Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,908
Erlang
39
GitHub Actions
38
Go
2,568
Maven
5,000+
npm
4,240
NuGet
754
pip
4,004
Pub
12
RubyGems
953
Rust
1,042
Swift
45
Unreviewed advisories
All unreviewed
5,000+

5 advisories

Loading
deno_doc's HTML generator vulnerable to Cross-site Scripting Low
CVE-2024-32468 was published for deno_doc (Rust) Nov 25, 2024
NeKzor
Credited to NeKzor
Vaultwarden HTML injection vulnerability Low
CVE-2024-55224 was published for vaultwarden (Rust) Jan 9, 2025
Vaultwarden authenticated reflected cross-site scripting (XSS) vulnerability Low
CVE-2024-55226 was published for vaultwarden (Rust) Jan 9, 2025
Malicious dependencies can inject arbitrary JavaScript into cargo-generated timing reports Low
CVE-2023-40030 was published for cargo (Rust) Aug 24, 2023
pietroalbini cuviper
remkop22 ehuss weihanglo Manishearth iusx
Credited to pietroalbini, cuviper, remkop22, ehuss, weihanglo, Manishearth, and iusx
Ammonia incorrectly handles embedded SVG and MathML leading to mutation XSS after removal Low
GHSA-mm7x-qfjj-5g2c was published for ammonia (Rust) Sep 22, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database