GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
8 advisories
Withdrawn Advisory: NULL Pointer Dereference in Protocol Buffers
High
CVE-2021-22570
was published
for
Google.Protobuf
(Composer)
Jan 27, 2022
•
withdrawn
jersey: XXE via parameter entities
High
CVE-2014-3643
was published
for
com.sun.jersey:jersey-core
(Maven)
May 17, 2022
Secret insertion into debug log in Docker
High
CVE-2019-13509
was published
for
github.com/docker/docker
(Go)
May 24, 2022
pg-native and libpq vulnerable to uncontrolled resource consumption
High
CVE-2022-25852
was published
for
libpq
(npm)
Jun 18, 2022
Apache HTTP Server via mod_proxy_uwsgi HTTP response smuggling
High
CVE-2023-27522
was published
for
uWSGI
(pip)
Mar 7, 2023
Ingress-nginx code injection via nginx.ingress.kubernetes.io/permanent-redirect annotation
High
CVE-2023-5044
was published
for
k8s.io/ingress-nginx
(Go)
Oct 25, 2023
Spring Framework Path Traversal vulnerability
High
CVE-2024-38819
was published
for
org.springframework:spring-webflux
(Maven)
Dec 19, 2024
astral-tokio-tar Vulnerable to PAX Header Desynchronization
High
CVE-2025-62518
was published
for
astral-tokio-tar
(Rust)
Oct 21, 2025
ProTip!
Advisories are also available from the
GraphQL API