Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

140 advisories

Loading
fast-xml-parser vulnerable to ReDOS at currency parsing High
CVE-2024-41818 was published for fast-xml-parser (npm) Jul 29, 2024
Gauss-Security amitguptagwl
Flowise Unauthenticated Denial of Service (DoS) vulnerability High
CVE-2024-8182 was published for flowise (npm) Aug 27, 2024
Next.js Denial of Service (DoS) condition High
CVE-2024-39693 was published for next (npm) Jul 10, 2024
images vulnerable to Denial of Service High
CVE-2024-21523 was published for images (npm) Jul 10, 2024
Regular Expression Denial of Service in ms High
CVE-2015-8315 was published for ms (npm) Oct 24, 2017
speaker vulnerable to Denial of Service High
CVE-2024-21526 was published for speaker (npm) Jul 10, 2024
Uncontrolled resource consumption in braces High
CVE-2024-4068 was published for braces (npm) May 14, 2024
AlmogApiiro
s3-url-parser vulnerable to Denial of Service via regexes component High
CVE-2024-25355 was published for s3-url-parser (npm) May 1, 2024
glob-parent vulnerable to Regular Expression Denial of Service in enclosure regex High
CVE-2020-28469 was published for glob-parent (npm) Jun 7, 2021
sealonohana
kangax html-minifier REDoS vulnerability High
CVE-2022-37620 was published for html-minifier (npm) Oct 31, 2022
loader-utils is vulnerable to Regular Expression Denial of Service (ReDoS) High
CVE-2022-37599 was published for loader-utils (npm) Oct 12, 2022
jeran-urban G-Rath
Regular Expression Denial of Service in remarkable High
CVE-2019-12041 was published for remarkable (npm) Jun 6, 2019
LeSuisse
MooTools Regular Expression Denial of Service High
CVE-2021-32821 was published for mootools (npm) Jan 3, 2023
anonymous4ACL24
webui-aria2 Path Traversal vulnerability High
CVE-2023-39141 was published for webui-aria2 (npm) Aug 22, 2023
JafarAkhondali
minimatch ReDoS vulnerability High
CVE-2022-3517 was published for minimatch (npm) Oct 18, 2022
Denial of Service in jquery High
CVE-2016-10707 was published for jQuery (RubyGems) Jan 22, 2018
Denial of Service in uap-core High
CVE-2021-21317 was published for uap-core (npm) Feb 2, 2021
Sentry's Astro SDK vulnerable to ReDoS High
CVE-2023-50249 was published for @sentry/astro (npm) Dec 18, 2023
DOS by abusing `fetchOptions.retry`. High
CVE-2023-49800 was published for nuxt-api-party (npm) Dec 11, 2023
OhB00
Denial of Service in markdown-it-toc-and-anchor High
GHSA-x6m6-5hrf-fh6r was published for markdown-it-toc-and-anchor (npm) Sep 1, 2020
mprpic
Uncontrolled Resource Consumption in trim-newlines High
CVE-2021-33623 was published for trim-newlines (npm) Jun 7, 2021
Regular Expression Denial of Service in tough-cookie High
CVE-2017-15010 was published for tough-cookie (npm) Jul 24, 2018
tdunlap607
tmpl vulnerable to Inefficient Regular Expression Complexity which may lead to resource exhaustion High
CVE-2021-3777 was published for tmpl (npm) Sep 20, 2021
ReDoS in normalize-url High
CVE-2021-33502 was published for normalize-url (npm) Jun 8, 2021
Moment.js vulnerable to Inefficient Regular Expression Complexity High
CVE-2022-31129 was published for Moment.js (npm) Jul 6, 2022
vovikhangcdv
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database