GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
21
Go
2,003
Maven
5,000+
npm
3,714
NuGet
661
pip
3,387
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
148 advisories
Filter by severity
robots-txt-guard Inefficient Regular Expression Complexity vulnerability
High
CVE-2021-4305
was published
for
robots-txt-guard
(npm)
Jan 5, 2023
jquery-validation Regular Expression Denial of Service due to arbitrary input to url2 method
High
CVE-2022-31147
was published
for
jquery-validation
(npm)
Jul 5, 2022
PapaParse Inefficient Regular Expression Complexity vulnerability
High
CVE-2020-36649
was published
for
papaparse
(npm)
Jan 11, 2023
terminal-kit Inefficient Regular Expression Complexity vulnerability
High
CVE-2021-4306
was published
for
terminal-kit
(npm)
Jan 7, 2023
glob-parent 6.0.0 vulnerable to Regular Expression Denial of Service
High
CVE-2021-35065
was published
for
glob-parent
(npm)
Jul 18, 2022
inflect vulnerable to Inefficient Regular Expression Complexity
High
CVE-2021-3820
was published
for
i
(npm)
Sep 29, 2021
Polynomial regular expression used on uncontrolled data in nitrado.js
High
CVE-2022-36034
was published
for
nitrado.js
(npm)
Aug 31, 2022
Inefficient Regular Expression Complexity in vuelidate
High
CVE-2021-3794
was published
for
@vuelidate/validators
(npm)
Sep 20, 2021
Inefficient Regular Expression Complexity in code-server
High
CVE-2021-3810
was published
for
code-server
(npm)
Sep 20, 2021
email-existence Inefficient Regular Expression Complexity vulnerability
High
CVE-2018-25049
was published
for
email-existence
(npm)
Dec 27, 2022
markdown-it vulnerable to Inefficient Regular Expression Complexity
High
CVE-2015-10005
was published
for
markdown-it
(npm)
Dec 27, 2022
string-kit Inefficient Regular Expression Complexity vulnerability
High
CVE-2021-4299
was published
for
string-kit
(npm)
Jan 2, 2023
Regular Expression Denial of Service in Headers
High
CVE-2023-24807
was published
for
undici
(npm)
Feb 16, 2023
Withdrawn: cacheable-request depends on http-cache-semantics, which is vulnerable to Regular Expression Denial of Service
High
GHSA-8x6c-cv3v-vp6g
was published
for
cacheable-request
(npm)
Feb 11, 2023
•
withdrawn
Regular Expression Denial of Service in System.Text.RegularExpressions
High
CVE-2019-0820
was published
for
System.Text.RegularExpressions
(NuGet)
Aug 4, 2021
A vulnerability was found in Kong lua-multipart 0.5.8-1. It has been declared as problematic....
High
Unreviewed
CVE-2020-36661
was published
Feb 12, 2023
Octobox is software for managing GitHub notifications. Prior to pull request (PR) 2807, a user of...
High
Unreviewed
CVE-2021-32848
was published
Feb 20, 2023
Inefficient Regular Expression Complexity in taro
High
CVE-2021-3804
was published
for
@tarojs/helper
(npm)
Sep 20, 2021
Duplicate advisory: Deno vulnerable to Regular Expression Denial of Service
High
GHSA-xr9w-x6gw-c9mj
was published
for
deno
(Rust)
Feb 25, 2023
•
withdrawn
Regular Expression Denial of Service in hawk
High
CVE-2016-2515
was published
for
hawk
(npm)
Jul 31, 2018
Regular Expression Denial of Service in uglify-js
High
CVE-2015-8858
was published
for
uglify-js
(npm)
Oct 24, 2017
Regular Expression Denial of Service in highcharts
High
CVE-2018-20801
was published
for
highcharts
(npm)
Mar 18, 2019
Regular Expression Denial of Service in semver
High
CVE-2015-8855
was published
for
semver
(npm)
Oct 24, 2017
Terser insecure use of regular expressions leads to ReDoS
High
CVE-2022-25858
was published
for
terser
(npm)
Jul 16, 2022
ProTip!
Advisories are also available from the
GraphQL API