GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
34 advisories
OpenBao Inserts Sensitive Information into Log File when processing malformed data
Moderate
CVE-2025-52893
was published
for
github.com/openbao/openbao/sdk/v2/framework
(Go)
Jun 26, 2025
mapstructure May Leak Sensitive Information in Logs When Processing Malformed Data
Moderate
GHSA-fv92-fjc5-jj9h
was published
for
github.com/go-viper/mapstructure/v2
(Go)
Jun 27, 2025
buildx allows a possible credential leakage to telemetry endpoint
Moderate
CVE-2025-0495
was published
for
github.com/docker/buildx
(Go)
Mar 17, 2025
secrets-store-csi-driver discloses service account tokens in logs
Moderate
CVE-2023-2878
was published
for
sigs.k8s.io/secrets-store-csi-driver
(Go)
May 26, 2023
Argo CD leaks repository credentials in user-facing error messages and in logs
Moderate
CVE-2023-25163
was published
for
github.com/argoproj/argo-cd/v2
(Go)
Feb 8, 2023
CubeFS leaks users key in logs
Moderate
CVE-2023-46742
was published
for
github.com/cubefs/cubefs
(Go)
Jan 3, 2024
Elastic Beats inserts sensitive information into log file
Moderate
CVE-2023-49922
was published
for
github.com/elastic/beats
(Go)
Dec 12, 2023
goreleaser shows environment by default
Moderate
GHSA-f6mm-5fc7-3g3c
was published
for
github.com/goreleaser/goreleaser
(Go)
May 15, 2024
`goreleaser release --debug` shows secrets
Moderate
CVE-2024-23840
was published
for
github.com/goreleaser/goreleaser
(Go)
Jan 30, 2024
ProTip!
Advisories are also available from the
GraphQL API