Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,825
Erlang
29
GitHub Actions
16
Go
1,715
Maven
4,950
npm
3,479
NuGet
605
pip
3,009
Pub
10
RubyGems
832
Rust
776
Swift
34
Unreviewed advisories
All unreviewed
5,000+

14 advisories

Command injection in git-clone High
CVE-2022-25900 was published for git-clone (npm) Jul 2, 2022
lirantal
Command injection in simple-git High
CVE-2022-24066 was published for simple-git (npm) Apr 2, 2022
lirantal rhelinko-telia
pullit vulnerable to command injection High
CVE-2018-25083 was published for pullit (npm) Sep 3, 2020
lirantal
Denial of Service vulnerability in lite-web-server High
CVE-2023-26104 was published for lite-web-server (npm) Feb 25, 2023
lirantal
Path traversal vulnerability in glance Moderate
CVE-2022-25937 was published for glance (npm) Feb 13, 2023
lirantal
OS Command Injection in git-promise High
CVE-2022-24376 was published for git-promise (npm) Jun 11, 2022
lirantal
Command injection in git-interface Critical
CVE-2022-1440 was published for git-interface (npm) Apr 23, 2022
lirantal
Directory Traversal vulnerability in serve-lite High
CVE-2022-21192 was published for serve-lite (npm) Jan 26, 2023
lirantal
Cross-site Scripting (XSS) in serve-lite Moderate
CVE-2022-25847 was published for serve-lite (npm) Jan 26, 2023
lirantal
lite-server vulnerable to Denial of Service High
CVE-2022-25940 was published for lite-server (Maven) Dec 20, 2022
lirantal
lite-dev-server vulnerable to Directory Traversal High
CVE-2022-25895 was published for lite-dev-server (npm) Dec 21, 2022
lirantal
easy-static-server vulnerable to Directory Traversal High
CVE-2022-25931 was published for easy-static-server (npm) Dec 20, 2022
lirantal
static-dev-server vulnerable to path traversal High
CVE-2022-25848 was published for static-dev-server (npm) Nov 29, 2022
lirantal
OS Command Injection in git-pull-or-clone Critical
CVE-2022-24437 was published for git-pull-or-clone (npm) May 3, 2022
lirantal
ProTip! Advisories are also available from the GraphQL API