GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
3 advisories
VCS credentials included in URL parameters are potentially logged and saved into browser history as plaintext
Low
CVE-2025-32021
was published
for
weblate
(pip)
Apr 15, 2025
MLflow authentication requirement bypass can allow a user to arbitrarily create an account
Critical
CVE-2023-6014
was published
for
mlflow
(pip)
Nov 16, 2023
Ray Missing Authorization vulnerability
Critical
CVE-2023-6020
was published
for
ray
(pip)
Nov 16, 2023
ProTip!
Advisories are also available from the
GraphQL API