GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
25 advisories
Filter by severity
regular expression denial-of-service (ReDoS) in Bleach
High
CVE-2020-6817
was published
for
bleach
(pip)
Mar 30, 2020
markdown2 Regular Expression Denial of Service
High
CVE-2021-26813
was published
for
markdown2
(pip)
Jun 2, 2021
Regular Expression Denial of Service in flask-restx
High
CVE-2021-32838
was published
for
flask-restx
(pip)
Sep 8, 2021
Regular Expression Denial of Service in Leo Editor
High
CVE-2020-23478
was published
for
leo
(pip)
Sep 23, 2021
Uncontrolled Resource Consumption in Apache DolphinScheduler
High
CVE-2022-25598
was published
for
apache-dolphinscheduler
(Maven)
Mar 31, 2022
Django Regex Algorithmic Complexity Causes Denial of Service
High
CVE-2009-3695
was published
for
Django
(pip)
May 2, 2022
Django ReDoS in validators.URLValidator
High
CVE-2015-5145
was published
for
Django
(pip)
May 17, 2022
Mistune vulnerable to catastrophic backtracking
High
CVE-2022-34749
was published
for
mistune
(pip)
Jul 26, 2022
mako is vulnerable to Regular Expression Denial of Service
High
CVE-2022-40023
was published
for
mako
(pip)
Sep 16, 2022
ReDoS in py library when used with subversion
High
CVE-2022-42969
was published
for
py
(pip)
Oct 16, 2022
Django denial-of-service vulnerability in internationalized URLs
High
CVE-2022-41323
was published
for
django
(pip)
Oct 16, 2022
pypa/setuptools vulnerable to Regular Expression Denial of Service (ReDoS)
High
CVE-2022-40897
was published
for
setuptools
(pip)
Dec 23, 2022
pypa/wheel vulnerable to Regular Expression denial of service (ReDoS)
High
CVE-2022-40898
was published
for
wheel
(pip)
Dec 23, 2022
mechanize Regular Expression Denial of Service vulnerability
High
CVE-2021-32837
was published
for
mechanize
(pip)
Jan 18, 2023
git-url-parse Regular Expression Denial of Service
High
CVE-2023-32758
was published
for
git-url-parse
(pip)
May 15, 2023
Django has regular expression denial of service vulnerability in EmailValidator/URLValidator
High
CVE-2023-36053
was published
for
Django
(pip)
Jul 3, 2023
Apache Airflow Improper Input Validation vulnerability
High
CVE-2023-36543
was published
for
apache-airflow
(pip)
Jul 12, 2023
Duplicate Advisory: FastAPI Content-Type Header ReDoS
High
GHSA-qf9m-vfgh-m389
was published
for
fastapi
(pip)
Feb 5, 2024
•
withdrawn
Scrapy vulnerable to ReDoS via XMLFeedSpider
High
CVE-2024-1892
was published
for
scrapy
(pip)
Feb 15, 2024
Duplicate Advisory: ReDos vulnerability of XMLFeedSpider
High
GHSA-7c9g-vj9m-8pm6
was published
for
scrapy
(pip)
Feb 28, 2024
•
withdrawn
Denial of service via regular expression
High
CVE-2024-28865
was published
for
wiki
(pip)
Mar 18, 2024
Wagtail regular expression denial-of-service via search query parsing
High
CVE-2024-39317
was published
for
wagtail
(pip)
Jul 11, 2024
ProTip!
Advisories are also available from the
GraphQL API