Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,900
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

9 advisories

Loading
Sensitive Data Exposure in parse-server Moderate
CVE-2019-1020013 was published for parse-server (npm) Jul 11, 2019
fastrde acinader
Sensitive Data Exposure in seneca Low
CVE-2019-5483 was published for seneca (npm) Sep 11, 2019
Authorization header is not sanitized in an error object in auth0 High
CVE-2020-15125 was published for auth0 (npm) Jul 29, 2020
osdiab
Information Exposure in type-graphql Low
GHSA-xf64-2f9p-6pqq was published for type-graphql (npm) Sep 4, 2020
ApiKey secret could be revelated on network issue High
CVE-2021-21421 was published for node-etsy-client (npm) Apr 6, 2021
boly38
Diavante vue-storefront-api and storefront-api disclose stack trace Moderate
CVE-2020-11883 was published for storefront-api (npm) May 24, 2022
NocoDB information disclosure vulnerability High
CVE-2022-2062 was published for nocodb (npm) Jun 14, 2022
@backstage/backend-app-api leaks GitLab access tokens High
CVE-2023-6944 was published for @backstage/backend-app-api (npm) Jan 4, 2024
Generation of Error Message Containing Sensitive Information in zsa Moderate
CVE-2024-37162 was published for zsa (npm) Jun 6, 2024
tom-sherman
ProTip! Advisories are also available from the GraphQL API