GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
29 advisories
Filter by severity
Django Incorrect Default Permissions
High
CVE-2020-24584
was published
for
django
(pip)
Mar 18, 2021
Django denial-of-service vulnerability in internationalized URLs
High
CVE-2022-41323
was published
for
django
(pip)
Oct 16, 2022
Django DoS in django.views.static.serve
High
CVE-2015-0221
was published
for
Django
(pip)
May 17, 2022
Django Vulnerable to HTTP Response Splitting Attack
High
CVE-2015-5144
was published
for
Django
(pip)
May 17, 2022
Django vulnerable to Improper Restriction of Operations within the Bounds of a Memory Buffer
High
CVE-2012-3444
was published
for
Django
(pip)
May 17, 2022
Incorrect Session Validation in Apache Airflow
High
CVE-2020-17526
was published
for
apache-airflow
(pip)
Apr 20, 2021
Cross-Site Request Forgery (CSRF) in Apache Airflow
High
CVE-2017-17835
was published
for
apache-airflow
(pip)
Jan 25, 2019
Remote code execution (RCE) in Apache Airflow
High
CVE-2020-11978
was published
for
apache-airflow
(pip)
Jul 27, 2020
Apache Airflow subject to Exposure of Sensitive Information
High
CVE-2022-27949
was published
for
apache-airflow
(pip)
Nov 14, 2022
Apache Airflow vulnerable to Use of Externally-Controlled Format String
High
CVE-2022-40604
was published
for
apache-airflow
(pip)
Sep 22, 2022
Apache Airflow may allow authenticated users who have been deactivated to continue using the UI or API
High
CVE-2022-41672
was published
for
apache-airflow
(pip)
Oct 7, 2022
Improper Input Validation in Apache Airflow resulting in Remote Code Execution
High
CVE-2017-15720
was published
for
apache-airflow
(pip)
Jan 25, 2019
Improper Certificate Validation in Apache Airflow
High
CVE-2018-20245
was published
for
apache-airflow
(pip)
Jan 25, 2019
Django vulnerable to Reflected File Download attack
High
CVE-2022-36359
was published
for
Django
(pip)
Aug 11, 2022
Pillow Denial of Service by Uncontrolled Resource Consumption
High
CVE-2021-27921
was published
for
Pillow
(pip)
Mar 18, 2021
Pillow Uncontrolled Resource Consumption
High
CVE-2021-27922
was published
for
Pillow
(pip)
Mar 18, 2021
Pillow Denial of Service by Uncontrolled Resource Consumption
High
CVE-2021-27923
was published
for
Pillow
(pip)
Mar 18, 2021
Uncontrolled Resource Consumption in Pillow
High
CVE-2021-28677
was published
for
Pillow
(pip)
Jun 8, 2021
ProTip!
Advisories are also available from the
GraphQL API