GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,179
Erlang
31
GitHub Actions
19
Go
1,982
Maven
5,000+
npm
3,701
NuGet
656
pip
3,323
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+
16 advisories
Filter by severity
SUCHMOKUO node-worker-threads-pool denial of service Vulnerability
Moderate
CVE-2021-29057
was published
for
node-worker-threads-pool
(npm)
Aug 11, 2023
The `size` option isn't honored after following a redirect in node-fetch
Low
CVE-2020-15168
was published
for
node-fetch
(npm)
Sep 10, 2020
Strapi Improper Rate Limiting vulnerability
High
CVE-2023-38507
was published
for
@strapi/admin
(npm)
Sep 13, 2023
Allocation of Resources Without Limits or Throttling in vriteio/vrite
Moderate
CVE-2023-5573
was published
for
@vrite/sdk
(npm)
Oct 13, 2023
OpenZeppelin Contracts ERC165Checker unbounded gas consumption
Moderate
CVE-2022-35915
was published
for
@openzeppelin/contracts
(npm)
Aug 14, 2022
NocoDB vulnerable to Denial of Service
Moderate
CVE-2022-3423
was published
for
nocodb
(npm)
Oct 7, 2022
libp2p DoS vulnerability from lack of resource management
High
CVE-2022-23487
was published
for
libp2p
(npm)
Dec 7, 2022
Denial of Service vulnerability with large JSON payloads in fastify
High
CVE-2018-3711
was published
for
fastify
(npm)
Jul 18, 2018
Denial of service due to unlimited number of parts
High
CVE-2023-25576
was published
for
@fastify/multipart
(npm)
Feb 14, 2023
Regular Expression Denial of Service (ReDOS)
Moderate
CVE-2021-29060
was published
for
color-string
(npm)
Jun 22, 2021
Regular Expression Denial of Service in sshpk
High
CVE-2018-3737
was published
for
sshpk
(npm)
Aug 15, 2018
node-opcua DoS vulnerability via message with memory allocation that exceeds v8's memory limit
High
CVE-2022-25231
was published
for
node-opcua
(npm)
Aug 24, 2022
angular vulnerable to regular expression denial of service (ReDoS)
Moderate
CVE-2022-25844
was published
for
angular
(npm)
May 3, 2022
modern-async's `forEachSeries` and `forEachLimit` functions do not limit the number of requests
High
CVE-2021-41167
was published
for
modern-async
(npm)
Oct 21, 2021
ProTip!
Advisories are also available from the
GraphQL API