Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
43
Go
3,181
Maven
5,000+
npm
5,000+
NuGet
863
pip
4,474
Pub
12
RubyGems
991
Rust
1,185
Swift
51
Unreviewed advisories
All unreviewed
5,000+

3 advisories

Loading
Microsoft Identity Web Exposes Client Secrets and Certificate Information in Service Logs Moderate
CVE-2025-32016 was published for Microsoft.Identity.Abstractions (NuGet) Apr 9, 2025
MarcelMichau Credited to MarcelMichau, jmprieur, jennyf19, keegan-caruso, and rymeskar jmprieur jmprieur
jennyf19 jennyf19 keegan-caruso keegan-caruso rymeskar rymeskar
Duplicate Advisory: Microsoft Identity Denial of service vulnerability Moderate
GHSA-8g9c-28fc-mcx2 was published for Microsoft.IdentityModel.JsonWebTokens (NuGet) Jan 9, 2024 withdrawn
morganbr Credited to morganbr, brentschmaltz, GeoK, keegan-caruso, jennyf19, and jmprieur brentschmaltz brentschmaltz
GeoK GeoK keegan-caruso keegan-caruso jennyf19 jennyf19 jmprieur jmprieur
Microsoft.IdentityModel.Protocols.SignedHttpRequest remote code execution vulnerability High
CVE-2024-21643 was published for Microsoft.IdentityModel.Protocols.SignedHttpRequest (NuGet) Jan 9, 2024
rymeskar Credited to rymeskar, brentschmaltz, GeoK, keegan-caruso, jmprieur, jennyf19, and TimHannMSFT brentschmaltz brentschmaltz
GeoK GeoK keegan-caruso keegan-caruso jmprieur jmprieur jennyf19 jennyf19 TimHannMSFT TimHannMSFT
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database