Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

3 advisories

Loading
Crossplane: Signature verification TOCTOU allows installing unverified package content via mutable tag Critical
GHSA-wfqx-gjrf-g28r was published for github.com/crossplane/crossplane (Go) Jun 19, 2026
bugbunny-research Credited to bugbunny-research and tonghuaroot tonghuaroot tonghuaroot
NVIDIA Container Toolkit contains a Time-of-check Time-of-Use (TOCTOU) vulnerability Critical
CVE-2024-0132 was published for github.com/NVIDIA/nvidia-container-toolkit (Go) Oct 29, 2024
Duplicate Advisory: NVIDIA Container Toolkit contains a Time-of-check Time-of-Use (TOCTOU) vulnerability Critical
GHSA-536j-xxhg-6pgg was published for github.com/NVIDIA/nvidia-container-toolkit (Go) Sep 26, 2024 withdrawn
ProTip! Advisories are also available from the GraphQL API