Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,210
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

63 advisories

Loading
Denial of Service (DoS) in HashiCorp Consul High
CVE-2020-7219 was published for github.com/hashicorp/consul (Go) May 18, 2021
Allocation of Resources Without Limits or Throttling in HashiCorp Nomad High
CVE-2020-7218 was published for github.com/hashicorp/nomad (Go) May 18, 2021
miekg/dns parsing error leads to nil pointer dereference and DoS High
CVE-2018-17419 was published for github.com/miekg/dns (Go) May 18, 2021
github.com/tidwall/gjson is vulnerable to Denial of service High
CVE-2020-36066 was published for github.com/tidwall/gjson (Go) May 18, 2021
Integer overflow in github.com/gorilla/websocket High
CVE-2020-27813 was published for github.com/gorilla/websocket (Go) May 18, 2021
Denial of service in GJSON High
CVE-2020-35380 was published for github.com/tidwall/gjson (Go) Jun 23, 2021
Denial of Service in miekg-dns High
CVE-2017-15133 was published for github.com/miekg/dns (Go) Jun 29, 2021
github.com/pires/go-proxyproto vulnerable to DoS via Connection descriptor exhaustion High
CVE-2021-23409 was published for github.com/pires/go-proxyproto (Go) Jul 26, 2021
tdunlap607
github.com/tidwall/gjson Vulnerable to REDoS attack High
CVE-2021-42836 was published for github.com/tidwall/gjson (Go) Oct 25, 2021
golang.org/x/net/http2 allows uncontrolled memory consumption High
CVE-2021-44716 was published for golang.org/x/net/http2 (Go) Jan 2, 2022
Denial of service in github.com/nats-io/nats-server/server High
CVE-2020-28466 was published for github.com/nats-io/nats-server (Go) Feb 15, 2022
Uncontrolled Resource Consumption in promhttp High
CVE-2022-21698 was published for github.com/prometheus/client_golang (Go) Feb 16, 2022
dgl
Denial of Service in Go-Ethereum High
CVE-2022-23327 was published for github.com/ethereum/go-ethereum (Go) Mar 5, 2022
Denial of Service in Go-Ethereum High
CVE-2022-23328 was published for github.com/ethereum/go-ethereum (Go) Mar 5, 2022
Denial of service in go-ethereum High
CVE-2021-42219 was published for github.com/ethereum/go-ethereum (Go) Mar 18, 2022
Denial of Service in http-swagger High
CVE-2022-24863 was published for github.com/swaggo/http-swagger (Go) Apr 22, 2022
Apache Traffic Control vulnerable to Slowloris-style Denial of Service attack High
CVE-2017-7670 was published for github.com/apache/trafficcontrol (Go) May 13, 2022
golang.org/x/net/http vulnerable to ping floods High
CVE-2019-9512 was published for golang.org/x/net (Go) May 24, 2022
golang.org/x/net/http vulnerable to a reset flood High
CVE-2019-9514 was published for golang.org/x/net (Go) May 24, 2022
Node DOS by way of memory exhaustion through ExecSync request in CRI-O High
CVE-2022-1708 was published for github.com/cri-o/cri-o (Go) Jun 6, 2022
DavidKorczynski AdamKorcz
Uses of deprecated API can be used to cause DoS in user-facing endpoints High
CVE-2022-31054 was published for github.com/argoproj/argo-events (Go) Jun 17, 2022
DavidKorczynski AdamKorcz
Shoutrrr util package DoS via sending 2000, 4000, or 6000 character messages High
CVE-2022-25891 was published for github.com/containrrr/shoutrrr (Go) Jul 16, 2022
Helm Controller denial of service High
CVE-2022-36049 was published for github.com/fluxcd/flux2 (Go) Sep 16, 2022
pjbgf
Binary vulnerable to Slice Memory Allocation with Excessive Size Value High
CVE-2022-36078 was published for github.com/gagliardetto/binary (Go) Sep 16, 2022
Hyperledger Fabric subject to Denial of Service via non-validated request High
CVE-2022-35253 was published for github.com/hyperledger/fabric (Go) Sep 25, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database