GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
19 advisories
Filter by severity
Saleor Unauthenticated Information Disclosure Vulnerability via Python Exceptions
Low
CVE-2023-26052
was published
for
saleor
(pip)
Mar 2, 2023
Saleor has Staff-Authenticated Error Message Information Disclosure Vulnerability via Python Exceptions
Moderate
CVE-2023-26051
was published
for
Saleor
(pip)
Mar 3, 2023
Apache Airflow AWS Provider Generates Error Message Containing Sensitive Information
High
CVE-2023-25956
was published
for
apache-airflow-providers-amazon
(pip)
Feb 24, 2023
Sentry SDK leaks sensitive session information when `sendDefaultPII` is set to `True`
High
CVE-2023-28117
was published
for
sentry-sdk
(pip)
Mar 21, 2023
Apache Superset may expose internal traces on REST API endpoints
Moderate
CVE-2023-39264
was published
for
apache-superset
(pip)
Sep 6, 2023
CKAN may leak Solr credentials via error message in package_search action
Moderate
CVE-2024-41674
was published
for
ckan
(pip)
Aug 21, 2024
Ansible discloses sensitive information in traceback error message
Moderate
CVE-2021-3620
was published
for
ansible
(pip)
Mar 4, 2022
Sensitive Information in Error Messages in Apache Airflow
Moderate
CVE-2023-25695
was published
for
apache-airflow
(pip)
Mar 15, 2023
Potential sensitive information disclosed in error reports
Low
CVE-2021-21416
was published
for
django-registration
(pip)
Apr 6, 2021
Apache Superset: Improper error handling on alerts
Moderate
CVE-2024-27315
was published
for
apache-superset
(pip)
Feb 28, 2024
OpenStack Nova Server Resource Faults Leak External Exception Details
High
CVE-2019-14433
was published
for
nova
(pip)
May 24, 2022
Possible leak of key's raw field if declared length is incorrect
Moderate
CVE-2022-31124
was published
for
openssh-key-parser
(pip)
Jul 6, 2022
open-webui allows enumeration of file names and traversal of directories by observing the error messages
Low
CVE-2024-7038
was published
for
open-webui
(pip)
Oct 9, 2024
Flask-AppBuilder vulnerable to possible disclosure of sensitive information on user error
Moderate
CVE-2023-34110
was published
for
Flask-AppBuilder
(pip)
Jun 22, 2023
Weblate user account enumeration via reset password form
Moderate
CVE-2017-5537
was published
for
weblate
(pip)
May 17, 2022
Generation of Error Message Containing Sensitive Information in janeczku/calibre-web
Moderate
CVE-2021-3986
was published
for
calibreweb
(pip)
Nov 15, 2024
jupyter-server errors include tracebacks with path information
Moderate
CVE-2023-49080
was published
for
jupyter-server
(pip)
Dec 5, 2023
Sentry improper error handling leaks Application Integration Client Secret
Moderate
CVE-2024-53253
was published
for
sentry
(pip)
Nov 22, 2024
Apache Superset: Error verbosity exposes metadata in analytics databases
Moderate
CVE-2024-53948
was published
for
apache-superset
(pip)
Dec 9, 2024
ProTip!
Advisories are also available from the
GraphQL API