Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

15 advisories

Loading
golang.org/x/crypto: Invoking client can cause server deadlock on unexpected responses Critical
CVE-2026-39830 was published for golang.org/x/crypto (Go) Jun 25, 2026
omec-project amf Vulnerable to Improper Restriction of Operations within the Bounds of a Memory Buffer Low
CVE-2026-9299 was published for github.com/omec-project/amf (Go) May 26, 2026
omec-project amf Vulnerable to Improper Restriction of Operations within the Bounds of a Memory Buffer Low
CVE-2026-9301 was published for github.com/omec-project/amf (Go) May 26, 2026
omec-project amf Vulnerable to Improper Restriction of Operations within the Bounds of a Memory Buffer Low
CVE-2026-9300 was published for github.com/omec-project/amf (Go) May 26, 2026
AMF Improperly Restricts Operations within the Bounds of a Memory Buffer Low
CVE-2026-8780 was published for github.com/omec-project/amf (Go) May 18, 2026
AMF Improperly Restricts Operations within the Bounds of a Memory Buffer Low
CVE-2026-8779 was published for github.com/omec-project/amf (Go) May 18, 2026
omec-project amf crashes when processing malformed LocationReports Low
CVE-2026-8349 was published for github.com/omec-project/amf (Go) May 12, 2026
GoBGP has Improper Restriction of Operations within the Bounds of a Memory Buffer Moderate
CVE-2026-7737 was published for github.com/osrg/gobgp (Go) May 4, 2026
Denial of Service via Zip/Decompression Bomb sent over HTTP or gRPC High
CVE-2024-36129 was published for go.opentelemetry.io/collector/config/configgrpc (Go) Jun 5, 2024
jpkrohling Credited to jpkrohling, arminru, mx-psi, and stamparm arminru arminru
mx-psi mx-psi stamparm stamparm
Duplicate Advisory: go-codec-dagpb vulnerable to panic when decoding invalid blocks High
GHSA-967g-cjx4-h7j6 was published for github.com/ipld/go-codec-dagpb (Go) Dec 28, 2022 withdrawn
xmlquery lacks check for whether LoadURL response is in XML format, causing denial of service High
CVE-2020-25614 was published for github.com/antchfx/xmlquery (Go) Oct 7, 2022
anonymous-nlp-student Credited to anonymous-nlp-student
Out of bounds memory access in github.com/open-policy-agent/opa High
CVE-2022-28946 was published for github.com/open-policy-agent/opa (Go) May 20, 2022
golang.org/x/net/html has Improper Restriction of Operations within the Bounds of a Memory Buffer High
CVE-2018-17847 was published for golang.org/x/net (Go) May 13, 2022
golang.org/x/net/html has Improper Restriction of Operations within the Bounds of a Memory Buffer High
CVE-2018-17143 was published for golang.org/x/net (Go) May 13, 2022
ipld/go-codec-dagpb panics when processing certain blocks High
CVE-2022-2584 was published for github.com/ipld/go-codec-dagpb (Go) Apr 8, 2022
ProTip! Advisories are also available from the GraphQL API