Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
47
GitHub Actions
48
Go
3,378
Maven
5,000+
npm
5,000+
NuGet
881
pip
4,573
Pub
13
RubyGems
1,013
Rust
1,205
Swift
51
Unreviewed advisories
All unreviewed
5,000+

51 advisories

Loading
SwiftTerm Code Injection vulnerability High
CVE-2022-23465 was published for github.com/migueldeicaza/SwiftTerm (Swift) Jul 14, 2023
Denial of Service via reachable assertion High
CVE-2022-24777 was published for github.com/grpc/grpc-swift (Swift) Jun 9, 2023
Denial of service via HTTP/2 HEADERS frames padding High
CVE-2022-0618 was published for github.com/apple/swift-nio-http2 (Swift) Jun 9, 2023
LeafKit allows XSS with untrusted user input Moderate
CVE-2021-37634 was published for github.com/vapor/leaf-kit (Swift) Jun 9, 2023
alextrob Credited to alextrob
Incomplete Internal State Distinction in GRPCWebToHTTP2ServerCodec High
CVE-2021-36153 was published for github.com/grpc/grpc-swift (Swift) Jun 9, 2023
Uncontrolled Resource Consumption in LengthPrefixedMessageReader High
CVE-2021-36155 was published for github.com/grpc/grpc-swift (Swift) Jun 9, 2023
Untrusted data fed into `Data.init(base32Encoded:)` can result in exposing server memory and/or crash Moderate
CVE-2021-32742 was published for github.com/vapor/vapor (Swift) Jun 9, 2023
Vapor's Metrics integration could cause a system drain Moderate
CVE-2021-21328 was published for github.com/vapor/vapor (Swift) Jun 9, 2023
Arbitrary file read using percent-encoded relative paths in FileMiddleware Moderate
CVE-2020-15230 was published for github.com/vapor/vapor (Swift) Jun 9, 2023
lmcd Credited to lmcd
Vapor vulnerable to denial of service in HTTP Range Request of FileMiddleware High
CVE-2022-31005 was published for github.com/vapor/vapor (Swift) Jun 7, 2023
weissi Credited to weissi
Vapor vulnerable to denial of service in URLEncodedFormDecoder High
CVE-2022-31019 was published for github.com/vapor/vapor (Swift) Jun 7, 2023
weissi Credited to weissi
Swift-corelibs-foundation denial of service in JSON decoding with JSONDecoder High
CVE-2022-1642 was published for github.com/apple/swift-corelibs-foundation (Swift) Jun 7, 2023
weissi Credited to weissi and gliush gliush gliush
SwiftNIO Extras vulnerable to improper detection of complete HTTP body decompression High
CVE-2022-3252 was published for github.com/apple/swift-nio-extras (Swift) Jun 7, 2023
vojtarylko Credited to vojtarylko
SwiftNIO vulnerable to Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') Moderate
CVE-2022-3215 was published for github.com/apple/swift-nio (Swift) Jun 7, 2023
dellalibera Credited to dellalibera
Async HTTP Client has CRLF Injection vulnerability in HTTP request headers High
CVE-2023-0040 was published for github.com/swift-server/async-http-client (Swift) Jun 7, 2023
dellalibera Credited to dellalibera
Uncontrolled Recursion in HTTP2ToRawGRPCServerCodec Moderate
CVE-2021-36154 was published for github.com/grpc/grpc-swift (Swift) May 22, 2023
swift-nio-http2 vulnerable to denial of service via ALTSVC or ORIGIN frames High
CVE-2022-24668 was published for github.com/apple/swift-nio-http2 (Swift) May 18, 2023
swift-nio-http2 vulnerable to denial of service via invalid HTTP/2 HEADERS frame length High
CVE-2022-24666 was published for github.com/apple/swift-nio-http2 (Swift) May 18, 2023
SwiftNIO vulnerable to HTTP request smuggling using malformed Transfer-Encoding header Critical
GHSA-mgc4-wqv7-4pxm was published for github.com/apple/swift-nio (Swift) May 18, 2023
swift-nio-http2 vulnerable to denial of service via mishandled HPACK variable length integer encoding High
CVE-2022-24667 was published for github.com/apple/swift-nio-http2 (Swift) May 18, 2023
PostgresNIO processes unencrypted bytes from man-in-the-middle Low
CVE-2023-31136 was published for github.com/vapor/postgres-nio (Swift) May 10, 2023
fabianfett Credited to fabianfett and gwynne gwynne gwynne
zstd vulnerable to buffer overrun High
CVE-2022-4899 was published for github.com/facebook/zstd (pip) Mar 31, 2023
SwiftNIO SSL arbitrary code execution vulnerability Critical
CVE-2019-8849 was published for github.com/apple/swift-nio-ssl (Swift) May 24, 2022
morningstarxcdcode Credited to morningstarxcdcode
Duplicate advisory: swift-nio-http2 vulnerable to denial of service via mishandled HPACK variable length integer encoding High
GHSA-wfvq-p7qf-vv64 was published for github.com/apple/swift-nio-http2 (Swift) Feb 11, 2022 withdrawn
Duplicate advisory: swift-nio-http2 vulnerable to denial of service via invalid HTTP/2 HEADERS frame length High
GHSA-pv7r-9vjg-g3f9 was published for github.com/apple/swift-nio-http2 (Swift) Feb 11, 2022 withdrawn
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database