Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,856
Erlang
36
GitHub Actions
36
Go
2,483
Maven
5,000+
npm
4,104
NuGet
734
pip
3,917
Pub
12
RubyGems
945
Rust
1,017
Swift
39
Unreviewed advisories
All unreviewed
5,000+

63 advisories

Loading
Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0... Moderate Unreviewed
CVE-2017-17742 was published May 13, 2022
Improper Neutralization of CRLF Sequences in HTTP Headers in Undertow Moderate
CVE-2018-1067 was published for org.jboss.eap:wildfly-undertow (Maven) May 13, 2022
Moodle CRLF Injection Vulnerability in Calendar Component Moderate
CVE-2011-4203 was published for moodle/moodle (Composer) May 13, 2022
An exploitable HTTP header injection vulnerability exists in the remote servers of Samsung... High Unreviewed
CVE-2018-3911 was published May 13, 2022
phpMyAdmin HTTP Response Splitting Vulnerability High
CVE-2009-1149 was published for phpmyadmin/phpmyadmin (Composer) May 2, 2022
CRLF injection vulnerability in the drupal_goto function in includes/common.inc Drupal 4.7.x... Moderate Unreviewed
CVE-2007-5595 was published May 1, 2022
HTTP Response Splitting in WSO2 transport-http Moderate
CVE-2019-10797 was published for org.wso2.transport.http:org.wso2.transport.http.netty (Maven) Feb 9, 2022
Inconsistent Interpretation of HTTP Requests in github.com/gin-gonic/gin High
CVE-2020-28483 was published for github.com/gin-gonic/gin (Go) Jun 23, 2021
HTTP Response Splitting (Early Hints) in Puma Moderate
CVE-2020-5249 was published for puma (RubyGems) Mar 3, 2020
HTTP Response Splitting in Puma Moderate
CVE-2020-5247 was published for puma (RubyGems) Feb 28, 2020
Limited header injection when using dynamic overrides with user input in RubyGems secure_headers Moderate
CVE-2020-5216 was published for secure_headers (RubyGems) Jan 23, 2020
Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') in Armeria Moderate
GHSA-35fr-h7jr-hh86 was published for com.linecorp.armeria:armeria (Maven) Dec 6, 2019
JLLeitschuh
Low severity vulnerability that affects com.linecorp.armeria:armeria Moderate
CVE-2019-16771 was published for com.linecorp.armeria:armeria (Maven) Dec 5, 2019
SunBK201
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database