Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,176
Erlang
30
GitHub Actions
19
Go
1,982
Maven
5,000+
npm
3,701
NuGet
656
pip
3,323
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+

15 advisories

Loading
Log Forging in generator-jhipster-kotlin Moderate
CVE-2020-4072 was published for generator-jhipster-kotlin (npm) Jun 25, 2020
Shopware's log module vulnerable to Improper Output Neutralization Low
CVE-2023-22733 was published for shopware/core (Composer) Jan 20, 2023
Log Injection in Apache Sling Commons Log and Apache Sling API Moderate
CVE-2022-32549 was published for org.apache.sling:org.apache.sling.api (Maven) Jun 23, 2022
Temporary urls leaked via logging Low
CVE-2017-8761 was published for swift (pip) Jun 8, 2021
Gin's default logger allows unsanitized input that can allow remote attackers to inject arbitrary log lines High
CVE-2020-36567 was published for github.com/gin-gonic/gin (Go) Dec 27, 2022
Yapscan's report receiver server vulnerable to path traversal and log injection High
GHSA-9h6h-9g78-86f7 was published for github.com/fkie-cad/yapscan (Go) Dec 29, 2022
tdunlap607
Potential log injection in reset user endpoint in CKAN Moderate
CVE-2024-27097 was published for ckan (pip) Mar 13, 2024
ZuhairORZaki
Sentry vulnerable to leaking superuser cleartext password in logs High
CVE-2024-32474 was published for sentry (pip) Apr 18, 2024
lluuaapp
flask-cors vulnerable to log injection when the log level is set to debug Moderate
CVE-2024-1681 was published for flask-cors (pip) Apr 19, 2024
bayandin
Ansible-core information disclosure flaw Moderate
CVE-2024-0690 was published for ansible-core (pip) Feb 6, 2024
Keycloak vulnerable to log Injection during WebAuthn authentication or registration Moderate
CVE-2023-6484 was published for org.keycloak:keycloak-services (Maven) Apr 17, 2024
dhvakr
Improper Output Neutralization for Logs in Spring Framework Moderate
CVE-2021-22096 was published for org.springframework:spring (Maven) May 24, 2022
artanaliji
Insertion of Sensitive Information into Log File and Improper Output Neutralization for Logs in ansible Moderate
CVE-2020-14332 was published for ansible (pip) Feb 9, 2022
jhampson-dbre
Improper Output Neutralization and Improper Encoding or Escaping of Output for Logs in ansible Moderate
CVE-2020-14330 was published for ansible (pip) Feb 9, 2022
Ansible Uses Plugins That Disclose Credentials High
CVE-2019-14846 was published for ansible (pip) May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database