Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

6 advisories

Loading
Envoy's global rate limit may crash when the response phase limit is enabled and the response phase request is failed directly Moderate
CVE-2026-26330 was published for github.com/envoyproxy/envoy (Go) Mar 10, 2026
phlax Credited to phlax, yanavlasov, botengyao, and agrawroh yanavlasov yanavlasov
botengyao botengyao agrawroh agrawroh
Envoy: HTTP - filter chain execution on reset streams causing UAF crash Moderate
CVE-2026-26311 was published for github.com/envoyproxy/envoy (Go) Mar 10, 2026
MushroomWasp Credited to MushroomWasp, agrawroh, yanavlasov, botengyao, and phlax agrawroh agrawroh
yanavlasov yanavlasov botengyao botengyao phlax phlax
Envoy: Race condition in Dynamic Forward Proxy leads to use-after-free and segmentation faults High
CVE-2025-54588 was published for github.com/envoyproxy/envoy (Go) Sep 15, 2025
agrawroh Credited to agrawroh, yanavlasov, phlax, and botengyao yanavlasov yanavlasov
phlax phlax botengyao botengyao
Unpatched extfs vulnerabilities are exploitable through suid-mode Apptainer High
CVE-2023-30549 was published for github.com/apptainer/apptainer (Go) Apr 25, 2023
DrDaveD Credited to DrDaveD
Use After Free in HashiCorp Nomad Critical
CVE-2020-27195 was published for github.com/hashicorp/nomad (Go) Feb 15, 2022
GPGME Go wrapper contains Use After Free High
CVE-2020-8945 was published for github.com/proglottis/gpgme (Go) May 18, 2021
ProTip! Advisories are also available from the GraphQL API