Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,238
Erlang
31
GitHub Actions
21
Go
2,005
Maven
5,000+
npm
3,716
NuGet
661
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

4 advisories

Loading
OpenRefine's error page lacks escaping, leading to potential Cross-site Scripting on import of malicious project Moderate
CVE-2024-47882 was published for org.openrefine:openrefine (Maven) Oct 24, 2024
Attackers can craft a malicious link that once clicked will execute arbitrary JavaScript in the... Moderate Unreviewed
CVE-2024-6892 was published Aug 8, 2024
Reflected cross-site scripting in default RouteNotFoundError view in Vaadin 10 and 11-13 Moderate
CVE-2019-25027 was published for com.vaadin:flow-server (Maven) Apr 19, 2021
Reflected cross-site scripting in default RouteNotFoundError view in Vaadin 10 and 11-13 Moderate
GHSA-jqj4-r483-4gvr was published for com.vaadin:vaadin-bom (Maven) Apr 19, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database