GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
114 advisories
Filter by severity
Regular Expression Denial of Service in is-my-json-valid
High
CVE-2016-2537
was published
for
is-my-json-valid
(npm)
Oct 24, 2017
find-my-way has a ReDoS vulnerability in multiparametric routes
High
CVE-2024-45813
was published
for
find-my-way
(npm)
Sep 18, 2024
DOMPurify allows tampering by prototype pollution
High
CVE-2024-45801
was published
for
dompurify
(npm)
Sep 16, 2024
path-to-regexp outputs backtracking regular expressions
High
CVE-2024-45296
was published
for
path-to-regexp
(npm)
Sep 9, 2024
fast-xml-parser vulnerable to ReDOS at currency parsing
High
CVE-2024-41818
was published
for
fast-xml-parser
(npm)
Jul 29, 2024
domain-suffix RegEx Denial of Service
High
CVE-2024-25354
was published
for
domain-suffix
(npm)
Mar 28, 2024
Regular Expression Denial of Service (ReDoS) in micromatch
Moderate
CVE-2024-4067
was published
for
micromatch
(npm)
May 14, 2024
semver vulnerable to Regular Expression Denial of Service
High
CVE-2022-25883
was published
for
semver
(npm)
Jun 21, 2023
(ReDoS) Regular Expression Denial of Service in tf2-item-format
High
CVE-2024-41655
was published
for
tf2-item-format
(npm)
Jul 23, 2024
Regular Expression Denial of Service in ms
High
CVE-2015-8315
was published
for
ms
(npm)
Oct 24, 2017
word-wrap vulnerable to Regular Expression Denial of Service
Moderate
CVE-2023-26115
was published
for
word-wrap
(npm)
Jun 22, 2023
angular vulnerable to super-linear runtime due to backtracking
High
CVE-2024-21490
was published
for
angular
(Maven)
Feb 10, 2024
Sanitize-html Vulnerable To REDoS Attacks
High
CVE-2022-25887
was published
for
sanitize-html
(npm)
Aug 31, 2022
CKEditor 4 ReDoS Vulnerability
Moderate
CVE-2021-26271
was published
for
ckeditor4-dev
(npm)
May 24, 2022
kangax html-minifier REDoS vulnerability
High
CVE-2022-37620
was published
for
html-minifier
(npm)
Oct 31, 2022
loader-utils is vulnerable to Regular Expression Denial of Service (ReDoS)
High
CVE-2022-37599
was published
for
loader-utils
(npm)
Oct 12, 2022
Regular Expression Denial of Service in remarkable
High
CVE-2019-12041
was published
for
remarkable
(npm)
Jun 6, 2019
Regular Expression Denial Of Service in uri-js
Moderate
CVE-2017-16021
was published
for
uri-js
(npm)
Jul 24, 2018
SheetJS Regular Expression Denial of Service (ReDoS)
High
CVE-2024-22363
was published
for
xlsx
(npm)
Apr 5, 2024
MooTools Regular Expression Denial of Service
High
CVE-2021-32821
was published
for
mootools
(npm)
Jan 3, 2023
lambda-middleware Inefficient Regular Expression Complexity vulnerability
Low
CVE-2021-4437
was published
for
@lambda-middleware/json-deserializer
(npm)
Feb 12, 2024
es5-ext vulnerable to Regular Expression Denial of Service in `function#copy` and `function#toStringTokens`
Low
CVE-2024-27088
was published
for
es5-ext
(npm)
Feb 26, 2024
ProTip!
Advisories are also available from the
GraphQL API