GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
154 advisories
Ansible vulnerable to Insertion of Sensitive Information into Log File
High
CVE-2024-8775
was published
for
ansible-core
(pip)
Sep 16, 2024
Apache Linkis DataSource: DataSource module Oracle SQL Database Password Logged
Moderate
CVE-2023-50740
was published
for
org.apache.linkis:linkis
(Maven)
Mar 6, 2024
secrets-store-csi-driver discloses service account tokens in logs
Moderate
CVE-2023-2878
was published
for
sigs.k8s.io/secrets-store-csi-driver
(Go)
May 26, 2023
GitHub PAT written to debug artifacts
High
CVE-2025-24362
was published
for
github/codeql-action
(GitHub Actions)
Jan 24, 2025
TYPO3 Information Disclosure via Exception Handling/Logger
Low
CVE-2024-55891
was published
for
typo3/cms-install
(Composer)
Jan 14, 2025
Git credentials are exposed in Atlantis logs
High
CVE-2024-52009
was published
for
github.com/runatlantis/atlantis
(Go)
Nov 8, 2024
django-anymail Includes Sensitive Information in Log Files
Critical
CVE-2018-1000089
was published
for
django-anymail
(pip)
May 14, 2022
Logging of the firestore key within nodejs-firestore
Moderate
CVE-2023-6460
was published
for
@google-cloud/firestore
(npm)
Dec 4, 2023
ProTip!
Advisories are also available from the
GraphQL API