GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
139 advisories
Filter by severity
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.5 before 16...
High
Unreviewed
CVE-2024-2829
was published
Apr 25, 2024
Regular Expression Denial of Service in is-my-json-valid
High
CVE-2016-2537
was published
for
is-my-json-valid
(npm)
Oct 24, 2017
markdown2 Regular Expression Denial of Service
High
CVE-2021-26813
was published
for
markdown2
(pip)
Jun 2, 2021
mako is vulnerable to Regular Expression Denial of Service
High
CVE-2022-40023
was published
for
mako
(pip)
Sep 16, 2022
Regular Expression Denial of Service in Leo Editor
High
CVE-2020-23478
was published
for
leo
(pip)
Sep 23, 2021
Mistune vulnerable to catastrophic backtracking
High
CVE-2022-34749
was published
for
mistune
(pip)
Jul 26, 2022
mechanize Regular Expression Denial of Service vulnerability
High
CVE-2021-32837
was published
for
mechanize
(pip)
Jan 18, 2023
Regular Expression Denial of Service in flask-restx
High
CVE-2021-32838
was published
for
flask-restx
(pip)
Sep 8, 2021
Django has regular expression denial of service vulnerability in EmailValidator/URLValidator
High
CVE-2023-36053
was published
for
Django
(pip)
Jul 3, 2023
Django denial-of-service vulnerability in internationalized URLs
High
CVE-2022-41323
was published
for
django
(pip)
Oct 16, 2022
find-my-way has a ReDoS vulnerability in multiparametric routes
High
CVE-2024-45813
was published
for
find-my-way
(npm)
Sep 18, 2024
Django ReDoS in validators.URLValidator
High
CVE-2015-5145
was published
for
Django
(pip)
May 17, 2022
DOMPurify allows tampering by prototype pollution
High
CVE-2024-45801
was published
for
dompurify
(npm)
Sep 16, 2024
Django Regex Algorithmic Complexity Causes Denial of Service
High
CVE-2009-3695
was published
for
Django
(pip)
May 2, 2022
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.4 prior to 17.1.7...
High
Unreviewed
CVE-2024-8124
was published
Sep 12, 2024
path-to-regexp outputs backtracking regular expressions
High
CVE-2024-45296
was published
for
path-to-regexp
(npm)
Sep 9, 2024
fast-xml-parser vulnerable to ReDOS at currency parsing
High
CVE-2024-41818
was published
for
fast-xml-parser
(npm)
Jul 29, 2024
regular expression denial-of-service (ReDoS) in Bleach
High
CVE-2020-6817
was published
for
bleach
(pip)
Mar 30, 2020
There is a LOW severity vulnerability affecting CPython, specifically the
'http.cookies' standard...
High
Unreviewed
CVE-2024-7592
was published
Aug 19, 2024
There is a MEDIUM severity vulnerability affecting CPython.
Regular expressions that allowed...
High
Unreviewed
CVE-2024-6232
was published
Sep 3, 2024
domain-suffix RegEx Denial of Service
High
CVE-2024-25354
was published
for
domain-suffix
(npm)
Mar 28, 2024
Denial of service condition in M-Files Server in versions before 24.4.13592.4 and after 23.11 ...
High
Unreviewed
CVE-2024-4056
was published
Apr 26, 2024
semver vulnerable to Regular Expression Denial of Service
High
CVE-2022-25883
was published
for
semver
(npm)
Jun 21, 2023
(ReDoS) Regular Expression Denial of Service in tf2-item-format
High
CVE-2024-41655
was published
for
tf2-item-format
(npm)
Jul 23, 2024
ProTip!
Advisories are also available from the
GraphQL API