Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,356
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,782
NuGet
683
pip
3,460
Pub
12
RubyGems
893
Rust
892
Swift
38
Unreviewed advisories
All unreviewed
5,000+

153 advisories

Loading
skeemas Inefficient Regular Expression Complexity vulnerability High
CVE-2018-25074 was published for skeemas (npm) Jan 11, 2023
Regular Expression Denial of Service in simple-markdown High
CVE-2019-25103 was published for simple-markdown (npm) Feb 12, 2023
Regular Expression Denial of Service in simple-markdown High
CVE-2019-25102 was published for simple-markdown (npm) Feb 12, 2023
is-url Inefficient Regular Expression Complexity vulnerability High
CVE-2018-25079 was published for is-url (npm) Feb 4, 2023
debug Inefficient Regular Expression Complexity vulnerability High
CVE-2017-20165 was published for debug (npm) Jan 9, 2023
HvB
Chaijs/get-func-name vulnerable to ReDoS High
CVE-2023-43646 was published for get-func-name (npm) Sep 27, 2023
GAP-dev keithamus
git-url-parse Regular Expression Denial of Service High
CVE-2023-32758 was published for git-url-parse (pip) May 15, 2023
Inefficient Regular Expression Complexity in node-email-check High
CVE-2023-39619 was published for node-email-check (npm) Oct 25, 2023
matveybaykalov
urlnorm vulnerable to Regular Expression Denial of Service High
CVE-2023-33289 was published for urlnorm (Rust) Jun 21, 2023
Inefficient Regular Expression Complexity in git-urls High
CVE-2023-46402 was published for github.com/whilp/git-urls (Go) Nov 18, 2023
axios Inefficient Regular Expression Complexity vulnerability High
CVE-2021-3749 was published for axios (npm) Sep 1, 2021
Regular expression denial of service in devcert High
CVE-2022-1929 was published for devcert (npm) Jun 3, 2022
Uncontrolled Resource Consumption in Hawk High
CVE-2022-29167 was published for hawk (npm) May 23, 2022
loader-utils is vulnerable to Regular Expression Denial of Service (ReDoS) via url variable High
CVE-2022-37603 was published for loader-utils (npm) Oct 14, 2022
jeran-urban
Inefficient Regular Expression Complexity in marked High
CVE-2022-21681 was published for marked (npm) Jan 14, 2022
makenowjust
Inefficient Regular Expression Complexity in marked High
CVE-2022-21680 was published for marked (npm) Jan 14, 2022
makenowjust
Moment.js vulnerable to Inefficient Regular Expression Complexity High
CVE-2022-31129 was published for Moment.js (npm) Jul 6, 2022
vovikhangcdv
Inefficient Regular Expression Complexity in nth-check High
CVE-2021-3803 was published for nth-check (npm) Sep 20, 2021
Charley10101 Shital769
Regular expression denial of service in scss-tokenizer High
CVE-2022-25758 was published for scss-tokenizer (npm) Jul 2, 2022
jhutchings1 G-Rath
tomas-cerney
Inefficient Regular Expression Complexity in shescape High
CVE-2022-25918 was published for shescape (npm) Oct 25, 2022
mowzk
Denial of Service Vulnerability in Rack Multipart Parsing High
CVE-2022-30122 was published for rack (RubyGems) May 27, 2022
Denial of service via header parsing in Rack High
CVE-2022-44570 was published for rack (RubyGems) Jan 18, 2023
Sentry's Astro SDK vulnerable to ReDoS High
CVE-2023-50249 was published for @sentry/astro (npm) Dec 18, 2023
Regular expression denial of service in Delight Nashorn Sandbox High
CVE-2021-40660 was published for org.javadelight:delight-nashorn-sandbox (Maven) Jun 15, 2022
mxro
RedCloth Regular Expression Denial of Service issue High
CVE-2023-31606 was published for RedCloth (RubyGems) Jun 6, 2023
trautlein
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database