Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,801
Erlang
36
GitHub Actions
29
Go
2,380
Maven
5,000+
npm
4,010
NuGet
720
pip
3,810
Pub
12
RubyGems
930
Rust
986
Swift
38
Unreviewed advisories
All unreviewed
5,000+

129 advisories

Loading
MathJax Regular expression Denial of Service (ReDoS) High
CVE-2023-39663 was published for mathjax (npm) Aug 29, 2023
Apache Airflow Improper Input Validation vulnerability High
CVE-2023-36543 was published for apache-airflow (pip) Jul 12, 2023
is_js vulnerable to Regular Expression Denial of Service High
CVE-2020-26302 was published for is_js (npm) Jul 6, 2023
Django has regular expression denial of service vulnerability in EmailValidator/URLValidator High
CVE-2023-36053 was published for Django (pip) Jul 3, 2023
Withdrawn Advisory: urlnorm vulnerable to Regular Expression Denial of Service High
CVE-2023-33289 was published for urlnorm (Rust) Jun 21, 2023 withdrawn
semver vulnerable to Regular Expression Denial of Service High
CVE-2022-25883 was published for semver (npm) Jun 21, 2023
mrgrain G-Rath
RedCloth Regular Expression Denial of Service issue High
CVE-2023-31606 was published for RedCloth (RubyGems) Jun 6, 2023
trautlein
fast-xml-parser vulnerable to Regex Injection via Doctype Entities High
CVE-2023-34104 was published for fast-xml-parser (npm) Jun 6, 2023
7085 levpachmanov
git-url-parse Regular Expression Denial of Service High
CVE-2023-32758 was published for git-url-parse (pip) May 15, 2023
Ruby URI component ReDoS issue High
CVE-2023-28755 was published for uri (RubyGems) Mar 31, 2023
Ruby Time component ReDoS issue High
CVE-2023-28756 was published for time (RubyGems) Mar 31, 2023
Duplicate advisory: Deno vulnerable to Regular Expression Denial of Service High
GHSA-xr9w-x6gw-c9mj was published for deno (Rust) Feb 25, 2023 withdrawn
Regular Expression Denial of Service in Headers High
CVE-2023-24807 was published for undici (npm) Feb 16, 2023
sno2
Regular Expression Denial of Service in simple-markdown High
CVE-2019-25102 was published for simple-markdown (npm) Feb 12, 2023
Regular Expression Denial of Service in simple-markdown High
CVE-2019-25103 was published for simple-markdown (npm) Feb 12, 2023
Withdrawn: cacheable-request depends on http-cache-semantics, which is vulnerable to Regular Expression Denial of Service High
GHSA-8x6c-cv3v-vp6g was published for cacheable-request (npm) Feb 11, 2023 withdrawn
is-url Inefficient Regular Expression Complexity vulnerability High
CVE-2018-25079 was published for is-url (npm) Feb 4, 2023
Switcher Client contains Regular Expression Denial of Service (ReDoS) High
CVE-2023-23925 was published for switcher-client (npm) Feb 2, 2023
petruki tdunlap607
http-cache-semantics vulnerable to Regular Expression Denial of Service High
CVE-2022-25881 was published for http-cache-semantics (Maven) Jan 31, 2023
tdunlap607
ReDoS Vulnerability in ua-parser-js version High
CVE-2022-25927 was published for ua-parser-js (npm) Jan 24, 2023
G-Rath
Denial of service via header parsing in Rack High
CVE-2022-44570 was published for rack (RubyGems) Jan 18, 2023
mechanize Regular Expression Denial of Service vulnerability High
CVE-2021-32837 was published for mechanize (pip) Jan 18, 2023
Duplicate Advisory: PapaParse Inefficient Regular Expression Complexity vulnerability High
GHSA-798h-g4j5-5537 was published for papaparse (npm) Jan 11, 2023 withdrawn
skeemas Inefficient Regular Expression Complexity vulnerability High
CVE-2018-25074 was published for skeemas (npm) Jan 11, 2023
Luxon Inefficient Regular Expression Complexity vulnerability High
CVE-2023-22467 was published for luxon (npm) Jan 9, 2023
skrtheboss remi-san
makkes canderson-activatecare rpastro cmp831
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database