Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,703
NuGet
661
pip
3,329
Pub
11
RubyGems
884
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

2,382 advisories

Loading
High severity vulnerability that affects com.typesafe.akka:akka-http-core_2.11 and com.typesafe.akka:akka-http-core_2.12 High
CVE-2018-16131 was published for com.typesafe.akka:akka-http-core_2.11 (Maven) Oct 22, 2018
Prototype Pollution in extend Moderate
CVE-2018-16492 was published for extend (npm) Feb 7, 2019
Denial of Service in https-proxy-agent Critical
CVE-2018-3739 was published for https-proxy-agent (npm) Jul 27, 2018
kurt-r2c
ReDoS via long UserAgent header in ua-parser High
CVE-2017-16086 was published for ua-parser (npm) Jul 24, 2018
Regular Expression Denial of Service in parsejson High
CVE-2017-16113 was published for parsejson (npm) Jul 24, 2018
Denial of Service in hapi High
CVE-2015-9241 was published for hapi (npm) Jun 7, 2018
Regular expression denial of service in url-regex High
CVE-2020-7661 was published for url-regex (npm) Jun 22, 2020
Denial of Service in node-sass Moderate
GHSA-9v62-24cr-58cx was published for node-sass (npm) Sep 11, 2020
Uncontrolled Resource Consumption in spray-json when parsing decimal digit fields High
CVE-2018-18853 was published for io.spray:spray-json_2.10 (Maven) Nov 9, 2018
Denial of service in fastify Moderate
CVE-2020-8192 was published for fastify (npm) Aug 5, 2020
Denial of Service in yar High
CVE-2014-4179 was published for yar (npm) Sep 1, 2020
Regular Expression Denial of Service in bleach Moderate
CVE-2014-8881 was published for bleach (npm) Sep 1, 2020
Denial of Service in uws High
CVE-2016-10544 was published for uws (npm) Sep 1, 2020
Client Denial of Service on TUF Moderate
CVE-2020-6173 was published for tuf (pip) Aug 21, 2020
Denial of Service in subtext High
GHSA-2mvq-xp48-4c77 was published for subtext (npm) Sep 3, 2020
Denial of Service in apostrophe Low
GHSA-pv6r-vchh-cxg9 was published for apostrophe (npm) Sep 3, 2020
Regular Expression Denial of Service in ansi2html High
CVE-2015-9239 was published for ansi2html (npm) Sep 1, 2020
Regular Expression Denial of Service in validator High
CVE-2014-8882 was published for validator (npm) Aug 31, 2020
Denial of Service in handlebars Moderate
GHSA-f52g-6jhx-586p was published for handlebars (npm) Sep 3, 2020
Exploitable inventory component chaining in PocketMine-MP High
GHSA-8jq6-w5cg-wm45 was published for pocketmine/pocketmine-mp (Composer) Nov 11, 2020
Muqsit CortexPE
ReDOS vulnerabities: multiple grammars Moderate
GHSA-7wwv-vh3v-89cq was published for @highlightjs/cdn-assets (npm) Dec 4, 2020
RunDevelopment erik-krogh
kurt-r2c
Denial of Service in ecstatic Moderate
CVE-2019-10775 was published for ecstatic (npm) Dec 15, 2020
Memory exhaustion in http4s-async-http-client with large or malicious compressed responses Low
GHSA-8hxh-r6f7-jf45 was published for org.http4s:http4s-async-http-client_2.12 (Maven) Oct 16, 2020
leonardosantosklarna ashwinbhaskar
Uncontrolled Resource Consumption in spray-json High
CVE-2018-18854 was published for io.spray:spray-json_2.10 (Maven) Nov 9, 2018
Regular Expression Denial of Service in markdown Low
GHSA-wx77-rp39-c6vg was published for markdown (npm) Sep 4, 2020
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database