Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,198
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,702
NuGet
660
pip
3,328
Pub
11
RubyGems
883
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

14 advisories

Loading
jruby-openssl gem for JRuby fails to do proper certificate validation High
CVE-2009-4123 was published for jruby-openssl (RubyGems) Jan 19, 2023
Elastic APM agent for Ruby vulnerable to Improper Certificate Validation High
CVE-2019-7615 was published for elastic-apm (RubyGems) May 24, 2022
hammer_cli_foreman Improper Certificate Validation vulnerability High
CVE-2017-2667 was published for hammer_cli_foreman (RubyGems) May 13, 2022
Improper Certificate Validation in kubeclient High
CVE-2022-0759 was published for kubeclient (RubyGems) Mar 26, 2022
tdunlap607
Improper Certificate Validation in EM-HTTP-Request High
CVE-2020-13482 was published for em-http-request (RubyGems) May 24, 2021
tdunlap607
Improper certificate validation in em-imap High
CVE-2020-13163 was published for em-imap (RubyGems) May 24, 2021
Improper Certificate Validation in oauth ruby gem High
CVE-2016-11086 was published for oauth (RubyGems) Apr 22, 2021
Improper Certificate Validation in TweetStream Moderate
CVE-2020-24393 was published for tweetstream (RubyGems) Apr 13, 2021
Improper Certificate Validation in Puppet Moderate
CVE-2020-7942 was published for puppet (RubyGems) Apr 13, 2021
Improper Certificate Validation in twitter-stream Moderate
CVE-2020-24392 was published for twitter-stream (RubyGems) Mar 29, 2021
Missing TLS certificate verification in faye-websocket High
CVE-2020-15133 was published for faye-websocket (RubyGems) Jul 31, 2020
Missing TLS certificate verification High
CVE-2020-15134 was published for faye (RubyGems) Jul 31, 2020
Improper Certificate Validation in chloride High
CVE-2018-6517 was published for chloride (RubyGems) Mar 25, 2019
net-ldap Improper Certificate Validation vulnerability Moderate
CVE-2017-17718 was published for net-ldap (RubyGems) Jan 6, 2018
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database