Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+

348 advisories

Loading
`BinaryArray` does not perform bound checks on reading values and offsets High
GHSA-r7cj-wmwv-hfw5 was published for arrow (Rust) Jun 16, 2022
`Read` on uninitialized buffer in `fill_buf()` and `read_up_to()` High
GHSA-hv9v-7w3v-rj6f was published for acc_reader (Rust) Jun 16, 2022
abomonation transmutes &T to and from &[u8] without sufficient constraints High
GHSA-hfxp-p695-629x was published for abomonation (Rust) Jun 16, 2022
Duplicate Advisory: Integer Overflow in HeaderMap::reserve() can cause Denial of Service High
CVE-2019-25008 was published for http (Rust) Jun 16, 2022 withdrawn
matveybaykalov
Link Following in Deno High
CVE-2021-41641 was published for deno (Rust) Jun 13, 2022
Routinator infinite loop vulnerability High
CVE-2021-43172 was published for routinator (Rust) May 24, 2022
Read buffer overruns processing ASN.1 strings High
CVE-2021-3712 was published for openssl-src (Rust) May 24, 2022
another-rex
futures_task::waker may cause a use-after-free if used on a type that isn't 'static High
CVE-2020-35906 was published for futures-task (Rust) May 24, 2022
Dangling reference in `access::Map` with Constant High
CVE-2020-35711 was published for arc-swap (Rust) May 24, 2022
Grin insufficient data validation High
CVE-2020-15899 was published for grin (Rust) May 24, 2022
Grin Insufficient Validation High
CVE-2020-6638 was published for grin (Rust) May 24, 2022
Cargo prior to Rust 1.26.0 may download the wrong dependency High
CVE-2019-16760 was published for cargo (Rust) May 24, 2022
Integer overflow in solana_rbpf High
CVE-2022-31264 was published for solana_rbpf (Rust) May 22, 2022
librsvg DoS via Cyclic References High
CVE-2015-7558 was published for librsvg (Rust) May 17, 2022
Resource leakage when decoding certificates and keys High
CVE-2022-1473 was published for openssl-src (Rust) May 4, 2022
pinkforest
Dep Group Remote Memory Exhaustion (Denial of Service) in ckb High
GHSA-j35p-q24r-5367 was published for ckb (Rust) Apr 22, 2022
Relative Path Traversal in afire serve_static High
GHSA-3227-r97m-8j95 was published for afire (Rust) Apr 22, 2022
w-henderson
Use after free in Wasmtime High
CVE-2022-24791 was published for wasmtime (Rust) Apr 1, 2022
fitzgen cfallin
Data Loss/Denial of Service in SWHKD High
CVE-2022-27816 was published for Simple-Wayland-HotKey-Daemon (Rust) Mar 31, 2022
Shinyzenith
openssl-src's infinite loop in `BN_mod_sqrt()` reachable when parsing certificates High
CVE-2022-0778 was published for openssl-src (Rust) Mar 16, 2022
rajivshah3 michaelkedar
Rust's regex crate vulnerable to regular expression denial of service High
CVE-2022-24713 was published for regex (Rust) Mar 8, 2022
addisoncrump
crossbeam-utils Race Condition vulnerability High
CVE-2022-23639 was published for crossbeam-utils (Rust) Feb 16, 2022
saethlin
Integer overflow in solana_rbpf High
CVE-2021-46102 was published for solana_rbpf (Rust) Jan 28, 2022
Use After Free in lru High
CVE-2021-45720 was published for lru (Rust) Jan 7, 2022
Use of Uninitialized Resource in smallvec High
CVE-2018-25023 was published for smallvec (Rust) Jan 6, 2022
tdunlap607
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database