Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
47
GitHub Actions
48
Go
3,378
Maven
5,000+
npm
5,000+
NuGet
881
pip
4,573
Pub
13
RubyGems
1,013
Rust
1,205
Swift
51
Unreviewed advisories
All unreviewed
5,000+

6 advisories

Loading
Decidim vulnerable to sensitive data disclosure High
CVE-2023-34090 was published for decidim (RubyGems) Jul 11, 2023
p- Credited to p-, ahukkanen, and alecslupu ahukkanen ahukkanen
alecslupu alecslupu
Decidim Cross-site Scripting vulnerability in the external link redirections Moderate
CVE-2023-32693 was published for decidim (RubyGems) Jul 11, 2023
p- Credited to p-, alecslupu, ahukkanen, and andreslucena alecslupu alecslupu
ahukkanen ahukkanen andreslucena andreslucena
Decidim Cross-site Scripting vulnerability in the processes filter High
CVE-2023-34089 was published for decidim (RubyGems) Jul 11, 2023
Alonsorossi Credited to Alonsorossi, ahukkanen, and andreslucena ahukkanen ahukkanen
andreslucena andreslucena
Decidim's private data exports can lead to data leaks High
CVE-2025-65017 was published for decidim (RubyGems) Feb 3, 2026
ahukkanen Credited to ahukkanen
Possibility to circumvent the invitation token expiry period Moderate
CVE-2023-48220 was published for decidim (RubyGems) Feb 20, 2024
ahukkanen Credited to ahukkanen and ctrgrb ctrgrb ctrgrb
Cross-site scripting (XSS) in the dynamic file uploads Moderate
CVE-2023-51447 was published for decidim (RubyGems) Feb 20, 2024
ctrgrb Credited to ctrgrb and ahukkanen ahukkanen ahukkanen
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database