Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
1,996
Maven
5,000+
npm
3,709
NuGet
661
pip
3,348
Pub
11
RubyGems
885
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

3,709 advisories

Loading
Moderate severity vulnerability that affects validator Moderate
CVE-2013-7453 was published for validator (npm) Oct 24, 2017
Arbitrary JavaScript Execution in bassmaster Critical
CVE-2014-7205 was published for bassmaster (npm) Oct 24, 2017
Potential for Script Injection in syntax-error High
CVE-2014-7192 was published for syntax-error (npm) Oct 24, 2017
RDIL
Directory Traversal in geddy High
CVE-2015-5688 was published for geddy (npm) Oct 24, 2017
Regular Expression Denial of Service in is-my-json-valid High
CVE-2016-2537 was published for is-my-json-valid (npm) Oct 24, 2017
High severity vulnerability that affects electron High
CVE-2016-1202 was published for electron (npm) Oct 24, 2017
Regular Expression Denial of Service in moment Moderate
CVE-2016-4055 was published for moment (npm) Oct 24, 2017
jQuery-UI vulnerable to Cross-site Scripting in dialog closeText Moderate
CVE-2016-7103 was published for jQuery.UI.Combined (RubyGems) Oct 24, 2017
Cross Site Scripting (XSS) in plotly.js Moderate
CVE-2017-1000006 was published for plotly.js (npm) Oct 24, 2017
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database