GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License

Language support

About GitHub Advisory Database

3,146 advisories

Critical

CVE-2016-10541 was published for shell-quote (npm) Feb 18, 2019

Critical

CVE-2016-10532 was published for console-io (npm) Feb 18, 2019

Critical

CVE-2016-10525 was published for hapi-auth-jwt2 (npm) Feb 18, 2019

Critical

CVE-2016-1000282 was published for Haraka (npm) Feb 12, 2019

Critical

CVE-2018-16491 was published for node.extend (npm) Feb 7, 2019

Critical

CVE-2018-16489 was published for just-extend (npm) Feb 7, 2019

Critical

CVE-2018-16486 was published for defaults-deep (npm) Feb 7, 2019

Critical

CVE-2017-17836 was published for apache-airflow (pip) Jan 25, 2019

Critical

CVE-2019-3773 was published for org.springframework.ws:spring-ws (Maven) Jan 25, 2019

Critical

CVE-2017-1002157 was published for modulemd (pip) Jan 17, 2019

Critical

CVE-2018-11788 was published for org.apache.karaf.specs:org.apache.karaf.specs.java.xml (Maven) Jan 7, 2019

Critical

CVE-2018-20433 was published for com.mchange:c3p0 (Maven) Jan 7, 2019

Critical

CVE-2018-14719 was published for com.fasterxml.jackson.core:jackson-databind (Maven) Jan 4, 2019

Critical

CVE-2018-14720 was published for com.fasterxml.jackson.core:jackson-databind (Maven) Jan 4, 2019

Critical

CVE-2018-14721 was published for com.fasterxml.jackson.core:jackson-databind (Maven) Jan 4, 2019

Critical

CVE-2018-19362 was published for com.fasterxml.jackson.core:jackson-databind (Maven) Jan 4, 2019

Critical

CVE-2018-19361 was published for com.fasterxml.jackson.core:jackson-databind (Maven) Jan 4, 2019

Critical

CVE-2018-19360 was published for com.fasterxml.jackson.core:jackson-databind (Maven) Jan 4, 2019

Critical

CVE-2018-14718 was published for com.fasterxml.jackson.core:jackson-databind (Maven) Jan 4, 2019

Critical

CVE-2017-0906 was published for recurly (pip) Jan 4, 2019

Critical

CVE-2018-7753 was published for bleach (pip) Jan 4, 2019

Critical

CVE-2017-18342 was published for pyyaml (pip) Jan 4, 2019

Critical

CVE-2016-1000031 was published for commons-fileupload:commons-fileupload (Maven) Dec 21, 2018

Critical

CVE-2017-15718 was published for org.apache.hadoop:hadoop-main (Maven) Dec 21, 2018

Critical

CVE-2018-1000844 was published for com.squareup.retrofit2:retrofit (Maven) Dec 21, 2018

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,146 advisories