GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,041
Maven
5,000+
npm
3,733
NuGet
662
pip
3,414
Pub
12
RubyGems
891
Rust
866
Swift
36
Unreviewed advisories
All unreviewed
5,000+
73 advisories
Filter by severity
Regular Expression Denial Of Service in uri-js
Moderate
CVE-2017-16021
was published
for
uri-js
(npm)
Jul 24, 2018
Denial of Service in protobufjs
Moderate
CVE-2018-3738
was published
for
protobufjs
(npm)
Oct 9, 2018
ReDoS via long string of semicolons in tough-cookie
Moderate
CVE-2016-1000232
was published
for
tough-cookie
(npm)
Oct 10, 2018
Denial of Service in uap-core when processing crafted User-Agent strings
Moderate
CVE-2020-5243
was published
for
uap-core
(RubyGems)
Feb 20, 2020
Regular Expression Denial of Service in browserslist
Moderate
CVE-2021-23364
was published
for
browserslist
(npm)
May 24, 2021
Regular Expression Denial of Service in millisecond
Moderate
GHSA-m489-xr35-fjxr
was published
for
millisecond
(npm)
Sep 22, 2021
Regular Expression Denial of Service in jsoneditor
Moderate
CVE-2021-3822
was published
for
jsoneditor
(npm)
Sep 29, 2021
Inefficient Regular Expression Complexity in validator.js
Moderate
CVE-2021-3765
was published
for
validator
(npm)
Nov 3, 2021
Inefficient Regular Expression Complexity in Validator.js
Moderate
GHSA-xx4c-jj58-r7x6
was published
for
validator
(npm)
Nov 19, 2021
ReDoS in LDAP schema parser
Moderate
GHSA-r8wq-qrxc-hmcm
was published
for
python-ldap
(pip)
Nov 29, 2021
Regular Expression Denial of Service (ReDoS) in lodash
Moderate
CVE-2020-28500
was published
for
lodash
(npm)
Jan 6, 2022
Uncontrolled Resource Consumption in markdown-it
Moderate
CVE-2022-21670
was published
for
markdown-it
(npm)
Jan 12, 2022
Spring Framework Inefficient Regular Expression Complexity
Moderate
CVE-2009-1190
was published
for
org.springframework:spring-core
(Maven)
May 2, 2022
angular vulnerable to regular expression denial of service (ReDoS)
Moderate
CVE-2022-25844
was published
for
angular
(npm)
May 3, 2022
Regular expression denial of service in apache tika
Moderate
CVE-2022-30126
was published
for
org.apache.tika:tika
(Maven)
May 17, 2022
Regular expression denial of service in url_regex
Moderate
CVE-2022-21195
was published
for
url_regex
(pip)
May 21, 2022
Inefficient Regular Expression Complexity in Jenkins Build Failure Analyzer Plugin
Moderate
CVE-2019-16555
was published
for
com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer
(Maven)
May 24, 2022
CKEditor 4 ReDoS Vulnerability
Moderate
CVE-2021-26271
was published
for
ckeditor4-dev
(npm)
May 24, 2022
Regular expression denial of service in apache tika
Moderate
CVE-2022-30973
was published
for
org.apache.tika:tika-core
(Maven)
Jun 1, 2022
Denial of Service in python-ldap
Moderate
CVE-2021-46823
was published
for
python-ldap
(pip)
Jun 19, 2022
Denial of Service (DoS) vulnerability in RSSHub
Moderate
CVE-2022-31110
was published
for
rsshub
(npm)
Jun 23, 2022
node-fetch Inefficient Regular Expression Complexity
Moderate
CVE-2022-2596
was published
for
node-fetch
(npm)
Aug 2, 2022
Regular expression denial of service in eth-account
Moderate
CVE-2022-1930
was published
for
eth-account
(pip)
Aug 23, 2022
uri-template-lite Regular Expression Denial of Service
Moderate
CVE-2021-43309
was published
for
uri-template-lite
(npm)
Aug 25, 2022
pymatgen is vulnerable to Regular Expression Denial of Service (ReDoS)
Moderate
CVE-2022-42964
was published
for
pymatgen
(pip)
Nov 10, 2022
ProTip!
Advisories are also available from the
GraphQL API