GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,099
Composer 4,077
Erlang 29
GitHub Actions 19
Go 1,903
Maven 5,100
npm 3,632
NuGet 638
pip 3,249
Pub 10
RubyGems 864
Rust 818
Swift 35

Unreviewed advisories

All unreviewed 228,475

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

4 advisories

Filter by severity

Sort by

Least recently updated

Apache Airflow CNCF Kubernetes provider, Apache Airflow: Kubernetes configuration file saved without encryption in the Metadata and logged as plain text in the Triggerer service Moderate

CVE-2023-51702 was published for apache-airflow (pip) Jan 24, 2024

Allegro AI ClearML Stores Credentials in Plaintext in MongoDB Instance Moderate

CVE-2024-24595 was published for clearml (pip) Feb 6, 2024

SaltStack Salt Cleartext Storage of Sensitive Information via cmdmod Moderate

CVE-2021-25284 was published for salt (pip) May 24, 2022

User passwords are stored in clear text in the Django session Moderate

CVE-2020-15105 was published for django-two-factor-auth (pip) Jul 10, 2020

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

4 advisories