GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
10 advisories
Ingress-nginx code injection via nginx.ingress.kubernetes.io/permanent-redirect annotation
High
CVE-2023-5044
was published
for
k8s.io/ingress-nginx
(Go)
Oct 25, 2023
Jumpserver Koko vulnerable to remote code execution on the host system via MongoDB shell
Moderate
CVE-2023-43651
was published
for
github.com/jumpserver/koko
(Go)
Oct 24, 2023
Moby Docker cp broken with debian containers
Critical
CVE-2019-14271
was published
for
github.com/moby/moby
(Go)
May 24, 2022
Improper kubeconfig validation allows arbitrary code execution
Critical
CVE-2022-24817
was published
for
github.com/fluxcd/flux2
(Go)
May 16, 2022
Git LFS can execute a Git binary from the current directory on Windows
High
CVE-2021-21237
was published
for
github.com/git-lfs/git-lfs
(Go)
Feb 15, 2022
ProTip!
Advisories are also available from the
GraphQL API