Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,585
Maven
5,000+
npm
5,000+
NuGet
923
pip
4,817
Pub
13
RubyGems
1,043
Rust
1,251
Swift
53
Unreviewed advisories
All unreviewed
5,000+

6 advisories

Loading
try/except* clauses could allow bypass RestrictedPython via type confusion bug in the CPython interpreter High
CVE-2025-22153 was published for RestrictedPython (pip) Jan 23, 2025
icemac Credited to icemac, Nico-Posada, dataflake, and tseaver Nico-Posada Nico-Posada
dataflake dataflake tseaver tseaver
Access control vulnerable to user data deletion by anonynmous users Moderate
CVE-2024-51734 was published for AccessControl (pip) Nov 4, 2024
n1k9 Credited to n1k9, d-maurer, perrinjerome, and dataflake d-maurer d-maurer
perrinjerome perrinjerome dataflake dataflake
RestrictedPython information leakage via `AttributeError.obj` and the `string` module High
CVE-2024-47532 was published for RestrictedPython (pip) Sep 30, 2024
Quasar0147 Credited to Quasar0147, dronex7070, d-maurer, dataflake, and icemac dronex7070 dronex7070
d-maurer d-maurer dataflake dataflake icemac icemac
SQLAlchemyDA unauthenticated arbitrary SQL query execution Critical
CVE-2024-24811 was published for Products.SQLAlchemyDA (pip) Feb 7, 2024
perrinjerome Credited to perrinjerome and dataflake dataflake dataflake
Zope management interface vulnerable to stored cross site scripting via the title property Low
CVE-2023-44389 was published for Zope (pip) Oct 4, 2023
dataflake Credited to dataflake, drfho, icemac, and d-maurer drfho drfho
icemac icemac d-maurer d-maurer
RestrictedPython vulnerable to arbitrary code execution via stack frame sandbox escape High
CVE-2023-37271 was published for RestrictedPython (pip) Jul 10, 2023
loechel Credited to loechel, Quasar0147, despawningbone, dataflake, and nneonneo Quasar0147 Quasar0147
despawningbone despawningbone dataflake dataflake nneonneo nneonneo
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database