Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

73 advisories

Loading
Unpatched `path-to-regexp` ReDoS in 0.1.x Moderate
CVE-2024-52798 was published for path-to-regexp (npm) Dec 5, 2024
blakeembrey ctcpip
Duplicate Advisory: org.keycloak:keycloak-services has Inefficient Regular Expression Complexity Moderate
GHSA-j3x3-r585-4qhg was published for org.keycloak:keycloak-services (Maven) Nov 25, 2024 withdrawn
ReDoS in giskard's transformation.py (GHSL-2024-324) Moderate
CVE-2024-52524 was published for giskard (pip) Nov 14, 2024
kevinbackhouse
REXML ReDoS vulnerability Moderate
CVE-2024-49761 was published for rexml (RubyGems) Oct 28, 2024
useragent Regular Expression Denial of Service vulnerability Moderate
CVE-2020-26311 was published for useragent (npm) Oct 26, 2024
Knwl.js Regular Expression Denial of Service vulnerability Moderate
CVE-2020-26306 was published for knwl.js (npm) Oct 26, 2024
validate.js Regular Expression Denial of Service vulnerability Moderate
CVE-2020-26308 was published for validate.js (npm) Oct 26, 2024
nope-validator Regular Expression Denial of Service vulnerability Moderate
CVE-2020-26309 was published for nope-validator (npm) Oct 26, 2024
CommonRegexJS Regular Expression Denial of Service vulnerability Moderate
CVE-2020-26305 was published for commonregex (npm) Oct 26, 2024
Foundation Regular Expression Denial of Service vulnerability Moderate
CVE-2020-26304 was published for foundation-sites (npm) Oct 26, 2024
insane vulnerable to Regular Expression Denial of Service Moderate
CVE-2020-26303 was published for insane (npm) Oct 26, 2024
Possible ReDoS vulnerability in block_format in Action Mailer Moderate
CVE-2024-47889 was published for actionmailer (RubyGems) Oct 15, 2024
Possible ReDoS vulnerability in plain_text_for_blockquote_node in Action Text Moderate
CVE-2024-47888 was published for actiontext (RubyGems) Oct 15, 2024
Possible ReDoS vulnerability in HTTP Token authentication in Action Controller Moderate
CVE-2024-47887 was published for actionpack (RubyGems) Oct 15, 2024
xhtml2pdf Denial of Service via crafted string Moderate
CVE-2024-25885 was published for xhtml2pdf (pip) Oct 8, 2024
Inefficient Regular Expression Complexity in langflow Moderate
CVE-2024-9277 was published for langflow (pip) Sep 27, 2024
m3t3kh4n
Spring Framework DoS via conditional HTTP request Moderate
CVE-2024-38809 was published for org.springframework:spring-web (Maven) Sep 24, 2024
ReDoS in urlregex Moderate
CVE-2020-36830 was published for urlregex (npm) Sep 2, 2024
Django vulnerable to denial-of-service attack Moderate
CVE-2024-41991 was published for Django (pip) Aug 7, 2024
Rack ReDoS Vulnerability in HTTP Accept Headers Parsing Moderate
CVE-2024-39316 was published for rack (RubyGems) Jul 3, 2024
dwisiswant0
ua-parser/uap-php ReDoS vulnerability Moderate
GHSA-78hm-5hjw-58mh was published for ua-parser/uap-php (Composer) Jun 7, 2024
Regular Expression Denial of Service (ReDoS) in micromatch Moderate
CVE-2024-4067 was published for micromatch (npm) May 14, 2024
jagonalez MarioTeixeiraCx
TCPDF vulnerable to Regular Expression Denial of Service Moderate
CVE-2024-22640 was published for tecnickcom/tcpdf (Composer) Apr 19, 2024
Starfox64
Pydantic regular expression denial of service Moderate
CVE-2024-3772 was published for pydantic (pip) Apr 15, 2024
Black vulnerable to Regular Expression Denial of Service (ReDoS) Moderate
CVE-2024-21503 was published for black (pip) Mar 19, 2024
ProTip! Advisories are also available from the GraphQL API