Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,683
Erlang
29
GitHub Actions
16
Go
1,708
Maven
4,944
npm
3,473
NuGet
603
pip
2,995
Pub
10
RubyGems
826
Rust
773
Swift
34
Unreviewed advisories
All unreviewed
5,000+

2,995 advisories

Moderate severity vulnerability that affects roundup Moderate
CVE-2019-10904 was published for roundup (pip) Apr 9, 2019
CoAPthon DoS due to Exceptions High
CVE-2018-12680 was published for CoAPthon (pip) Apr 8, 2019
CoAPthon3 vulnerable to Deserialization of Untrusted Data High
CVE-2018-12679 was published for CoAPthon3 (pip) Apr 8, 2019
Open Redirect vulnerability in jupyterhub and notebook Moderate
CVE-2019-10255 was published for jupyterhub (pip) Apr 2, 2019
Moderate severity vulnerability that affects splunk-sdk High
CVE-2019-5729 was published for splunk-sdk (pip) Mar 25, 2019
Improper Input Validation python-gnupg High
CVE-2019-6690 was published for python-gnupg (pip) Mar 25, 2019
ipycache is vulnerable to Code Injection Critical
CVE-2019-7539 was published for ipycache (pip) Mar 25, 2019
Webargs mishandles concurrent JSON parsing High
CVE-2019-9710 was published for webargs (pip) Mar 12, 2019
Apache Airflow vulnerable to Stored XSS Moderate
CVE-2018-20244 was published for apache-airflow (pip) Mar 6, 2019
sunSUNQ
Uncontrolled Memory Consumption in Django High
CVE-2019-6975 was published for django (pip) Feb 12, 2019
tdunlap607
Moderate severity vulnerability that affects aioxmpp Moderate
GHSA-32f7-cmr3-vpjv was published for aioxmpp (pip) Feb 7, 2019 withdrawn
Pylons Colander Denial of Service vulnerability High
CVE-2017-18361 was published for colander (pip) Feb 7, 2019
tdunlap607
Pyspark User Impersonation Vulnerability Moderate
CVE-2018-11760 was published for pyspark (pip) Feb 7, 2019
westonsteimel
CRLF Injection in pypiserver Moderate
CVE-2019-6802 was published for pypiserver (pip) Jan 30, 2019
tdunlap607
Improper Certificate Validation in Apache Airflow High
CVE-2018-20245 was published for apache-airflow (pip) Jan 25, 2019
sunSUNQ
Cross-Site Request Forgery (CSRF) in Apache Airflow High
CVE-2017-17835 was published for apache-airflow (pip) Jan 25, 2019
sunSUNQ
Apache Airflow vulnerable to XSS Critical
CVE-2017-17836 was published for apache-airflow (pip) Jan 25, 2019
Improper Input Validation in Apache Airflow resulting in Remote Code Execution High
CVE-2017-15720 was published for apache-airflow (pip) Jan 25, 2019
sunSUNQ
modulemd uses an unsafe function for processing externally provided data Critical
CVE-2017-1002157 was published for modulemd (pip) Jan 17, 2019
Improper Input Validation in Django Moderate
CVE-2019-3498 was published for django (pip) Jan 14, 2019
High severity vulnerability that affects privacyIDEA High
CVE-2018-1000809 was published for privacyIDEA (pip) Jan 14, 2019
Django vulnerable to XSS on 500 pages Moderate
CVE-2017-12794 was published for django (pip) Jan 4, 2019
MarkLee131
Django Open redirect and possible XSS attack via user-supplied numeric redirect URLs Moderate
CVE-2017-7233 was published for django (pip) Jan 4, 2019
sunSUNQ
Django open redirect Moderate
CVE-2017-7234 was published for django (pip) Jan 4, 2019
MarkLee131
Django Denial-of-service possibility in urlize and urlizetrunc template filters Moderate
CVE-2018-7536 was published for django (pip) Jan 4, 2019
tdunlap607
ProTip! Advisories are also available from the GraphQL API