Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,409
Erlang
33
GitHub Actions
22
Go
2,144
Maven
5,000+
npm
3,808
NuGet
687
pip
3,481
Pub
12
RubyGems
897
Rust
898
Swift
38
Unreviewed advisories
All unreviewed
5,000+

317 advisories

Loading
AtomicBucket<T> unconditionally implements Send/Sync Moderate
GHSA-3hxh-7jxm-59x4 was published for metrics-util (Rust) Jun 17, 2022
QueryInterface should call AddRef before returning pointer Moderate
GHSA-9rg7-3j4f-cf4x was published for derive-com-impl (Rust) Jun 16, 2022
`SegQueue` creates zero value of any type Moderate
GHSA-8gj8-hv75-gp94 was published for crossbeam (Rust) Jun 16, 2022
`SegQueue` creates zero value of any type Moderate
GHSA-6888-wf7j-34jq was published for crossbeam-queue (Rust) Jun 16, 2022
Potential segfault in `localtime_r` invocations Moderate
GHSA-cqpr-pcm7-m3jc was published for chrono (Rust) Jun 16, 2022 withdrawn
KamilaBorowska penberg
`array!` macro is unsound when its length is impure constant Moderate
GHSA-7v4j-8wvr-v55r was published for array-macro (Rust) Jun 16, 2022
KamilaBorowska
`array!` macro is unsound in presence of traits that implement methods it calls internally Moderate
GHSA-83gg-pwxf-jr89 was published for array-macro (Rust) Jun 16, 2022
KamilaBorowska
Space bug in `clean_text` Moderate
GHSA-p2g9-94wh-65c2 was published for ammonia (Rust) Jun 16, 2022
tdunlap607
Library exclusively intended to obfuscate code. Moderate
GHSA-gfg9-x6px-r7gr was published for plutonium (Rust) Jun 16, 2022
`MsQueue` `push`/`pop` use the wrong orderings Moderate
GHSA-rwf4-gx62-rqfw was published for crossbeam (Rust) Jun 8, 2022
Observable Timing Discrepancy in totp-rs Moderate
CVE-2022-29185 was published for totp-rs (Rust) May 24, 2022
tdunlap607
Exposure of Sensitive Information to an Unauthorized Actor in MongoDB Rust Driver Moderate
CVE-2021-20332 was published for mongodb (Rust) May 24, 2022
alex-semenyuk richardfan0606
insert_slice_clone can double drop if Clone panics. Moderate
CVE-2021-26954 was published for qwutils (Rust) May 24, 2022
Async-h1 request smuggling possible with long unread bodies Moderate
CVE-2020-36202 was published for async-h1 (Rust) May 24, 2022
MutexGuard::map can cause a data race in safe code Moderate
CVE-2020-35905 was published for futures-util (Rust) May 24, 2022
futures_task::noop_waker_ref can segfault due to dereferencing a NULL pointer Moderate
CVE-2020-35907 was published for futures-task (Rust) May 24, 2022
Improper `Sync` implementation on `FuturesUnordered` in futures-utils can cause data corruption Moderate
CVE-2020-35908 was published for futures-util (Rust) May 24, 2022
`net2` invalidly assumes the memory layout of std::net::SocketAddr Moderate
CVE-2020-35919 was published for net2 (Rust) May 24, 2022
Integer overflow in the bundled Brotli C library Moderate
CVE-2020-8927 was published for Microsoft.NETCore.App.Runtime.AOT.linux-x64.Cross.android-arm (NuGet) May 24, 2022
Grin allows attackers to adversely affect availability of data on a Mimblewimble blockchain Moderate
CVE-2020-12439 was published for grin (Rust) May 24, 2022
`OCSP_basic_verify` may incorrectly verify the response signing certificate Moderate
CVE-2022-1343 was published for openssl-src (Rust) May 4, 2022
pinkforest
Incorrect MAC key used in the RC4-MD5 ciphersuite Moderate
CVE-2022-1434 was published for openssl-src (Rust) May 4, 2022
pinkforest
Exposure of Resource to Wrong Sphere in Simple-Wayland-HotKey-Daemon Moderate
CVE-2022-27817 was published for Simple-Wayland-HotKey-Daemon (Rust) Apr 15, 2022
Unsafe parsing in SWHKD Moderate
CVE-2022-27819 was published for Simple-Wayland-HotKey-Daemon (Rust) Apr 8, 2022
J3rry-1729
Invalid drop of partially-initialized instances in the pooling instance allocator for modules with defined `externref` globals Moderate
CVE-2022-23636 was published for wasmtime (Rust) Feb 16, 2022
peterhuene
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database