Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+

276 advisories

Loading
Rust's regex crate vulnerable to regular expression denial of service High
CVE-2022-24713 was published for regex (Rust) Mar 8, 2022
addisoncrump
is_js vulnerable to Regular Expression Denial of Service High
CVE-2020-26302 was published for is_js (npm) Jul 6, 2023
semver-regex Regular Expression Denial of Service (ReDOS) High
CVE-2021-3795 was published for semver-regex (npm) Sep 20, 2021
node-fetch Inefficient Regular Expression Complexity Moderate
CVE-2022-2596 was published for node-fetch (npm) Aug 2, 2022
vovikhangcdv
Regular expression denial of service in Apache ShenYu High
CVE-2022-26650 was published for org.apache.shenyu:shenyu (Maven) May 18, 2022
Uncontrolled Resource Consumption in Apache DolphinScheduler High
CVE-2022-25598 was published for apache-dolphinscheduler (Maven) Mar 31, 2022
Regular expression denial of service in semver-regex Low
CVE-2021-43307 was published for semver-regex (npm) Jun 3, 2022
Dell Hybrid Client prior to version 1.8 contains a Regular Expression Denial of Service... Low Unreviewed
CVE-2022-34428 was published Oct 1, 2022
Regular Expression Denial of Service (ReDoS) in jsx-slack Low
CVE-2021-43838 was published for jsx-slack (npm) Dec 17, 2021
hieki
Uncontrolled Resource Consumption in markdown-it Moderate
CVE-2022-21670 was published for markdown-it (npm) Jan 12, 2022
makenowjust
Denial of Service (DoS) vulnerability in RSSHub Moderate
CVE-2022-31110 was published for rsshub (npm) Jun 23, 2022
Rongronggg9
Apache Tapestry 5.8.1 vulnerable to ReDoS via Content Types causing catastrophic backtracking High
CVE-2022-31781 was published for org.apache.tapestry:tapestry-core (Maven) Jul 14, 2022
Apache OFBiz up to version 18.12.05 is vulnerable to Regular Expression Denial of Service (ReDoS)... High Unreviewed
CVE-2022-29158 was published Sep 3, 2022
Dell Wyse ThinOS 2205 contains a Regular Expression Denial of Service Vulnerability in UI. An... Moderate Unreviewed
CVE-2022-34402 was published Oct 11, 2022
v8n vulnerable to Inefficient Regular Expression Complexity High
CVE-2022-35923 was published for v8n (npm) Oct 7, 2022
vovikhangcdv
Denial of Service in python-ldap Moderate
CVE-2021-46823 was published for python-ldap (pip) Jun 19, 2022
Regular Expression Denial of Service in browserslist Moderate
CVE-2021-23364 was published for browserslist (npm) May 24, 2021
react-native-reanimated vulnerable to ReDoS High
CVE-2022-24373 was published for react-native-reanimated (npm) Oct 1, 2022
tomekzaw annaowens
606856158280d7bd4b38b37936db9_microsoft
steal vulnerable to Regular Expression Denial of Service via source and sourceWithComments High
CVE-2022-37262 was published for steal (npm) Sep 16, 2022
steal Inefficient Regular Expression Complexity vulnerability via string variable High
CVE-2022-37259 was published for steal (npm) Sep 21, 2022
Inefficient Regular Expression Complexity in Liferay Portal High
CVE-2022-42124 was published for com.liferay.portal:release.portal.bom (Maven) Nov 15, 2022
ReDoS based DoS vulnerability in Active Support's underscore Low
CVE-2023-22796 was published for activesupport (RubyGems) Jan 18, 2023
robertoz-01 postmodern
G-Rath
Regular expression denial of service in apache tika Moderate
CVE-2022-30973 was published for org.apache.tika:tika-core (Maven) Jun 1, 2022
jkmartindale
Regular expression denial of service in apache tika Moderate
CVE-2022-30126 was published for org.apache.tika:tika (Maven) May 17, 2022
github.com/tidwall/gjson Vulnerable to REDoS attack High
CVE-2021-42836 was published for github.com/tidwall/gjson (Go) Oct 25, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database