GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
148 advisories
Filter by severity
email-existence Inefficient Regular Expression Complexity vulnerability
High
CVE-2018-25049
was published
for
email-existence
(npm)
Dec 27, 2022
markdown-it vulnerable to Inefficient Regular Expression Complexity
High
CVE-2015-10005
was published
for
markdown-it
(npm)
Dec 27, 2022
pypa/setuptools vulnerable to Regular Expression Denial of Service (ReDoS)
High
CVE-2022-40897
was published
for
setuptools
(pip)
Dec 23, 2022
pypa/wheel vulnerable to Regular Expression denial of service (ReDoS)
High
CVE-2022-40898
was published
for
wheel
(pip)
Dec 23, 2022
Inefficient Regular Expression Complexity in rails-html-sanitizer
High
CVE-2022-23517
was published
for
rails-html-sanitizer
(RubyGems)
Dec 13, 2022
Inefficient Regular Expression Complexity in Loofah
High
CVE-2022-23514
was published
for
loofah
(RubyGems)
Dec 13, 2022
Inefficient Regular Expression Complexity in Liferay Portal
High
CVE-2022-42124
was published
for
com.liferay.portal:release.portal.bom
(Maven)
Nov 15, 2022
kangax html-minifier REDoS vulnerability
High
CVE-2022-37620
was published
for
html-minifier
(npm)
Oct 31, 2022
Inefficient Regular Expression Complexity in shescape
High
CVE-2022-25918
was published
for
shescape
(npm)
Oct 25, 2022
ReDoS in py library when used with subversion
High
CVE-2022-42969
was published
for
py
(pip)
Oct 16, 2022
Django denial-of-service vulnerability in internationalized URLs
High
CVE-2022-41323
was published
for
django
(pip)
Oct 16, 2022
loader-utils is vulnerable to Regular Expression Denial of Service (ReDoS) via url variable
High
CVE-2022-37603
was published
for
loader-utils
(npm)
Oct 14, 2022
loader-utils is vulnerable to Regular Expression Denial of Service (ReDoS)
High
CVE-2022-37599
was published
for
loader-utils
(npm)
Oct 12, 2022
v8n vulnerable to Inefficient Regular Expression Complexity
High
CVE-2022-35923
was published
for
v8n
(npm)
Oct 7, 2022
react-native-reanimated vulnerable to ReDoS
High
CVE-2022-24373
was published
for
react-native-reanimated
(npm)
Oct 1, 2022
steal Inefficient Regular Expression Complexity vulnerability via string variable
High
CVE-2022-37259
was published
for
steal
(npm)
Sep 21, 2022
mako is vulnerable to Regular Expression Denial of Service
High
CVE-2022-40023
was published
for
mako
(pip)
Sep 16, 2022
steal vulnerable to Regular Expression Denial of Service via source and sourceWithComments
High
CVE-2022-37262
was published
for
steal
(npm)
Sep 16, 2022
steal vulnerable to Regular Expression Denial of Service via input variable
High
CVE-2022-37260
was published
for
steal
(npm)
Sep 16, 2022
Apache OFBiz up to version 18.12.05 is vulnerable to Regular Expression Denial of Service (ReDoS)...
High
Unreviewed
CVE-2022-29158
was published
Sep 3, 2022
Polynomial regular expression used on uncontrolled data in nitrado.js
High
CVE-2022-36034
was published
for
nitrado.js
(npm)
Aug 31, 2022
Sanitize-html Vulnerable To REDoS Attacks
High
CVE-2022-25887
was published
for
sanitize-html
(npm)
Aug 31, 2022
Mistune vulnerable to catastrophic backtracking
High
CVE-2022-34749
was published
for
mistune
(pip)
Jul 26, 2022
ProTip!
Advisories are also available from the
GraphQL API