GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
952 advisories
DoS in Cilium agent DNS proxy from crafted DNS responses
Moderate
CVE-2025-23028
was published
for
github.com/cilium/cilium
(Go)
Jan 22, 2025
Excessive Platform Resource Consumption within a Loop when unmarshalling Compose file having recursive loop
Moderate
CVE-2024-10846
was published
for
github.com/compose-spec/compose-go/v2
(Go)
Jan 21, 2025
Matrix Media Repo (MMR) allows Server-Side Request Forgery (SSRF) on redirects and federation
Moderate
CVE-2024-52602
was published
for
github.com/t2bot/matrix-media-repo
(Go)
Jan 16, 2025
CVE-2024-5138: snapd snapctl auth bypass
Moderate
CVE-2024-5138
was published
for
github.com/snapcore/snapd
(Go)
Jan 16, 2025
OpenFGA Authorization Bypass
Moderate
CVE-2024-56323
was published
for
github.com/openfga/openfga
(Go)
Jan 13, 2025
notation-go's timestamp signature generation lacks certificate revocation check
Moderate
CVE-2024-56138
was published
for
github.com/notaryproject/notation-go
(Go)
Jan 13, 2025
Karmada Tar Slips in CRDs archive extraction
Moderate
CVE-2024-56514
was published
for
github.com/karmada-io/karmada
(Go)
Jan 3, 2025
ProTip!
Advisories are also available from the
GraphQL API