GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
276 advisories
Filter by severity
Unpatched `path-to-regexp` ReDoS in 0.1.x
Moderate
CVE-2024-52798
was published
for
path-to-regexp
(npm)
Dec 5, 2024
In JetBrains YouTrack before 2024.3.52635 potential ReDoS was possible due to vulnerable RegExp...
Moderate
Unreviewed
CVE-2024-54157
was published
Dec 4, 2024
org.keycloak:keycloak-services has Inefficient Regular Expression Complexity
High
CVE-2024-10270
was published
for
org.keycloak:keycloak-services
(Maven)
Nov 25, 2024
Duplicate Advisory: org.keycloak:keycloak-services has Inefficient Regular Expression Complexity
Moderate
GHSA-j3x3-r585-4qhg
was published
for
org.keycloak:keycloak-services
(Maven)
Nov 25, 2024
•
withdrawn
Regular Expression Denial of Service (ReDoS) in @eslint/plugin-kit
Low
CVE-2024-21539
was published
for
@eslint/plugin-kit
(npm)
Nov 15, 2024
ReDoS in giskard's transformation.py (GHSL-2024-324)
Moderate
CVE-2024-52524
was published
for
giskard
(pip)
Nov 14, 2024
Regular Expression Denial of Service (ReDoS) in cross-spawn
High
CVE-2024-21538
was published
for
cross-spawn
(npm)
Nov 8, 2024
In JetBrains YouTrack before 2024.3.47707 potential ReDoS exploit was possible via email header...
Moderate
Unreviewed
CVE-2024-50574
was published
Oct 28, 2024
useragent Regular Expression Denial of Service vulnerability
Moderate
CVE-2020-26311
was published
for
useragent
(npm)
Oct 26, 2024
Knwl.js Regular Expression Denial of Service vulnerability
Moderate
CVE-2020-26306
was published
for
knwl.js
(npm)
Oct 26, 2024
nope-validator Regular Expression Denial of Service vulnerability
Moderate
CVE-2020-26309
was published
for
nope-validator
(npm)
Oct 26, 2024
validate.js Regular Expression Denial of Service vulnerability
Moderate
CVE-2020-26308
was published
for
validate.js
(npm)
Oct 26, 2024
Foundation Regular Expression Denial of Service vulnerability
Moderate
CVE-2020-26304
was published
for
foundation-sites
(npm)
Oct 26, 2024
insane vulnerable to Regular Expression Denial of Service
Moderate
CVE-2020-26303
was published
for
insane
(npm)
Oct 26, 2024
CommonRegexJS Regular Expression Denial of Service vulnerability
Moderate
CVE-2020-26305
was published
for
commonregex
(npm)
Oct 26, 2024
HTML2Markdown is a Javascript implementation for converting HTML to Markdown text. All available...
High
Unreviewed
CVE-2020-26307
was published
Oct 26, 2024
Validate.js provides a declarative way of validating javascript objects. All versions as of 30...
High
Unreviewed
CVE-2020-26310
was published
Oct 26, 2024
Permissive Regular Expression in tacquito
High
GHSA-p5wf-cmr4-xrwr
was published
for
github.com/facebookincubator/tacquito
(Go)
Oct 18, 2024
Possible ReDoS vulnerability in block_format in Action Mailer
Moderate
CVE-2024-47889
was published
for
actionmailer
(RubyGems)
Oct 15, 2024
Possible ReDoS vulnerability in plain_text_for_blockquote_node in Action Text
Moderate
CVE-2024-47888
was published
for
actiontext
(RubyGems)
Oct 15, 2024
Possible ReDoS vulnerability in HTTP Token authentication in Action Controller
Moderate
CVE-2024-47887
was published
for
actionpack
(RubyGems)
Oct 15, 2024
ReDoS vulnerability in vue package that is exploitable through inefficient regex evaluation in the parseHTML function
Low
CVE-2024-9506
was published
for
vue
(npm)
Oct 15, 2024
Znuny before LTS 6.5.1 through 6.5.10 and 7.0.1 through 7.0.16 allows DoS/ReDos via email....
High
Unreviewed
CVE-2024-48938
was published
Oct 11, 2024
xhtml2pdf Denial of Service via crafted string
Moderate
CVE-2024-25885
was published
for
xhtml2pdf
(pip)
Oct 8, 2024
ProTip!
Advisories are also available from the
GraphQL API