GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
12 advisories
Filter by severity
Answer has Observable Timing Discrepancy
Moderate
CVE-2023-1538
was published
for
github.com/answerdev/answer
(Go)
Mar 21, 2023
Answer has Observable Response Discrepancy
Moderate
CVE-2023-1540
was published
for
github.com/answerdev/answer
(Go)
Mar 21, 2023
Argo CD authenticated but unauthorized users may enumerate Application names via the API
Moderate
CVE-2022-41354
was published
for
github.com/argoproj/argo-cd
(Go)
Mar 23, 2023
HashiCorp Vault's implementation of Shamir's secret sharing vulnerable to cache-timing attacks
Moderate
CVE-2023-25000
was published
for
github.com/hashicorp/vault
(Go)
Mar 30, 2023
Atlantis Events vulnerable to Timing Attack
High
CVE-2022-24912
was published
for
github.com/runatlantis/atlantis
(Go)
Jul 30, 2022
Observable Discrepancy in Argo
Moderate
CVE-2020-11576
was published
for
github.com/argoproj/argo-cd
(Go)
Dec 9, 2021
ginuerzh/gost vulnerable to Timing Attack
Moderate
CVE-2023-32691
was published
for
github.com/ginuerzh/gost
(Go)
May 22, 2023
HashiCorp Vault and Vault Enterprise vulnerable to user enumeration
Moderate
CVE-2023-3462
was published
for
github.com/hashicorp/vault
(Go)
Aug 1, 2023
OpenShift OSIN vulnerable to Observable Timing Discrepancy
Moderate
CVE-2021-4294
was published
for
github.com/openshift/osin
(Go)
Dec 28, 2022
1Panel's password verification is suspected to have a timing attack vulnerability
Low
CVE-2024-30257
was published
for
github.com/1Panel-dev/1Panel
(Go)
Apr 18, 2024
ZITADEL "ignoring unknown usernames" vulnerability
Moderate
CVE-2024-41952
was published
for
github.com/zitadel/zitadel
(Go)
Jul 31, 2024
CubeFS timing attack can leak user passwords
High
CVE-2023-46739
was published
for
github.com/cubefs/cubefs
(Go)
Jan 3, 2024
ProTip!
Advisories are also available from the
GraphQL API