Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,056
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,618
NuGet
638
pip
3,231
Pub
10
RubyGems
854
Rust
817
Swift
35
Unreviewed advisories
All unreviewed
5,000+

75 advisories

Loading
ReDoS in urlregex Moderate
CVE-2020-36830 was published for urlregex (npm) Sep 2, 2024
An issue was discovered in GitLab CE/EE affecting all versions starting from 11.10 prior to 17.0... Moderate Unreviewed
CVE-2024-3114 was published Aug 8, 2024
ReDoS flaw in RefMatcher when matching branch names using wildcards in GitLab EE/CE affecting all... Moderate Unreviewed
CVE-2024-2800 was published Aug 8, 2024
Django vulnerable to denial-of-service attack Moderate
CVE-2024-41991 was published for Django (pip) Aug 7, 2024
Wagtail regular expression denial-of-service via search query parsing Moderate
CVE-2024-39317 was published for wagtail (pip) Jul 11, 2024
RealOrangeOne
Rack ReDoS Vulnerability in HTTP Accept Headers Parsing Moderate
CVE-2024-39316 was published for rack (RubyGems) Jul 3, 2024
dwisiswant0
An issue was discovered in GitLab CE/EE affecting all versions starting from 9.2 prior to 16.11.5... Moderate Unreviewed
CVE-2024-1493 was published Jun 27, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.1 prior to... Moderate Unreviewed
CVE-2024-1495 was published Jun 13, 2024
An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.4 prior to 16... Moderate Unreviewed
CVE-2024-1963 was published Jun 13, 2024
An issue has been discovered in GitLab CE/EE affecting all versions prior to 16.10.7, starting... Moderate Unreviewed
CVE-2024-1736 was published Jun 13, 2024
ua-parser/uap-php ReDoS vulnerability Moderate
GHSA-78hm-5hjw-58mh was published for ua-parser/uap-php (Composer) Jun 7, 2024
Regular Expression Denial of Service (ReDoS) in micromatch Moderate
CVE-2024-4067 was published for micromatch (npm) May 14, 2024
jagonalez MarioTeixeiraCx
TCPDF vulnerable to Regular Expression Denial of Service Moderate
CVE-2024-22640 was published for tecnickcom/tcpdf (Composer) Apr 19, 2024
Starfox64
Pydantic regular expression denial of service Moderate
CVE-2024-3772 was published for pydantic (pip) Apr 15, 2024
Black vulnerable to Regular Expression Denial of Service (ReDoS) Moderate
CVE-2024-21503 was published for black (pip) Mar 19, 2024
Regular expression denial-of-service in Django Moderate
CVE-2024-27351 was published for django (pip) Mar 15, 2024
MarkLee131
Rack vulnerable to ReDoS in content type parsing (2nd degree polynomial) Moderate
CVE-2024-25126 was published for rack (RubyGems) Feb 28, 2024
byroot
nodemailer ReDoS when trying to send a specially crafted email Moderate
GHSA-9h6g-pr28-7cqp was published for nodemailer (npm) Jan 31, 2024
francoatmega
An issue has been discovered in GitLab CE/EE affecting all versions from 12.7 prior to 16.6.6, 16... Moderate Unreviewed
CVE-2023-6159 was published Jan 26, 2024
ReDoS in Embedchain Moderate
CVE-2024-23732 was published for embedchain (pip) Jan 21, 2024
@adobe/css-tools Improper Input Validation and Inefficient Regular Expression Complexity Moderate
CVE-2023-48631 was published for @adobe/css-tools (npm) Nov 30, 2023
TorBot vulnerable to Inefficient Regular Expression Complexity in validate_link Moderate
CVE-2023-45813 was published for torbot (pip) Oct 19, 2023
ikkebr
Zod denial of service vulnerability Moderate
CVE-2023-4316 was published for zod (npm) Sep 28, 2023
RobinTail
@adobe/css-tools Regular Expression Denial of Service (ReDOS) while Parsing CSS Moderate
CVE-2023-26364 was published for @adobe/css-tools (npm) Aug 29, 2023
Issue summary: Checking excessively long DH keys or parameters may be very slow. Impact summary:... Moderate Unreviewed
CVE-2023-3446 was published Jul 19, 2023
ProTip! Advisories are also available from the GraphQL API