Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,690
Maven
5,000+
npm
4,320
NuGet
760
pip
4,096
Pub
12
RubyGems
958
Rust
1,063
Swift
45
Unreviewed advisories
All unreviewed
5,000+

11 advisories

Loading
Babel vulnerable to arbitrary code execution when compiling specifically crafted malicious code Critical
CVE-2023-45133 was published for @babel/traverse (npm) Oct 16, 2023
SteakEnthusiast ashdude1401
nicolo-ribaudo Apetree100122 ebickle
Credited to SteakEnthusiast, ashdude1401, nicolo-ribaudo, Apetree100122, and ebickle
uri-template-lite Regular Expression Denial of Service Moderate
CVE-2021-43309 was published for uri-template-lite (npm) Aug 25, 2022
marfoldi
Credited to marfoldi
Regular Expression Denial of Service in jsoneditor Moderate
CVE-2021-3822 was published for jsoneditor (npm) Sep 29, 2021
Inefficient Regular Expression Complexity in vuelidate High
CVE-2021-3794 was published for @vuelidate/validators (npm) Sep 20, 2021
madcatone
Credited to madcatone
Inefficient Regular Expression Complexity in chalk/ansi-regex High
CVE-2021-3807 was published for ansi-regex (npm) Sep 20, 2021
MylesBorins cji-stripe
G-Rath
Credited to MylesBorins, cji-stripe, and G-Rath
Regular expression denial of service in react-native High
CVE-2020-1920 was published for react-native (npm) Jul 20, 2021
False-positive validity for NFT1 genesis transactions Critical
CVE-2020-15131 was published for slp-validate (npm) Jul 30, 2020
False-positive validity for NFT1 genesis transactions in SLPJS Critical
CVE-2020-15130 was published for slpjs (npm) Jul 30, 2020
False-negative validation results in MINT transactions with invalid baton Critical
CVE-2020-11072 was published for slp-validate (npm) May 12, 2020
False-negative validation results in MINT transactions with invalid baton Critical
CVE-2020-11071 was published for slpjs (npm) May 12, 2020
Insecure Comparison in secure-compare High
CVE-2015-9238 was published for secure-compare (npm) Jun 3, 2019
tdunlap607
Credited to tdunlap607
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database