GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,131
Erlang
29
GitHub Actions
19
Go
1,936
Maven
5,000+
npm
3,671
NuGet
642
pip
3,288
Pub
10
RubyGems
873
Rust
828
Swift
35
Unreviewed advisories
All unreviewed
5,000+
378 advisories
Filter by severity
Malicious Package in eslint-scope
Critical
GHSA-hxxf-q3w9-4xgw
was published
for
eslint-config-eslint
(npm)
Jul 12, 2018
Withdrawn Advisory: mariadb was malware
High
CVE-2017-16046
was published
for
mariadb
(npm)
Jul 18, 2018
•
withdrawn
Hijacked Environment Variables in proxy.js
Moderate
CVE-2017-16076
was published
for
proxy.js
(npm)
Aug 29, 2018
ProTip!
Advisories are also available from the
GraphQL API