GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
16 advisories
Filter by severity
Bun has an Application-level Prototype Pollution vulnerability in the runtime native API for Glo
Moderate
CVE-2024-21548
was published
for
bun
(npm)
Dec 18, 2024
ghtml Cross-Site Scripting (XSS) vulnerability
High
CVE-2024-37166
was published
for
ghtml
(npm)
Jun 10, 2024
Denial of Service vulnerability in lite-web-server
High
CVE-2023-26104
was published
for
lite-web-server
(npm)
Feb 25, 2023
Path traversal vulnerability in glance
Moderate
CVE-2022-25937
was published
for
glance
(npm)
Feb 13, 2023
Directory Traversal vulnerability in serve-lite
High
CVE-2022-21192
was published
for
serve-lite
(npm)
Jan 26, 2023
Cross-site Scripting (XSS) in serve-lite
Moderate
CVE-2022-25847
was published
for
serve-lite
(npm)
Jan 26, 2023
lite-dev-server vulnerable to Directory Traversal
High
CVE-2022-25895
was published
for
lite-dev-server
(npm)
Dec 21, 2022
lite-server vulnerable to Denial of Service
High
CVE-2022-25940
was published
for
lite-server
(Maven)
Dec 20, 2022
easy-static-server vulnerable to Directory Traversal
High
CVE-2022-25931
was published
for
easy-static-server
(npm)
Dec 20, 2022
static-dev-server vulnerable to path traversal
High
CVE-2022-25848
was published
for
static-dev-server
(npm)
Nov 29, 2022
OS Command Injection in git-promise
High
CVE-2022-24376
was published
for
git-promise
(npm)
Jun 11, 2022
OS Command Injection in git-pull-or-clone
Critical
CVE-2022-24437
was published
for
git-pull-or-clone
(npm)
May 3, 2022
Command injection in git-interface
Critical
CVE-2022-1440
was published
for
git-interface
(npm)
Apr 23, 2022
pullit vulnerable to command injection
High
CVE-2018-25083
was published
for
pullit
(npm)
Sep 3, 2020
ProTip!
Advisories are also available from the
GraphQL API