GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
270 advisories
Filter by severity
cleo is vulnerable to Regular Expression Denial of Service (ReDoS)
Moderate
CVE-2022-42966
was published
for
cleo
(pip)
Nov 10, 2022
pymatgen is vulnerable to Regular Expression Denial of Service (ReDoS)
Moderate
CVE-2022-42964
was published
for
pymatgen
(pip)
Nov 10, 2022
snowflake-connector-python is vulnerable to Regular Expression Denial of Service (ReDoS)
Moderate
CVE-2022-42965
was published
for
snowflake-connector-python
(pip)
Nov 10, 2022
Inefficient Regular Expression Complexity in Liferay Portal
High
CVE-2022-42124
was published
for
com.liferay.portal:release.portal.bom
(Maven)
Nov 15, 2022
Inefficient Regular Expression Complexity in Loofah
High
CVE-2022-23514
was published
for
loofah
(RubyGems)
Dec 13, 2022
Inefficient Regular Expression Complexity in rails-html-sanitizer
High
CVE-2022-23517
was published
for
rails-html-sanitizer
(RubyGems)
Dec 13, 2022
pypa/setuptools vulnerable to Regular Expression Denial of Service (ReDoS)
High
CVE-2022-40897
was published
for
setuptools
(pip)
Dec 23, 2022
pypa/wheel vulnerable to Regular Expression denial of service (ReDoS)
High
CVE-2022-40898
was published
for
wheel
(pip)
Dec 23, 2022
markdown-it vulnerable to Inefficient Regular Expression Complexity
High
CVE-2015-10005
was published
for
markdown-it
(npm)
Dec 27, 2022
email-existence Inefficient Regular Expression Complexity vulnerability
High
CVE-2018-25049
was published
for
email-existence
(npm)
Dec 27, 2022
rgb2hex vulnerable to inefficient regular expression complexity
High
CVE-2018-25061
was published
for
rgb2hex
(npm)
Dec 31, 2022
string-kit Inefficient Regular Expression Complexity vulnerability
High
CVE-2021-4299
was published
for
string-kit
(npm)
Jan 2, 2023
MooTools Regular Expression Denial of Service
High
CVE-2021-32821
was published
for
mootools
(npm)
Jan 3, 2023
Vercel ms Inefficient Regular Expression Complexity vulnerability
Moderate
CVE-2017-20162
was published
for
ms
(npm)
Jan 5, 2023
robots-txt-guard Inefficient Regular Expression Complexity vulnerability
High
CVE-2021-4305
was published
for
robots-txt-guard
(npm)
Jan 5, 2023
terminal-kit Inefficient Regular Expression Complexity vulnerability
High
CVE-2021-4306
was published
for
terminal-kit
(npm)
Jan 7, 2023
debug Inefficient Regular Expression Complexity vulnerability
High
CVE-2017-20165
was published
for
debug
(npm)
Jan 9, 2023
Luxon Inefficient Regular Expression Complexity vulnerability
High
CVE-2023-22467
was published
for
luxon
(npm)
Jan 9, 2023
PapaParse Inefficient Regular Expression Complexity vulnerability
High
CVE-2020-36649
was published
for
papaparse
(npm)
Jan 11, 2023
skeemas Inefficient Regular Expression Complexity vulnerability
High
CVE-2018-25074
was published
for
skeemas
(npm)
Jan 11, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.8 before 15...
Moderate
Unreviewed
CVE-2022-4131
was published
Jan 12, 2023
An issue has been discovered in GitLab CE/EE affecting all versions starting from 6.6 before 15.5...
Moderate
Unreviewed
CVE-2022-3514
was published
Jan 12, 2023
Sisimai Inefficient Regular Expression Complexity vulnerability
Moderate
CVE-2022-4891
was published
for
sisimai
(RubyGems)
Jan 17, 2023
mechanize Regular Expression Denial of Service vulnerability
High
CVE-2021-32837
was published
for
mechanize
(pip)
Jan 18, 2023
mel-spintax has Inefficient Regular Expression Complexity
Moderate
CVE-2018-25077
was published
for
mel-spintax
(npm)
Jan 18, 2023
ProTip!
Advisories are also available from the
GraphQL API