Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

14 advisories

Loading
Permissions bypass in KubeVirt Moderate
CVE-2020-1701 was published for kubevirt.io/kubevirt (Go) Jun 1, 2021
Cache Manipulation Attack in Apache Traffic Control Moderate
CVE-2020-17522 was published for github.com/apache/trafficcontrol (Go) Jun 18, 2021
Incorrect Permission Assignment for Critical Resource in Hashicorp Consul Moderate
CVE-2020-12797 was published for github.com/hashicorp/consul (Go) Jun 23, 2021
Archive package allows chmod of file outside of unpack target directory Moderate
CVE-2021-32760 was published for github.com/containerd/containerd (Go) Jul 26, 2021
tdunlap607
Beego has a file creation race condition Moderate
CVE-2019-16354 was published for github.com/astaxie/beego (Go) Aug 2, 2021
Incorrect Permission Assignment for Critical Resource in CRI-O Moderate
CVE-2022-0532 was published for github.com/cri-o/cri-o (Go) Feb 11, 2022
Kubernetes Unsafe Cacheing Moderate
CVE-2019-11244 was published for k8s.io/client-go (Go) Feb 15, 2022
Gitea allowed assignment of private issues Moderate
CVE-2022-38183 was published for code.gitea.io/gitea (Go) Aug 13, 2022
Bytebase does not restrict low privilege user to access admin issues Moderate
CVE-2022-32169 was published for github.com/bytebase/bytebase (Go) Sep 29, 2022
CubeFS allows Kubernetes cluster-level privilege escalation Moderate
CVE-2023-30512 was published for github.com/cubefs/cubefs (Go) Apr 12, 2023
Privilege Escalation in HashiCorp Consul Moderate
CVE-2020-28053 was published for github.com/hashicorp/consul (Go) Jan 31, 2024
Moby (Docker Engine) Insufficiently restricted permissions on data directory Moderate
CVE-2021-41091 was published for github.com/docker/docker (Go) Jan 31, 2024
joanbm AlonZa
neersighted
Moby (Docker Engine) started with non-empty inheritable Linux process capabilities Moderate
CVE-2022-24769 was published for github.com/docker/docker (Go) Apr 22, 2024
AndrewGMorgan
snapd failed to restrict writes to the $HOME/bin path Moderate
CVE-2024-1724 was published for github.com/snapcore/snapd (Go) Jul 25, 2024
ProTip! Advisories are also available from the GraphQL API