Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
43
Go
3,181
Maven
5,000+
npm
5,000+
NuGet
863
pip
4,474
Pub
12
RubyGems
991
Rust
1,185
Swift
51
Unreviewed advisories
All unreviewed
5,000+

186 advisories

Loading
kubeflow/kubeflow is vulnerable to a Regular Expression Denial of Service (ReDoS) attack due to... High Unreviewed
CVE-2024-5552 was published Jun 6, 2024
A Regular Expression Denial of Service (ReDoS) vulnerability exists in the lunary-ai/lunary... High Unreviewed
CVE-2024-4148 was published Jun 1, 2024
Symfony vulnerable to denial of service via a malicious HTTP Host header High
CVE-2014-5244 was published for symfony/http-foundation (Composer) May 30, 2024
An issue in OpenStack Storlets yoga-eom allows a remote attacker to execute arbitrary code via... High Unreviewed
CVE-2024-28716 was published Apr 30, 2024
Denial of service condition in M-Files Server in versions before 24.4.13592.4 and after 23.11 ... High Unreviewed
CVE-2024-4056 was published Apr 26, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.5 before 16... High Unreviewed
CVE-2024-2829 was published Apr 25, 2024
SheetJS Regular Expression Denial of Service (ReDoS) High
CVE-2024-22363 was published for xlsx (npm) Apr 5, 2024
kb-med Credited to kb-med
domain-suffix RegEx Denial of Service High
CVE-2024-25354 was published for domain-suffix (npm) Mar 28, 2024
dsimk Credited to dsimk
Denial of service via regular expression High
CVE-2024-28865 was published for wiki (pip) Mar 18, 2024
stsewd Credited to stsewd, benjaoming, and oscarmcm benjaoming benjaoming
oscarmcm oscarmcm
Duplicate Advisory: ReDos vulnerability of XMLFeedSpider High
GHSA-7c9g-vj9m-8pm6 was published for scrapy (pip) Feb 28, 2024 withdrawn
An issue in alanclarke URLite v.3.1.0 allows an attacker to cause a denial of service (DoS) via a... High Unreviewed
CVE-2023-51931 was published Feb 16, 2024
Scrapy vulnerable to ReDoS via XMLFeedSpider High
CVE-2024-1892 was published for scrapy (pip) Feb 15, 2024
nicecatch2000 Credited to nicecatch2000
angular vulnerable to super-linear runtime due to backtracking High
CVE-2024-21490 was published for angular (Maven) Feb 10, 2024
Duplicate Advisory: FastAPI Content-Type Header ReDoS High
GHSA-qf9m-vfgh-m389 was published for fastapi (pip) Feb 5, 2024 withdrawn
nicecatch2000 Credited to nicecatch2000, huonw, garyd203, and levpachmanov huonw huonw
garyd203 garyd203 levpachmanov levpachmanov
Sentry's Astro SDK vulnerable to ReDoS High
CVE-2023-50249 was published for @sentry/astro (npm) Dec 18, 2023
Inefficient Regular Expression Complexity in git-urls High
CVE-2023-46402 was published for github.com/whilp/git-urls (Go) Nov 18, 2023
Inefficient Regular Expression Complexity in node-email-check High
CVE-2023-39619 was published for node-email-check (npm) Oct 25, 2023
matveybaykalov Credited to matveybaykalov
Zod denial of service vulnerability during email validation High
GHSA-mvrp-3cvx-c325 was published for express-zod-api (npm) Oct 4, 2023
Chaijs/get-func-name vulnerable to ReDoS High
CVE-2023-43646 was published for get-func-name (npm) Sep 27, 2023
GAP-dev Credited to GAP-dev and keithamus keithamus keithamus
MathJax Regular expression Denial of Service (ReDoS) High
CVE-2023-39663 was published for mathjax (npm) Aug 29, 2023
Regular expression Denial-of-Service (ReDoS) exists in multiple add-ons for Mailform Pro CGI 4.3... High Unreviewed
CVE-2023-40599 was published Aug 25, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 9.3 before 16.0... High Unreviewed
CVE-2023-3994 was published Aug 2, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.14 before 16... High Unreviewed
CVE-2023-3364 was published Aug 2, 2023
An issue has been discovered in GitLab affecting all versions starting from 15.2 before 16.0.8,... High Unreviewed
CVE-2023-0632 was published Aug 2, 2023
In JetBrains TeamCity before 2023.05.2 a ReDoS attack was possible via integration with issue... High Unreviewed
CVE-2023-39174 was published Jul 25, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database