GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
1,035 advisories
Minio Operator uses Kubernetes apiserver audience for AssumeRoleWithWebIdentity STS
Moderate
CVE-2025-32963
was published
for
github.com/minio/operator
(Go)
Apr 21, 2025
Mattermost Incorrect Authorization vulnerability
Moderate
CVE-2025-27571
was published
for
github.com/mattermost/mattermost/server/v8
(Go)
Apr 16, 2025
Mattermost vulnerable to Incorrect Implementation of Authentication Algorithm
Moderate
CVE-2025-2475
was published
for
github.com/mattermost/mattermost/server/v8
(Go)
Apr 14, 2025
gorilla/csrf CSRF vulnerability due to broken Referer validation
Moderate
CVE-2025-24358
was published
for
github.com/gorilla/csrf
(Go)
Apr 14, 2025
csaf-poc/csaf_distribution Cross-site Scripting vulnerability
Moderate
CVE-2022-43996
was published
for
github.com/csaf-poc/csaf_distribution
(Go)
Dec 14, 2022
In Cilium, packets from terminating endpoints may not be encrypted in Wireguard-enabled clusters
Moderate
CVE-2025-32793
was published
for
github.com/cilium/cilium
(Go)
Apr 21, 2025
Team scope authorization bypass when Post/Put request with :team_name in body, allows HTTP parameter pollution
Moderate
CVE-2022-31683
was published
for
github.com/concourse/concourse
(Go)
Oct 19, 2022
ProTip!
Advisories are also available from the
GraphQL API