Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,218
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

78 advisories

Loading
Regular Expression Denial of Service Moderate
GHSA-6394-6h9h-cfjg was published for nwmatcher (npm) Jun 7, 2019
Regular Expression Denial of Service (ReDoS) in lodash Moderate
CVE-2019-1010266 was published for lodash (npm) Jul 19, 2019
mitchell-codecov
Denial of Service in js-yaml Moderate
GHSA-2pr6-76vf-7546 was published for js-yaml (npm) Jun 5, 2019
Prototype Pollution in upmerge Moderate
GHSA-gm9g-2g8v-fvxj was published for upmerge (npm) Jun 6, 2019
Prototype Pollution in lutils-merge Moderate
GHSA-f7qw-5pvg-mmwp was published for lutils-merge (npm) Jun 13, 2019
Regular Expression Denial of Service in underscore.string Moderate
GHSA-v2p6-4mp7-3r9v was published for underscore.string (npm) Jun 14, 2019
Regular Expression Denial of Service Moderate
GHSA-qx4v-6gc5-f2vv was published for esm (npm) Jun 20, 2019
Denial of Service in url-relative Moderate
GHSA-86p3-4gfq-38f2 was published for url-relative (npm) Jun 5, 2019
Denial of Service in mem Moderate
GHSA-4xcv-9jjx-gfj3 was published for mem (npm) Jul 5, 2019
Denial of Service in rgb2hex Moderate
GHSA-65p8-3hm4-h9h8 was published for rgb2hex (npm) Aug 23, 2019
Regular Expression Denial of Service in ssri Moderate
CVE-2018-7651 was published for ssri (npm) Mar 7, 2018
Prototype Pollution in extend Moderate
CVE-2018-16492 was published for extend (npm) Feb 7, 2019
Denial of Service in node-sass Moderate
GHSA-9v62-24cr-58cx was published for node-sass (npm) Sep 11, 2020
Denial of service in fastify Moderate
CVE-2020-8192 was published for fastify (npm) Aug 5, 2020
Regular Expression Denial of Service in bleach Moderate
CVE-2014-8881 was published for bleach (npm) Sep 1, 2020
Denial of Service in handlebars Moderate
GHSA-f52g-6jhx-586p was published for handlebars (npm) Sep 3, 2020
ReDOS vulnerabities: multiple grammars Moderate
GHSA-7wwv-vh3v-89cq was published for @highlightjs/cdn-assets (npm) Dec 4, 2020
RunDevelopment erik-krogh
kurt-r2c
Denial of Service in ecstatic Moderate
CVE-2019-10775 was published for ecstatic (npm) Dec 15, 2020
Denial of Service in node-static Moderate
GHSA-8r4g-cg4m-x23c was published for node-static (npm) Sep 22, 2021
Regular Expression Denial of Service in millisecond Moderate
GHSA-m489-xr35-fjxr was published for millisecond (npm) Sep 22, 2021
Marked ReDoS due to email addresses being evaluated in quadratic time Moderate
GHSA-xf5p-87ch-gxw2 was published for marked (npm) Jun 5, 2019
Regular Expression Denial of Service in slug Moderate
CVE-2017-16117 was published for slug (npm) Jul 24, 2018
G-Rath
prismjs Regular Expression Denial of Service vulnerability Moderate
CVE-2021-3801 was published for prismjs (npm) Sep 20, 2021
CKEditor 5 Markdown plugin Regular expression Denial of Service Moderate
CVE-2021-21254 was published for @ckeditor/ckeditor5-markdown-gfm (npm) Jan 29, 2021
jsx-slack insufficient patch for CVE-2021-43838 ReDoS Moderate
CVE-2021-43843 was published for jsx-slack (npm) Jan 6, 2022
hieki
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database