Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,900
Maven
5,000+
npm
3,630
NuGet
638
pip
3,244
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

234 advisories

Loading
Denial of Service in ecstatic High
CVE-2015-9242 was published for ecstatic (npm) Jun 7, 2018
tdunlap607
Regular Expression Denial of Service in ssri Moderate
CVE-2018-7651 was published for ssri (npm) Mar 7, 2018
Regular Expression Denial of Service in moment High
CVE-2017-18214 was published for moment (npm) Mar 5, 2018
tdunlap607
Denial of Service in jquery High
CVE-2016-10707 was published for jQuery (RubyGems) Jan 22, 2018
Denial of Service in ecstatic High
CVE-2016-10703 was published for ecstatic (npm) Dec 28, 2017
Denial-of-Service Memory Exhaustion in qs High
CVE-2014-7191 was published for qs (npm) Oct 24, 2017
File Descriptor Leak Can Cause DoS Vulnerability in hapi High
CVE-2014-3742 was published for hapi (npm) Oct 24, 2017
Regular Expression Denial of Service in ms High
CVE-2015-8315 was published for ms (npm) Oct 24, 2017
Regular Expression Denial of Service in moment Moderate
CVE-2016-4055 was published for moment (npm) Oct 24, 2017
ProTip! Advisories are also available from the GraphQL API