Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+

251 advisories

Loading
Regular expression denial of service in apache tika Moderate
CVE-2022-30973 was published for org.apache.tika:tika-core (Maven) Jun 1, 2022
jkmartindale
Regular expression denial of service in apache tika Moderate
CVE-2022-30126 was published for org.apache.tika:tika (Maven) May 17, 2022
github.com/tidwall/gjson Vulnerable to REDoS attack High
CVE-2021-42836 was published for github.com/tidwall/gjson (Go) Oct 25, 2021
pymatgen is vulnerable to Regular Expression Denial of Service (ReDoS) Moderate
CVE-2022-42964 was published for pymatgen (pip) Nov 10, 2022
snowflake-connector-python is vulnerable to Regular Expression Denial of Service (ReDoS) Moderate
CVE-2022-42965 was published for snowflake-connector-python (pip) Nov 10, 2022
JBrown0x90 westonsteimel
cleo is vulnerable to Regular Expression Denial of Service (ReDoS) Moderate
CVE-2022-42966 was published for cleo (pip) Nov 10, 2022
neersighted tdunlap607
Inefficient Regular Expression Complexity in handsontable High
CVE-2021-23446 was published for handsontable (npm) Sep 30, 2021
NLTK Vulnerable to REDoS High
CVE-2021-3828 was published for nltk (pip) Sep 29, 2021
steal vulnerable to Regular Expression Denial of Service via input variable High
CVE-2022-37260 was published for steal (npm) Sep 16, 2022
Inefficient Regular Expression Complexity in Loofah High
CVE-2022-23514 was published for loofah (RubyGems) Dec 13, 2022
Inefficient Regular Expression Complexity in rails-html-sanitizer High
CVE-2022-23517 was published for rails-html-sanitizer (RubyGems) Dec 13, 2022
ReDoS based DoS vulnerability in GlobalID Low
CVE-2023-22799 was published for globalid (RubyGems) Jan 18, 2023
tdunlap607
Inefficient Regular Expression Complexity in chalk/ansi-regex High
CVE-2021-3807 was published for ansi-regex (npm) Sep 20, 2021
MylesBorins cji-stripe
G-Rath
Zod denial of service vulnerability during email validation High
GHSA-mvrp-3cvx-c325 was published for express-zod-api (npm) Oct 4, 2023
Vercel ms Inefficient Regular Expression Complexity vulnerability Moderate
CVE-2017-20162 was published for ms (npm) Jan 5, 2023
rgb2hex vulnerable to inefficient regular expression complexity High
CVE-2018-25061 was published for rgb2hex (npm) Dec 31, 2022
skeemas Inefficient Regular Expression Complexity vulnerability High
CVE-2018-25074 was published for skeemas (npm) Jan 11, 2023
Regular Expression Denial of Service in simple-markdown High
CVE-2019-25103 was published for simple-markdown (npm) Feb 12, 2023
Regular Expression Denial of Service in simple-markdown High
CVE-2019-25102 was published for simple-markdown (npm) Feb 12, 2023
is-url Inefficient Regular Expression Complexity vulnerability High
CVE-2018-25079 was published for is-url (npm) Feb 4, 2023
Denial of service via multipart parsing in Rack Low
CVE-2022-44572 was published for rack (RubyGems) Jan 18, 2023
Denial of Service Vulnerability in Rack Content-Disposition parsing Low
CVE-2022-44571 was published for rack (RubyGems) Jan 18, 2023
debug Inefficient Regular Expression Complexity vulnerability High
CVE-2017-20165 was published for debug (npm) Jan 9, 2023
HvB
Regular Expression Denial of Service (ReDoS) in lodash Moderate
CVE-2020-28500 was published for lodash (npm) Jan 6, 2022
mitchell-codecov nitaiapiiro
DmitriyLewen jkmartindale
angular vulnerable to regular expression denial of service via the $resource service Moderate
CVE-2023-26117 was published for angular (npm) Mar 30, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database