Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

10 advisories

Loading
mount destinations can be swapped via symlink-exchange to cause mounts outside the rootfs High
CVE-2021-30465 was published for github.com/opencontainers/runc (Go) May 25, 2021
champtar
Memory safety violation in crayon High
CVE-2020-35889 was published for crayon (Rust) Aug 25, 2021
Miner fails to get block template when a cell used as a cell dep has been destroyed. High
GHSA-v666-6w97-pcwm was published for ckb (Rust) Aug 25, 2021
Race condition in Apache Tomcat High
CVE-2022-23181 was published for org.apache.tomcat:tomcat (Maven) Feb 1, 2022
Insecure temporary file in Tensorflow High
CVE-2022-23563 was published for tensorflow (pip) Feb 9, 2022
Race Condition in Grunt High
CVE-2022-1537 was published for grunt (npm) May 11, 2022
NuGet Client Remote Code Execution Vulnerability High
CVE-2023-29337 was published for Microsoft.Build.NuGetSdkResolver (NuGet) Jun 14, 2023
FoodCoopShop Server-Side Request Forgery vulnerability High
CVE-2023-46725 was published for foodcoopshop/foodcoopshop (Composer) Nov 2, 2023
asesidaa mrothauer
Buildkite Elastic CI for AWS time-of-check-time-of-use race condition vulnerability High
CVE-2023-43741 was published for github.com/buildkite/elastic-ci-stack-for-aws/v6 (Go) Dec 22, 2023
OpenStack Storlets arbitrary code execution vulnerability High
CVE-2024-28717 was published for storlets (pip) Apr 22, 2024
ProTip! Advisories are also available from the GraphQL API