GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
176 advisories
Filter by severity
Apache NiFi process group information disclosure
Moderate
CVE-2019-10083
was published
for
org.apache.nifi:nifi
(Maven)
Dec 2, 2019
Moderate severity vulnerability that affects org.apache.hive:hive, org.apache.hive:hive-exec, and org.apache.hive:hive-service
Moderate
CVE-2017-12625
was published
for
org.apache.hive:hive
(Maven)
Mar 14, 2019
Moderate severity vulnerability that affects org.bouncycastle:bcprov-jdk14 and org.bouncycastle:bcprov-jdk15
Moderate
CVE-2015-7940
was published
for
org.bouncycastle:bcprov-jdk14
(Maven)
Oct 17, 2018
Moderate severity vulnerability that affects org.apache.hadoop:hadoop-main
Moderate
CVE-2017-15713
was published
for
org.apache.hadoop:hadoop-main
(Maven)
Dec 21, 2018
Moderate severity vulnerability that affects org.apache.qpid:proton-j
Moderate
CVE-2016-2166
was published
for
org.apache.qpid:proton-j
(Maven)
Oct 16, 2018
Moderate severity vulnerability that affects org.apache.mesos:mesos
Moderate
CVE-2018-8023
was published
for
org.apache.mesos:mesos
(Maven)
Oct 17, 2018
Moderate severity vulnerability that affects org.apache.storm:storm-core
Moderate
CVE-2018-1332
was published
for
org.apache.storm:storm-core
(Maven)
Oct 17, 2018
Exposure of Sensitive Information to an Unauthorized Actor in Apache Spark via crafted URL
Moderate
CVE-2018-8024
was published
for
org.apache.spark:spark-core_2.10
(Maven)
Mar 14, 2019
Exposure of Sensitive Information to an Unauthorized Actor in Elasticsearch
Moderate
CVE-2018-17244
was published
for
org.elasticsearch:elasticsearch
(Maven)
May 13, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
Moderate
CVE-2018-1000169
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 14, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Apache Hadoop
Moderate
CVE-2016-5001
was published
for
org.apache.hadoop:hadoop-common
(Maven)
May 13, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Apache Hadoop
Moderate
CVE-2015-1776
was published
for
org.apache.hadoop:hadoop-common
(Maven)
May 17, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
Moderate
CVE-2018-1000192
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 13, 2022
Exposure of Sensitive Information to an Unauthorized Actor Jenkins Script Security Plugin
Moderate
CVE-2017-1000505
was published
for
org.jenkins-ci.plugins:script-security
(Maven)
May 14, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
Moderate
CVE-2017-2609
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 13, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Oracle MySQL Connectors Java
Moderate
CVE-2017-3586
was published
for
mysql:mysql-connector-java
(Maven)
May 13, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Undertow
Moderate
CVE-2018-14642
was published
for
io.undertow:undertow-core
(Maven)
May 13, 2022
Exposure of Sensitive Information to an Unauthorized Actor in RESTEasy
Moderate
CVE-2016-6345
was published
for
org.jboss.resteasy:resteasy-client
(Maven)
May 17, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
Moderate
CVE-2017-1000395
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 14, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
Moderate
CVE-2017-1000398
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 14, 2022
Exposure of Sensitive Information to an Unauthorized Actor in JGroup
Moderate
CVE-2013-4112
was published
for
org.jgroups:jgroups
(Maven)
May 17, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
Moderate
CVE-2018-1000068
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 13, 2022
Exposure of Sensitive Information to an Unauthorized Actor in OpenSAML
Moderate
CVE-2013-6440
was published
for
org.opensaml:opensaml
(Maven)
May 13, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Spring Security
Moderate
CVE-2012-5055
was published
for
org.springframework.security:spring-security-core
(Maven)
May 17, 2022
Exposure of Sensitive Information to an Unauthorized Actor in Jenkins
Moderate
CVE-2017-2606
was published
for
org.jenkins-ci.main:jenkins-core
(Maven)
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API