GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
97 advisories
Filter by severity
ReDoS in giskard's transformation.py (GHSL-2024-324)
Moderate
CVE-2024-52524
was published
for
giskard
(pip)
Nov 14, 2024
insane vulnerable to Regular Expression Denial of Service
Moderate
CVE-2020-26303
was published
for
insane
(npm)
Oct 26, 2024
Foundation Regular Expression Denial of Service vulnerability
Moderate
CVE-2020-26304
was published
for
foundation-sites
(npm)
Oct 26, 2024
CommonRegexJS Regular Expression Denial of Service vulnerability
Moderate
CVE-2020-26305
was published
for
commonregex
(npm)
Oct 26, 2024
Rack ReDoS Vulnerability in HTTP Accept Headers Parsing
Moderate
CVE-2024-39316
was published
for
rack
(RubyGems)
Jul 3, 2024
Possible ReDoS vulnerability in block_format in Action Mailer
Moderate
CVE-2024-47889
was published
for
actionmailer
(RubyGems)
Oct 15, 2024
Possible ReDoS vulnerability in plain_text_for_blockquote_node in Action Text
Moderate
CVE-2024-47888
was published
for
actiontext
(RubyGems)
Oct 15, 2024
Possible ReDoS vulnerability in HTTP Token authentication in Action Controller
Moderate
CVE-2024-47887
was published
for
actionpack
(RubyGems)
Oct 15, 2024
useragent Regular Expression Denial of Service vulnerability
Moderate
CVE-2020-26311
was published
for
useragent
(npm)
Oct 26, 2024
In JetBrains YouTrack before 2024.3.47707 potential ReDoS exploit was possible via email header...
Moderate
Unreviewed
CVE-2024-50574
was published
Oct 28, 2024
nope-validator Regular Expression Denial of Service vulnerability
Moderate
CVE-2020-26309
was published
for
nope-validator
(npm)
Oct 26, 2024
validate.js Regular Expression Denial of Service vulnerability
Moderate
CVE-2020-26308
was published
for
validate.js
(npm)
Oct 26, 2024
Knwl.js Regular Expression Denial of Service vulnerability
Moderate
CVE-2020-26306
was published
for
knwl.js
(npm)
Oct 26, 2024
sqlparse contains a regular expression that is vulnerable to Regular Expression Denial of Service
Moderate
CVE-2023-30608
was published
for
sqlparse
(pip)
Apr 21, 2023
Issue summary: Checking excessively long DH keys or parameters may be very slow.
Impact summary:...
Moderate
Unreviewed
CVE-2023-3446
was published
Jul 19, 2023
xhtml2pdf Denial of Service via crafted string
Moderate
CVE-2024-25885
was published
for
xhtml2pdf
(pip)
Oct 8, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.9 prior to...
Moderate
Unreviewed
CVE-2023-6682
was published
May 14, 2024
A Denial of Service (DoS) condition has been discovered in GitLab CE/EE affecting all versions...
Moderate
Unreviewed
CVE-2023-6502
was published
May 23, 2024
An issue has been discovered in GitLab affecting all versions starting from 15.11 before 16.1.5,...
Moderate
Unreviewed
CVE-2023-3205
was published
Sep 1, 2023
A denial of service vulnerability was identified in GitLab CE/EE, versions 16.7.7 prior to 16.8.6...
Moderate
Unreviewed
CVE-2023-6489
was published
Apr 12, 2024
An issue has been discovered in GitLab CE/EE affecting all versions before 16.9.7, all versions...
Moderate
Unreviewed
CVE-2024-2651
was published
May 14, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.11 prior to...
Moderate
Unreviewed
CVE-2023-6688
was published
May 14, 2024
An issue has been discovered in GitLab EE affecting all versions before 16.8.6, all versions...
Moderate
Unreviewed
CVE-2023-6678
was published
Apr 12, 2024
An issue has been discovered in GitLab EE affecting all versions starting from 11.3 before 16.6.7...
Moderate
Unreviewed
CVE-2023-6736
was published
Feb 8, 2024
ProTip!
Advisories are also available from the
GraphQL API