Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,703
NuGet
661
pip
3,329
Pub
11
RubyGems
884
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

206 advisories

Loading
Elliptic Uses a Broken or Risky Cryptographic Algorithm Moderate
CVE-2020-28498 was published for elliptic (npm) Mar 8, 2021
Ciphertext Malleability Issue in Tink Java Moderate
CVE-2020-8929 was published for com.google.crypto.tink:tink (Maven) Oct 16, 2020
reteptilian
Insecure Cryptography Algorithm in simple-crypto-js Moderate
GHSA-5v7r-jg9r-vq44 was published for simple-crypto-js (npm) Sep 3, 2020
tdunlap607
Integer Overflow or Wraparound and Use of a Broken or Risky Cryptographic Algorithm in bcrypt Moderate
CVE-2020-7689 was published for bcrypt (npm) Aug 20, 2020
Reliance on Cookies without validation in OctoberCMS Moderate
CVE-2020-15128 was published for october/rain (Composer) Aug 5, 2020
Invalid Curve Attack in openpgp Moderate
CVE-2019-9155 was published for openpgp (npm) Aug 23, 2019
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database