Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

270 advisories

Loading
Terser insecure use of regular expressions leads to ReDoS High
CVE-2022-25858 was published for terser (npm) Jul 16, 2022
glob-parent 6.0.0 vulnerable to Regular Expression Denial of Service High
CVE-2021-35065 was published for glob-parent (npm) Jul 18, 2022
cowsrule wejendorp
wwuck paulmillr BGehrels
Mistune vulnerable to catastrophic backtracking High
CVE-2022-34749 was published for mistune (pip) Jul 26, 2022
sersorrel
node-fetch Inefficient Regular Expression Complexity Moderate
CVE-2022-2596 was published for node-fetch (npm) Aug 2, 2022
vovikhangcdv
Regular expression denial of service in eth-account Moderate
CVE-2022-1930 was published for eth-account (pip) Aug 23, 2022
uri-template-lite Regular Expression Denial of Service Moderate
CVE-2021-43309 was published for uri-template-lite (npm) Aug 25, 2022
marfoldi
Sanitize-html Vulnerable To REDoS Attacks High
CVE-2022-25887 was published for sanitize-html (npm) Aug 31, 2022
Polynomial regular expression used on uncontrolled data in nitrado.js High
CVE-2022-36034 was published for nitrado.js (npm) Aug 31, 2022
steal vulnerable to Regular Expression Denial of Service via input variable High
CVE-2022-37260 was published for steal (npm) Sep 16, 2022
steal vulnerable to Regular Expression Denial of Service via source and sourceWithComments High
CVE-2022-37262 was published for steal (npm) Sep 16, 2022
mako is vulnerable to Regular Expression Denial of Service High
CVE-2022-40023 was published for mako (pip) Sep 16, 2022
steal Inefficient Regular Expression Complexity vulnerability via string variable High
CVE-2022-37259 was published for steal (npm) Sep 21, 2022
ReDoS issue in dparse Moderate
CVE-2022-39280 was published for dparse (pip) Sep 27, 2022
react-native-reanimated vulnerable to ReDoS High
CVE-2022-24373 was published for react-native-reanimated (npm) Oct 1, 2022
tomekzaw annaowens
annaowens_microsoft
v8n vulnerable to Inefficient Regular Expression Complexity High
CVE-2022-35923 was published for v8n (npm) Oct 7, 2022
vovikhangcdv
loader-utils is vulnerable to Regular Expression Denial of Service (ReDoS) High
CVE-2022-37599 was published for loader-utils (npm) Oct 12, 2022
jeran-urban G-Rath
loader-utils is vulnerable to Regular Expression Denial of Service (ReDoS) via url variable High
CVE-2022-37603 was published for loader-utils (npm) Oct 14, 2022
jeran-urban
ReDoS in py library when used with subversion High
CVE-2022-42969 was published for py (pip) Oct 16, 2022
The-Compiler jwilk
Django denial-of-service vulnerability in internationalized URLs High
CVE-2022-41323 was published for django (pip) Oct 16, 2022
sunSUNQ
minimatch ReDoS vulnerability High
CVE-2022-3517 was published for minimatch (npm) Oct 18, 2022
Inefficient Regular Expression Complexity in shescape High
CVE-2022-25918 was published for shescape (npm) Oct 25, 2022
mowzk
kangax html-minifier REDoS vulnerability High
CVE-2022-37620 was published for html-minifier (npm) Oct 31, 2022
ProTip! Advisories are also available from the GraphQL API