Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,900
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

14 advisories

Loading
Potential sensitive information disclosed in error reports Low
CVE-2021-21416 was published for django-registration (pip) Apr 6, 2021
martinmo tdunlap607
Sensitive Information in Error Messages in Apache Airflow Moderate
CVE-2023-25695 was published for apache-airflow (pip) Mar 15, 2023
Ansible discloses sensitive information in traceback error message Moderate
CVE-2021-3620 was published for ansible (pip) Mar 4, 2022
jhutchings1
CKAN may leak Solr credentials via error message in package_search action Moderate
CVE-2024-41674 was published for ckan (pip) Aug 21, 2024
FuhuXia
OpenStack Nova Server Resource Faults Leak External Exception Details Moderate
CVE-2019-14433 was published for nova (pip) May 24, 2022
jupyter-server errors include tracebacks with path information Moderate
CVE-2023-49080 was published for jupyter-server (pip) Dec 5, 2023
krsecu
Apache Superset may expose internal traces on REST API endpoints Moderate
CVE-2023-39264 was published for apache-superset (pip) Sep 6, 2023
Flask-AppBuilder vulnerable to possible disclosure of sensitive information on user error Low
CVE-2023-34110 was published for Flask-AppBuilder (pip) Jun 22, 2023
msegoviag
Weblate user account enumeration via reset password form Moderate
CVE-2017-5537 was published for weblate (pip) May 17, 2022
Sentry SDK leaks sensitive session information when `sendDefaultPII` is set to `True` High
CVE-2023-28117 was published for sentry-sdk (pip) Mar 21, 2023
Apache Airflow AWS Provider Generates Error Message Containing Sensitive Information High
CVE-2023-25956 was published for apache-airflow-providers-amazon (pip) Feb 24, 2023
Saleor has Staff-Authenticated Error Message Information Disclosure Vulnerability via Python Exceptions Moderate
CVE-2023-26051 was published for Saleor (pip) Mar 3, 2023
Saleor Unauthenticated Information Disclosure Vulnerability via Python Exceptions Low
CVE-2023-26052 was published for saleor (pip) Mar 2, 2023
Possible leak of key's raw field if declared length is incorrect High
CVE-2022-31124 was published for openssh-key-parser (pip) Jul 6, 2022
mike-arnica
ProTip! Advisories are also available from the GraphQL API