Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,683
Erlang
29
GitHub Actions
16
Go
1,708
Maven
4,944
npm
3,473
NuGet
603
pip
2,995
Pub
10
RubyGems
826
Rust
773
Swift
34
Unreviewed advisories
All unreviewed
5,000+

384 advisories

Unbounded resource exhaustion in cmark-gfm autolink extension may lead to denial of service Moderate
GHSA-4qw4-jpp4-8gvp was published for commonmarker (RubyGems) Sep 21, 2022
Update bundled libxml2 to v2.10.3 to resolve multiple CVEs Moderate
GHSA-2qc6-mcvw-92cw was published for nokogiri (RubyGems) Oct 18, 2022
Cross-Site Request Forgery (CSRF) Moderate
GHSA-wj5j-xpcj-45gc was published for devise_invitable (RubyGems) Feb 24, 2021 withdrawn
Moderate severity vulnerability that affects actionpack Moderate
GHSA-23v3-qfrj-wmgh was published for actionpack (RubyGems) Sep 17, 2018 withdrawn
Moderate severity vulnerability that affects rails-html-sanitizer Moderate
GHSA-77pc-q5q7-qg9h was published for rails-html-sanitizer (RubyGems) Sep 17, 2018 withdrawn
Moderate severity vulnerability that affects activerecord Moderate
GHSA-7phj-gmgx-2r66 was published for activerecord (RubyGems) Sep 17, 2018 withdrawn
Moderate severity vulnerability that affects activesupport Moderate
GHSA-35c4-f3rq-f9g3 was published for activesupport (RubyGems) Sep 17, 2018 withdrawn
Moderate severity vulnerability that affects actionpack Moderate
GHSA-544j-77x9-h938 was published for actionpack (RubyGems) Sep 17, 2018 withdrawn
Moderate severity vulnerability that affects actionview Moderate
GHSA-6834-r92f-jj42 was published for actionview (RubyGems) Sep 17, 2018 withdrawn
Moderate severity vulnerability that affects actionview Moderate
GHSA-2pwf-xwr3-hp55 was published for actionview (RubyGems) Aug 13, 2018 withdrawn
Moderate severity vulnerability that affects archive-tar-minitar and minitar Moderate
GHSA-cwp3-834g-x79g was published for archive-tar-minitar (RubyGems) Aug 21, 2018 withdrawn
Moderate severity vulnerability that affects safemode Moderate
GHSA-44vc-fpcg-5cc5 was published for safemode (RubyGems) Aug 8, 2018 withdrawn
Moderate severity vulnerability that affects actionpack Moderate
GHSA-5xmj-wm96-fmw8 was published for actionpack (RubyGems) Sep 17, 2018 withdrawn
Moderate severity vulnerability that affects rack-mini-profiler Moderate
GHSA-995j-587r-259w was published for rack-mini-profiler (RubyGems) Aug 13, 2018 withdrawn
Moderate severity vulnerability that affects rack Moderate
GHSA-9vc2-p34x-jhxh was published for rack (RubyGems) Sep 17, 2018 withdrawn
Moderate severity vulnerability that affects rails-html-sanitizer Moderate
GHSA-qc8j-m8j3-rjq6 was published for rails-html-sanitizer (RubyGems) Sep 17, 2018 withdrawn
Moderate severity vulnerability that affects activerecord Moderate
GHSA-m8h6-m9p5-p2f8 was published for activerecord (RubyGems) Aug 13, 2018 withdrawn
Moderate severity vulnerability that affects rails-html-sanitizer Moderate
GHSA-mrhj-2g4v-39qx was published for rails-html-sanitizer (RubyGems) Sep 17, 2018 withdrawn
Moderate severity vulnerability that affects doorkeeper Moderate
GHSA-5p9f-55j8-922m was published for doorkeeper (RubyGems) Aug 13, 2018 withdrawn
Moderate severity vulnerability that affects actionpack Moderate
GHSA-vwfg-qj3r-6v3r was published for actionpack (RubyGems) Sep 17, 2018 withdrawn
CSS Injection in Chartkick gem Moderate
CVE-2020-16254 was published for chartkick (RubyGems) Aug 12, 2020
Moderate severity vulnerability that affects web-console Moderate
GHSA-82x2-g7vr-39wq was published for web-console (RubyGems) Aug 13, 2018 withdrawn
Moderate severity vulnerability that affects paperclip Moderate
GHSA-phmw-pv3f-vvx7 was published for paperclip (RubyGems) Aug 13, 2018 withdrawn
Moderate severity vulnerability that affects actionpack Moderate
GHSA-m53f-rhq8-q6hf was published for actionpack (RubyGems) Sep 17, 2018 withdrawn
Moderate severity vulnerability that affects actionpack Moderate
GHSA-qf5x-qgx7-437h was published for actionpack (RubyGems) Sep 17, 2018 withdrawn
ProTip! Advisories are also available from the GraphQL API