Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,815
Erlang
36
GitHub Actions
32
Go
2,401
Maven
5,000+
npm
4,044
NuGet
723
pip
3,830
Pub
12
RubyGems
933
Rust
1,003
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,003 advisories

Loading
Duplicate Advisory: Remotely exploitable denial of service in Rosenpass Moderate
GHSA-624c-2h52-gf7f was published for rosenpass (Rust) Jul 28, 2025 withdrawn
Remotely exploitable denial of service in Rosenpass Moderate
CVE-2023-53157 was published for rosenpass (Rust) Dec 21, 2023
Duplicate Advisory: Low severity (DoS) vulnerability in sequoia-openpgp Low
GHSA-g97w-mw7g-v3jv was published for sequoia-openpgp (Rust) Jul 27, 2025 withdrawn
Duplicate Advisory: gix-transport code execution vulnerability Moderate
GHSA-5c5j-jmhx-q2gr was published for gix-transport (Rust) Jul 28, 2025 withdrawn
gix-transport code execution vulnerability Moderate
CVE-2023-53158 was published for gix-transport (Rust) Sep 25, 2023
EliahKagan
Low severity (DoS) vulnerability in sequoia-openpgp Low
CVE-2024-58261 was published for sequoia-openpgp (Rust) Jun 26, 2024
Duplicate Advisory: curve25519-dalek has timing variability in `curve25519-dalek`'s `Scalar29::sub`/`Scalar52::sub` Low
GHSA-4hff-hh47-7788 was published for curve25519-dalek (Rust) Jul 27, 2025 withdrawn
curve25519-dalek has timing variability in `curve25519-dalek`'s `Scalar29::sub`/`Scalar52::sub` Moderate
CVE-2024-58262 was published for curve25519-dalek (Rust) Jun 18, 2024
Duplicate Advisory: CosmWasm affected by arithmetic overflows Low
GHSA-rm83-pxjx-pr5j was published for cosmwasm-std (Rust) Jul 27, 2025 withdrawn
CosmWasm affected by arithmetic overflows Low
CVE-2024-58263 was published for cosmwasm-std (Rust) Apr 24, 2024
Duplicate Advisory: `ed25519-dalek` Double Public Key Signing Function Oracle Attack Moderate
GHSA-g693-v3jr-8hcr was published for ed25519-dalek (Rust) Jul 28, 2025 withdrawn
`ed25519-dalek` Double Public Key Signing Function Oracle Attack Moderate
CVE-2022-50237 was published for ed25519-dalek (Rust) Aug 14, 2023
Duplicate Advisory: transpose: Buffer overflow due to integer overflow Moderate
GHSA-p444-p2rm-hvrw was published for transpose (Rust) Jul 27, 2025 withdrawn
transpose: Buffer overflow due to integer overflow Moderate
CVE-2023-53156 was published for transpose (Rust) Apr 5, 2024
Duplicate Advisory: `openssl` `X509VerifyParamRef::set_host` buffer over-read Moderate
GHSA-gw89-822v-8v8g was published for openssl (Rust) Jul 28, 2025 withdrawn
Duplicate Advisory: serde-json-wasm stack overflow during recursive JSON parsing Low
GHSA-j87p-gjr6-m4pv was published for serde-json-wasm (Rust) Jul 27, 2025 withdrawn
`openssl` `X509VerifyParamRef::set_host` buffer over-read Moderate
CVE-2023-53159 was published for openssl (Rust) Jun 21, 2023
serde-json-wasm stack overflow during recursive JSON parsing High
CVE-2024-58264 was published for serde-json-wasm (Rust) Feb 9, 2024
Duplicate Advisory: sequoia-openpgp vulnerable to out-of-bounds array access leading to panic Low
GHSA-rfx3-ffrp-6875 was published for sequoia-openpgp (Rust) Jul 28, 2025 withdrawn
Duplicate Advisory: Unauthenticated Nonce Increment in snow Low
GHSA-97f8-h76h-f297 was published for snow (Rust) Jul 28, 2025 withdrawn
sequoia-openpgp vulnerable to out-of-bounds array access leading to panic Low
CVE-2023-53160 was published for sequoia-openpgp (Rust) Jun 6, 2023
Unauthenticated Nonce Increment in snow Low
CVE-2024-58265 was published for snow (Rust) Jan 24, 2024
Duplicate Advisory: Multiple issues involving quote API in shlex Low
GHSA-286m-6pg9-v42v was published for shlex (Rust) Jul 28, 2025 withdrawn
Multiple issues involving quote API in shlex Low
CVE-2024-58266 was published for shlex (Rust) Jan 22, 2024
Duplicate Advisory: buffered-reader vulnerable to out-of-bounds array access leading to panic Low
GHSA-q5h2-xq96-6gmc was published for buffered-reader (Rust) Jul 28, 2025 withdrawn
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database