Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,360
Erlang
33
GitHub Actions
22
Go
2,127
Maven
5,000+
npm
3,793
NuGet
683
pip
3,471
Pub
12
RubyGems
894
Rust
894
Swift
38
Unreviewed advisories
All unreviewed
5,000+

154 advisories

Loading
Nokogiri Inefficient Regular Expression Complexity High
CVE-2022-24836 was published for nokogiri (RubyGems) Apr 11, 2022
ooooooo-q
ReDoS Vulnerability in ua-parser-js version High
CVE-2022-25927 was published for ua-parser-js (npm) Jan 24, 2023
G-Rath
ReDos vulnerability on guest checkout email validation High
CVE-2021-43805 was published for solidus_core (RubyGems) Dec 7, 2021
agustingianni nickrolfe
Switcher Client contains Regular Expression Denial of Service (ReDoS) High
CVE-2023-23925 was published for switcher-client (npm) Feb 2, 2023
petruki tdunlap607
Terser insecure use of regular expressions leads to ReDoS High
CVE-2022-25858 was published for terser (npm) Jul 16, 2022
Regular Expression Denial of Service in semver High
CVE-2015-8855 was published for semver (npm) Oct 24, 2017
Regular Expression Denial of Service in highcharts High
CVE-2018-20801 was published for highcharts (npm) Mar 18, 2019
ReDoS in brace-expansion High
CVE-2017-18077 was published for brace-expansion (npm) Jan 29, 2018
Regular Expression Denial of Service in uglify-js High
CVE-2015-8858 was published for uglify-js (npm) Oct 24, 2017
Regular Expression Denial of Service in hawk High
CVE-2016-2515 was published for hawk (npm) Jul 31, 2018
Duplicate advisory: Deno vulnerable to Regular Expression Denial of Service High
GHSA-xr9w-x6gw-c9mj was published for deno (Rust) Feb 25, 2023 withdrawn
Inefficient Regular Expression Complexity in taro High
CVE-2021-3804 was published for @tarojs/helper (npm) Sep 20, 2021
richardfan0606
Octobox is software for managing GitHub notifications. Prior to pull request (PR) 2807, a user of... High Unreviewed
CVE-2021-32848 was published Feb 20, 2023
A vulnerability was found in Kong lua-multipart 0.5.8-1. It has been declared as problematic.... High Unreviewed
CVE-2020-36661 was published Feb 12, 2023
Regular Expression Denial of Service in System.Text.RegularExpressions High
CVE-2019-0820 was published for System.Text.RegularExpressions (NuGet) Aug 4, 2021
r-bit-rry
Withdrawn: cacheable-request depends on http-cache-semantics, which is vulnerable to Regular Expression Denial of Service High
GHSA-8x6c-cv3v-vp6g was published for cacheable-request (npm) Feb 11, 2023 withdrawn
Regular Expression Denial of Service in Headers High
CVE-2023-24807 was published for undici (npm) Feb 16, 2023
sno2
string-kit Inefficient Regular Expression Complexity vulnerability High
CVE-2021-4299 was published for string-kit (npm) Jan 2, 2023
markdown-it vulnerable to Inefficient Regular Expression Complexity High
CVE-2015-10005 was published for markdown-it (npm) Dec 27, 2022
email-existence Inefficient Regular Expression Complexity vulnerability High
CVE-2018-25049 was published for email-existence (npm) Dec 27, 2022
Inefficient Regular Expression Complexity in code-server High
CVE-2021-3810 was published for code-server (npm) Sep 20, 2021
Inefficient Regular Expression Complexity in vuelidate High
CVE-2021-3794 was published for @vuelidate/validators (npm) Sep 20, 2021
madcatone
Polynomial regular expression used on uncontrolled data in nitrado.js High
CVE-2022-36034 was published for nitrado.js (npm) Aug 31, 2022
inflect vulnerable to Inefficient Regular Expression Complexity High
CVE-2021-3820 was published for i (npm) Sep 29, 2021
glob-parent 6.0.0 vulnerable to Regular Expression Denial of Service High
CVE-2021-35065 was published for glob-parent (npm) Jul 18, 2022
cowsrule wejendorp
wwuck paulmillr BGehrels
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database