Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

14 advisories

Loading
Mutable reference with immutable provenance in image Moderate
CVE-2020-35916 was published for image (Rust) Aug 25, 2021
tdunlap607
Error on unsupported architectures in raw-cpuid Moderate
CVE-2021-26307 was published for raw-cpuid (Rust) Aug 25, 2021
tdunlap607
Unchecked vector pre-allocation Moderate
GHSA-mcrf-7hf9-f6q5 was published for rmpv (Rust) Aug 25, 2021
Unsafe parsing in SWHKD Moderate
CVE-2022-27819 was published for Simple-Wayland-HotKey-Daemon (Rust) Apr 8, 2022
J3rry-1729
Cargo extracting malicious crates can fill the file system Moderate
CVE-2022-36114 was published for cargo (Rust) Sep 16, 2022
pietroalbini litios
kamadak-exif vulnerable to Infinite loop when parsing PNG files Moderate
CVE-2021-21235 was published for kamadak-exif (Rust) Oct 6, 2022
Comrak vulnerable to quadratic runtime issues when parsing Markdown (GHSL-2023-047) Moderate
CVE-2023-28626 was published for comrak (Rust) Mar 28, 2023
philipturnbull
rustix's `rustix::fs::Dir` iterator with the `linux_raw` backend can cause memory explosion Moderate
CVE-2024-43806 was published for rustix (Rust) Oct 18, 2023
cyqsimon sigmaSd
popey
tokio-boring vulnerable to resource exhaustion via memory leak Moderate
CVE-2023-6180 was published for tokio-boring (Rust) Dec 5, 2023
ehaydenr
Unbounded queuing of path validation messages in cloudflare-quiche Moderate
CVE-2023-6193 was published for quiche (Rust) Dec 13, 2023
LPardue marten-seemann
quiche vulnerable to unlimited resource allocation by QUIC CRYPTO frames flooding Moderate
CVE-2024-1765 was published for quiche (Rust) Mar 13, 2024
h2 servers vulnerable to degradation of service with CONTINUATION Flood Moderate
GHSA-q6cp-qfwq-4gcv was published for h2 (Rust) Apr 5, 2024
Stack overflow when parsing specially crafted JSON ABI strings Moderate
GHSA-8327-84cj-8xjm was published for alloy-json-abi (Rust) Aug 15, 2024
CWA-2023-004: Excessive number of function parameters in compiled Wasm Moderate
GHSA-75qh-gg76-p2w4 was published for cosmwasm-vm (Go) Aug 27, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database