Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,690
Maven
5,000+
npm
4,320
NuGet
760
pip
4,096
Pub
12
RubyGems
958
Rust
1,063
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3 advisories

Loading
Jenkins SAML Plugin does not implement a replay cache High
CVE-2025-64131 was published for org.jenkins-ci.plugins:saml (Maven) Oct 29, 2025
Authentication Bypass by Capture-replay in Apache Spark High
CVE-2021-38296 was published for org.apache.spark:spark-core (Maven) Mar 11, 2022
AlmogApiiro
Credited to AlmogApiiro
Apache Linkis Authentication Bypass vulnerability Critical
CVE-2023-27987 was published for org.apache.linkis:linkis (Maven) Jul 6, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database