GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,343
Erlang
31
GitHub Actions
22
Go
2,107
Maven
5,000+
npm
3,764
NuGet
679
pip
3,452
Pub
12
RubyGems
892
Rust
886
Swift
37
Unreviewed advisories
All unreviewed
5,000+
118 advisories
Filter by severity
Bootstrap Cross-site Scripting vulnerability
Moderate
CVE-2018-14042
was published
for
bootstrap
(RubyGems)
Sep 13, 2018
bootstrap Cross-site Scripting vulnerability
Moderate
CVE-2018-20677
was published
for
bootstrap
(RubyGems)
Jan 17, 2019
Bootstrap vulnerable to Cross-Site Scripting (XSS)
Moderate
CVE-2018-14040
was published
for
bootstrap
(RubyGems)
May 13, 2022
Exposure of Sensitive Information to an Unauthorized Actor in ansible
Moderate
CVE-2019-10156
was published
for
ansible
(pip)
Jul 31, 2019
Cross-site Scripting in django-js-reverse
Moderate
CVE-2019-15486
was published
for
django-js-reverse
(pip)
Aug 27, 2019
Django denial-of-service possibility in urlize and urlizetrunc template filters
Moderate
CVE-2018-7536
was published
for
Django
(pip)
Jan 4, 2019
Cross-site Scripting in invenio-communities
Moderate
CVE-2019-1020005
was published
for
invenio-communities
(pip)
Jul 16, 2019
Regular Expression Denial of Service (ReDoS) in Jinja2
Moderate
CVE-2020-28493
was published
for
jinja2
(pip)
Mar 19, 2021
Plone User account enumeration via crafted URL
Moderate
CVE-2012-5497
was published
for
plone
(pip)
May 17, 2022
Sentry vulnerable to invite code reuse via cookie manipulation
Moderate
CVE-2022-23485
was published
for
sentry
(pip)
Dec 12, 2022
activesupport Cross-site Scripting vulnerability
Moderate
CVE-2012-3464
was published
for
activesupport
(RubyGems)
Oct 24, 2017
ProTip!
Advisories are also available from the
GraphQL API