Try GitHub Copilot CLIAttend GitHub Universe
Back to changelog
Release

November 14, 20191 Minute Read

GitHub Advisory Database

The GitHub Advisory Database is a new experience that allows you to browse or search for the vulnerabilities that GitHub knows about. The database contains all curated CVEs and security advisories which have been mapped to a package tracked by the GitHub dependency graph. CVE numbers will also automatically be linked from within issues and pull requests back to the Advisory Database (e.g. typing CVE-2019-13611 will automatically link to this entry in the database).

Linking to a CVE within a GitHub comment

Did you know? This data can also be accessed programmatically using the SecurityAdvisory API. Try the following query in our GraphQL Explorer:

query {
  securityAdvisories(orderBy: {field: PUBLISHED_AT, direction: DESC}, first: 2) {
    nodes {
      description
      ghsaId
      summary
      publishedAt
    }
  }
}

Learn more about the GitHub Advisory Database

Subscribe to our developer newsletter

Discover tips, technical guides, and best practices in our biweekly newsletter just for devs.

By submitting, I agree to let GitHub and its affiliates use my information for personalized communications, targeted advertising, and campaign effectiveness. See the GitHub Privacy Statement for more details.

GitHub Advisory Database - GitHub Changelog