Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

1,030 advisories

Loading
Buildkite Elastic CI for AWS symbolic link following vulnerability High
CVE-2023-43116 was published for github.com/buildkite/elastic-ci-stack-for-aws/v6 (Go) Dec 22, 2023
Froxlor Improper Input Validation vulnerability Critical
CVE-2023-6069 was published for froxlor/froxlor (Composer) Nov 10, 2023
HashiCorp Vagrant Insecure Operation on Windows Junction / Mount Point vulnerability Low
CVE-2023-5834 was published for github.com/hashicorp/vagrant (Go) Oct 28, 2023
Jenkins CloudBees CD Plugin vulnerable to arbitrary file deletion High
CVE-2023-46654 was published for org.jenkins-ci.plugins:electricflow (Maven) Oct 25, 2023
Jenkins CloudBees CD Plugin vulnerable to arbitrary file read Moderate
CVE-2023-46655 was published for org.jenkins-ci.plugins:electricflow (Maven) Oct 25, 2023
Ghost vulnerable to arbitrary file read via symlinks in content import Moderate
CVE-2023-40028 was published for ghost (npm) Aug 15, 2023
ixSly
ProTip! Advisories are also available from the GraphQL API