GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
13 advisories
Prefix Truncation Attack against ChaCha20-Poly1305 and Encrypt-then-MAC aka Terrapin
Moderate
CVE-2023-48795
was published
for
golang.org/x/crypto
(Go)
Dec 18, 2023
openssl-src heap memory corruption with RSA private key operation
Critical
CVE-2022-2274
was published
for
openssl-src
(Rust)
Jul 2, 2022
Duplicate Advisory: `#[zeroize(drop)]` doesn't implement `Drop` for `enum`s
High
GHSA-r45x-ghr2-qjxc
was published
for
zeroize_derive
(Rust)
Jun 17, 2022
•
withdrawn
Delegate functions are missing `Send` bound
Critical
GHSA-x4mq-m75f-mx8m
was published
for
windows
(Rust)
Jun 17, 2022
enum_map macro can cause UB when `Enum` trait is incorrectly implemented
High
GHSA-rxhx-9fj6-6h2m
was published
for
enum-map
(Rust)
Jun 16, 2022
Potential segfault in `localtime_r` invocations
Moderate
GHSA-cqpr-pcm7-m3jc
was published
for
chrono
(Rust)
Jun 16, 2022
•
withdrawn
`array!` macro is unsound when its length is impure constant
Moderate
GHSA-7v4j-8wvr-v55r
was published
for
array-macro
(Rust)
Jun 16, 2022
`array!` macro is unsound in presence of traits that implement methods it calls internally
Moderate
GHSA-83gg-pwxf-jr89
was published
for
array-macro
(Rust)
Jun 16, 2022
Insertion of Sensitive Information into Log File in ansible
Moderate
CVE-2021-20180
was published
for
ansible
(pip)
Mar 17, 2022
Memory flaw in zeroize_derive
Critical
CVE-2021-45706
was published
for
zeroize_derive
(Rust)
Jan 6, 2022
miow invalidly assumes the memory layout of std::net::SocketAddr
Moderate
CVE-2020-35921
was published
for
miow
(Rust)
Aug 25, 2021
ProTip!
Advisories are also available from the
GraphQL API