Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,444
Erlang
29
GitHub Actions
16
Go
1,668
Maven
4,928
npm
3,458
NuGet
595
pip
2,876
Pub
10
RubyGems
823
Rust
766
Swift
34
Unreviewed advisories
All unreviewed
5,000+

823 advisories

Unbounded resource exhaustion in cmark-gfm autolink extension may lead to denial of service Moderate
GHSA-4qw4-jpp4-8gvp was published for commonmarker (RubyGems) Sep 21, 2022
Update bundled libxml2 to v2.10.3 to resolve multiple CVEs Moderate
GHSA-2qc6-mcvw-92cw was published for nokogiri (RubyGems) Oct 18, 2022
Cross-Site Request Forgery (CSRF) Moderate
GHSA-wj5j-xpcj-45gc was published for devise_invitable (RubyGems) Feb 24, 2021 withdrawn
Backdoor / Malicious code Critical
GHSA-q2hm-gx3f-h63q was published for lita-coin (RubyGems) Feb 23, 2021 withdrawn
Denial of Service in uap-core when processing crafted User-Agent strings High
GHSA-pcqq-5962-hvcw was published for user_agent_parser (RubyGems) Mar 10, 2020
bcaller
Moderate severity vulnerability that affects actionpack Moderate
GHSA-23v3-qfrj-wmgh was published for actionpack (RubyGems) Sep 17, 2018 withdrawn
Low severity vulnerability that affects sensu Low
CVE-2018-1000060 was published for sensu (RubyGems) Jul 23, 2018 withdrawn
Moderate severity vulnerability that affects activerecord Moderate
GHSA-7phj-gmgx-2r66 was published for activerecord (RubyGems) Sep 17, 2018 withdrawn
Moderate severity vulnerability that affects rails-html-sanitizer Moderate
GHSA-77pc-q5q7-qg9h was published for rails-html-sanitizer (RubyGems) Sep 17, 2018 withdrawn
Moderate severity vulnerability that affects activesupport Moderate
GHSA-35c4-f3rq-f9g3 was published for activesupport (RubyGems) Sep 17, 2018 withdrawn
High severity vulnerability that affects rubyzip High
GHSA-3q5q-f79q-7hr2 was published for rubyzip (RubyGems) Jul 31, 2018 withdrawn
Moderate severity vulnerability that affects actionpack Moderate
GHSA-544j-77x9-h938 was published for actionpack (RubyGems) Sep 17, 2018 withdrawn
Moderate severity vulnerability that affects actionview Moderate
GHSA-6834-r92f-jj42 was published for actionview (RubyGems) Sep 17, 2018 withdrawn
Moderate severity vulnerability that affects actionview Moderate
GHSA-2pwf-xwr3-hp55 was published for actionview (RubyGems) Aug 13, 2018 withdrawn
Moderate severity vulnerability that affects archive-tar-minitar and minitar Moderate
GHSA-cwp3-834g-x79g was published for archive-tar-minitar (RubyGems) Aug 21, 2018 withdrawn
Moderate severity vulnerability that affects safemode Moderate
GHSA-44vc-fpcg-5cc5 was published for safemode (RubyGems) Aug 8, 2018 withdrawn
Moderate severity vulnerability that affects actionpack Moderate
GHSA-5xmj-wm96-fmw8 was published for actionpack (RubyGems) Sep 17, 2018 withdrawn
High severity vulnerability that affects festivaltts4r High
GHSA-9wv8-jgw4-4g28 was published for festivaltts4r (RubyGems) Aug 15, 2018 withdrawn
Moderate severity vulnerability that affects rack-mini-profiler Moderate
GHSA-995j-587r-259w was published for rack-mini-profiler (RubyGems) Aug 13, 2018 withdrawn
High severity vulnerability that affects many_versioned_gem High
GHSA-hhxm-4f85-rgr8 was published for many_versioned_gem (RubyGems) Feb 5, 2019 withdrawn
Moderate severity vulnerability that affects rack Moderate
GHSA-9vc2-p34x-jhxh was published for rack (RubyGems) Sep 17, 2018 withdrawn
Moderate severity vulnerability that affects activerecord Moderate
GHSA-m8h6-m9p5-p2f8 was published for activerecord (RubyGems) Aug 13, 2018 withdrawn
Moderate severity vulnerability that affects rails-html-sanitizer Moderate
GHSA-qc8j-m8j3-rjq6 was published for rails-html-sanitizer (RubyGems) Sep 17, 2018 withdrawn
Moderate severity vulnerability that affects rails-html-sanitizer Moderate
GHSA-mrhj-2g4v-39qx was published for rails-html-sanitizer (RubyGems) Sep 17, 2018 withdrawn
Moderate severity vulnerability that affects doorkeeper Moderate
GHSA-5p9f-55j8-922m was published for doorkeeper (RubyGems) Aug 13, 2018 withdrawn
ProTip! Advisories are also available from the GraphQL API