Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

30 advisories

Loading
Zod denial of service vulnerability Moderate
CVE-2023-4316 was published for zod (npm) Sep 28, 2023
RobinTail
ReDoS in urlregex Moderate
CVE-2020-36830 was published for urlregex (npm) Sep 2, 2024
Regular Expression Denial of Service (ReDoS) in micromatch Moderate
CVE-2024-4067 was published for micromatch (npm) May 14, 2024
jagonalez MarioTeixeiraCx
word-wrap vulnerable to Regular Expression Denial of Service Moderate
CVE-2023-26115 was published for word-wrap (npm) Jun 22, 2023
CKEditor 4 ReDoS Vulnerability Moderate
CVE-2021-26271 was published for ckeditor4-dev (npm) May 24, 2022
Regular Expression Denial Of Service in uri-js Moderate
CVE-2017-16021 was published for uri-js (npm) Jul 24, 2018
Denial of Service in uap-core when processing crafted User-Agent strings Moderate
CVE-2020-5243 was published for uap-core (RubyGems) Feb 20, 2020
bcaller
nodemailer ReDoS when trying to send a specially crafted email Moderate
GHSA-9h6g-pr28-7cqp was published for nodemailer (npm) Jan 31, 2024
francoatmega
@adobe/css-tools Improper Input Validation and Inefficient Regular Expression Complexity Moderate
CVE-2023-48631 was published for @adobe/css-tools (npm) Nov 30, 2023
Inefficient Regular Expression Complexity in validator.js Moderate
CVE-2021-3765 was published for validator (npm) Nov 3, 2021
Regular Expression Denial of Service in jsoneditor Moderate
CVE-2021-3822 was published for jsoneditor (npm) Sep 29, 2021
uri-template-lite Regular Expression Denial of Service Moderate
CVE-2021-43309 was published for uri-template-lite (npm) Aug 25, 2022
marfoldi
@adobe/css-tools Regular Expression Denial of Service (ReDOS) while Parsing CSS Moderate
CVE-2023-26364 was published for @adobe/css-tools (npm) Aug 29, 2023
angular vulnerable to regular expression denial of service via the <input type="url"> element Moderate
CVE-2023-26118 was published for angular (npm) Mar 30, 2023
angular vulnerable to regular expression denial of service via the angular.copy() utility Moderate
CVE-2023-26116 was published for angular (npm) Mar 30, 2023
angular vulnerable to regular expression denial of service via the $resource service Moderate
CVE-2023-26117 was published for angular (npm) Mar 30, 2023
Regular Expression Denial of Service (ReDoS) in lodash Moderate
CVE-2020-28500 was published for lodash (npm) Jan 6, 2022
mitchell-codecov nitaiapiiro
DmitriyLewen jkmartindale
Vercel ms Inefficient Regular Expression Complexity vulnerability Moderate
CVE-2017-20162 was published for ms (npm) Jan 5, 2023
Regular Expression Denial of Service in browserslist Moderate
CVE-2021-23364 was published for browserslist (npm) May 24, 2021
Denial of Service (DoS) vulnerability in RSSHub Moderate
CVE-2022-31110 was published for rsshub (npm) Jun 23, 2022
Rongronggg9
Uncontrolled Resource Consumption in markdown-it Moderate
CVE-2022-21670 was published for markdown-it (npm) Jan 12, 2022
makenowjust
node-fetch Inefficient Regular Expression Complexity Moderate
CVE-2022-2596 was published for node-fetch (npm) Aug 2, 2022
vovikhangcdv
Denial of Service in protobufjs Moderate
CVE-2018-3738 was published for protobufjs (npm) Oct 9, 2018
ReDoS via long string of semicolons in tough-cookie Moderate
CVE-2016-1000232 was published for tough-cookie (npm) Oct 10, 2018
@sideway/formula contains Regular Expression Denial of Service (ReDoS) Vulnerability Moderate
CVE-2023-25166 was published for @sideway/formula (npm) Feb 8, 2023
sno2
ProTip! Advisories are also available from the GraphQL API