GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
2,995 advisories
XML External Entity (XXE) in Django
Moderate
CVE-2013-1665
was published
for
Django
(pip)
May 17, 2022
Microsoft: CBC Padding Oracle in Azure Blob Storage Encryption Library
Moderate
CVE-2022-30187
was published
for
Azure.Storage.Blobs
(Maven)
Jul 13, 2022
jupyter-scheduler's endpoint is missing authentication
Moderate
CVE-2024-28188
was published
for
jupyter-scheduler
(pip)
May 23, 2024
glance-store logs s3 access keys
Moderate
CVE-2024-1141
was published
for
glance-store
(pip)
Feb 1, 2024
Django vulnerable to Denial of Service via i18n middleware component
Low
CVE-2007-5712
was published
for
Django
(pip)
May 1, 2022
Django Cross-site scripting (XSS) vulnerability
Moderate
CVE-2008-2302
was published
for
django
(pip)
May 1, 2022
Django cross-site request forgery (CSRF) vulnerability
Moderate
CVE-2008-3909
was published
for
django
(pip)
May 2, 2022
Improper query string handling in Django
Moderate
CVE-2010-4534
was published
for
django
(pip)
Jul 23, 2018
ProTip!
Advisories are also available from the
GraphQL API