Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
43
Go
3,181
Maven
5,000+
npm
5,000+
NuGet
863
pip
4,474
Pub
12
RubyGems
991
Rust
1,185
Swift
51
Unreviewed advisories
All unreviewed
5,000+

378 advisories

Loading
An issue was discovered in Heimdal Thor agent versions 3.4.2 and before on Windows and 2.6.9 and... Critical Unreviewed
CVE-2023-29487 was published Dec 21, 2023
An issue was discovered in Heimdal Thor agent versions 3.4.2 and before 3.7.0 on Windows, allows... Critical Unreviewed
CVE-2023-29486 was published Dec 21, 2023
Regular expression denial of service in Delight Nashorn Sandbox High
CVE-2021-40660 was published for org.javadelight:delight-nashorn-sandbox (Maven) Jun 15, 2022
mxro Credited to mxro
RedCloth Regular Expression Denial of Service issue High
CVE-2023-31606 was published for RedCloth (RubyGems) Jun 6, 2023
trautlein Credited to trautlein
ReDoS in Embedchain Moderate
CVE-2024-23732 was published for embedchain (pip) Jan 21, 2024
Regular expression denial of service vulnerability (ReDoS) in date High
CVE-2021-41817 was published for date (RubyGems) Nov 16, 2021
SValkanov Credited to SValkanov
An issue has been discovered in GitLab CE/EE affecting all versions from 12.7 prior to 16.6.6, 16... Moderate Unreviewed
CVE-2023-6159 was published Jan 26, 2024
MathJax Regular expression Denial of Service (ReDoS) High
CVE-2023-39663 was published for mathjax (npm) Aug 29, 2023
Denial of Service in uap-core High
CVE-2021-21317 was published for uap-core (npm) Feb 2, 2021
Denial of Service in uap-core when processing crafted User-Agent strings Moderate
CVE-2020-5243 was published for uap-core (RubyGems) Feb 20, 2020
bcaller Credited to bcaller
Regular Expression Denial of Service in marked High
CVE-2015-8854 was published for marked (npm) Oct 24, 2017
Luxon Inefficient Regular Expression Complexity vulnerability High
CVE-2023-22467 was published for luxon (npm) Jan 9, 2023
skrtheboss Credited to skrtheboss, remi-san, makkes, canderson-activatecare, rpastro, and cmp831 remi-san remi-san
makkes makkes canderson-activatecare canderson-activatecare rpastro rpastro cmp831 cmp831
minimatch ReDoS vulnerability High
CVE-2022-3517 was published for minimatch (npm) Oct 18, 2022
Duplicate Advisory: FastAPI Content-Type Header ReDoS High
GHSA-qf9m-vfgh-m389 was published for fastapi (pip) Feb 5, 2024 withdrawn
nicecatch2000 Credited to nicecatch2000, huonw, garyd203, and levpachmanov huonw huonw
garyd203 garyd203 levpachmanov levpachmanov
Rack Header Parsing leads to Possible Denial of Service Vulnerability Low
CVE-2024-26146 was published for rack (RubyGems) Feb 28, 2024
SValkanov Credited to SValkanov
lambda-middleware Inefficient Regular Expression Complexity vulnerability Low
CVE-2021-4437 was published for @lambda-middleware/json-deserializer (npm) Feb 12, 2024
Rails has possible ReDoS vulnerability in Accept header parsing in Action Dispatch Low
CVE-2024-26142 was published for actionpack (RubyGems) Feb 27, 2024
SValkanov Credited to SValkanov, yoshizawa-masatoshi, and postmodern yoshizawa-masatoshi yoshizawa-masatoshi
postmodern postmodern
[TagAwareCipher] - Decryption Failure (Regex Match) Low
CVE-2024-28864 was published for ilicmiljan/secure-props (Composer) Mar 18, 2024
ilicmiljan Credited to ilicmiljan
Denial of service via regular expression High
CVE-2024-28865 was published for wiki (pip) Mar 18, 2024
stsewd Credited to stsewd, benjaoming, and oscarmcm benjaoming benjaoming
oscarmcm oscarmcm
MooTools Regular Expression Denial of Service High
CVE-2021-32821 was published for mootools (npm) Jan 3, 2023
anonymous4ACL24 Credited to anonymous4ACL24
A Regular Expression Denial of Service (ReDoS) issue was discovered in Puppet Server 7.9.2... Moderate Unreviewed
CVE-2023-1894 was published May 5, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 15... High Unreviewed
CVE-2023-2132 was published Jun 6, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.0 before 15... High Unreviewed
CVE-2023-2199 was published Jun 7, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.7 before 15... High Unreviewed
CVE-2023-2198 was published Jun 7, 2023
An issue has been discovered in GitLab affecting all versions starting from 15.10 before 16.1,... Moderate Unreviewed
CVE-2023-2232 was published Jun 28, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database