GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
36 advisories
Filter by severity
Uncontrolled Recursion in HTTP2ToRawGRPCServerCodec
Moderate
CVE-2021-36154
was published
for
github.com/grpc/grpc-swift
(Swift)
May 22, 2023
swift-nio-http2 vulnerable to denial of service via ALTSVC or ORIGIN frames
High
CVE-2022-24668
was published
for
github.com/apple/swift-nio-http2
(Swift)
May 18, 2023
swift-nio-http2 vulnerable to denial of service via invalid HTTP/2 HEADERS frame length
High
CVE-2022-24666
was published
for
github.com/apple/swift-nio-http2
(Swift)
May 18, 2023
SwiftNIO vulnerable to HTTP request smuggling using malformed Transfer-Encoding header
Critical
GHSA-mgc4-wqv7-4pxm
was published
for
github.com/apple/swift-nio
(Swift)
May 18, 2023
swift-nio-http2 vulnerable to denial of service via mishandled HPACK variable length integer encoding
High
CVE-2022-24667
was published
for
github.com/apple/swift-nio-http2
(Swift)
May 18, 2023
PostgresNIO processes unencrypted bytes from man-in-the-middle
Low
CVE-2023-31136
was published
for
github.com/vapor/postgres-nio
(Swift)
May 10, 2023
zstd vulnerable to buffer overrun
High
CVE-2022-4899
was published
for
github.com/facebook/zstd
(pip)
Mar 31, 2023
SwiftNIO SSL arbitrary code execution vulnerability
Critical
CVE-2019-8849
was published
for
github.com/apple/swift-nio-ssl
(Swift)
May 24, 2022
Duplicate advisory: swift-nio-http2 vulnerable to denial of service via invalid HTTP/2 HEADERS frame length
High
GHSA-pv7r-9vjg-g3f9
was published
for
github.com/apple/swift-nio-http2
(Swift)
Feb 11, 2022
•
withdrawn
Duplicate advisory: swift-nio-http2 vulnerable to denial of service via mishandled HPACK variable length integer encoding
High
GHSA-wfvq-p7qf-vv64
was published
for
github.com/apple/swift-nio-http2
(Swift)
Feb 11, 2022
•
withdrawn
Duplicate advisory: swift-nio-http2 vulnerable to denial of service via ALTSVC or ORIGIN frames
High
GHSA-gpgx-whwh-r297
was published
for
github.com/apple/swift-nio-http2
(Swift)
Feb 11, 2022
•
withdrawn
ProTip!
Advisories are also available from the
GraphQL API