Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,330
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

19 advisories

Loading
Insecure Comparison in secure-compare High
CVE-2015-9238 was published for secure-compare (npm) Jun 3, 2019
tdunlap607
Logic error in authentication in proxy.py High
CVE-2021-3116 was published for proxy.py (pip) Apr 7, 2021
Incorrect Regular Expression in RestSharp High
CVE-2021-27293 was published for RestSharp (NuGet) Jul 14, 2021
Regular expression denial of service in react-native High
CVE-2020-1920 was published for react-native (npm) Jul 20, 2021
Inefficient Regular Expression Complexity in chalk/ansi-regex High
CVE-2021-3807 was published for ansi-regex (npm) Sep 20, 2021
MylesBorins cji-stripe
G-Rath
Inefficient Regular Expression Complexity in vuelidate High
CVE-2021-3794 was published for @vuelidate/validators (npm) Sep 20, 2021
madcatone
Regular Expression Denial of Service in Leo Editor High
CVE-2020-23478 was published for leo (pip) Sep 23, 2021
NLTK Vulnerable to REDoS High
CVE-2021-3828 was published for nltk (pip) Sep 29, 2021
github.com/tidwall/gjson Vulnerable to REDoS attack High
CVE-2021-42836 was published for github.com/tidwall/gjson (Go) Oct 25, 2021
Incorrect Comparison in cvxopt High
CVE-2021-41500 was published for cvxopt (pip) Jan 7, 2022
Incorrect Comparison in Vyper High
GHSA-7vrm-3jc8-5wwm was published for vyper (pip) Apr 4, 2022
Codiad Vulnerable to PHP Magic Hash Vulnerability High
CVE-2020-23355 was published for codiad/codiad (Composer) May 24, 2022
TensorFlow has Floating Point Exception in TFLite in conv kernel High
CVE-2023-27579 was published for tensorflow (pip) Mar 24, 2023
TensorFlow has Segfault in Bincount with XLA High
CVE-2023-25675 was published for tensorflow (pip) Mar 24, 2023
TensorFlow has Floating Point Exception in TensorListSplit with XLA High
CVE-2023-25673 was published for tensorflow (pip) Mar 24, 2023
TensorFlow has Floating Point Exception in AvgPoolGrad with XLA High
CVE-2023-25669 was published for tensorflow (pip) Mar 24, 2023
TensorFlow has Floating Point Exception in AudioSpectrogram High
CVE-2023-25666 was published for tensorflow (pip) Mar 24, 2023
Jenkins Google Login Plugin non-constant time token comparison High
CVE-2023-41936 was published for org.jenkins-ci.plugins:google-login (Maven) Sep 6, 2023
Non-constant time nonce comparison in Jenkins Microsoft Entra ID (previously Azure AD) Plugin High
CVE-2023-41935 was published for org.jenkins-ci.plugins:azure-ad (Maven) Sep 6, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database