Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,885
Erlang
37
GitHub Actions
38
Go
2,546
Maven
5,000+
npm
4,212
NuGet
744
pip
3,988
Pub
12
RubyGems
950
Rust
1,038
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3 advisories

Loading
Twig has unguarded calls to `__toString()` when nesting an object into an array Low
CVE-2024-51754 was published for twig/twig (Composer) Nov 6, 2024
maantje fabpot
Credited to maantje and fabpot
Twig security issue where escaping was missing when using null coalesce operator Moderate
CVE-2025-24374 was published for twig/twig (Composer) Jan 29, 2025
PhilETaylor fabpot
Credited to PhilETaylor and fabpot
Twig has a possible sandbox bypass Moderate
CVE-2024-45411 was published for twig/twig (Composer) Sep 9, 2024
fabpot stof
Credited to fabpot and stof
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database