GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
970 advisories
Plenti - Code Injection - Denial of Services
Moderate
GHSA-mj4v-hp69-27x5
was published
for
github.com/plentico/plenti
(Go)
Feb 5, 2025
CometBFT allows a malicious peer to make node stuck in blocksync
Moderate
CVE-2025-24371
was published
for
github.com/cometbft/cometbft
(Go)
Feb 3, 2025
Argo CD does not scrub secret values from patch errors
Moderate
CVE-2025-23216
was published
for
github.com/argoproj/argo-cd
(Go)
Jan 30, 2025
KubeWarden's AdmissionPolicy and AdmissionPolicyGroup policies can be used to alter PolicyReport resources
Moderate
CVE-2025-24376
was published
for
github.com/kubewarden/kubewarden-controller
(Go)
Jan 30, 2025
Kubewarden-Controller information leak via AdmissionPolicyGroup Resource
Moderate
CVE-2025-24784
was published
for
github.com/kubewarden/kubewarden-controller
(Go)
Jan 30, 2025
Argo CD GitOps Engine does not scrub secret values from patch errors
Moderate
GHSA-274v-mgcv-cm8j
was published
for
github.com/argoproj/gitops-engine
(Go)
Jan 30, 2025
Withdrawn Advisory: github.com/hashicorp/yamux's DefaultConfig has dangerous defaults causing hung Read
Moderate
GHSA-29qp-crvh-w22m
was published
for
github.com/hashicorp/yamux
(Go)
Jan 29, 2025
•
withdrawn
imgproxy is vulnerable to SSRF against 0.0.0.0
Moderate
CVE-2025-24354
was published
for
github.com/imgproxy/imgproxy
(Go)
Jan 27, 2025
DoS in Cilium agent DNS proxy from crafted DNS responses
Moderate
CVE-2025-23028
was published
for
github.com/cilium/cilium
(Go)
Jan 22, 2025
Excessive Platform Resource Consumption within a Loop when unmarshalling Compose file having recursive loop
Moderate
CVE-2024-10846
was published
for
github.com/compose-spec/compose-go/v2
(Go)
Jan 21, 2025
Matrix Media Repo (MMR) allows Server-Side Request Forgery (SSRF) on redirects and federation
Moderate
CVE-2024-52602
was published
for
github.com/t2bot/matrix-media-repo
(Go)
Jan 16, 2025
ProTip!
Advisories are also available from the
GraphQL API