Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,790
Erlang
36
GitHub Actions
29
Go
2,370
Maven
5,000+
npm
3,994
NuGet
720
pip
3,783
Pub
12
RubyGems
927
Rust
982
Swift
38
Unreviewed advisories
All unreviewed
5,000+

16 advisories

Loading
Denial of service in sidekiq High
CVE-2022-23837 was published for sidekiq (RubyGems) Jan 27, 2022
A poorly-behaved client could use keepalive requests to monopolize Puma's reactor and create a denial of service attack Moderate
CVE-2019-16770 was published for puma (RubyGems) Dec 5, 2019
Uncontrolled resource consumption in nokogiri Moderate
CVE-2017-18258 was published for nokogiri (RubyGems) Apr 13, 2018
Denial of Service Vulnerability in Action View High
CVE-2019-5419 was published for actionview (RubyGems) Mar 13, 2019
rack-contrib vulnerable to Denial of Service due to the unconstrained value of the incoming "profiler_runs" parameter High
CVE-2024-35231 was published for rack-contrib (RubyGems) May 28, 2024
Sim4n6 ioquatix
Excessive Iteration in gRPC High
CVE-2023-33953 was published for grpc (RubyGems) Aug 9, 2023
levpachmanov
Possible ReDoS vulnerability in query parameter filtering in Action Dispatch Moderate
CVE-2024-41128 was published for actionpack (RubyGems) Oct 15, 2024
Password Pusher rate limiter can be bypassed by forging proxy headers Low
CVE-2024-52796 was published for pwpush (RubyGems) Nov 20, 2024
REXML DoS vulnerability Moderate
CVE-2024-41123 was published for rexml (RubyGems) Aug 1, 2024
REXML DoS vulnerability Moderate
CVE-2024-41946 was published for rexml (RubyGems) Aug 2, 2024
naitoh
Rack has possible DoS Vulnerability in Multipart MIME parsing High
CVE-2023-27530 was published for rack (RubyGems) Mar 8, 2023
CGI has Denial of Service (DoS) potential in Cookie.parse Moderate
CVE-2025-27219 was published for cgi (RubyGems) Mar 3, 2025
Ruby SAML allows remote Denial of Service (DoS) with compressed SAML responses High
CVE-2025-25293 was published for ruby-saml (RubyGems) Mar 12, 2025
p-
net-imap rubygem vulnerable to possible DoS by memory exhaustion Moderate
CVE-2025-43857 was published for net-imap (RubyGems) Apr 28, 2025
Masamuneee nevans
Possible DoS by memory exhaustion in net-imap Moderate
CVE-2025-25186 was published for net-imap (RubyGems) Feb 10, 2025
manunio nevans
ReDoS Vulnerability in Rack::Multipart handle_mime_head Moderate
CVE-2025-49007 was published for rack (RubyGems) Jun 5, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database