Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,747
Erlang
35
GitHub Actions
29
Go
2,321
Maven
5,000+
npm
3,955
NuGet
712
pip
3,736
Pub
12
RubyGems
921
Rust
972
Swift
38
Unreviewed advisories
All unreviewed
5,000+

11 advisories

Loading
Mautic does not shield .env files from web traffic Moderate
CVE-2024-47056 was published for mautic/core (Composer) May 28, 2025
r3ky lenonleite
nick-vanpraet patrykgruszka
IBM Storage Virtualize vSphere Remote Plug-in 1.0 and 1.1 could allow a remote user to obtain... Critical Unreviewed
CVE-2023-43029 was published Mar 21, 2025
Cleartext Storage of Sensitive Information in an Environment Variable, Weak Password Recovery... High Unreviewed
CVE-2024-12604 was published Mar 10, 2025
IBM MQ 9.3 LTS, 9.3 CD, 9.4 LTS, and 9.4 CD stores potentially sensitive information in... Moderate Unreviewed
CVE-2025-0985 was published Feb 28, 2025
Keycloak allows unrestricted admin use of system and environment variables Moderate
CVE-2024-11736 was published for org.keycloak:keycloak-quarkus-server (Maven) Jan 13, 2025
shawkins
An information disclosure flaw was found in OpenShift's internal image registry operator.... Moderate Unreviewed
CVE-2024-4369 was published May 1, 2024
quarkus-core leaks local environment variables from Quarkus namespace during application's build High
CVE-2024-2700 was published for io.quarkus:quarkus-core (Maven) Apr 4, 2024
bschuhmann
Quarkus does not properly sanitize artifacts created from its use of the Gradle plugin, allowing certain build system information to remain High
CVE-2023-5720 was published for io.quarkus:quarkus-project (Maven) Nov 15, 2023
A CWE-526: Exposure of Sensitive Information Through Environmental Variables vulnerability exists... Low Unreviewed
CVE-2023-47615 was published Nov 9, 2023
Shescape potential environment variable exposure on Windows with CMD Low
CVE-2023-35931 was published for shescape (npm) Jun 22, 2023
Hashicorp Nomad Information Exposure Through Environmental Variables Moderate
CVE-2019-14802 was published for github.com/hashicorp/nomad (Go) Feb 15, 2022
tdunlap607
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database