GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
125 advisories
Filter by severity
Regular Expression Denial of Service in millisecond
Moderate
GHSA-m489-xr35-fjxr
was published
for
millisecond
(npm)
Sep 22, 2021
Inefficient Regular Expression Complexity in Validator.js
Moderate
GHSA-xx4c-jj58-r7x6
was published
for
validator
(npm)
Nov 19, 2021
mel-spintax has Inefficient Regular Expression Complexity
Moderate
CVE-2018-25077
was published
for
mel-spintax
(npm)
Jan 18, 2023
cookiejar Regular Expression Denial of Service via Cookie.parse function
Moderate
CVE-2022-25901
was published
for
cookiejar
(Maven)
Jan 18, 2023
robots-txt-guard Inefficient Regular Expression Complexity vulnerability
High
CVE-2021-4305
was published
for
robots-txt-guard
(npm)
Jan 5, 2023
jquery-validation Regular Expression Denial of Service due to arbitrary input to url2 method
High
CVE-2022-31147
was published
for
jquery-validation
(npm)
Jul 5, 2022
PapaParse Inefficient Regular Expression Complexity vulnerability
High
CVE-2020-36649
was published
for
papaparse
(npm)
Jan 11, 2023
Regular expression denial of service in markdown-link-extractor
Low
CVE-2021-43308
was published
for
markdown-link-extractor
(npm)
Jun 3, 2022
terminal-kit Inefficient Regular Expression Complexity vulnerability
High
CVE-2021-4306
was published
for
terminal-kit
(npm)
Jan 7, 2023
glob-parent 6.0.0 vulnerable to Regular Expression Denial of Service
High
CVE-2021-35065
was published
for
glob-parent
(npm)
Jul 18, 2022
inflect vulnerable to Inefficient Regular Expression Complexity
High
CVE-2021-3820
was published
for
i
(npm)
Sep 29, 2021
Polynomial regular expression used on uncontrolled data in nitrado.js
High
CVE-2022-36034
was published
for
nitrado.js
(npm)
Aug 31, 2022
angular vulnerable to regular expression denial of service (ReDoS)
Moderate
CVE-2022-25844
was published
for
angular
(npm)
May 3, 2022
Inefficient Regular Expression Complexity in vuelidate
High
CVE-2021-3794
was published
for
@vuelidate/validators
(npm)
Sep 20, 2021
Inefficient Regular Expression Complexity in code-server
High
CVE-2021-3810
was published
for
code-server
(npm)
Sep 20, 2021
Prototype pollution vulnerability in 'predefine'
Critical
CVE-2020-28280
was published
for
predefine
(npm)
Oct 12, 2021
email-existence Inefficient Regular Expression Complexity vulnerability
High
CVE-2018-25049
was published
for
email-existence
(npm)
Dec 27, 2022
markdown-it vulnerable to Inefficient Regular Expression Complexity
High
CVE-2015-10005
was published
for
markdown-it
(npm)
Dec 27, 2022
string-kit Inefficient Regular Expression Complexity vulnerability
High
CVE-2021-4299
was published
for
string-kit
(npm)
Jan 2, 2023
@sideway/formula contains Regular Expression Denial of Service (ReDoS) Vulnerability
Moderate
CVE-2023-25166
was published
for
@sideway/formula
(npm)
Feb 8, 2023
Regular Expression Denial of Service in Headers
High
CVE-2023-24807
was published
for
undici
(npm)
Feb 16, 2023
Withdrawn: cacheable-request depends on http-cache-semantics, which is vulnerable to Regular Expression Denial of Service
High
GHSA-8x6c-cv3v-vp6g
was published
for
cacheable-request
(npm)
Feb 11, 2023
•
withdrawn
Inefficient Regular Expression Complexity in taro
High
CVE-2021-3804
was published
for
@tarojs/helper
(npm)
Sep 20, 2021
Regular Expression Denial of Service in hawk
High
CVE-2016-2515
was published
for
hawk
(npm)
Jul 31, 2018
Regular Expression Denial of Service in uglify-js
High
CVE-2015-8858
was published
for
uglify-js
(npm)
Oct 24, 2017
ProTip!
Advisories are also available from the
GraphQL API