Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,902
Maven
5,000+
npm
3,631
NuGet
638
pip
3,246
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

8 advisories

Loading
Elasticsearch vulnerable to stack overflow in the search API Moderate
CVE-2023-31419 was published for org.elasticsearch:elasticsearch (Maven) Oct 26, 2023
Jettison parser crash by stackoverflow Moderate
GHSA-xqcq-j8w9-3pxv was published for com.tencyle.fixes:org.codehaus.jettison--jettison (Maven) Aug 1, 2023
Snakeyaml vulnerable to Stack overflow leading to denial of service Moderate
CVE-2022-41854 was published for org.yaml:snakeyaml (Maven) Nov 11, 2022
peter-janssen p3pijn
atul-exabeam fabien-chebel sfblackl-intel
Jettison parser crash by stackoverflow Moderate
CVE-2022-40149 was published for org.codehaus.jettison:jettison (Maven) Sep 17, 2022
coheigea
snakeYAML before 1.31 vulnerable to Denial of Service due to Out-of-bounds Write Moderate
CVE-2022-38751 was published for org.yaml:snakeyaml (Maven) Sep 6, 2022
snakeYAML before 1.32 vulnerable to Denial of Service due to Out-of-bounds Write Moderate
CVE-2022-38752 was published for org.yaml:snakeyaml (Maven) Sep 6, 2022
mprins
snakeYAML before 1.31 vulnerable to Denial of Service due to Out-of-bounds Write Moderate
CVE-2022-38750 was published for org.yaml:snakeyaml (Maven) Sep 6, 2022
snakeYAML before 1.31 vulnerable to Denial of Service due to Out-of-bounds Write Moderate
CVE-2022-38749 was published for be.cylab:snakeyaml (Maven) Sep 6, 2022
ProTip! Advisories are also available from the GraphQL API