Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,984
Maven
5,000+
npm
3,701
NuGet
657
pip
3,325
Pub
11
RubyGems
882
Rust
835
Swift
35
Unreviewed advisories
All unreviewed
5,000+

13 advisories

Loading
CometBFT Vote Extensions: Panic when receiving a Pre-commit with an invalid data High
GHSA-p7mv-53f2-4cwj was published for github.com/cometbft/cometbft (Go) Nov 6, 2024
corverroos
Improper Validation of Array Index in github.com/greenpau/caddy-security Moderate
CVE-2024-21493 was published for github.com/greenpau/caddy-security (Go) Feb 17, 2024
Crash when processing crafted TIFF files Low
CVE-2023-36308 was published for github.com/disintegration/imaging (Go) Sep 5, 2023
Index out of bounds leading to crash Moderate
CVE-2023-36307 was published for simonwaldherr.de/go/zplgfa (Go) Sep 5, 2023
Denial of Service in dhowden/tag Moderate
CVE-2020-29242 was published for github.com/dhowden/tag (Go) Feb 7, 2023
Improper Validation of Array Index in GJSON High
CVE-2020-36067 was published for github.com/tidwall/gjson (Go) Feb 6, 2023
etcd's WAL `ReadAll` method vulnerable to an entry with large index causing panic Moderate
CVE-2020-15112 was published for go.etcd.io/etcd/v3 (Go) Oct 6, 2022
dhowden tag panic due to out-of-bounds read Moderate
CVE-2020-29245 was published for github.com/dhowden/tag (Go) May 24, 2022
dhowden tag panic due to out-of-bounds read Moderate
CVE-2020-29244 was published for github.com/dhowden/tag (Go) May 24, 2022
dhowden tag panic due to out-of-bounds read Moderate
CVE-2020-29243 was published for github.com/dhowden/tag (Go) May 24, 2022
Go Ethereum LES protocol implementation vulnerable to Denial of Service High
CVE-2018-12018 was published for github.com/ethereum/go-ethereum (Go) May 14, 2022
golang.org/x/net/html Improper Validation of Array Index vulnerability High
CVE-2018-17848 was published for golang.org/x/net (Go) May 13, 2022
Improper Input Validation in GoGo Protobuf High
CVE-2021-3121 was published for github.com/gogo/protobuf (Go) Mar 28, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database