skip to content
Back to GitHub.com
Home Bounties CodeQL Research Advisories Get Involved Events

Vulnerabilities we've disclosed (before March 2020)


GitHub Security Lab researchers find vulnerabilities in key, widely-used open source projects. We then coordinate the disclosure of those vulnerabilities to security teams at those projects. We only publish vulnerabilities here after they’ve been announced by the affected projects' development teams and patches are available. See our disclosure policy for more information.

This page lists disclosures prior to March 2020. For recent disclosures, please visit the advisories page.

123 CVEs discovered by GitHub Security Lab (prior to March 2020)

Disclosure policy


Read our disclosure policy.