GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
107,369 advisories
Ghost vulnerable to remote code execution in locale setting change
Moderate
GHSA-7v28-g2pq-ggg8
was published
for
ghost
(npm)
Jun 17, 2022
Renovate vulnerable to Azure DevOps token leakage in logs
Moderate
GHSA-36rh-ggpr-j3gj
was published
for
renovate
(npm)
Sep 14, 2020
apollo-server-core vulnerable to URL-based XSS attack affecting IE11 on default landing page
Moderate
GHSA-2fvv-qxrq-7jq6
was published
for
apollo-server-core
(npm)
Aug 18, 2022
Read the Docs vulnerable to Cross-Site Scripting (XSS)
Moderate
GHSA-98pf-gfh3-x3mp
was published
for
readthedocs
(npm)
Nov 10, 2022
ProTip!
Advisories are also available from the
GraphQL API