Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,815
Erlang
36
GitHub Actions
32
Go
2,401
Maven
5,000+
npm
4,045
NuGet
723
pip
3,842
Pub
12
RubyGems
933
Rust
1,003
Swift
38
Unreviewed advisories
All unreviewed
5,000+

164 advisories

Loading
usememos/memos Denial of Service vulnerability High
CVE-2022-4767 was published for github.com/usememos/memos (Go) Dec 27, 2022
Helm vulnerable to denial of service through string value parsing Moderate
CVE-2022-23524 was published for helm.sh/helm/v3 (Go) Dec 14, 2022
DavidKorczynski AdamKorcz
containerd CRI stream server vulnerable to host memory exhaustion via terminal Moderate
CVE-2022-23471 was published for github.com/containerd/containerd (Go) Dec 7, 2022
libp2p DoS vulnerability from lack of resource management High
CVE-2022-23492 was published for github.com/libp2p/go-libp2p (Go) Dec 7, 2022
Free5gc vulnerable to uncontrolled resource consumption High
CVE-2022-38871 was published for github.com/free5gc/free5gc (Go) Nov 19, 2022
MessagePack for Golang subject to DoS via Unmarshal panic High
CVE-2022-41719 was published for github.com/shamaton/msgpack/v2 (Go) Nov 11, 2022
Traefik HTTP/2 connections management could cause a denial of service High
CVE-2022-39271 was published for github.com/traefik/traefik/v2 (Go) Oct 10, 2022
Tendermint Core vulnerable to Uncontrolled Resource Consumption Moderate
CVE-2021-21271 was published for github.com/tendermint/tendermint (Go) Oct 7, 2022
cmwaters melekes
cyril-crypto brianatcrypto tomtau yihuang
Cloudflare GoFlow vulnerable to a Denial of Service in the sflow packet handling package High
CVE-2022-2529 was published for github.com/cloudflare/goflow/v3 (Go) Oct 1, 2022
JustinTimperio
Hyperledger Fabric subject to Denial of Service via non-validated request High
CVE-2022-35253 was published for github.com/hyperledger/fabric (Go) Sep 25, 2022
Binary vulnerable to Slice Memory Allocation with Excessive Size Value High
CVE-2022-36078 was published for github.com/gagliardetto/binary (Go) Sep 16, 2022
Helm Controller denial of service High
CVE-2022-36049 was published for github.com/fluxcd/flux2 (Go) Sep 16, 2022
pjbgf
Helm Vulnerable to denial of service through string value parsing Moderate
CVE-2022-36055 was published for helm.sh/helm/v3 (Go) Aug 30, 2022
DavidKorczynski AdamKorcz
Shoutrrr util package DoS via sending 2000, 4000, or 6000 character messages High
CVE-2022-25891 was published for github.com/containrrr/shoutrrr (Go) Jul 16, 2022
DoS in KubeEdge's Websocket Client in package Viaduct Moderate
CVE-2022-31080 was published for github.com/kubeedge/kubeedge (Go) Jul 11, 2022
DavidKorczynski AdamKorcz
KubeEdge Cloud Stream and Edge Stream DoS from large stream message Moderate
CVE-2022-31079 was published for github.com/kubeedge/kubeedge (Go) Jul 11, 2022
AdamKorcz DavidKorczynski
KubeEdge CloudCore Router memory exhaustion vulnerability Moderate
CVE-2022-31078 was published for github.com/kubeedge/kubeedge (Go) Jul 11, 2022
DavidKorczynski AdamKorcz
KubeEdge DoS when signing the CSR from EdgeCore Moderate
CVE-2022-31075 was published for github.com/kubeedge/kubeedge (Go) Jul 11, 2022
DavidKorczynski AdamKorcz
KubeEdge Cloud AdmissionController component DoS Moderate
CVE-2022-31074 was published for github.com/kubeedge/kubeedge (Go) Jul 11, 2022
DavidKorczynski AdamKorcz
KubeEdge Edge ServiceBus module DoS Moderate
CVE-2022-31073 was published for github.com/kubeedge/kubeedge (Go) Jul 11, 2022
DavidKorczynski AdamKorcz
DOS and excessive memory usage when passing untrusted user input to to dag import Moderate
GHSA-f2gr-7299-487h was published for github.com/ipfs/go-ipfs (Go) Jul 6, 2022
Jorropo avivdolev
Malformed CAR panics and excessive memory usage Moderate
GHSA-9x4h-8wgm-8xfg was published for github.com/ipld/go-car (Go) Jul 6, 2022
Jorropo rvagg
willscott masih BigLep
DoS through large manifest files in Argo CD Moderate
CVE-2022-31016 was published for github.com/argoproj/argo-cd (Go) Jun 21, 2022
AdamKorcz
Uses of deprecated API can be used to cause DoS in user-facing endpoints High
CVE-2022-31054 was published for github.com/argoproj/argo-events (Go) Jun 17, 2022
DavidKorczynski AdamKorcz
containerd CRI plugin: Host memory exhaustion through ExecSync Moderate
CVE-2022-31030 was published for github.com/containerd/containerd (Go) Jun 6, 2022
DavidKorczynski AdamKorcz
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database