GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
276 advisories
Filter by severity
Terser insecure use of regular expressions leads to ReDoS
High
CVE-2022-25858
was published
for
terser
(npm)
Jul 16, 2022
glob-parent 6.0.0 vulnerable to Regular Expression Denial of Service
High
CVE-2021-35065
was published
for
glob-parent
(npm)
Jul 18, 2022
Mistune vulnerable to catastrophic backtracking
High
CVE-2022-34749
was published
for
mistune
(pip)
Jul 26, 2022
node-fetch Inefficient Regular Expression Complexity
Moderate
CVE-2022-2596
was published
for
node-fetch
(npm)
Aug 2, 2022
Regular expression denial of service in eth-account
Moderate
CVE-2022-1930
was published
for
eth-account
(pip)
Aug 23, 2022
uri-template-lite Regular Expression Denial of Service
Moderate
CVE-2021-43309
was published
for
uri-template-lite
(npm)
Aug 25, 2022
Sanitize-html Vulnerable To REDoS Attacks
High
CVE-2022-25887
was published
for
sanitize-html
(npm)
Aug 31, 2022
Polynomial regular expression used on uncontrolled data in nitrado.js
High
CVE-2022-36034
was published
for
nitrado.js
(npm)
Aug 31, 2022
Apache OFBiz up to version 18.12.05 is vulnerable to Regular Expression Denial of Service (ReDoS)...
High
Unreviewed
CVE-2022-29158
was published
Sep 3, 2022
steal vulnerable to Regular Expression Denial of Service via input variable
High
CVE-2022-37260
was published
for
steal
(npm)
Sep 16, 2022
steal vulnerable to Regular Expression Denial of Service via source and sourceWithComments
High
CVE-2022-37262
was published
for
steal
(npm)
Sep 16, 2022
mako is vulnerable to Regular Expression Denial of Service
High
CVE-2022-40023
was published
for
mako
(pip)
Sep 16, 2022
steal Inefficient Regular Expression Complexity vulnerability via string variable
High
CVE-2022-37259
was published
for
steal
(npm)
Sep 21, 2022
Dell Hybrid Client prior to version 1.8 contains a Regular Expression Denial of Service...
Low
Unreviewed
CVE-2022-34428
was published
Oct 1, 2022
react-native-reanimated vulnerable to ReDoS
High
CVE-2022-24373
was published
for
react-native-reanimated
(npm)
Oct 1, 2022
v8n vulnerable to Inefficient Regular Expression Complexity
High
CVE-2022-35923
was published
for
v8n
(npm)
Oct 7, 2022
Dell Wyse ThinOS 2205 contains a Regular Expression Denial of Service Vulnerability in UI. An...
Moderate
Unreviewed
CVE-2022-34402
was published
Oct 11, 2022
loader-utils is vulnerable to Regular Expression Denial of Service (ReDoS)
High
CVE-2022-37599
was published
for
loader-utils
(npm)
Oct 12, 2022
loader-utils is vulnerable to Regular Expression Denial of Service (ReDoS) via url variable
High
CVE-2022-37603
was published
for
loader-utils
(npm)
Oct 14, 2022
ReDoS in py library when used with subversion
High
CVE-2022-42969
was published
for
py
(pip)
Oct 16, 2022
Django denial-of-service vulnerability in internationalized URLs
High
CVE-2022-41323
was published
for
django
(pip)
Oct 16, 2022
Inefficient Regular Expression Complexity in shescape
High
CVE-2022-25918
was published
for
shescape
(npm)
Oct 25, 2022
kangax html-minifier REDoS vulnerability
High
CVE-2022-37620
was published
for
html-minifier
(npm)
Oct 31, 2022
ProTip!
Advisories are also available from the
GraphQL API