GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
30 advisories
Filter by severity
Regular Expression Denial of Service (ReDoS) in micromatch
Moderate
CVE-2024-4067
was published
for
micromatch
(npm)
May 14, 2024
word-wrap vulnerable to Regular Expression Denial of Service
Moderate
CVE-2023-26115
was published
for
word-wrap
(npm)
Jun 22, 2023
CKEditor 4 ReDoS Vulnerability
Moderate
CVE-2021-26271
was published
for
ckeditor4-dev
(npm)
May 24, 2022
Regular Expression Denial Of Service in uri-js
Moderate
CVE-2017-16021
was published
for
uri-js
(npm)
Jul 24, 2018
Denial of Service in uap-core when processing crafted User-Agent strings
Moderate
CVE-2020-5243
was published
for
uap-core
(RubyGems)
Feb 20, 2020
nodemailer ReDoS when trying to send a specially crafted email
Moderate
GHSA-9h6g-pr28-7cqp
was published
for
nodemailer
(npm)
Jan 31, 2024
@adobe/css-tools Improper Input Validation and Inefficient Regular Expression Complexity
Moderate
CVE-2023-48631
was published
for
@adobe/css-tools
(npm)
Nov 30, 2023
Inefficient Regular Expression Complexity in validator.js
Moderate
CVE-2021-3765
was published
for
validator
(npm)
Nov 3, 2021
Regular Expression Denial of Service in jsoneditor
Moderate
CVE-2021-3822
was published
for
jsoneditor
(npm)
Sep 29, 2021
uri-template-lite Regular Expression Denial of Service
Moderate
CVE-2021-43309
was published
for
uri-template-lite
(npm)
Aug 25, 2022
@adobe/css-tools Regular Expression Denial of Service (ReDOS) while Parsing CSS
Moderate
CVE-2023-26364
was published
for
@adobe/css-tools
(npm)
Aug 29, 2023
angular vulnerable to regular expression denial of service via the <input type="url"> element
Moderate
CVE-2023-26118
was published
for
angular
(npm)
Mar 30, 2023
angular vulnerable to regular expression denial of service via the angular.copy() utility
Moderate
CVE-2023-26116
was published
for
angular
(npm)
Mar 30, 2023
angular vulnerable to regular expression denial of service via the $resource service
Moderate
CVE-2023-26117
was published
for
angular
(npm)
Mar 30, 2023
Regular Expression Denial of Service (ReDoS) in lodash
Moderate
CVE-2020-28500
was published
for
lodash
(npm)
Jan 6, 2022
Vercel ms Inefficient Regular Expression Complexity vulnerability
Moderate
CVE-2017-20162
was published
for
ms
(npm)
Jan 5, 2023
Regular Expression Denial of Service in browserslist
Moderate
CVE-2021-23364
was published
for
browserslist
(npm)
May 24, 2021
Denial of Service (DoS) vulnerability in RSSHub
Moderate
CVE-2022-31110
was published
for
rsshub
(npm)
Jun 23, 2022
Uncontrolled Resource Consumption in markdown-it
Moderate
CVE-2022-21670
was published
for
markdown-it
(npm)
Jan 12, 2022
node-fetch Inefficient Regular Expression Complexity
Moderate
CVE-2022-2596
was published
for
node-fetch
(npm)
Aug 2, 2022
Denial of Service in protobufjs
Moderate
CVE-2018-3738
was published
for
protobufjs
(npm)
Oct 9, 2018
ReDoS via long string of semicolons in tough-cookie
Moderate
CVE-2016-1000232
was published
for
tough-cookie
(npm)
Oct 10, 2018
@sideway/formula contains Regular Expression Denial of Service (ReDoS) Vulnerability
Moderate
CVE-2023-25166
was published
for
@sideway/formula
(npm)
Feb 8, 2023
ProTip!
Advisories are also available from the
GraphQL API