Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,362
Erlang
33
GitHub Actions
22
Go
2,134
Maven
5,000+
npm
3,797
NuGet
687
pip
3,473
Pub
12
RubyGems
896
Rust
897
Swift
38
Unreviewed advisories
All unreviewed
5,000+

4 advisories

Loading
Command Injection in Apache James Moderate
CVE-2021-38542 was published for org.apache.james:james-server (Maven) Jan 8, 2022
Command Injection in Apache Kylin Moderate
CVE-2021-45456 was published for org.apache.kylin:kylin (Maven) Jan 8, 2022
Apache StreamPark: maven build params could trigger remote command execution Moderate
CVE-2024-29737 was published for org.apache.streampark:streampark (Maven) Jul 17, 2024
Apache StreamPark: Unchecked maven build params could trigger remote command execution Moderate
CVE-2023-52291 was published for org.apache.streampark:streampark (Maven) Jul 17, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database