Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,562
Maven
5,000+
npm
5,000+
NuGet
917
pip
4,807
Pub
13
RubyGems
1,038
Rust
1,238
Swift
53
Unreviewed advisories
All unreviewed
5,000+

2 advisories

Loading
Gardener allows metadata injection for a project secret which can lead to privilege escalation Critical
CVE-2025-47284 was published for github.com/gardener/gardener (Go) May 19, 2025
rfranzke Credited to rfranzke, donistz, timuthy, and JordanJordanov donistz donistz
timuthy timuthy JordanJordanov JordanJordanov
Gardener allows bypassing project secret validation which can lead to privilege escalation Critical
CVE-2025-47283 was published for github.com/gardener/gardener (Go) May 19, 2025
petersutter Credited to petersutter, rfranzke, donistz, timuthy, and JordanJordanov rfranzke rfranzke
donistz donistz timuthy timuthy JordanJordanov JordanJordanov
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database