Vulnerability Database
Blog
FAQ
Vulnerability Library
search
All ecosystems
43993
Alpine
3151
Android
582
crates.io
1104
Debian
9120
GitHub Actions
8
Go
1323
Hex
21
Linux
13573
Maven
3332
npm
2869
NuGet
262
OSS-Fuzz
2742
Packagist
1434
Pub
4
PyPI
3840
RubyGems
628
ID
Packages
Summary
Affected versions
Last modified
Fix
GHSA-58g2-vgpg-335q
Go/github.com/darklynx/request-baskets
request-baskets vulnerable to Server-Side Request Forgery
See details.
2023-03-31T22:44:28Z
No fix available
GHSA-3hwm-922r-47hw
Go/atomys.codes/stud42
Stud42 vulnerable to denial of service
See details.
2023-03-31T19:33:44Z
No fix available
GHSA-v3hp-mcj5-pg39
Go/github.com/hashicorp/vault
Go/github.com/hashicorp/vault
Go/github.com/hashicorp/vault
HashiCorp Vault’s Microsoft SQL Database Storage Backend Vulnerable to SQL Injection Via Configuration File
See details.
2023-03-30T20:43:55Z
Fix available
GHSA-g2j6-57v7-gm8c
Go/github.com/opencontainers/runc
runc AppArmor bypass with symlinked /proc
See details.
2023-03-30T20:20:23Z
Fix available
GHSA-m8cg-xc2p-r3fc
Go/github.com/opencontainers/runc
rootless: `/sys/fs/cgroup` is writable when cgroupns isn't unshared in runc
See details.
2023-03-30T20:17:24Z
Fix available
GHSA-5j5w-g665-5m35
Go/github.com/containerd/containerd
Go/github.com/containerd/containerd
Ambiguous OCI manifest parsing
See details.
2023-03-30T14:50:04Z
Fix available
GHSA-528j-9r78-wffx
Go/go.etcd.io/etcd/client/v3
Go/go.etcd.io/etcd/client/v3
etcd user credentials are stored in WAL logs in plaintext
See details.
2023-03-30T14:46:31Z
Fix available
GHSA-vpvm-3wq2-2wvm
Go/github.com/opencontainers/runc
Opencontainers runc Incorrect Authorization vulnerability
See details.
2023-03-29T14:46:15Z
Fix available
GHSA-jwvw-v7c5-m82h
NuGet/Google.Protobuf
Maven/com.google.protobuf:protobuf-parent
Go/github.com/protocolbuffers/protobuf
Packagist/google/protobuf
PyPI/protobuf
protobuf susceptible to buffer overflow
0.0.1-test1
3.0.0
3.0.0-alpha4
3.0.0-beta2
3.0.0-beta3
3.0.0-beta4
3.1.0
...
2023-03-28T05:44:27.287742Z
Fix available
GHSA-75rw-34q6-72cr
crates.io/biscuit-auth
Go/github.com/biscuit-auth/biscuit-go
Maven/com.clever-cloud:biscuit-java
Signature forgery in Biscuit
0.2.1
0.2.2
0.2.3
0.2.4
0.2.5
0.2.6
0.2.7
...
2023-03-28T05:43:38.870519Z
Fix available
GHSA-77rm-9x9h-xj3g
NuGet/Google.Protobuf
Packagist/google/protobuf
Maven/com.google.protobuf:protobuf-parent
Go/github.com/protocolbuffers/protobuf
PyPI/protobuf
NULL Pointer Dereference in Protocol Buffers
0.0.1-test1
3.0.0
3.0.0-alpha4
3.0.0-beta2
3.0.0-beta3
3.0.0-beta4
3.1.0
...
2023-03-28T05:38:33.705668Z
Fix available
GHSA-x95h-979x-cf3j
PyPI/pybluemonday
Go/github.com/microcosm-cc/bluemonday
Policies not properly enforced in bluemonday
0.0.1
0.0.2
0.0.3
0.0.4
0.0.5
0.0.6
0.0.7
2023-03-28T05:30:55.593694Z
Fix available
GHSA-8gg8-wr4j-v2wr
Go/github.com/gophish/gophish
Gophish vulnerable to Denial of Service via crafted payload involving autofocus
See details.
2023-03-28T02:42:24Z
No fix available
GHSA-55m9-hm92-xm8j
Go/github.com/gophish/gophish
Gophish vulnerable to Cross-site Scripting via crafted landing page
See details.
2023-03-28T02:41:53Z
No fix available
GHSA-qwqv-rqgf-8qh8
Go/github.com/containers/podman/v4
Podman Time-of-check Time-of-use (TOCTOU) Race Condition
See details.
2023-03-27T22:33:20Z
Fix available
GHSA-cp96-jpmq-xrr2
Go/kubevirt.io/kubevirt
On a compromised node, the virt-handler service account can be used to modify all node specs
See details.
2023-03-27T22:24:34Z
No fix available
Load more...
Go - OSV