GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
35 advisories
Filter by severity
Ansible vulnerable to Insertion of Sensitive Information into Log File
High
CVE-2024-8775
was published
for
ansible-core
(pip)
Sep 16, 2024
OpenStack Glance sensitive information disclosure via logs
Moderate
CVE-2014-1948
was published
for
glance
(pip)
May 17, 2022
django-anymail Includes Sensitive Information in Log Files
Critical
CVE-2018-1000089
was published
for
django-anymail
(pip)
May 14, 2022
Insertion of Sensitive Information into Log File in ansible
High
CVE-2021-20178
was published
for
ansible
(pip)
Jun 1, 2021
Ansible exposes sensitive data in log files and on the terminal
High
CVE-2018-10855
was published
for
ansible
(pip)
Oct 10, 2018
The Snowflake Connector for Python stores sensitive data in logs
Moderate
CVE-2024-49750
was published
for
snowflake-connector-python
(pip)
Oct 24, 2024
python-oslo-utils has improper password parsing
Moderate
CVE-2022-0718
was published
for
oslo-utils
(pip)
Aug 29, 2022
Openstack Octavia allows Insertion of Sensitive Information into Log File
High
CVE-2018-16856
was published
for
octavia
(pip)
May 13, 2022
oslo.middleware Information Disclosure vulnerability
High
CVE-2017-2592
was published
for
oslo-middleware
(pip)
Jul 13, 2018
loguru vulnerable to improper privilege management
Moderate
CVE-2022-0338
was published
for
loguru
(pip)
Jan 26, 2022
GitHub personal access token leaking into temporary EasyBuild (debug) logs
Critical
CVE-2020-5262
was published
for
easybuild-framework
(pip)
Mar 19, 2020
Ceilometer Prints Sensitive Configuration Data to Log
Moderate
CVE-2019-3830
was published
for
ceilometer
(pip)
May 13, 2022
Sensitive Information Exposure Through Insecure Logging For Secrets Like Metadata.DockerBuildArgs
Moderate
GHSA-rjc6-vm4h-85cg
was published
for
aws-sam-cli
(pip)
Sep 11, 2024
AWS SageMaker Training Toolkit logs CodeArtifact Authorization token
Moderate
GHSA-635v-pc42-fr74
was published
for
sagemaker-training
(pip)
Sep 11, 2024
Ansible leaks sensitive information to logs when told not to
Moderate
CVE-2019-14858
was published
for
ansible
(pip)
May 24, 2022
Insertion of Sensitive Information into Log File in ansible
Moderate
CVE-2021-20191
was published
for
ansible
(pip)
Jun 1, 2021
Insertion of Sensitive Information into Log File, Invocation of Process Using Visible Sensitive Information, and Exposure of Sensitive Information to an Unauthorized Actor in Ansible
Moderate
CVE-2020-1753
was published
for
ansible
(pip)
Apr 7, 2021
Ansible Uses Plugins That Disclose Credentials
High
CVE-2019-14846
was published
for
ansible
(pip)
May 24, 2022
Improper Output Neutralization and Improper Encoding or Escaping of Output for Logs in ansible
Moderate
CVE-2020-14330
was published
for
ansible
(pip)
Feb 9, 2022
Insertion of Sensitive Information into Log File and Improper Output Neutralization for Logs in ansible
Moderate
CVE-2020-14332
was published
for
ansible
(pip)
Feb 9, 2022
Inclusion of Sensitive Information in Log Files and Improper Output Neutralization for Logs in Ansible
Moderate
CVE-2019-14864
was published
for
ansible
(pip)
Feb 26, 2020
Ansible Insertion of Sensitive Information into Log File vulnerability
Critical
CVE-2017-7550
was published
for
ansible
(pip)
May 13, 2022
Ansible Logs Passwords If PowerShell ScriptBlock is Enabled
Moderate
CVE-2018-16859
was published
for
ansible
(pip)
May 14, 2022
ops leaking secrets if `subprocess.CalledProcessError` happens with a `secret-*` CLI command
Moderate
CVE-2024-41129
was published
for
ops
(pip)
Jul 22, 2024
Slack integration leaks sensitive information in logs
Low
CVE-2024-35196
was published
for
sentry
(pip)
Jun 2, 2024
ProTip!
Advisories are also available from the
GraphQL API