Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,179
Erlang
31
GitHub Actions
19
Go
1,982
Maven
5,000+
npm
3,701
NuGet
656
pip
3,324
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+

68 advisories

Loading
Aim denial of service vulnerability High
CVE-2024-6227 was published for aim (pip) Jul 8, 2024
Soot Infinite Loop vulnerability High
CVE-2023-46442 was published for org.soot-oss:soot (Maven) May 24, 2024
Ryu Infinite Loop vulnerability High
CVE-2024-34489 was published for ryu (pip) May 5, 2024
Ryu Infinite Loop vulnerability High
CVE-2024-34488 was published for ryu (pip) May 5, 2024
aiohttp vulnerable to Denial of Service when trying to parse malformed POST requests High
CVE-2024-30251 was published for aiohttp (pip) May 3, 2024
bytehope
Denial of Service Vulnerability in Rustls Library High
CVE-2024-32650 was published for rustls (Rust) Apr 19, 2024
Taowyoo arai-fortanix
jjfiv s-arash
Ryu Infinite Loop vulnerability High
CVE-2024-28732 was published for ryu (pip) Apr 8, 2024
CodeIgniter4 DoS Vulnerability High
CVE-2024-29904 was published for codeigniter4/framework (Composer) Mar 29, 2024
colethorsen
Apache Commons Compress: Denial of service caused by an infinite loop for a corrupted DUMP file High
CVE-2024-25710 was published for org.apache.commons:commons-compress (Maven) Feb 19, 2024
oscerd
hutool-core discovered to contain an infinite loop in the StrSplitter.splitByRegex function High
CVE-2023-51075 was published for cn.hutool:hutool-core (Maven) Dec 27, 2023
Candid infinite decoding loop through specially crafted payload High
CVE-2023-6245 was published for candid (Rust) Dec 8, 2023
venkkatesh-sekar chenyan-dfinity
MediaWiki Denial of Service vulnerability High
CVE-2023-45363 was published for mediawiki/core (Composer) Oct 9, 2023
Rudloff
asyncua vulnerable to denial of service via infinite loop High
CVE-2023-26151 was published for asyncua (pip) Oct 3, 2023
x/net/html Vulnerable to DoS During HTML Parsing High
CVE-2018-17846 was published for golang.org/x/net (Go) Sep 25, 2023
Undertow denial of service vulnerability High
CVE-2023-1108 was published for io.undertow:undertow-core (Maven) Sep 14, 2023
marcospds bvahdat
FaucetSDN Ryu Denial of Service Vulnerability High
CVE-2020-35141 was published for ryu (pip) Aug 11, 2023
FaucetSDN Ryu Denial of Service Vulnerability High
CVE-2020-35139 was published for ryu (pip) Aug 11, 2023
SwiftNIO Extras vulnerable to improper detection of complete HTTP body decompression High
CVE-2022-3252 was published for github.com/apple/swift-nio-extras (Swift) Jun 7, 2023
vojtarylko
Improper calculations in ECC implementation can trigger a Denial-of-Service (DoS) High
CVE-2023-25653 was published for node-jose (npm) Feb 16, 2023
justaugustus bifurcation
socks Infinite Loop vulnerability High
CVE-2013-10005 was published for github.com/btcsuite/go-socks (Go) Dec 28, 2022
Apache Avro Rust SDK vulnerable to reader looping in cycle endlessly, consuming CPU High
CVE-2022-35724 was published for apache-avro (Rust) Aug 10, 2022
file-type vulnerable to Infinite Loop via malformed MKV file High
CVE-2022-36313 was published for file-type (npm) Jul 22, 2022
kiskoza ItalyPaleAle
Security Update for the OPC UA .NET Standard Stack High
CVE-2022-29862 was published for OPCFoundation.NetStandard.Opc.Ua.Core (NuGet) Jun 17, 2022
mregen
Infinite loop in jpeg-js High
CVE-2022-25851 was published for jpeg-js (npm) Jun 11, 2022
Pion DTLS Header reconstruction method can be thrown into an infinite loop High
CVE-2022-29190 was published for github.com/pion/dtls (Go) May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database