Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
46
Go
3,270
Maven
5,000+
npm
5,000+
NuGet
867
pip
4,517
Pub
12
RubyGems
998
Rust
1,194
Swift
51
Unreviewed advisories
All unreviewed
5,000+

7 advisories

Loading
Argo CD's Project API Token Exposes Repository Credentials Critical
CVE-2025-55190 was published for github.com/argoproj/argo-cd/v2 (Go) Sep 4, 2025
ntammineni5 Credited to ntammineni5, 34fathombelow, alexmt, todaywasawesome, jannfis, crenshaw-dev, and svghadi 34fathombelow 34fathombelow
alexmt alexmt todaywasawesome todaywasawesome jannfis jannfis crenshaw-dev crenshaw-dev svghadi svghadi
ArgoCD Vulnerable to Use of Risky or Missing Cryptographic Algorithms in Redis Cache Critical
CVE-2024-31989 was published for github.com/argoproj/argo-cd (Go) May 21, 2024
oreenlivnicode Credited to oreenlivnicode, leoluz, crenshaw-dev, mkilchhofer, todaywasawesome, and pasha-codefresh leoluz leoluz
crenshaw-dev crenshaw-dev mkilchhofer mkilchhofer todaywasawesome todaywasawesome pasha-codefresh pasha-codefresh
Argo CD vulnerable to a Denial of Service via malicious jqPathExpressions in ignoreDifferences Moderate
CVE-2024-32476 was published for github.com/argoproj/argo-cd/v2 (Go) Apr 26, 2024
crenshaw-dev Credited to crenshaw-dev, pasha-codefresh, and todaywasawesome pasha-codefresh pasha-codefresh
todaywasawesome todaywasawesome
Bypassing Rate Limit and Brute Force Protection Using Cache Overflow Moderate
CVE-2024-21662 was published for github.com/argoproj/argo-cd/v2 (Go) Mar 18, 2024
nadava669 Credited to nadava669, pasha-codefresh, crenshaw-dev, todaywasawesome, and jannfis pasha-codefresh pasha-codefresh
crenshaw-dev crenshaw-dev todaywasawesome todaywasawesome jannfis jannfis
Denial of Service (DoS) Vulnerability Due to Unsafe Array Modification in Multi-threaded Environment High
CVE-2024-21661 was published for github.com/argoproj/argo-cd (Go) Mar 18, 2024
nadava669 Credited to nadava669, todaywasawesome, crenshaw-dev, jannfis, and pasha-codefresh todaywasawesome todaywasawesome
crenshaw-dev crenshaw-dev jannfis jannfis pasha-codefresh pasha-codefresh
Bypassing Brute Force Protection via Application Crash and In-Memory Data Loss Critical
CVE-2024-21652 was published for github.com/argoproj/argo-cd/v2 (Go) Mar 18, 2024
nadava669 Credited to nadava669, pasha-codefresh, jannfis, crenshaw-dev, and todaywasawesome pasha-codefresh pasha-codefresh
jannfis jannfis crenshaw-dev crenshaw-dev todaywasawesome todaywasawesome
Path traversal allows leaking out-of-bound Helm charts from Argo CD repo-server Moderate
CVE-2023-40026 was published for github.com/argoproj/argo-cd (Go) Sep 27, 2023
crenshaw-dev Credited to crenshaw-dev and todaywasawesome todaywasawesome todaywasawesome
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database