GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
826 advisories
Phusion Passenger information disclosure
Moderate
CVE-2017-16355
was published
for
passenger
(RubyGems)
May 13, 2022
Phusion Passenger incorrect permission assignment
Moderate
CVE-2018-12615
was published
for
passenger
(RubyGems)
May 13, 2022
Tarball permission preservation in puppet
Moderate
CVE-2017-10689
was published
for
puppet
(RubyGems)
May 13, 2022
fluentd vulnerable to remote code execution due to insecure deserialization (in non-default configuration)
Low
CVE-2022-39379
was published
for
fluentd
(RubyGems)
Nov 2, 2022
ProTip!
Advisories are also available from the
GraphQL API