GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,316
Maven
5,000+
npm
5,000+
NuGet
1,030
pip
5,000+
Pub
13
RubyGems
1,116
Rust
1,493
Swift
61
Unreviewed advisories
All unreviewed
5,000+
14 advisories
Filter by severity
Scriban: ExpressionDepthLimit guard is non-enforcing — parser-recursion DoS in 6.6.0–7.2.0 (incomplete fix for GHSA-wgh7-7m3c-fx25 / GHSA-p6q4-fgr8-vx4p)
Moderate
GHSA-6q7j-xr26-3h2c
was published
for
Scriban
(NuGet)
Jun 26, 2026
Scriban: array * int (ScriptArray<T>.TryEvaluate) bypasses LoopLimit — incomplete fix for GHSA-c875-h985-hvrc, missed sibling of GHSA-24c8-4792-22hx
Moderate
GHSA-q6rr-fm2g-g5x8
was published
for
Scriban
(NuGet)
Jun 26, 2026
Scriban: array.insert_at index parameter DoS bypasses LoopLimit and LimitToString
High
GHSA-24c8-4792-22hx
was published
for
Scriban.Signed
(NuGet)
May 19, 2026
Scriban has Multiple Denial-of-Service Vectors via Unbounded Resource Consumption During Expression Evaluation
Moderate
GHSA-xw6w-9jjh-p9cr
was published
for
Scriban
(NuGet)
Mar 24, 2026
Scriban: Denial of Service via Unbounded Cumulative Template Output Bypassing LimitToString
Moderate
GHSA-m2p3-hwv5-xpqw
was published
for
Scriban
(NuGet)
Mar 24, 2026
Scriban has Uncontrolled Recursion in `object.to_json` Causing Unrecoverable Process Crash via StackOverflowException
High
GHSA-xcx6-vp38-8hr5
was published
for
Scriban
(NuGet)
Mar 24, 2026
Scriban: Uncontrolled Memory Allocation via string.pad_left/pad_right Allows Remote Denial of Service
High
GHSA-v66j-x4hw-fv9g
was published
for
Scriban
(NuGet)
Mar 24, 2026
Scriban: Built-in operations bypass LoopLimit and delay cancellation, enabling Denial of Service
High
GHSA-c875-h985-hvrc
was published
for
Scriban.Signed
(NuGet)
Mar 24, 2026
Scriban: Sandbox escape due to TypedObjectAccessorcache bypassing MemberFilter after TemplateContext reuse
Critical
GHSA-5wr9-m6jw-xx44
was published
for
Scriban.Signed
(NuGet)
Mar 24, 2026
Scriban has an authorization bypass due to stale include cache surviving TemplateContext.Reset()
High
GHSA-x6m9-38vm-2xhf
was published
for
Scriban.Signed
(NuGet)
Mar 24, 2026
Scriban has a Stack Overflow via Nested Array Initializers That Bypass the ExpressionDepthLimit Fix
High
GHSA-p6q4-fgr8-vx4p
was published
for
Scriban
(NuGet)
Mar 24, 2026
Scriban Affected by Memory Exhaustion (OOM) via Unbounded String Generation (Denial of Service)
Moderate
GHSA-5rpf-x9jg-8j5p
was published
for
Scriban.Signed
(NuGet)
Mar 19, 2026
Scriban has an Infinite Recursion during Object Rendering Leads to Stack Overflow and Process Crash (Denial of Service)
High
GHSA-grr9-747v-xvcp
was published
for
Scriban.Signed
(NuGet)
Mar 19, 2026
Scriban has Uncontrolled Recursion in Parser Leads to Stack Overflow and Process Crash (Denial of Service)
High
GHSA-wgh7-7m3c-fx25
was published
for
Scriban.Signed
(NuGet)
Mar 19, 2026
ProTip!
Advisories are also available from the
GraphQL API