# GitHub Security Advisories Scraper — GHSA & CVE Feed (`compute-edge/github-advisories-scraper`) Actor

Extract GitHub Security Advisories (GHSA) with CVE IDs, CVSS scores, CWE classifications, affected packages, and patched version ranges. Filter by severity, ecosystem, or CVE ID. Fresh vulnerability intelligence for security and DevSecOps teams.

- **URL**: https://apify.com/compute-edge/github-advisories-scraper.md
- **Developed by:** [Compute Edge](https://apify.com/compute-edge) (community)
- **Categories:** Lead generation
- **Stats:** 2 total users, 1 monthly users, 100.0% runs succeeded, 0 bookmarks
- **User rating**: No ratings yet

## Pricing

from $3.00 / 1,000 results

This Actor is paid per event. You are not charged for the Apify platform usage, but only a fixed price for specific events.

Learn more: https://docs.apify.com/platform/actors/running/actors-in-store#pay-per-event

## What's an Apify Actor?

Actors are a software tools running on the Apify platform, for all kinds of web data extraction and automation use cases.
In Batch mode, an Actor accepts a well-defined JSON input, performs an action which can take anything from a few seconds to a few hours,
and optionally produces a well-defined JSON output, datasets with results, or files in key-value store.
In Standby mode, an Actor provides a web server which can be used as a website, API, or an MCP server.
Actors are written with capital "A".

## How to integrate an Actor?

If asked about integration, you help developers integrate Actors into their projects.
You adapt to their stack and deliver integrations that are safe, well-documented, and production-ready.
The best way to integrate Actors is as follows.

In JavaScript/TypeScript projects, use official [JavaScript/TypeScript client](https://docs.apify.com/api/client/js.md):

```bash
npm install apify-client
```

In Python projects, use official [Python client library](https://docs.apify.com/api/client/python.md):

```bash
pip install apify-client
```

In shell scripts, use [Apify CLI](https://docs.apify.com/cli/docs.md):

````bash
# MacOS / Linux
curl -fsSL https://apify.com/install-cli.sh | bash
# Windows
irm https://apify.com/install-cli.ps1 | iex
```bash

In AI frameworks, you might use the [Apify MCP server](https://docs.apify.com/platform/integrations/mcp.md).

If your project is in a different language, use the [REST API](https://docs.apify.com/api/v2.md).

For usage examples, see the [API](#api) section below.

For more details, see Apify documentation as [Markdown index](https://docs.apify.com/llms.txt) and [Markdown full-text](https://docs.apify.com/llms-full.txt).


# README

## GitHub Security Advisories Scraper — CVE & Vulnerability Feed

Pull software vulnerability advisories directly from the **GitHub Advisory Database** — one of the most authoritative open-source vulnerability feeds, covering 13+ package ecosystems (npm, pip, Maven, NuGet, Go, RubyGems, crates.io, etc.) and cross-referencing CVE, CWE, and CVSS metadata.

### What this Actor does

This Actor wraps GitHub's public `/advisories` API and outputs clean structured records of software vulnerabilities, including affected version ranges, fixed versions, severity, CVSS scores, and reference URLs.

**Use cases:**
- **DevSecOps**: Feed an internal vulnerability dashboard or SBOM scanner without standing up your own ingestion pipeline.
- **Security research**: Pull advisories filtered by CVE, CWE, or ecosystem for threat intel reports.
- **Open-source maintainers**: Monitor advisories that touch your dependency tree.
- **Insurance/audit**: Build evidence packs of disclosed vulnerabilities in third-party software.
- **AI / LLM grounding**: Ingest curated, structured CVE data into a RAG pipeline for security copilots.

### How to scrape GitHub Security Advisories

1. (Optional) Set **Severity** to `critical`, `high`, `medium`, or `low`.
2. (Optional) Set **Ecosystem** to focus on one package manager (`npm`, `pip`, `maven`, etc.).
3. (Optional) Provide a **CVE ID** to pull a single advisory.
4. (Optional) Set **Published After** (YYYY-MM-DD) to incrementally pull new entries.
5. Set **Max Results** (default 200).
6. Run.

### Output fields

| Field | Description |
|-------|-------------|
| ghsaId | GitHub Security Advisory ID (e.g. GHSA-xxxx-xxxx-xxxx) |
| cveId | Cross-referenced CVE identifier |
| summary | Short title |
| description | Full markdown description |
| severity | low / medium / high / critical |
| cvssScore | CVSS v3 base score (0–10) |
| cvssVector | Full CVSS vector string |
| cweIds | Common Weakness Enumeration IDs |
| ecosystems | List of affected package ecosystems |
| affectedPackages | Array of `{ecosystem, name, vulnerableVersionRange, firstPatchedVersion}` |
| references | External references (vendor advisories, commits, blog posts) |
| identifiers | Cross-identifiers (CVE, GHSA, etc.) |
| publishedAt / updatedAt / withdrawnAt | Timestamps |
| type | reviewed / unreviewed / malware |
| sourceCodeLocation | Repo URL when available |
| htmlUrl | Public advisory page |

### Pricing

Pay-per-result. The unauthenticated GitHub API allows 60 requests/hour (100 advisories per request), so a single run cleanly returns up to ~6,000 results. For larger pulls, run incrementally with `publishedAfter`.

### Example input

```json
{
  "severity": "critical",
  "ecosystem": "npm",
  "publishedAfter": "2025-01-01",
  "maxResults": 500
}
````

### Example output (single record)

```json
{
  "ghsaId": "GHSA-248r-7h7q-cr24",
  "cveId": "CVE-2026-45411",
  "severity": "critical",
  "cvssScore": 9.8,
  "ecosystems": ["npm"],
  "affectedPackages": [
    {"ecosystem":"npm","name":"vm2","vulnerableVersionRange":"<= 3.9.19","firstPatchedVersion":""}
  ],
  "publishedAt": "2026-04-12T18:00:00Z",
  "htmlUrl": "https://github.com/advisories/GHSA-248r-7h7q-cr24"
}
```

### FAQ

**Q: Is this the same as the NVD CVE feed?** No — GitHub's advisory database is curated, often published before NVD assigns a score, and is the canonical feed for advisories filed against GitHub-hosted projects. Use it together with NIST NVD for the fullest picture.

**Q: What about malware advisories?** Set `type=malware` to pull supply-chain malware advisories (e.g., malicious npm packages).

**Q: Why not just use the GraphQL API?** GraphQL requires authentication. This Actor uses the REST endpoint so it works out of the box.

**Q: Are withdrawn advisories included?** Yes — check the `withdrawnAt` field. Withdrawn entries usually indicate the report was a false positive.

### Legal disclaimer

This Actor accesses the public GitHub Advisory Database REST API per [GitHub's REST API terms](https://docs.github.com/en/rest). Output data is provided under GitHub's terms of service — attribute GitHub as the source when reusing the data. Not affiliated with or endorsed by GitHub, Inc.

# Actor input Schema

## `severity` (type: `string`):

Filter by severity: 'low', 'medium', 'high', 'critical'. Leave blank for all.

## `ecosystem` (type: `string`):

Filter by package ecosystem: actions, composer, erlang, go, maven, npm, nuget, pip, pub, rubygems, rust, swift. Leave blank for all.

## `cveId` (type: `string`):

Look up a specific CVE (e.g. 'CVE-2024-27289').

## `type` (type: `string`):

'reviewed', 'malware', or 'unreviewed'. Leave blank for 'reviewed' (the default and most useful set).

## `publishedAfter` (type: `string`):

Only include advisories published on or after this date (YYYY-MM-DD).

## `maxResults` (type: `integer`):

Maximum number of advisories to return. The unauthenticated GitHub API allows 60 requests/hour; each request returns up to 100 advisories.

## Actor input object example

```json
{
  "severity": "",
  "ecosystem": "",
  "cveId": "",
  "type": "",
  "publishedAfter": "",
  "maxResults": 200
}
```

# Actor output Schema

## `dataset` (type: `string`):

No description

# API

You can run this Actor programmatically using our API. Below are code examples in JavaScript, Python, and CLI, as well as the OpenAPI specification and MCP server setup.

## JavaScript example

```javascript
import { ApifyClient } from 'apify-client';

// Initialize the ApifyClient with your Apify API token
// Replace the '<YOUR_API_TOKEN>' with your token
const client = new ApifyClient({
    token: '<YOUR_API_TOKEN>',
});

// Prepare Actor input
const input = {};

// Run the Actor and wait for it to finish
const run = await client.actor("compute-edge/github-advisories-scraper").call(input);

// Fetch and print Actor results from the run's dataset (if any)
console.log('Results from dataset');
console.log(`💾 Check your data here: https://console.apify.com/storage/datasets/${run.defaultDatasetId}`);
const { items } = await client.dataset(run.defaultDatasetId).listItems();
items.forEach((item) => {
    console.dir(item);
});

// 📚 Want to learn more 📖? Go to → https://docs.apify.com/api/client/js/docs

```

## Python example

```python
from apify_client import ApifyClient

# Initialize the ApifyClient with your Apify API token
# Replace '<YOUR_API_TOKEN>' with your token.
client = ApifyClient("<YOUR_API_TOKEN>")

# Prepare the Actor input
run_input = {}

# Run the Actor and wait for it to finish
run = client.actor("compute-edge/github-advisories-scraper").call(run_input=run_input)

# Fetch and print Actor results from the run's dataset (if there are any)
print("💾 Check your data here: https://console.apify.com/storage/datasets/" + run["defaultDatasetId"])
for item in client.dataset(run["defaultDatasetId"]).iterate_items():
    print(item)

# 📚 Want to learn more 📖? Go to → https://docs.apify.com/api/client/python/docs/quick-start

```

## CLI example

```bash
echo '{}' |
apify call compute-edge/github-advisories-scraper --silent --output-dataset

```

## MCP server setup

```json
{
    "mcpServers": {
        "apify": {
            "command": "npx",
            "args": [
                "mcp-remote",
                "https://mcp.apify.com/?tools=compute-edge/github-advisories-scraper",
                "--header",
                "Authorization: Bearer <YOUR_API_TOKEN>"
            ]
        }
    }
}

```

## OpenAPI specification

```json
{
    "openapi": "3.0.1",
    "info": {
        "title": "GitHub Security Advisories Scraper — GHSA & CVE Feed",
        "description": "Extract GitHub Security Advisories (GHSA) with CVE IDs, CVSS scores, CWE classifications, affected packages, and patched version ranges. Filter by severity, ecosystem, or CVE ID. Fresh vulnerability intelligence for security and DevSecOps teams.",
        "version": "0.1",
        "x-build-id": "a6dz0mzrO2YPUplB8"
    },
    "servers": [
        {
            "url": "https://api.apify.com/v2"
        }
    ],
    "paths": {
        "/acts/compute-edge~github-advisories-scraper/run-sync-get-dataset-items": {
            "post": {
                "operationId": "run-sync-get-dataset-items-compute-edge-github-advisories-scraper",
                "x-openai-isConsequential": false,
                "summary": "Executes an Actor, waits for its completion, and returns Actor's dataset items in response.",
                "tags": [
                    "Run Actor"
                ],
                "requestBody": {
                    "required": true,
                    "content": {
                        "application/json": {
                            "schema": {
                                "$ref": "#/components/schemas/inputSchema"
                            }
                        }
                    }
                },
                "parameters": [
                    {
                        "name": "token",
                        "in": "query",
                        "required": true,
                        "schema": {
                            "type": "string"
                        },
                        "description": "Enter your Apify token here"
                    }
                ],
                "responses": {
                    "200": {
                        "description": "OK"
                    }
                }
            }
        },
        "/acts/compute-edge~github-advisories-scraper/runs": {
            "post": {
                "operationId": "runs-sync-compute-edge-github-advisories-scraper",
                "x-openai-isConsequential": false,
                "summary": "Executes an Actor and returns information about the initiated run in response.",
                "tags": [
                    "Run Actor"
                ],
                "requestBody": {
                    "required": true,
                    "content": {
                        "application/json": {
                            "schema": {
                                "$ref": "#/components/schemas/inputSchema"
                            }
                        }
                    }
                },
                "parameters": [
                    {
                        "name": "token",
                        "in": "query",
                        "required": true,
                        "schema": {
                            "type": "string"
                        },
                        "description": "Enter your Apify token here"
                    }
                ],
                "responses": {
                    "200": {
                        "description": "OK",
                        "content": {
                            "application/json": {
                                "schema": {
                                    "$ref": "#/components/schemas/runsResponseSchema"
                                }
                            }
                        }
                    }
                }
            }
        },
        "/acts/compute-edge~github-advisories-scraper/run-sync": {
            "post": {
                "operationId": "run-sync-compute-edge-github-advisories-scraper",
                "x-openai-isConsequential": false,
                "summary": "Executes an Actor, waits for completion, and returns the OUTPUT from Key-value store in response.",
                "tags": [
                    "Run Actor"
                ],
                "requestBody": {
                    "required": true,
                    "content": {
                        "application/json": {
                            "schema": {
                                "$ref": "#/components/schemas/inputSchema"
                            }
                        }
                    }
                },
                "parameters": [
                    {
                        "name": "token",
                        "in": "query",
                        "required": true,
                        "schema": {
                            "type": "string"
                        },
                        "description": "Enter your Apify token here"
                    }
                ],
                "responses": {
                    "200": {
                        "description": "OK"
                    }
                }
            }
        }
    },
    "components": {
        "schemas": {
            "inputSchema": {
                "type": "object",
                "properties": {
                    "severity": {
                        "title": "Severity",
                        "type": "string",
                        "description": "Filter by severity: 'low', 'medium', 'high', 'critical'. Leave blank for all.",
                        "default": ""
                    },
                    "ecosystem": {
                        "title": "Ecosystem",
                        "type": "string",
                        "description": "Filter by package ecosystem: actions, composer, erlang, go, maven, npm, nuget, pip, pub, rubygems, rust, swift. Leave blank for all.",
                        "default": ""
                    },
                    "cveId": {
                        "title": "CVE ID",
                        "type": "string",
                        "description": "Look up a specific CVE (e.g. 'CVE-2024-27289').",
                        "default": ""
                    },
                    "type": {
                        "title": "Advisory Type",
                        "type": "string",
                        "description": "'reviewed', 'malware', or 'unreviewed'. Leave blank for 'reviewed' (the default and most useful set).",
                        "default": ""
                    },
                    "publishedAfter": {
                        "title": "Published After",
                        "type": "string",
                        "description": "Only include advisories published on or after this date (YYYY-MM-DD).",
                        "default": ""
                    },
                    "maxResults": {
                        "title": "Max Results",
                        "minimum": 1,
                        "maximum": 5000,
                        "type": "integer",
                        "description": "Maximum number of advisories to return. The unauthenticated GitHub API allows 60 requests/hour; each request returns up to 100 advisories.",
                        "default": 200
                    }
                }
            },
            "runsResponseSchema": {
                "type": "object",
                "properties": {
                    "data": {
                        "type": "object",
                        "properties": {
                            "id": {
                                "type": "string"
                            },
                            "actId": {
                                "type": "string"
                            },
                            "userId": {
                                "type": "string"
                            },
                            "startedAt": {
                                "type": "string",
                                "format": "date-time",
                                "example": "2025-01-08T00:00:00.000Z"
                            },
                            "finishedAt": {
                                "type": "string",
                                "format": "date-time",
                                "example": "2025-01-08T00:00:00.000Z"
                            },
                            "status": {
                                "type": "string",
                                "example": "READY"
                            },
                            "meta": {
                                "type": "object",
                                "properties": {
                                    "origin": {
                                        "type": "string",
                                        "example": "API"
                                    },
                                    "userAgent": {
                                        "type": "string"
                                    }
                                }
                            },
                            "stats": {
                                "type": "object",
                                "properties": {
                                    "inputBodyLen": {
                                        "type": "integer",
                                        "example": 2000
                                    },
                                    "rebootCount": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "restartCount": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "resurrectCount": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "computeUnits": {
                                        "type": "integer",
                                        "example": 0
                                    }
                                }
                            },
                            "options": {
                                "type": "object",
                                "properties": {
                                    "build": {
                                        "type": "string",
                                        "example": "latest"
                                    },
                                    "timeoutSecs": {
                                        "type": "integer",
                                        "example": 300
                                    },
                                    "memoryMbytes": {
                                        "type": "integer",
                                        "example": 1024
                                    },
                                    "diskMbytes": {
                                        "type": "integer",
                                        "example": 2048
                                    }
                                }
                            },
                            "buildId": {
                                "type": "string"
                            },
                            "defaultKeyValueStoreId": {
                                "type": "string"
                            },
                            "defaultDatasetId": {
                                "type": "string"
                            },
                            "defaultRequestQueueId": {
                                "type": "string"
                            },
                            "buildNumber": {
                                "type": "string",
                                "example": "1.0.0"
                            },
                            "containerUrl": {
                                "type": "string"
                            },
                            "usage": {
                                "type": "object",
                                "properties": {
                                    "ACTOR_COMPUTE_UNITS": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "DATASET_READS": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "DATASET_WRITES": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "KEY_VALUE_STORE_READS": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "KEY_VALUE_STORE_WRITES": {
                                        "type": "integer",
                                        "example": 1
                                    },
                                    "KEY_VALUE_STORE_LISTS": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "REQUEST_QUEUE_READS": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "REQUEST_QUEUE_WRITES": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "DATA_TRANSFER_INTERNAL_GBYTES": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "DATA_TRANSFER_EXTERNAL_GBYTES": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "PROXY_RESIDENTIAL_TRANSFER_GBYTES": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "PROXY_SERPS": {
                                        "type": "integer",
                                        "example": 0
                                    }
                                }
                            },
                            "usageTotalUsd": {
                                "type": "number",
                                "example": 0.00005
                            },
                            "usageUsd": {
                                "type": "object",
                                "properties": {
                                    "ACTOR_COMPUTE_UNITS": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "DATASET_READS": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "DATASET_WRITES": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "KEY_VALUE_STORE_READS": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "KEY_VALUE_STORE_WRITES": {
                                        "type": "number",
                                        "example": 0.00005
                                    },
                                    "KEY_VALUE_STORE_LISTS": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "REQUEST_QUEUE_READS": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "REQUEST_QUEUE_WRITES": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "DATA_TRANSFER_INTERNAL_GBYTES": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "DATA_TRANSFER_EXTERNAL_GBYTES": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "PROXY_RESIDENTIAL_TRANSFER_GBYTES": {
                                        "type": "integer",
                                        "example": 0
                                    },
                                    "PROXY_SERPS": {
                                        "type": "integer",
                                        "example": 0
                                    }
                                }
                            }
                        }
                    }
                }
            }
        }
    }
}
```
