Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,373
Erlang
33
GitHub Actions
22
Go
2,135
Maven
5,000+
npm
3,797
NuGet
687
pip
3,478
Pub
12
RubyGems
896
Rust
897
Swift
38
Unreviewed advisories
All unreviewed
5,000+

38 advisories

Loading
SwiftNIO vulnerable to Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') Moderate
CVE-2022-3215 was published for github.com/apple/swift-nio (Swift) Jun 7, 2023
dellalibera
Async HTTP Client has CRLF Injection vulnerability in HTTP request headers High
CVE-2023-0040 was published for github.com/swift-server/async-http-client (Swift) Jun 7, 2023
dellalibera
Uncontrolled Recursion in HTTP2ToRawGRPCServerCodec Moderate
CVE-2021-36154 was published for github.com/grpc/grpc-swift (Swift) May 22, 2023
swift-nio-http2 vulnerable to denial of service via ALTSVC or ORIGIN frames High
CVE-2022-24668 was published for github.com/apple/swift-nio-http2 (Swift) May 18, 2023
swift-nio-http2 vulnerable to denial of service via invalid HTTP/2 HEADERS frame length High
CVE-2022-24666 was published for github.com/apple/swift-nio-http2 (Swift) May 18, 2023
SwiftNIO vulnerable to HTTP request smuggling using malformed Transfer-Encoding header Critical
GHSA-mgc4-wqv7-4pxm was published for github.com/apple/swift-nio (Swift) May 18, 2023
swift-nio-http2 vulnerable to denial of service via mishandled HPACK variable length integer encoding High
CVE-2022-24667 was published for github.com/apple/swift-nio-http2 (Swift) May 18, 2023
PostgresNIO processes unencrypted bytes from man-in-the-middle Low
CVE-2023-31136 was published for github.com/vapor/postgres-nio (Swift) May 10, 2023
fabianfett gwynne
zstd vulnerable to buffer overrun High
CVE-2022-4899 was published for github.com/facebook/zstd (pip) Mar 31, 2023
SwiftNIO SSL arbitrary code execution vulnerability Critical
CVE-2019-8849 was published for github.com/apple/swift-nio-ssl (Swift) May 24, 2022
Duplicate advisory: swift-nio-http2 vulnerable to denial of service via invalid HTTP/2 HEADERS frame length High
GHSA-pv7r-9vjg-g3f9 was published for github.com/apple/swift-nio-http2 (Swift) Feb 11, 2022 withdrawn
Duplicate advisory: swift-nio-http2 vulnerable to denial of service via mishandled HPACK variable length integer encoding High
GHSA-wfvq-p7qf-vv64 was published for github.com/apple/swift-nio-http2 (Swift) Feb 11, 2022 withdrawn
Duplicate advisory: swift-nio-http2 vulnerable to denial of service via ALTSVC or ORIGIN frames High
GHSA-gpgx-whwh-r297 was published for github.com/apple/swift-nio-http2 (Swift) Feb 11, 2022 withdrawn
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database