Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
44
GitHub Actions
45
Go
3,196
Maven
5,000+
npm
5,000+
NuGet
864
pip
4,483
Pub
12
RubyGems
992
Rust
1,186
Swift
51
Unreviewed advisories
All unreviewed
5,000+

186 advisories

Loading
Regular Expression Denial of Service in Headers High
CVE-2023-24807 was published for undici (npm) Feb 16, 2023
sno2 Credited to sno2
string-kit Inefficient Regular Expression Complexity vulnerability High
CVE-2021-4299 was published for string-kit (npm) Jan 2, 2023
markdown-it vulnerable to Inefficient Regular Expression Complexity High
CVE-2015-10005 was published for markdown-it (npm) Dec 27, 2022
email-existence Inefficient Regular Expression Complexity vulnerability High
CVE-2018-25049 was published for email-existence (npm) Dec 27, 2022
Inefficient Regular Expression Complexity in code-server High
CVE-2021-3810 was published for code-server (npm) Sep 20, 2021
Inefficient Regular Expression Complexity in vuelidate High
CVE-2021-3794 was published for @vuelidate/validators (npm) Sep 20, 2021
madcatone Credited to madcatone
Polynomial regular expression used on uncontrolled data in nitrado.js High
CVE-2022-36034 was published for nitrado.js (npm) Aug 31, 2022
inflect vulnerable to Inefficient Regular Expression Complexity High
CVE-2021-3820 was published for i (npm) Sep 29, 2021
terminal-kit Inefficient Regular Expression Complexity vulnerability High
CVE-2021-4306 was published for terminal-kit (npm) Jan 7, 2023
jquery-validation Regular Expression Denial of Service due to arbitrary input to url2 method High
CVE-2022-31147 was published for jquery-validation (npm) Jul 5, 2022
erik-krogh Credited to erik-krogh, bytestream, and mthreer bytestream bytestream
mthreer mthreer
robots-txt-guard Inefficient Regular Expression Complexity vulnerability High
CVE-2021-4305 was published for robots-txt-guard (npm) Jan 5, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database