Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

11 advisories

Loading
Git credentials are exposed in Atlantis logs High
CVE-2024-52009 was published for github.com/runatlantis/atlantis (Go) Nov 8, 2024
niooss-ledger
apko Exposure of HTTP basic auth credentials in log output High
CVE-2024-36127 was published for chainguard.dev/apko (Go) Jun 4, 2024
kolloch
Insecure Variable Substitution in Vela High
CVE-2024-28236 was published for github.com/go-vela/worker (Go) Mar 14, 2024
gdiepen
Rancher 'Audit Log' leaks sensitive information High
CVE-2023-22649 was published for github.com/rancher/rancher (Go) Feb 8, 2024
APM Server vulnerable to Insertion of Sensitive Information into Log File High
CVE-2024-23448 was published for github.com/elastic/apm-server (Go) Feb 8, 2024
Headscale writes bearer tokens to info-level logs High
CVE-2023-47390 was published for github.com/juanfont/headscale (Go) Nov 11, 2023
Weave GitOps Terraform Controller Information Disclosure Vulnerability High
CVE-2023-34236 was published for github.com/weaveworks/tf-controller (Go) Jul 14, 2023
greenu
Debug mode leaks confidential data in Cilium High
CVE-2023-29002 was published for github.com/cilium/cilium (Go) Apr 19, 2023
meyskens
HashiCorp Consul Template could reveal Vault secret contents in error messages High
CVE-2022-38149 was published for github.com/hashicorp/consul-template (Go) Aug 18, 2022
Secret insertion into debug log in Docker High
CVE-2019-13509 was published for github.com/docker/docker (Go) May 24, 2022
joshbressers
Information Disclosure in HashiCorp Vault High
CVE-2020-13223 was published for github.com/hashicorp/vault (Go) May 18, 2021
ProTip! Advisories are also available from the GraphQL API