GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
30
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,683
NuGet
650
pip
3,299
Pub
11
RubyGems
878
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
62 advisories
Filter by severity
xhtml2pdf Denial of Service via crafted string
Moderate
CVE-2024-25885
was published
for
xhtml2pdf
(pip)
Oct 8, 2024
Inefficient Regular Expression Complexity in langflow
Moderate
CVE-2024-9277
was published
for
langflow
(pip)
Sep 27, 2024
Spring Framework DoS via conditional HTTP request
Moderate
CVE-2024-38809
was published
for
org.springframework:spring-web
(Maven)
Sep 24, 2024
Wagtail regular expression denial-of-service via search query parsing
Moderate
CVE-2024-39317
was published
for
wagtail
(pip)
Jul 11, 2024
Apache Airflow Improper Input Validation vulnerability
Moderate
CVE-2023-36543
was published
for
apache-airflow
(pip)
Jul 12, 2023
Regular Expression Denial of Service (ReDoS) in micromatch
Moderate
CVE-2024-4067
was published
for
micromatch
(npm)
May 14, 2024
Django vulnerable to denial-of-service attack
Moderate
CVE-2024-41991
was published
for
Django
(pip)
Aug 7, 2024
Rack ReDoS Vulnerability in HTTP Accept Headers Parsing
Moderate
CVE-2024-39316
was published
for
rack
(RubyGems)
Jul 3, 2024
Black vulnerable to Regular Expression Denial of Service (ReDoS)
Moderate
CVE-2024-21503
was published
for
black
(pip)
Mar 19, 2024
Regular expression denial-of-service in Django
Moderate
CVE-2024-27351
was published
for
django
(pip)
Mar 15, 2024
word-wrap vulnerable to Regular Expression Denial of Service
Moderate
CVE-2023-26115
was published
for
word-wrap
(npm)
Jun 22, 2023
TCPDF vulnerable to Regular Expression Denial of Service
Moderate
CVE-2024-22640
was published
for
tecnickcom/tcpdf
(Composer)
Apr 19, 2024
Rack vulnerable to ReDoS in content type parsing (2nd degree polynomial)
Moderate
CVE-2024-25126
was published
for
rack
(RubyGems)
Feb 28, 2024
ua-parser/uap-php ReDoS vulnerability
Moderate
GHSA-78hm-5hjw-58mh
was published
for
ua-parser/uap-php
(Composer)
Jun 7, 2024
URI gem has ReDoS vulnerability
Moderate
CVE-2023-36617
was published
for
uri
(RubyGems)
Jun 29, 2023
Pydantic regular expression denial of service
Moderate
CVE-2024-3772
was published
for
pydantic
(pip)
Apr 15, 2024
CKEditor 4 ReDoS Vulnerability
Moderate
CVE-2021-26271
was published
for
ckeditor4-dev
(npm)
May 24, 2022
Regular Expression Denial Of Service in uri-js
Moderate
CVE-2017-16021
was published
for
uri-js
(npm)
Jul 24, 2018
Sisimai Inefficient Regular Expression Complexity vulnerability
Moderate
CVE-2022-4891
was published
for
sisimai
(RubyGems)
Jan 17, 2023
Denial of Service in uap-core when processing crafted User-Agent strings
Moderate
CVE-2020-5243
was published
for
uap-core
(RubyGems)
Feb 20, 2020
nodemailer ReDoS when trying to send a specially crafted email
Moderate
GHSA-9h6g-pr28-7cqp
was published
for
nodemailer
(npm)
Jan 31, 2024
ProTip!
Advisories are also available from the
GraphQL API