Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
47
GitHub Actions
48
Go
3,378
Maven
5,000+
npm
5,000+
NuGet
881
pip
4,573
Pub
13
RubyGems
1,013
Rust
1,205
Swift
51
Unreviewed advisories
All unreviewed
5,000+

3 advisories

Loading
RestrictedPython information leakage via `AttributeError.obj` and the `string` module High
CVE-2024-47532 was published for RestrictedPython (pip) Sep 30, 2024
Quasar0147 Credited to Quasar0147, dronex7070, d-maurer, dataflake, and icemac dronex7070 dronex7070
d-maurer d-maurer dataflake dataflake icemac icemac
RestrictedPython vulnerable to arbitrary code execution via stack frame sandbox escape High
CVE-2023-37271 was published for RestrictedPython (pip) Jul 10, 2023
loechel Credited to loechel, Quasar0147, despawningbone, dataflake, and nneonneo Quasar0147 Quasar0147
despawningbone despawningbone dataflake dataflake nneonneo nneonneo
Sandbox escape via various forms of "format". High
CVE-2023-41039 was published for RestrictedPython (pip) Aug 30, 2023
ankush Credited to ankush, abhishekg999, d-maurer, icemac, and Quasar0147 abhishekg999 abhishekg999
d-maurer d-maurer icemac icemac Quasar0147 Quasar0147
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database