Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,179
Erlang
31
GitHub Actions
19
Go
1,982
Maven
5,000+
npm
3,701
NuGet
656
pip
3,323
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

23 advisories

Loading
A vulnerability was found in Kong lua-multipart 0.5.8-1. It has been declared as problematic.... High Unreviewed
CVE-2020-36661 was published Feb 12, 2023
Octobox is software for managing GitHub notifications. Prior to pull request (PR) 2807, a user of... High Unreviewed
CVE-2021-32848 was published Feb 20, 2023
Apache OFBiz up to version 18.12.05 is vulnerable to Regular Expression Denial of Service (ReDoS)... High Unreviewed
CVE-2022-29158 was published Sep 3, 2022
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 15... High Unreviewed
CVE-2023-2132 was published Jun 6, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.7 before 15... High Unreviewed
CVE-2023-2198 was published Jun 7, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.0 before 15... High Unreviewed
CVE-2023-2199 was published Jun 7, 2023
Mailform Pro CGI 4.3.1.2 and earlier allows a remote unauthenticated attacker to cause a denial... High Unreviewed
CVE-2023-32610 was published Jun 29, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.3 before 15... High Unreviewed
CVE-2023-3424 was published Jul 13, 2023
In JetBrains TeamCity before 2023.05.2 a ReDoS attack was possible via integration with issue... High Unreviewed
CVE-2023-39174 was published Jul 25, 2023
An issue has been discovered in GitLab affecting all versions starting from 15.2 before 16.0.8,... High Unreviewed
CVE-2023-0632 was published Aug 2, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.14 before 16... High Unreviewed
CVE-2023-3364 was published Aug 2, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 9.3 before 16.0... High Unreviewed
CVE-2023-3994 was published Aug 2, 2023
Regular expression Denial-of-Service (ReDoS) exists in multiple add-ons for Mailform Pro CGI 4.3... High Unreviewed
CVE-2023-40599 was published Aug 25, 2023
kubeflow/kubeflow is vulnerable to a Regular Expression Denial of Service (ReDoS) attack due to... High Unreviewed
CVE-2024-5552 was published Jun 6, 2024
An issue in OpenStack Storlets yoga-eom allows a remote attacker to execute arbitrary code via... High Unreviewed
CVE-2024-28716 was published Apr 30, 2024
Denial of service condition in M-Files Server in versions before 24.4.13592.4 and after 23.11 ... High Unreviewed
CVE-2024-4056 was published Apr 26, 2024
There is a MEDIUM severity vulnerability affecting CPython. Regular expressions that allowed... High Unreviewed
CVE-2024-6232 was published Sep 3, 2024
There is a LOW severity vulnerability affecting CPython, specifically the 'http.cookies' standard... High Unreviewed
CVE-2024-7592 was published Aug 19, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 16.4 prior to 17.1.7... High Unreviewed
CVE-2024-8124 was published Sep 12, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.5 before 16... High Unreviewed
CVE-2024-2829 was published Apr 25, 2024
Znuny before LTS 6.5.1 through 6.5.10 and 7.0.1 through 7.0.16 allows DoS/ReDos via email.... High Unreviewed
CVE-2024-48938 was published Oct 11, 2024
Validate.js provides a declarative way of validating javascript objects. All versions as of 30... High Unreviewed
CVE-2020-26310 was published Oct 26, 2024
HTML2Markdown is a Javascript implementation for converting HTML to Markdown text. All available... High Unreviewed
CVE-2020-26307 was published Oct 26, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database