Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
55
GitHub Actions
50
Go
3,732
Maven
5,000+
npm
5,000+
NuGet
935
pip
4,952
Pub
13
RubyGems
1,055
Rust
1,343
Swift
54
Unreviewed advisories
All unreviewed
5,000+

133 advisories

Loading
Cachet vulnerable to new line injection during configuration edition High
CVE-2021-39172 was published for cachethq/cachet (Composer) Aug 30, 2021
thomas-chauchefoin-sonarsource Credited to thomas-chauchefoin-sonarsource and tdunlap607 tdunlap607 tdunlap607
Headers containing newline characters can split messages in hyper Moderate
CVE-2017-18587 was published for hyper (Rust) Aug 25, 2021
CRLF vulnerability in Fiber Moderate
CVE-2020-15111 was published for github.com/gofiber/fiber (Go) Jun 29, 2021
hsblhsn Credited to hsblhsn and abdshaleh abdshaleh abdshaleh
CRLF injection in httplib2 Moderate
CVE-2020-11078 was published for httplib2 (pip) May 20, 2020
Ciyfly Credited to Ciyfly
Twisted CRLF Injection Moderate
CVE-2019-12387 was published for twisted (pip) Jun 10, 2019
Moderate severity vulnerability that affects io.vertx:vertx-core Moderate
CVE-2018-12537 was published for io.vertx:vertx-core (Maven) Oct 19, 2018
Gunicorn contains Improper Neutralization of CRLF sequences in HTTP headers High
CVE-2018-1000164 was published for gunicorn (pip) Jul 12, 2018
Mail Gem CRLF Injection vulnerability Moderate
CVE-2015-9097 was published for mail (RubyGems) Oct 24, 2017
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database