GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
749 advisories
mount destinations can be swapped via symlink-exchange to cause mounts outside the rootfs
High
CVE-2021-30465
was published
for
github.com/opencontainers/runc
(Go)
May 25, 2021
github.com/ulikunitz/xz fixes readUvarint Denial of Service (DoS)
High
CVE-2021-29482
was published
for
github.com/ulikunitz/xz
(Go)
May 25, 2021
Path traversal and files overwrite with unsquashfs in singularity
High
CVE-2020-15229
was published
for
github.com/sylabs/singularity
(Go)
May 24, 2021
Ory fosite contains Improper Handling of Exceptional Conditions
High
CVE-2020-15223
was published
for
github.com/ory/fosite
(Go)
May 24, 2021
Local Privilege Escalation in cloudflared
High
CVE-2020-24356
was published
for
github.com/cloudflare/cloudflared
(Go)
May 24, 2021
Insecure permissions on build temporary rootfs in Singularity
High
CVE-2020-25040
was published
for
github.com/sylabs/singularity
(Go)
May 24, 2021
Legacy Node API Allows Impersonation in github.com/spiffe/spire/pkg/server/endpoints/node
High
CVE-2021-27098
was published
for
github.com/spiffe/spire
(Go)
May 21, 2021
Path traversal in u-root
High
CVE-2020-7665
was published
for
github.com/u-root/u-root
(Go)
May 18, 2021
ProTip!
Advisories are also available from the
GraphQL API