GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,901
Maven
5,000+
npm
3,631
NuGet
638
pip
3,245
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
382 advisories
Filter by severity
Malicious Package in commander-js
Critical
GHSA-2hqf-qqmq-pgpp
was published
for
commander-js
(npm)
Sep 2, 2020
Malicious Package in portionfatty12
Critical
GHSA-p8fm-w787-x6x3
was published
for
portionfatty12
(npm)
Sep 2, 2020
Malicious Package in 4equest
Critical
GHSA-p33q-w45h-2hcj
was published
for
4equest
(npm)
Sep 2, 2020
Malicious Package in jajajejejiji
Critical
GHSA-rggq-f2wf-m6cp
was published
for
jajajejejiji
(npm)
Sep 2, 2020
Malicious Package in wepack-cli
Critical
GHSA-fpw3-x4xq-6vxq
was published
for
wepack-cli
(npm)
Sep 2, 2020
Malicious Package in commnader
Critical
GHSA-855m-jchh-9qjc
was published
for
commnader
(npm)
Sep 2, 2020
Malicious Package in experss
Critical
GHSA-mmph-wp49-r48h
was published
for
experss
(npm)
Sep 2, 2020
Malicious Package in requestt
Critical
GHSA-2563-83p7-f34p
was published
for
requestt
(npm)
Sep 2, 2020
Malicious Package in requesst
Critical
GHSA-6c37-2rw5-9j7x
was published
for
requesst
(npm)
Sep 2, 2020
Malicious Package in requeest
Critical
GHSA-8vj3-jgcf-77jv
was published
for
requeest
(npm)
Sep 2, 2020
ProTip!
Advisories are also available from the
GraphQL API