GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
47 advisories
Filter by severity
Potential Denial-of-Service in bindata
Moderate
CVE-2021-32823
was published
for
bindata
(RubyGems)
Jun 23, 2021
Rack has possible DoS Vulnerability in Multipart MIME parsing
High
CVE-2023-27530
was published
for
rack
(RubyGems)
Mar 8, 2023
fugit parse and parse_nat stall on lengthy input
Moderate
CVE-2024-43380
was published
for
fugit
(RubyGems)
Aug 19, 2024
REXML denial of service vulnerability
Moderate
CVE-2024-39908
was published
for
rexml
(RubyGems)
Jul 16, 2024
REXML contains a denial of service vulnerability
Moderate
CVE-2024-35176
was published
for
rexml
(RubyGems)
May 16, 2024
Rack has possible DoS Vulnerability with Range Header
Low
CVE-2024-26141
was published
for
rack
(RubyGems)
Feb 28, 2024
XSS sidekiq-unique-jobs UI server vulnerability
High
CVE-2024-25122
was published
for
sidekiq-unique-jobs
(RubyGems)
Feb 13, 2024
WEBrick Denial of Service Vulnerability
High
CVE-2008-4310
was published
for
webrick
(RubyGems)
May 2, 2022
ReDoS based DoS vulnerability in Action Dispatch
Low
CVE-2023-22792
was published
for
actionpack
(RubyGems)
Jan 18, 2023
Puppet Denial of Service and Arbitrary File Write
Low
CVE-2012-1987
was published
for
puppet
(RubyGems)
May 14, 2022
encoded_id-rails potential DOS vulnerability due to URIs with extremely long encoded IDs
High
CVE-2024-0241
was published
for
encoded_id-rails
(RubyGems)
Oct 24, 2023
Duplicate Advisory: encoded_id-rails potential DOS vulnerability due to URIs with extremely long encoded IDs
High
GHSA-4553-hq82-8654
was published
for
encoded_id-rails
(RubyGems)
Jan 4, 2024
•
withdrawn
Denial of service via header parsing in Rack
High
CVE-2022-44570
was published
for
rack
(RubyGems)
Jan 18, 2023
Denial of Service Vulnerability in Rack Multipart Parsing
High
CVE-2022-30122
was published
for
rack
(RubyGems)
May 27, 2022
memory leak flaw was found in ruby-magick
Moderate
CVE-2023-5349
was published
for
rmagick
(RubyGems)
Oct 30, 2023
Denial of Service Vulnerability in Action View
High
CVE-2019-5419
was published
for
actionview
(RubyGems)
Mar 13, 2019
sidekiq Denial of Service vulnerability
Moderate
CVE-2023-26141
was published
for
sidekiq
(RubyGems)
Sep 14, 2023
sentry-raven allows remote attackers to cause a denial of service via a large exponent value in a scientific number
Moderate
CVE-2014-9490
was published
for
sentry-raven
(RubyGems)
Oct 24, 2017
Rack vulnerable to Denial of Service
High
CVE-2018-16470
was published
for
rack
(RubyGems)
Nov 15, 2018
Denial of Service Vulnerability in Rack Content-Disposition parsing
Low
CVE-2022-44571
was published
for
rack
(RubyGems)
Jan 18, 2023
Denial of service via multipart parsing in Rack
Low
CVE-2022-44572
was published
for
rack
(RubyGems)
Jan 18, 2023
ProTip!
Advisories are also available from the
GraphQL API