GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
276 advisories
Filter by severity
configobj ReDoS exploitable by developer using values in a server-side configuration file
Low
CVE-2023-26112
was published
for
configobj
(pip)
Apr 3, 2023
angular vulnerable to regular expression denial of service via the angular.copy() utility
Moderate
CVE-2023-26116
was published
for
angular
(npm)
Mar 30, 2023
angular vulnerable to regular expression denial of service via the $resource service
Moderate
CVE-2023-26117
was published
for
angular
(npm)
Mar 30, 2023
angular vulnerable to regular expression denial of service via the <input type="url"> element
Moderate
CVE-2023-26118
was published
for
angular
(npm)
Mar 30, 2023
Duplicate advisory: Deno vulnerable to Regular Expression Denial of Service
High
GHSA-xr9w-x6gw-c9mj
was published
for
deno
(Rust)
Feb 25, 2023
•
withdrawn
Octobox is software for managing GitHub notifications. Prior to pull request (PR) 2807, a user of...
High
Unreviewed
CVE-2021-32848
was published
Feb 20, 2023
Regular Expression Denial of Service in Headers
High
CVE-2023-24807
was published
for
undici
(npm)
Feb 16, 2023
A vulnerability was found in Kong lua-multipart 0.5.8-1. It has been declared as problematic....
High
Unreviewed
CVE-2020-36661
was published
Feb 12, 2023
Regular Expression Denial of Service in simple-markdown
High
CVE-2019-25102
was published
for
simple-markdown
(npm)
Feb 12, 2023
Regular Expression Denial of Service in simple-markdown
High
CVE-2019-25103
was published
for
simple-markdown
(npm)
Feb 12, 2023
Withdrawn: cacheable-request depends on http-cache-semantics, which is vulnerable to Regular Expression Denial of Service
High
GHSA-8x6c-cv3v-vp6g
was published
for
cacheable-request
(npm)
Feb 11, 2023
•
withdrawn
@sideway/formula contains Regular Expression Denial of Service (ReDoS) Vulnerability
Moderate
CVE-2023-25166
was published
for
@sideway/formula
(npm)
Feb 8, 2023
is-url Inefficient Regular Expression Complexity vulnerability
High
CVE-2018-25079
was published
for
is-url
(npm)
Feb 4, 2023
Switcher Client contains Regular Expression Denial of Service (ReDoS)
High
CVE-2023-23925
was published
for
switcher-client
(npm)
Feb 2, 2023
http-cache-semantics vulnerable to Regular Expression Denial of Service
High
CVE-2022-25881
was published
for
http-cache-semantics
(Maven)
Jan 31, 2023
ReDoS Vulnerability in ua-parser-js version
High
CVE-2022-25927
was published
for
ua-parser-js
(npm)
Jan 24, 2023
Denial of Service Vulnerability in Rack Content-Disposition parsing
Low
CVE-2022-44571
was published
for
rack
(RubyGems)
Jan 18, 2023
ReDoS based DoS vulnerability in Action Dispatch
Low
CVE-2023-22792
was published
for
actionpack
(RubyGems)
Jan 18, 2023
ReDoS based DoS vulnerability in Active Support's underscore
Low
CVE-2023-22796
was published
for
activesupport
(RubyGems)
Jan 18, 2023
ReDoS based DoS vulnerability in Action Dispatch
Low
CVE-2023-22795
was published
for
actionpack
(RubyGems)
Jan 18, 2023
Denial of service via header parsing in Rack
High
CVE-2022-44570
was published
for
rack
(RubyGems)
Jan 18, 2023
Denial of service via multipart parsing in Rack
Low
CVE-2022-44572
was published
for
rack
(RubyGems)
Jan 18, 2023
ReDoS based DoS vulnerability in GlobalID
Low
CVE-2023-22799
was published
for
globalid
(RubyGems)
Jan 18, 2023
ProTip!
Advisories are also available from the
GraphQL API