GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
76 advisories
Filter by severity
robots-txt-guard Inefficient Regular Expression Complexity vulnerability
High
CVE-2021-4305
was published
for
robots-txt-guard
(npm)
Jan 5, 2023
jquery-validation Regular Expression Denial of Service due to arbitrary input to url2 method
High
CVE-2022-31147
was published
for
jquery-validation
(npm)
Jul 5, 2022
PapaParse Inefficient Regular Expression Complexity vulnerability
High
CVE-2020-36649
was published
for
papaparse
(npm)
Jan 11, 2023
terminal-kit Inefficient Regular Expression Complexity vulnerability
High
CVE-2021-4306
was published
for
terminal-kit
(npm)
Jan 7, 2023
glob-parent 6.0.0 vulnerable to Regular Expression Denial of Service
High
CVE-2021-35065
was published
for
glob-parent
(npm)
Jul 18, 2022
inflect vulnerable to Inefficient Regular Expression Complexity
High
CVE-2021-3820
was published
for
i
(npm)
Sep 29, 2021
Polynomial regular expression used on uncontrolled data in nitrado.js
High
CVE-2022-36034
was published
for
nitrado.js
(npm)
Aug 31, 2022
Inefficient Regular Expression Complexity in vuelidate
High
CVE-2021-3794
was published
for
@vuelidate/validators
(npm)
Sep 20, 2021
Inefficient Regular Expression Complexity in code-server
High
CVE-2021-3810
was published
for
code-server
(npm)
Sep 20, 2021
email-existence Inefficient Regular Expression Complexity vulnerability
High
CVE-2018-25049
was published
for
email-existence
(npm)
Dec 27, 2022
markdown-it vulnerable to Inefficient Regular Expression Complexity
High
CVE-2015-10005
was published
for
markdown-it
(npm)
Dec 27, 2022
string-kit Inefficient Regular Expression Complexity vulnerability
High
CVE-2021-4299
was published
for
string-kit
(npm)
Jan 2, 2023
Regular Expression Denial of Service in Headers
High
CVE-2023-24807
was published
for
undici
(npm)
Feb 16, 2023
Withdrawn: cacheable-request depends on http-cache-semantics, which is vulnerable to Regular Expression Denial of Service
High
GHSA-8x6c-cv3v-vp6g
was published
for
cacheable-request
(npm)
Feb 11, 2023
•
withdrawn
Inefficient Regular Expression Complexity in taro
High
CVE-2021-3804
was published
for
@tarojs/helper
(npm)
Sep 20, 2021
Regular Expression Denial of Service in hawk
High
CVE-2016-2515
was published
for
hawk
(npm)
Jul 31, 2018
Regular Expression Denial of Service in uglify-js
High
CVE-2015-8858
was published
for
uglify-js
(npm)
Oct 24, 2017
Regular Expression Denial of Service in highcharts
High
CVE-2018-20801
was published
for
highcharts
(npm)
Mar 18, 2019
Regular Expression Denial of Service in semver
High
CVE-2015-8855
was published
for
semver
(npm)
Oct 24, 2017
Terser insecure use of regular expressions leads to ReDoS
High
CVE-2022-25858
was published
for
terser
(npm)
Jul 16, 2022
Switcher Client contains Regular Expression Denial of Service (ReDoS)
High
CVE-2023-23925
was published
for
switcher-client
(npm)
Feb 2, 2023
ReDoS Vulnerability in ua-parser-js version
High
CVE-2022-25927
was published
for
ua-parser-js
(npm)
Jan 24, 2023
http-cache-semantics vulnerable to Regular Expression Denial of Service
High
CVE-2022-25881
was published
for
http-cache-semantics
(Maven)
Jan 31, 2023
is_js vulnerable to Regular Expression Denial of Service
High
CVE-2020-26302
was published
for
is_js
(npm)
Jul 6, 2023
ProTip!
Advisories are also available from the
GraphQL API