Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

25 advisories

Loading
regular expression denial-of-service (ReDoS) in Bleach High
CVE-2020-6817 was published for bleach (pip) Mar 30, 2020
markdown2 Regular Expression Denial of Service High
CVE-2021-26813 was published for markdown2 (pip) Jun 2, 2021
Regular Expression Denial of Service in flask-restx High
CVE-2021-32838 was published for flask-restx (pip) Sep 8, 2021
erik-krogh yoff
Regular Expression Denial of Service in Leo Editor High
CVE-2020-23478 was published for leo (pip) Sep 23, 2021
NLTK Vulnerable to REDoS High
CVE-2021-3828 was published for nltk (pip) Sep 29, 2021
NLTK Vulnerable to REDoS High
CVE-2021-3842 was published for nltk (pip) Jan 6, 2022
Uncontrolled Resource Consumption in Apache DolphinScheduler High
CVE-2022-25598 was published for apache-dolphinscheduler (Maven) Mar 31, 2022
Django Regex Algorithmic Complexity Causes Denial of Service High
CVE-2009-3695 was published for Django (pip) May 2, 2022
Django ReDoS in validators.URLValidator High
CVE-2015-5145 was published for Django (pip) May 17, 2022
Mistune vulnerable to catastrophic backtracking High
CVE-2022-34749 was published for mistune (pip) Jul 26, 2022
sersorrel
mako is vulnerable to Regular Expression Denial of Service High
CVE-2022-40023 was published for mako (pip) Sep 16, 2022
ReDoS issue in dparse High
CVE-2022-39280 was published for dparse (pip) Sep 27, 2022
ReDoS in py library when used with subversion High
CVE-2022-42969 was published for py (pip) Oct 16, 2022
The-Compiler jwilk
Django denial-of-service vulnerability in internationalized URLs High
CVE-2022-41323 was published for django (pip) Oct 16, 2022
sunSUNQ
pypa/setuptools vulnerable to Regular Expression Denial of Service (ReDoS) High
CVE-2022-40897 was published for setuptools (pip) Dec 23, 2022
pypa/wheel vulnerable to Regular Expression denial of service (ReDoS) High
CVE-2022-40898 was published for wheel (pip) Dec 23, 2022
mechanize Regular Expression Denial of Service vulnerability High
CVE-2021-32837 was published for mechanize (pip) Jan 18, 2023
git-url-parse Regular Expression Denial of Service High
CVE-2023-32758 was published for git-url-parse (pip) May 15, 2023
Django has regular expression denial of service vulnerability in EmailValidator/URLValidator High
CVE-2023-36053 was published for Django (pip) Jul 3, 2023
Apache Airflow Improper Input Validation vulnerability High
CVE-2023-36543 was published for apache-airflow (pip) Jul 12, 2023
Duplicate Advisory: FastAPI Content-Type Header ReDoS High
GHSA-qf9m-vfgh-m389 was published for fastapi (pip) Feb 5, 2024 withdrawn
nicecatch2000 huonw
garyd203 levpachmanov
Scrapy vulnerable to ReDoS via XMLFeedSpider High
CVE-2024-1892 was published for scrapy (pip) Feb 15, 2024
nicecatch2000
Duplicate Advisory: ReDos vulnerability of XMLFeedSpider High
GHSA-7c9g-vj9m-8pm6 was published for scrapy (pip) Feb 28, 2024 withdrawn
Denial of service via regular expression High
CVE-2024-28865 was published for wiki (pip) Mar 18, 2024
stsewd benjaoming
oscarmcm
Wagtail regular expression denial-of-service via search query parsing High
CVE-2024-39317 was published for wagtail (pip) Jul 11, 2024
RealOrangeOne
ProTip! Advisories are also available from the GraphQL API