GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
58 advisories
Gradio performs a non-constant-time comparison when comparing hashes
Moderate
CVE-2024-47869
was published
for
gradio
(pip)
Oct 10, 2024
basic-auth-connect's callback uses time unsafe string comparison
High
CVE-2024-47178
was published
for
basic-auth-connect
(npm)
Sep 30, 2024
Timing-Based Username Enumeration Vulnerability in Fides Webserver Authentication
Low
CVE-2024-45052
was published
for
ethyca-fides
(pip)
Sep 4, 2024
open-telemetry has an Observable Timing Discrepancy
Moderate
CVE-2024-42368
was published
for
github.com/open-telemetry/opentelemetry-collector-contrib/extension/bearertokenauthextension
(Go)
Aug 13, 2024
Minerva timing attack on P-256 in python-ecdsa
High
CVE-2024-23342
was published
for
ecdsa
(pip)
Jan 22, 2024
ProTip!
Advisories are also available from the
GraphQL API