Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

425 advisories

Loading
Unbounded resource exhaustion in cmark-gfm autolink extension may lead to denial of service Moderate
GHSA-4qw4-jpp4-8gvp was published for commonmarker (RubyGems) Sep 21, 2022
Update bundled libxml2 to v2.10.3 to resolve multiple CVEs Moderate
GHSA-2qc6-mcvw-92cw was published for nokogiri (RubyGems) Oct 18, 2022
Cross-Site Request Forgery (CSRF) Moderate
GHSA-wj5j-xpcj-45gc was published for devise_invitable (RubyGems) Feb 24, 2021 withdrawn
Moderate severity vulnerability that affects actionpack Moderate
GHSA-23v3-qfrj-wmgh was published for actionpack (RubyGems) Sep 17, 2018 withdrawn
Moderate severity vulnerability that affects activerecord Moderate
GHSA-7phj-gmgx-2r66 was published for activerecord (RubyGems) Sep 17, 2018 withdrawn
Moderate severity vulnerability that affects rails-html-sanitizer Moderate
GHSA-77pc-q5q7-qg9h was published for rails-html-sanitizer (RubyGems) Sep 17, 2018 withdrawn
Moderate severity vulnerability that affects activesupport Moderate
GHSA-35c4-f3rq-f9g3 was published for activesupport (RubyGems) Sep 17, 2018 withdrawn
Moderate severity vulnerability that affects actionpack Moderate
GHSA-544j-77x9-h938 was published for actionpack (RubyGems) Sep 17, 2018 withdrawn
Moderate severity vulnerability that affects actionview Moderate
GHSA-6834-r92f-jj42 was published for actionview (RubyGems) Sep 17, 2018 withdrawn
Moderate severity vulnerability that affects actionview Moderate
GHSA-2pwf-xwr3-hp55 was published for actionview (RubyGems) Aug 13, 2018 withdrawn
Moderate severity vulnerability that affects archive-tar-minitar and minitar Moderate
GHSA-cwp3-834g-x79g was published for archive-tar-minitar (RubyGems) Aug 21, 2018 withdrawn
Moderate severity vulnerability that affects safemode Moderate
GHSA-44vc-fpcg-5cc5 was published for safemode (RubyGems) Aug 8, 2018 withdrawn
Moderate severity vulnerability that affects actionpack Moderate
GHSA-5xmj-wm96-fmw8 was published for actionpack (RubyGems) Sep 17, 2018 withdrawn
Moderate severity vulnerability that affects rack-mini-profiler Moderate
GHSA-995j-587r-259w was published for rack-mini-profiler (RubyGems) Aug 13, 2018 withdrawn
Moderate severity vulnerability that affects rack Moderate
GHSA-9vc2-p34x-jhxh was published for rack (RubyGems) Sep 17, 2018 withdrawn
Moderate severity vulnerability that affects rails-html-sanitizer Moderate
GHSA-qc8j-m8j3-rjq6 was published for rails-html-sanitizer (RubyGems) Sep 17, 2018 withdrawn
Moderate severity vulnerability that affects activerecord Moderate
GHSA-m8h6-m9p5-p2f8 was published for activerecord (RubyGems) Aug 13, 2018 withdrawn
Moderate severity vulnerability that affects rails-html-sanitizer Moderate
GHSA-mrhj-2g4v-39qx was published for rails-html-sanitizer (RubyGems) Sep 17, 2018 withdrawn
Moderate severity vulnerability that affects doorkeeper Moderate
GHSA-5p9f-55j8-922m was published for doorkeeper (RubyGems) Aug 13, 2018 withdrawn
Moderate severity vulnerability that affects actionpack Moderate
GHSA-vwfg-qj3r-6v3r was published for actionpack (RubyGems) Sep 17, 2018 withdrawn
CSS Injection in Chartkick gem Moderate
CVE-2020-16254 was published for chartkick (RubyGems) Aug 12, 2020
Moderate severity vulnerability that affects web-console Moderate
GHSA-82x2-g7vr-39wq was published for web-console (RubyGems) Aug 13, 2018 withdrawn
Moderate severity vulnerability that affects actionpack Moderate
GHSA-qf5x-qgx7-437h was published for actionpack (RubyGems) Sep 17, 2018 withdrawn
Moderate severity vulnerability that affects paperclip Moderate
GHSA-phmw-pv3f-vvx7 was published for paperclip (RubyGems) Aug 13, 2018 withdrawn
Moderate severity vulnerability that affects sprockets Moderate
GHSA-r4x3-g983-9g48 was published for sprockets (RubyGems) Oct 10, 2018 withdrawn
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database