Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
45
Go
3,230
Maven
5,000+
npm
5,000+
NuGet
864
pip
4,504
Pub
12
RubyGems
996
Rust
1,189
Swift
51
Unreviewed advisories
All unreviewed
5,000+

2 advisories

Loading
Path traversal in Tekton Pipelines git resolver allows reading arbitrary files from the resolver pod Critical
CVE-2026-33211 was published for github.com/tektoncd/pipeline (Go) Mar 18, 2026
1seal Credited to 1seal, vdemeester, afrittoli, and KoreaSecurity vdemeester vdemeester
afrittoli afrittoli KoreaSecurity KoreaSecurity
Tekton Pipelines controller panic via long resolver name in TaskRun/PipelineRun Moderate
CVE-2026-33022 was published for github.com/tektoncd/pipeline (Go) Mar 17, 2026
1seal Credited to 1seal, vdemeester, and afrittoli vdemeester vdemeester
afrittoli afrittoli
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database