Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,952
Erlang
39
GitHub Actions
38
Go
2,612
Maven
5,000+
npm
4,252
NuGet
760
pip
4,027
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3 advisories

Loading
Sandbox escape via various forms of "format". High
CVE-2023-41039 was published for RestrictedPython (pip) Aug 30, 2023
ankush abhishekg999
d-maurer icemac Quasar0147
Credited to ankush, abhishekg999, d-maurer, icemac, and Quasar0147
RestrictedPython information leakage via `AttributeError.obj` and the `string` module High
CVE-2024-47532 was published for RestrictedPython (pip) Sep 30, 2024
Quasar0147 dronex7070
d-maurer dataflake icemac
Credited to Quasar0147, dronex7070, d-maurer, dataflake, and icemac
try/except* clauses could allow bypass RestrictedPython via type confusion bug in the CPython interpreter High
CVE-2025-22153 was published for RestrictedPython (pip) Jan 23, 2025
icemac Nico-Posada
dataflake tseaver
Credited to icemac, Nico-Posada, dataflake, and tseaver
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database