GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
2,404 advisories
Filter by severity
Regular Expression Denial of Service in websocket-extensions (NPM package)
High
CVE-2020-7662
was published
for
websocket-extensions
(npm)
Jun 5, 2020
Uncontrolled Resource Consumption in Indy Node
Critical
CVE-2020-11090
was published
for
indy-node
(pip)
Jun 11, 2020
Apache Tomcat Denial of Service vulnerability
High
CVE-2019-0199
was published
for
org.apache.tomcat.embed:tomcat-embed-core
(Maven)
Jun 15, 2020
Denial of service in Apache Xerces2
High
CVE-2012-0881
was published
for
xerces:xercesImpl
(Maven)
Jun 15, 2020
Denial of Service in Netty
High
CVE-2020-11612
was published
for
io.netty:netty-handler
(Maven)
Jun 15, 2020
Regular expression denial of service in url-regex
High
CVE-2020-7661
was published
for
url-regex
(npm)
Jun 22, 2020
Untrusted users can run pending migrations in production in Rails
Moderate
CVE-2020-8185
was published
for
actionpack
(RubyGems)
Jun 24, 2020
Uncontrolled resource consumption in jpeg-js
Moderate
CVE-2020-8175
was published
for
jpeg-js
(npm)
Jul 27, 2020
Regular Expression Denial of Service in validator
High
CVE-2014-8882
was published
for
validator
(npm)
Aug 31, 2020
Regular Expression Denial of Service in bleach
Moderate
CVE-2014-8881
was published
for
bleach
(npm)
Sep 1, 2020
Regular Expression Denial of Service in ansi2html
High
CVE-2015-9239
was published
for
ansi2html
(npm)
Sep 1, 2020
Denial of Service in markdown-it-toc-and-anchor
High
GHSA-x6m6-5hrf-fh6r
was published
for
markdown-it-toc-and-anchor
(npm)
Sep 1, 2020
Denial of Service in ipfs-bitswap
Moderate
GHSA-6fcr-9h9g-23fq
was published
for
ipfs-bitswap
(npm)
Sep 2, 2020
Regular Expression Denial of Service in simple-markdown
Moderate
GHSA-4xf9-pgvv-xx67
was published
for
simple-markdown
(npm)
Sep 3, 2020
Denial of Service in @hapi/subtext
High
GHSA-4rgj-8mq3-hggj
was published
for
@hapi/subtext
(npm)
Sep 3, 2020
Denial of Service in @commercial/subtext
High
GHSA-fvwr-h9xh-m6wc
was published
for
@commercial/subtext
(npm)
Sep 3, 2020
Denial of Service in apostrophe
Low
GHSA-pv6r-vchh-cxg9
was published
for
apostrophe
(npm)
Sep 3, 2020
Denial of Service in handlebars
Moderate
GHSA-f52g-6jhx-586p
was published
for
handlebars
(npm)
Sep 3, 2020
Regular Expression Denial of Service in markdown
Low
GHSA-wx77-rp39-c6vg
was published
for
markdown
(npm)
Sep 4, 2020
Bitcoin Inventory Out-of-Memory Denial-of-Service Attack (CVE-2018-17145)
High
CVE-2018-17145
was published
for
bcoin
(npm)
Sep 10, 2020
ProTip!
Advisories are also available from the
GraphQL API