GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,872
Erlang
29
GitHub Actions
16
Go
1,722
Maven
4,951
npm
3,481
NuGet
605
pip
3,047
Pub
10
RubyGems
832
Rust
777
Swift
34
Unreviewed advisories
All unreviewed
5,000+
278 advisories
Filter by severity
XML External Entity (XXE) in Django
Moderate
CVE-2013-1665
was published
for
Django
(pip)
May 17, 2022
Django vulnerable to Denial of Service via i18n middleware component
Low
CVE-2007-5712
was published
for
Django
(pip)
May 1, 2022
Django Cross-site scripting (XSS) vulnerability
Moderate
CVE-2008-2302
was published
for
django
(pip)
May 1, 2022
Django cross-site request forgery (CSRF) vulnerability
Moderate
CVE-2008-3909
was published
for
django
(pip)
May 2, 2022
Improper query string handling in Django
Moderate
CVE-2010-4534
was published
for
django
(pip)
Jul 23, 2018
XML Entity Expansion (XEE) in Django
Moderate
CVE-2013-1664
was published
for
Django
(pip)
May 17, 2022
Django contains Uncontrolled Resource Consumption via cached header
High
CVE-2023-23969
was published
for
django
(pip)
Feb 1, 2023
Denial-of-service possibility in logout() view by filling session store
Moderate
CVE-2015-5964
was published
for
Django
(pip)
May 17, 2022
Django Denial-of-service by filling session store
High
CVE-2015-5143
was published
for
django
(pip)
Jul 5, 2019
Cross-site request forgery in Django
Moderate
CVE-2011-0696
was published
for
django
(pip)
Jul 23, 2018
Django data leakage via querystring manipulation in admin
Low
CVE-2014-0483
was published
for
Django
(pip)
May 14, 2022
Django database denial-of-service with ModelMultipleChoiceField
Moderate
CVE-2015-0222
was published
for
Django
(pip)
May 17, 2022
Django denial of service via empty session record creation
Moderate
CVE-2015-5963
was published
for
django
(pip)
May 17, 2022
Django Access Restrictions Bypass
Moderate
CVE-2016-2048
was published
for
django
(pip)
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API