1982 was published for github.com/mattermost/mattermost-server (Go) Jun 3, 2022
DoS via malicious p2p message in Go Ethereum Moderate
CVE-2022-29177 was published for github.com/ethereum/go-ethereum (Go) May 24, 2022
KubeEdge Cloud AdmissionController component DoS Moderate
CVE-2022-31074 was published for github.com/kubeedge/kubeedge (Go) Jul 11, 2022
DavidKorczynski AdamKorcz
KubeEdge Edge ServiceBus module DoS Moderate
CVE-2022-31073 was published for github.com/kubeedge/kubeedge (Go) Jul 11, 2022
DavidKorczynski AdamKorcz
HashiCorp Consul Ingress Gateway Panic Can Shutdown Servers Moderate
CVE-2022-24687 was published for github.com/hashicorp/consul (Go) Feb 25, 2022
Nomad Spread Job Stanza May Trigger Panic in Servers Moderate
CVE-2022-24684 was published for github.com/hashicorp/nomad (Go) Feb 16, 2022
westonsteimel
Denial of Service in graphql-go Moderate
CVE-2022-21708 was published for github.com/graph-gophers/graphql-go (Go) Jan 27, 2022
jupenur
Improper Locking in github.com/containers/storage Moderate
CVE-2021-20291 was published for github.com/containers/storage (Go) May 10, 2021
OctoRPKI crashes when processing GZIP bomb returned via malicious repository Moderate
CVE-2021-3912 was published for github.com/cloudflare/cfrpki (Go) Nov 10, 2021
Denial of service in geth Moderate
CVE-2020-26242 was published for github.com/ethereum/go-ethereum (Go) Jun 29, 2021
Malformed CAR panics and excessive memory usage Moderate
GHSA-9x4h-8wgm-8xfg was published for github.com/ipld/go-car (Go) Jul 6, 2022
Jorropo rvagg
willscott masih BigLep
Denial of service in github.com/ethereum/go-ethereum Moderate
CVE-2020-26264 was published for github.com/ethereum/go-ethereum (Go) Jun 29, 2021
lukaszmatczak
Helm vulnerable to denial of service through string value parsing Moderate
CVE-2022-23524 was published for helm.sh/helm/v3 (Go) Dec 14, 2022
DavidKorczynski AdamKorcz
Uncontrolled Resource Consumption in Hashicorp Nomad Moderate
CVE-2023-0821 was published for github.com/hashicorp/nomad (Go) Feb 17, 2023
fieldpath's Paved.SetValue allows growing arrays up to arbitrary sizes in crossplane-runtime Moderate
CVE-2023-27483 was published for github.com/crossplane/crossplane-runtime (Go) Mar 13, 2023
phisco AdamKorcz
DavidKorczynski
Uncontrolled Resource Consumption in github.com/google/fscrypt Moderate
CVE-2022-25326 was published for github.com/google/fscrypt (Go) Feb 26, 2022
tdunlap607
github.com/ipfs/kubo affected by DOS Bitswap unbounded persistent memory leak Moderate
GHSA-qvqg-6rp8-4p9h was published for github.com/ipfs/kubo (Go) May 11, 2023
Jorropo
Crossplane-runtime contains Improper Input Validation via Compositions Moderate
CVE-2023-27484 was published for github.com/crossplane/crossplane (Go) Mar 10, 2023
phisco AdamKorcz
DavidKorczynski
Resource exhaustion in Mattermost Moderate
CVE-2022-1337 was published for github.com/mattermost/mattermost-server/v6 (Go) Apr 14, 2022
DoS through large manifest files in Argo CD Moderate
CVE-2022-31016 was published for github.com/argoproj/argo-cd (Go) Jun 21, 2022
AdamKorcz
KubeEdge CloudCore Router memory exhaustion vulnerability Moderate
CVE-2022-31078 was published for github.com/kubeedge/kubeedge (Go) Jul 11, 2022
DavidKorczynski AdamKorcz
KubeEdge Cloud Stream and Edge Stream DoS from large stream message Moderate
CVE-2022-31079 was published for github.com/kubeedge/kubeedge (Go) Jul 11, 2022
AdamKorcz DavidKorczynski
DoS in KubeEdge's Websocket Client in package Viaduct Moderate
CVE-2022-31080 was published for github.com/kubeedge/kubeedge (Go) Jul 11, 2022
DavidKorczynski AdamKorcz
KubeEdge DoS when signing the CSR from EdgeCore Moderate
CVE-2022-31075 was published for github.com/kubeedge/kubeedge (Go) Jul 11, 2022
DavidKorczynski AdamKorcz
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database