Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,343
Erlang
31
GitHub Actions
22
Go
2,107
Maven
5,000+
npm
3,764
NuGet
679
pip
3,452
Pub
12
RubyGems
892
Rust
886
Swift
37
Unreviewed advisories
All unreviewed
5,000+

67 advisories

Loading
Malicious HTML+XHR Artifact Privilege Escalation in Argo Workflows High
CVE-2022-29164 was published for github.com/argoproj/argo-workflows/v3 (Go) May 23, 2022
alexec
Rancher Project Members Have Continued Access to Namespaces After Being Removed From Them High
CVE-2019-6287 was published for github.com/rancher/rancher (Go) May 13, 2022
Privilege escalation for users with create/update permissions in Global Roles in Rancher Moderate
CVE-2021-36784 was published for github.com/rancher/rancher (Go) May 2, 2022
Write access to the catalog for any user when restricted-admin role is enabled in Rancher High
CVE-2021-4200 was published for github.com/rancher/rancher (Go) May 2, 2022
Podman publishes a malicious image to public registries High
CVE-2022-1227 was published for github.com/containers/podman/v3 (Go) Apr 30, 2022
andrewpollock
Improper Privilege Management in Mattermost Moderate
CVE-2022-1332 was published for github.com/mattermost/mattermost-server/v5 (Go) Apr 14, 2022
kurt-r2c
Improper access control allows admin privilege escalation in Argo CD Critical
CVE-2022-24768 was published for github.com/argoproj/argo-cd (Go) Mar 24, 2022
Improper Privilege Management and Execution with Unnecessary Privileges in Kata Containers Moderate
CVE-2020-2023 was published for github.com/kata-containers/agent (Go) Feb 15, 2022
Privilege Escalation in Kubernetes Critical
CVE-2018-1002105 was published for github.com/kubernetes/kubernetes (Go) Feb 15, 2022
Privilege Escalation in Docker High
CVE-2014-3499 was published for github.com/docker/docker (Go) Feb 15, 2022
Improper Privilege Management in Gitea Critical
CVE-2021-45330 was published for code.gitea.io/gitea (Go) Feb 10, 2022
Incorrect Permission Assignment for Critical Resource in Singularity High
CVE-2019-11328 was published for github.com/sylabs/singularity (Go) Dec 20, 2021
Privilege Elevation in runc High
CVE-2016-3697 was published for github.com/opencontainers/runc (Go) Dec 20, 2021
Improper Preservation of Permissions in github.com/cloudflare/cfrpki/cmd/octorpki High
CVE-2021-3978 was published for github.com/cloudflare/cfrpki (Go) Nov 19, 2021
ties
Hashicorp Vault Privilege Escalation Vulnerability Low
CVE-2021-41802 was published for github.com/hashicorp/vault (Go) Oct 12, 2021
Improper Privilege Management in HashiCorp Nomad High
CVE-2021-3283 was published for github.com/hashicorp/nomad (Go) Jun 24, 2021
Privilege Escalation in Cloud Native Computing Foundation Harbor Moderate
CVE-2019-19023 was published for github.com/goharbor/harbor (Go) May 18, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database