GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
2,404 advisories
Filter by severity
Denial of service in Apache Xerces2
High
CVE-2012-0881
was published
for
xerces:xercesImpl
(Maven)
Jun 15, 2020
Apache Tomcat Denial of Service vulnerability
High
CVE-2019-0199
was published
for
org.apache.tomcat.embed:tomcat-embed-core
(Maven)
Jun 15, 2020
Uncontrolled Resource Consumption in Indy Node
Critical
CVE-2020-11090
was published
for
indy-node
(pip)
Jun 11, 2020
Regular Expression Denial of Service in websocket-extensions (NPM package)
High
CVE-2020-7662
was published
for
websocket-extensions
(npm)
Jun 5, 2020
Regular Expression Denial of Service in websocket-extensions (RubyGem)
High
CVE-2020-7663
was published
for
websocket-extensions
(RubyGems)
Jun 5, 2020
BSON rubygem contains potential denial of service
High
CVE-2015-4411
was published
for
bson
(RubyGems)
Apr 29, 2020
Regular Expression Denial of Service in Acorn
High
GHSA-6chw-6frg-f759
was published
for
acorn
(npm)
Apr 3, 2020
regular expression denial-of-service (ReDoS) in Bleach
High
CVE-2020-6817
was published
for
bleach
(pip)
Mar 30, 2020
Catastrophic backtracking in regex allows Denial of Service in Waitress
Moderate
CVE-2020-5236
was published
for
waitress
(pip)
Feb 4, 2020
Regular Expression Denial of Service in csv-parse
High
CVE-2019-17592
was published
for
csv-parse
(npm)
Oct 15, 2019
Uncontrolled Resource Consumption in MetadataExtractor
High
CVE-2019-14262
was published
for
MetadataExtractor
(NuGet)
Aug 23, 2019
Denial of Service in rgb2hex
Moderate
GHSA-65p8-3hm4-h9h8
was published
for
rgb2hex
(npm)
Aug 23, 2019
Django Denial-of-service in strip_tags()
High
CVE-2019-14233
was published
for
Django
(pip)
Aug 6, 2019
Django Denial-of-service in django.utils.text.Truncator
High
CVE-2019-14232
was published
for
Django
(pip)
Aug 6, 2019
Regular Expression Denial of Service (ReDoS) in lodash
Moderate
CVE-2019-1010266
was published
for
lodash
(npm)
Jul 19, 2019
Pallets Project Flask is vulnerable to Denial of Service via Unexpected memory usage
High
CVE-2019-1010083
was published
for
flask
(pip)
Jul 19, 2019
Regular Expression Denial of Service
Moderate
GHSA-qx4v-6gc5-f2vv
was published
for
esm
(npm)
Jun 20, 2019
Regular Expression Denial of Service in underscore.string
Moderate
GHSA-v2p6-4mp7-3r9v
was published
for
underscore.string
(npm)
Jun 14, 2019
Prototype Pollution in @apollo/gateway
High
GHSA-74cr-77xc-8g6r
was published
for
@apollo/gateway
(npm)
Jun 13, 2019
Regular Expression Denial of Service (ReDoS)
High
GHSA-h6ch-v84p-w6p9
was published
for
diff
(npm)
Jun 13, 2019
Prototype Pollution in lutils-merge
Moderate
GHSA-f7qw-5pvg-mmwp
was published
for
lutils-merge
(npm)
Jun 13, 2019
Denial of Service in http-proxy-agent
High
GHSA-8w57-jfpm-945m
was published
for
http-proxy-agent
(npm)
Jun 11, 2019
ProTip!
Advisories are also available from the
GraphQL API