Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
43
Go
3,181
Maven
5,000+
npm
5,000+
NuGet
863
pip
4,474
Pub
12
RubyGems
991
Rust
1,185
Swift
51
Unreviewed advisories
All unreviewed
5,000+

378 advisories

Loading
Denial of service via multipart parsing in Rack Low
CVE-2022-44572 was published for rack (RubyGems) Jan 18, 2023
Denial of Service Vulnerability in Rack Content-Disposition parsing Low
CVE-2022-44571 was published for rack (RubyGems) Jan 18, 2023
debug Inefficient Regular Expression Complexity vulnerability High
CVE-2017-20165 was published for debug (npm) Jan 9, 2023
HvB Credited to HvB
TorBot vulnerable to Inefficient Regular Expression Complexity in validate_link Moderate
CVE-2023-45813 was published for torbot (pip) Oct 19, 2023
ikkebr Credited to ikkebr
Chaijs/get-func-name vulnerable to ReDoS High
CVE-2023-43646 was published for get-func-name (npm) Sep 27, 2023
GAP-dev Credited to GAP-dev and keithamus keithamus keithamus
git-url-parse Regular Expression Denial of Service High
CVE-2023-32758 was published for git-url-parse (pip) May 15, 2023
Liferay Portal has Inefficient Regular Expression Moderate
CVE-2023-33950 was published for com.liferay.portal:release.portal.bom (Maven) May 24, 2023
Inefficient Regular Expression Complexity in node-email-check High
CVE-2023-39619 was published for node-email-check (npm) Oct 25, 2023
matveybaykalov Credited to matveybaykalov
git-url-parse crate vulnerable to Regular Expression Denial of Service Low
CVE-2023-33290 was published for git-url-parse (Rust) Jun 12, 2023
@adobe/css-tools Regular Expression Denial of Service (ReDOS) while Parsing CSS Moderate
CVE-2023-26364 was published for @adobe/css-tools (npm) Aug 29, 2023
Inefficient Regular Expression Complexity in git-urls High
CVE-2023-46402 was published for github.com/whilp/git-urls (Go) Nov 18, 2023
uri-template-lite Regular Expression Denial of Service Moderate
CVE-2021-43309 was published for uri-template-lite (npm) Aug 25, 2022
marfoldi Credited to marfoldi
Regular expression denial of service in devcert High
CVE-2022-1929 was published for devcert (npm) Jun 3, 2022
Uncontrolled Resource Consumption in Hawk High
CVE-2022-29167 was published for hawk (npm) May 23, 2022
loader-utils is vulnerable to Regular Expression Denial of Service (ReDoS) via url variable High
CVE-2022-37603 was published for loader-utils (npm) Oct 14, 2022
jeran-urban Credited to jeran-urban
Inefficient Regular Expression Complexity in marked High
CVE-2022-21681 was published for marked (npm) Jan 14, 2022
makenowjust Credited to makenowjust
Inefficient Regular Expression Complexity in marked High
CVE-2022-21680 was published for marked (npm) Jan 14, 2022
makenowjust Credited to makenowjust
Inefficient Regular Expression Complexity in nth-check High
CVE-2021-3803 was published for nth-check (npm) Sep 20, 2021
Charley10101 Credited to Charley10101 and Shital769 Shital769 Shital769
Regular expression denial of service in scss-tokenizer High
CVE-2022-25758 was published for scss-tokenizer (npm) Jul 2, 2022
jhutchings1 Credited to jhutchings1, G-Rath, and tomas-cerney G-Rath G-Rath
tomas-cerney tomas-cerney
Inefficient Regular Expression Complexity in shescape High
CVE-2022-25918 was published for shescape (npm) Oct 25, 2022
mowzk Credited to mowzk
Inefficient Regular Expression Complexity in validator.js Moderate
CVE-2021-3765 was published for validator (npm) Nov 3, 2021
Denial of Service Vulnerability in Rack Multipart Parsing High
CVE-2022-30122 was published for rack (RubyGems) May 27, 2022
@adobe/css-tools Improper Input Validation and Inefficient Regular Expression Complexity Moderate
CVE-2023-48631 was published for @adobe/css-tools (npm) Nov 30, 2023
Inefficient Regular Expression Complexity in Jenkins Build Failure Analyzer Plugin Moderate
CVE-2019-16555 was published for com.sonyericsson.jenkins.plugins.bfa:build-failure-analyzer (Maven) May 24, 2022
Sentry's Astro SDK vulnerable to ReDoS High
CVE-2023-50249 was published for @sentry/astro (npm) Dec 18, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database