Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,939
Maven
5,000+
npm
3,677
NuGet
643
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

10 advisories

Loading
Pallets Werkzeug cross-site scripting vulnerability Moderate
CVE-2016-10516 was published for Werkzeug (pip) May 14, 2022
jhutchings1
Numpy missing input validation High
CVE-2017-12852 was published for numpy (pip) May 13, 2022
jhutchings1
PySAML2 XML external entity attack Critical
CVE-2016-10127 was published for pysaml2 (pip) May 17, 2022
jhutchings1
Scrapy denial of service vulnerability High
CVE-2017-14158 was published for scrapy (pip) May 17, 2022
jhutchings1 G-Rath
ayatweb Matthew-Grayson
Ansible discloses sensitive information in traceback error message Moderate
CVE-2021-3620 was published for ansible (pip) Mar 4, 2022
jhutchings1
Improper input validation in cryptography High
CVE-2016-9243 was published for cryptography (pip) May 17, 2022
jhutchings1
Numpy arbitrary file write via symlink attack High
CVE-2014-1859 was published for numpy (pip) May 14, 2022
jhutchings1
JupyterHub OAuthenticator elevation of privilege High
CVE-2018-7206 was published for oauthenticator (pip) May 13, 2022
jhutchings1
Arbitrary file write in NumPy High
CVE-2014-1858 was published for numpy (pip) May 14, 2022
jhutchings1
PyJWT vulnerable to key confusion attacks High
CVE-2017-11424 was published for pyjwt (pip) May 13, 2022
jhutchings1
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database