GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,233
Erlang
31
GitHub Actions
20
Go
1,992
Maven
5,000+
npm
3,709
NuGet
661
pip
3,346
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+
425 advisories
Filter by severity
Moderate severity vulnerability that affects sprockets
Moderate
GHSA-r4x3-g983-9g48
was published
for
sprockets
(RubyGems)
Oct 10, 2018
•
withdrawn
Moderate severity vulnerability that affects rails-html-sanitizer
Moderate
GHSA-77pc-q5q7-qg9h
was published
for
rails-html-sanitizer
(RubyGems)
Sep 17, 2018
•
withdrawn
Moderate severity vulnerability that affects rails-html-sanitizer
Moderate
GHSA-mrhj-2g4v-39qx
was published
for
rails-html-sanitizer
(RubyGems)
Sep 17, 2018
•
withdrawn
Moderate severity vulnerability that affects activerecord
Moderate
GHSA-7phj-gmgx-2r66
was published
for
activerecord
(RubyGems)
Sep 17, 2018
•
withdrawn
Moderate severity vulnerability that affects rails-html-sanitizer
Moderate
GHSA-qc8j-m8j3-rjq6
was published
for
rails-html-sanitizer
(RubyGems)
Sep 17, 2018
•
withdrawn
Moderate severity vulnerability that affects actionpack
Moderate
GHSA-vwfg-qj3r-6v3r
was published
for
actionpack
(RubyGems)
Sep 17, 2018
•
withdrawn
Heap-based buffer overflow in nokogiri
Moderate
CVE-2015-7499
was published
for
nokogiri
(RubyGems)
Sep 17, 2018
Moderate severity vulnerability that affects activesupport
Moderate
GHSA-35c4-f3rq-f9g3
was published
for
activesupport
(RubyGems)
Sep 17, 2018
•
withdrawn
Moderate severity vulnerability that affects rack
Moderate
GHSA-9vc2-p34x-jhxh
was published
for
rack
(RubyGems)
Sep 17, 2018
•
withdrawn
Moderate severity vulnerability that affects actionview
Moderate
GHSA-6834-r92f-jj42
was published
for
actionview
(RubyGems)
Sep 17, 2018
•
withdrawn
Duplicate Advisory: Moderate severity vulnerability that affects activemodel
Moderate
GHSA-v543-gqhh-6gww
was published
for
activemodel
(RubyGems)
Sep 17, 2018
•
withdrawn
Doorkeeper contains Cross-site Request Forgery
Moderate
CVE-2014-8144
was published
for
doorkeeper
(RubyGems)
Sep 17, 2018
Moderate severity vulnerability that affects actionpack
Moderate
GHSA-m53f-rhq8-q6hf
was published
for
actionpack
(RubyGems)
Sep 17, 2018
•
withdrawn
Moderate severity vulnerability that affects actionpack
Moderate
GHSA-5xmj-wm96-fmw8
was published
for
actionpack
(RubyGems)
Sep 17, 2018
•
withdrawn
Moderate severity vulnerability that affects actionpack
Moderate
GHSA-23v3-qfrj-wmgh
was published
for
actionpack
(RubyGems)
Sep 17, 2018
•
withdrawn
Moderate severity vulnerability that affects actionpack
Moderate
GHSA-qf5x-qgx7-437h
was published
for
actionpack
(RubyGems)
Sep 17, 2018
•
withdrawn
Moderate severity vulnerability that affects actionpack
Moderate
GHSA-544j-77x9-h938
was published
for
actionpack
(RubyGems)
Sep 17, 2018
•
withdrawn
Bootstrap Cross-site Scripting vulnerability
Moderate
CVE-2018-14042
was published
for
bootstrap
(RubyGems)
Sep 13, 2018
Bootstrap Cross-site Scripting vulnerability
Moderate
CVE-2018-14041
was published
for
bootstrap
(RubyGems)
Sep 13, 2018
ember-source vulnerable to Cross-site Scripting
Moderate
CVE-2015-1866
was published
for
ember-source
(RubyGems)
Aug 28, 2018
Tinfoil Devise-two-factor does not "burn" a successfully validated one-time password (OTP)
Moderate
CVE-2015-7225
was published
for
devise-two-factor
(RubyGems)
Aug 28, 2018
Gollum Exposure of Sensitive Information
Moderate
CVE-2015-7314
was published
for
gollum
(RubyGems)
Aug 28, 2018
ember-source Cross-site Scripting vulnerability
Moderate
CVE-2015-7565
was published
for
ember-source
(RubyGems)
Aug 28, 2018
Moderate severity vulnerability that affects archive-tar-minitar and minitar
Moderate
GHSA-cwp3-834g-x79g
was published
for
archive-tar-minitar
(RubyGems)
Aug 21, 2018
•
withdrawn
Moderate severity vulnerability that affects doorkeeper
Moderate
GHSA-5p9f-55j8-922m
was published
for
doorkeeper
(RubyGems)
Aug 13, 2018
•
withdrawn
ProTip!
Advisories are also available from the
GraphQL API