GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
6 advisories
Malicious Package in beffer-xor
Critical
GHSA-7cvf-p83w-48q6
was published
for
beffer-xor
(npm)
Sep 3, 2020
Denial of Service in ipfs-bitswap
Moderate
GHSA-6fcr-9h9g-23fq
was published
for
ipfs-bitswap
(npm)
Sep 2, 2020
Denial of Service in markdown-it-toc-and-anchor
High
GHSA-x6m6-5hrf-fh6r
was published
for
markdown-it-toc-and-anchor
(npm)
Sep 1, 2020
Malicious Package in another-date-picker
Critical
GHSA-2p62-c4rm-mr72
was published
for
another-date-picker
(npm)
Sep 1, 2020
Remote Memory Exposure in mongoose
Moderate
GHSA-r5xw-q988-826m
was published
for
mongoose
(npm)
Sep 1, 2020
Improper Key Verification in ipns
High
GHSA-j59f-6m4q-62h6
was published
for
ipns
(npm)
May 30, 2019
ProTip!
Advisories are also available from the
GraphQL API