GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
150 advisories
Filter by severity
Import loops in account imports, nats-server DoS
Low
GHSA-gwj5-3vfq-q992
was published
for
github.com/nats-io/nats-server/v2
(Go)
May 21, 2021
DOS and excessive memory usage when passing untrusted user input to to dag import
Moderate
GHSA-f2gr-7299-487h
was published
for
github.com/ipfs/go-ipfs
(Go)
Jul 6, 2022
Denial of service in go-ethereum
High
CVE-2021-42219
was published
for
github.com/ethereum/go-ethereum
(Go)
Mar 18, 2022
Helm Controller denial of service
High
CVE-2022-36049
was published
for
github.com/fluxcd/flux2
(Go)
Sep 16, 2022
Uncontrolled Resource Consumption in Mattermost server
Moderate
CVE-2022-1982
was published
for
github.com/mattermost/mattermost-server
(Go)
Jun 3, 2022
DoS via malicious p2p message in Go Ethereum
Moderate
CVE-2022-29177
was published
for
github.com/ethereum/go-ethereum
(Go)
May 24, 2022
Uses of deprecated API can be used to cause DoS in user-facing endpoints
High
CVE-2022-31054
was published
for
github.com/argoproj/argo-events
(Go)
Jun 17, 2022
KubeEdge Cloud AdmissionController component DoS
Moderate
CVE-2022-31074
was published
for
github.com/kubeedge/kubeedge
(Go)
Jul 11, 2022
KubeEdge Edge ServiceBus module DoS
Moderate
CVE-2022-31073
was published
for
github.com/kubeedge/kubeedge
(Go)
Jul 11, 2022
Hyperledger Fabric subject to Denial of Service via non-validated request
High
CVE-2022-35253
was published
for
github.com/hyperledger/fabric
(Go)
Sep 25, 2022
HashiCorp Consul Ingress Gateway Panic Can Shutdown Servers
Moderate
CVE-2022-24687
was published
for
github.com/hashicorp/consul
(Go)
Feb 25, 2022
Free5gc vulnerable to uncontrolled resource consumption
High
CVE-2022-38871
was published
for
github.com/free5gc/free5gc
(Go)
Nov 19, 2022
usememos/memos Denial of Service vulnerability
High
CVE-2022-4767
was published
for
github.com/usememos/memos
(Go)
Dec 27, 2022
shiyanhui/dht vulnerable to Uncontrolled Resource Consumption
High
CVE-2020-36562
was published
for
github.com/shiyanhui/dht
(Go)
Dec 28, 2022
Nomad Spread Job Stanza May Trigger Panic in Servers
Moderate
CVE-2022-24684
was published
for
github.com/hashicorp/nomad
(Go)
Feb 16, 2022
Denial of Service in Go-Ethereum
High
CVE-2022-23328
was published
for
github.com/ethereum/go-ethereum
(Go)
Mar 5, 2022
golang.org/x/net/http2 allows uncontrolled memory consumption
High
CVE-2021-44716
was published
for
golang.org/x/net/http2
(Go)
Jan 2, 2022
Denial of Service in graphql-go
Moderate
CVE-2022-21708
was published
for
github.com/graph-gophers/graphql-go
(Go)
Jan 27, 2022
Binary vulnerable to Slice Memory Allocation with Excessive Size Value
High
CVE-2022-36078
was published
for
github.com/gagliardetto/binary
(Go)
Sep 16, 2022
Improper Locking in github.com/containers/storage
Moderate
CVE-2021-20291
was published
for
github.com/containers/storage
(Go)
May 10, 2021
OctoRPKI crashes when processing GZIP bomb returned via malicious repository
Moderate
CVE-2021-3912
was published
for
github.com/cloudflare/cfrpki
(Go)
Nov 10, 2021
Denial of service in geth
Moderate
CVE-2020-26242
was published
for
github.com/ethereum/go-ethereum
(Go)
Jun 29, 2021
libp2p DoS vulnerability from lack of resource management
High
CVE-2022-23492
was published
for
github.com/libp2p/go-libp2p
(Go)
Dec 7, 2022
Malformed CAR panics and excessive memory usage
Moderate
GHSA-9x4h-8wgm-8xfg
was published
for
github.com/ipld/go-car
(Go)
Jul 6, 2022
Denial of service in github.com/ethereum/go-ethereum
Moderate
CVE-2020-26264
was published
for
github.com/ethereum/go-ethereum
(Go)
Jun 29, 2021
ProTip!
Advisories are also available from the
GraphQL API