Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
41
Go
3,039
Maven
5,000+
npm
4,779
NuGet
824
pip
4,380
Pub
12
RubyGems
987
Rust
1,143
Swift
50
Unreviewed advisories
All unreviewed
5,000+

1 advisory

Loading
Deeply nested json in jackson-databind High
CVE-2020-36518 was published for com.fasterxml.jackson.core:jackson-databind (Maven) Mar 12, 2022
farbeiza-enverus Credited to farbeiza-enverus, stickycode, mr-c, victornoel, guima, Zeouterlimits, joschi, JoshDM, and sunSUNQ stickycode stickycode
mr-c mr-c victornoel victornoel guima guima Zeouterlimits Zeouterlimits joschi joschi JoshDM JoshDM sunSUNQ sunSUNQ
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database