Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

11 advisories

Loading
Segmentation fault in time Moderate
CVE-2020-26235 was published for time (Rust) Aug 25, 2021
quininer JamieMagee
fenhl KamilaBorowska jhpratt michaelkedar
Permissions bypass in pleaser High
CVE-2021-31155 was published for pleaser (Rust) Aug 25, 2021
michaelkedar
Infinite open connection causes OctoRPKI to hang forever Moderate
CVE-2021-3909 was published for github.com/cloudflare/cfrpki (Go) Nov 10, 2021
michaelkedar
openssl-src's infinite loop in `BN_mod_sqrt()` reachable when parsing certificates High
CVE-2022-0778 was published for openssl-src (Rust) Mar 16, 2022
rajivshah3 michaelkedar
Type confusion if __private_get_type_id__ is overriden Critical
CVE-2020-25575 was published for failure (Rust) Jun 16, 2022
michaelkedar
Duplicate Advisory: KubeVirt arbitrary host file read from the VM Moderate
CVE-2022-1798 was published for kubevirt.io/kubevirt (Go) Aug 18, 2022 withdrawn
0xdidu michaelkedar
Harbor fails to validate the user permissions when updating tag retention policies High
CVE-2022-31670 was published for github.com/goharbor/harbor (Go) Sep 16, 2022
michaelkedar
Harbor fails to validate the user permissions when updating tag immutability policies Moderate
CVE-2022-31669 was published for github.com/goharbor/harbor (Go) Sep 16, 2022
michaelkedar
matrix-sdk-crypto contains potential impersonation via room key forward responses Moderate
CVE-2022-39252 was published for matrix-sdk-crypto (Rust) Sep 30, 2022
michaelkedar
openssl-src contains Double free after calling `PEM_read_bio_ex` High
CVE-2022-4450 was published for openssl-src (Rust) Feb 8, 2023
michaelkedar
Grafana vulnerable to Stored Cross-site Scripting in Text plugin Moderate
CVE-2023-22462 was published for github.com/grafana/grafana (Go) Mar 1, 2023
Churro michaelkedar
ProTip! Advisories are also available from the GraphQL API