GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
12 advisories
Filter by severity
Out-of-bounds read in Apache Thrift
High
CVE-2019-0210
was published
for
github.com/apache/thrift
(Go)
May 18, 2021
Denial of service in geth
Moderate
CVE-2020-26242
was published
for
github.com/ethereum/go-ethereum
(Go)
Jun 29, 2021
Denial of Service in jsonparser
High
CVE-2020-35381
was published
for
github.com/buger/jsonparser
(Go)
May 25, 2022
Ill-formed headers may lead to unexpected behavior in Istio
Moderate
CVE-2022-31045
was published
for
istio.io/istio
(Go)
Jun 10, 2022
Withdrawn Advisory: Out-of-bounds Read can lead to client side denial of service
High
CVE-2022-34037
was published
for
github.com/caddyserver/caddy
(Go)
Jul 23, 2022
•
withdrawn
Go-CVSS has Out-of-bounds Read vulnerability in ParseVector function
High
CVE-2022-39213
was published
for
github.com/pandatix/go-cvss
(Go)
Sep 16, 2022
golang.org/x/text/language Out-of-bounds Read vulnerability
High
CVE-2021-38561
was published
for
golang.org/x/text
(Go)
Dec 26, 2022
Panic during unmarshal of Hello Verify Request in github.com/pion/dtls/v2
Moderate
GHSA-hxp2-xqf3-v83h
was published
for
github.com/pion/dtls
(Go)
Feb 7, 2023
google.golang.org/protobuf vulnerable to panic leading to denial of service
High
CVE-2023-24535
was published
for
google.golang.org/protobuf
(Go)
Mar 14, 2023
Markdown vulnerable to Out-of-bounds Read while parsing citations
High
CVE-2023-42821
was published
for
github.com/gomarkdown/markdown
(Go)
Sep 22, 2023
dotmesh arbitrary file read and/or write
High
CVE-2020-26312
was published
for
github.com/dotmesh-io/dotmesh
(Go)
May 14, 2024
Ollama Out-of-bounds Read
High
CVE-2024-39720
was published
for
github.com/ollama/ollama
(Go)
Oct 31, 2024
ProTip!
Advisories are also available from the
GraphQL API