GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,270
Erlang
31
GitHub Actions
21
Go
2,045
Maven
5,000+
npm
3,737
NuGet
663
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
425 advisories
Filter by severity
Unbounded resource exhaustion in cmark-gfm autolink extension may lead to denial of service
Moderate
GHSA-4qw4-jpp4-8gvp
was published
for
commonmarker
(RubyGems)
Sep 21, 2022
Update bundled libxml2 to v2.10.3 to resolve multiple CVEs
Moderate
GHSA-2qc6-mcvw-92cw
was published
for
nokogiri
(RubyGems)
Oct 18, 2022
Cross-Site Request Forgery (CSRF)
Moderate
GHSA-wj5j-xpcj-45gc
was published
for
devise_invitable
(RubyGems)
Feb 24, 2021
•
withdrawn
Moderate severity vulnerability that affects actionpack
Moderate
GHSA-23v3-qfrj-wmgh
was published
for
actionpack
(RubyGems)
Sep 17, 2018
•
withdrawn
Moderate severity vulnerability that affects activerecord
Moderate
GHSA-7phj-gmgx-2r66
was published
for
activerecord
(RubyGems)
Sep 17, 2018
•
withdrawn
Moderate severity vulnerability that affects rails-html-sanitizer
Moderate
GHSA-77pc-q5q7-qg9h
was published
for
rails-html-sanitizer
(RubyGems)
Sep 17, 2018
•
withdrawn
Moderate severity vulnerability that affects activesupport
Moderate
GHSA-35c4-f3rq-f9g3
was published
for
activesupport
(RubyGems)
Sep 17, 2018
•
withdrawn
Moderate severity vulnerability that affects actionpack
Moderate
GHSA-544j-77x9-h938
was published
for
actionpack
(RubyGems)
Sep 17, 2018
•
withdrawn
Moderate severity vulnerability that affects actionview
Moderate
GHSA-6834-r92f-jj42
was published
for
actionview
(RubyGems)
Sep 17, 2018
•
withdrawn
Moderate severity vulnerability that affects actionview
Moderate
GHSA-2pwf-xwr3-hp55
was published
for
actionview
(RubyGems)
Aug 13, 2018
•
withdrawn
Moderate severity vulnerability that affects archive-tar-minitar and minitar
Moderate
GHSA-cwp3-834g-x79g
was published
for
archive-tar-minitar
(RubyGems)
Aug 21, 2018
•
withdrawn
Moderate severity vulnerability that affects safemode
Moderate
GHSA-44vc-fpcg-5cc5
was published
for
safemode
(RubyGems)
Aug 8, 2018
•
withdrawn
Moderate severity vulnerability that affects actionpack
Moderate
GHSA-5xmj-wm96-fmw8
was published
for
actionpack
(RubyGems)
Sep 17, 2018
•
withdrawn
Moderate severity vulnerability that affects rack-mini-profiler
Moderate
GHSA-995j-587r-259w
was published
for
rack-mini-profiler
(RubyGems)
Aug 13, 2018
•
withdrawn
Moderate severity vulnerability that affects rack
Moderate
GHSA-9vc2-p34x-jhxh
was published
for
rack
(RubyGems)
Sep 17, 2018
•
withdrawn
Moderate severity vulnerability that affects rails-html-sanitizer
Moderate
GHSA-qc8j-m8j3-rjq6
was published
for
rails-html-sanitizer
(RubyGems)
Sep 17, 2018
•
withdrawn
Moderate severity vulnerability that affects activerecord
Moderate
GHSA-m8h6-m9p5-p2f8
was published
for
activerecord
(RubyGems)
Aug 13, 2018
•
withdrawn
Moderate severity vulnerability that affects rails-html-sanitizer
Moderate
GHSA-mrhj-2g4v-39qx
was published
for
rails-html-sanitizer
(RubyGems)
Sep 17, 2018
•
withdrawn
Moderate severity vulnerability that affects doorkeeper
Moderate
GHSA-5p9f-55j8-922m
was published
for
doorkeeper
(RubyGems)
Aug 13, 2018
•
withdrawn
Moderate severity vulnerability that affects actionpack
Moderate
GHSA-vwfg-qj3r-6v3r
was published
for
actionpack
(RubyGems)
Sep 17, 2018
•
withdrawn
CSS Injection in Chartkick gem
Moderate
CVE-2020-16254
was published
for
chartkick
(RubyGems)
Aug 12, 2020
Moderate severity vulnerability that affects web-console
Moderate
GHSA-82x2-g7vr-39wq
was published
for
web-console
(RubyGems)
Aug 13, 2018
•
withdrawn
Moderate severity vulnerability that affects paperclip
Moderate
GHSA-phmw-pv3f-vvx7
was published
for
paperclip
(RubyGems)
Aug 13, 2018
•
withdrawn
Moderate severity vulnerability that affects sprockets
Moderate
GHSA-r4x3-g983-9g48
was published
for
sprockets
(RubyGems)
Oct 10, 2018
•
withdrawn
Moderate severity vulnerability that affects actionpack
Moderate
GHSA-qf5x-qgx7-437h
was published
for
actionpack
(RubyGems)
Sep 17, 2018
•
withdrawn
ProTip!
Advisories are also available from the
GraphQL API