Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
49
GitHub Actions
49
Go
3,417
Maven
5,000+
npm
5,000+
NuGet
882
pip
4,658
Pub
13
RubyGems
1,027
Rust
1,211
Swift
53
Unreviewed advisories
All unreviewed
5,000+

3 advisories

Loading
Ash Authentication has flawed token revocation checking logic in actions generated by `mix ash_authentication.install` Moderate
CVE-2025-25202 was published for ash_authentication (Erlang) Feb 11, 2025
wilburyang Credited to wilburyang, zachdaniel, and jimsynz zachdaniel zachdaniel
jimsynz jimsynz
In AshPostgres, empty, atomic, non-bulk actions, policy bypass for side-effects vulnerability. Moderate
CVE-2024-49756 was published for ash_postgres (Erlang) Oct 23, 2024
maennchen Credited to maennchen, rapidfsub, and zachdaniel rapidfsub rapidfsub
zachdaniel zachdaniel
ash_authentication has email link auto-click account confirmation vulnerability Moderate
CVE-2025-32782 was published for ash_authentication (Erlang) Apr 14, 2025
zachdaniel Credited to zachdaniel, jimsynz, maennchen, barnabasJ, and sevenseacat jimsynz jimsynz
maennchen maennchen barnabasJ barnabasJ sevenseacat sevenseacat
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database