GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,901
Maven
5,000+
npm
3,631
NuGet
638
pip
3,244
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
236 advisories
Filter by severity
Inefficient Regular Expression Complexity in validator.js
Moderate
CVE-2021-3765
was published
for
validator
(npm)
Nov 3, 2021
github.com/tidwall/gjson Vulnerable to REDoS attack
High
CVE-2021-42836
was published
for
github.com/tidwall/gjson
(Go)
Oct 25, 2021
Prototype pollution vulnerability in 'predefine'
Critical
CVE-2020-28280
was published
for
predefine
(npm)
Oct 12, 2021
Inefficient Regular Expression Complexity in handsontable
High
CVE-2021-23446
was published
for
handsontable
(npm)
Sep 30, 2021
Regular Expression Denial of Service in jsoneditor
Moderate
CVE-2021-3822
was published
for
jsoneditor
(npm)
Sep 29, 2021
inflect vulnerable to Inefficient Regular Expression Complexity
High
CVE-2021-3820
was published
for
i
(npm)
Sep 29, 2021
Regular Expression Denial of Service in Leo Editor
High
CVE-2020-23478
was published
for
leo
(pip)
Sep 23, 2021
Regular Expression Denial of Service in millisecond
Moderate
GHSA-m489-xr35-fjxr
was published
for
millisecond
(npm)
Sep 22, 2021
Inefficient Regular Expression Complexity in nth-check
High
CVE-2021-3803
was published
for
nth-check
(npm)
Sep 20, 2021
semver-regex Regular Expression Denial of Service (ReDOS)
High
CVE-2021-3795
was published
for
semver-regex
(npm)
Sep 20, 2021
Inefficient Regular Expression Complexity in vuelidate
High
CVE-2021-3794
was published
for
@vuelidate/validators
(npm)
Sep 20, 2021
Inefficient Regular Expression Complexity in chalk/ansi-regex
High
CVE-2021-3807
was published
for
ansi-regex
(npm)
Sep 20, 2021
Inefficient Regular Expression Complexity in code-server
High
CVE-2021-3810
was published
for
code-server
(npm)
Sep 20, 2021
Inefficient Regular Expression Complexity in taro
High
CVE-2021-3804
was published
for
@tarojs/helper
(npm)
Sep 20, 2021
axios Inefficient Regular Expression Complexity vulnerability
High
CVE-2021-3749
was published
for
axios
(npm)
Sep 1, 2021
Regular Expression Denial of Service in System.Text.RegularExpressions
High
CVE-2019-0820
was published
for
System.Text.RegularExpressions
(NuGet)
Aug 4, 2021
markdown2 Regular Expression Denial of Service
High
CVE-2021-26813
was published
for
markdown2
(pip)
Jun 2, 2021
Regular Expression Denial of Service in browserslist
Moderate
CVE-2021-23364
was published
for
browserslist
(npm)
May 24, 2021
Regular Expression Denial of Service in marked
Low
GHSA-ch52-vgq2-943f
was published
for
marked
(npm)
Sep 3, 2020
regular expression denial-of-service (ReDoS) in Bleach
High
CVE-2020-6817
was published
for
bleach
(pip)
Mar 30, 2020
Denial of Service in uap-core when processing crafted User-Agent strings
Moderate
CVE-2020-5243
was published
for
uap-core
(RubyGems)
Feb 20, 2020
Regular Expression Denial of Service in remarkable
High
CVE-2019-12041
was published
for
remarkable
(npm)
Jun 6, 2019
Regular Expression Denial of Service in clean-css
Low
GHSA-wxhq-pm8v-cw75
was published
for
clean-css
(npm)
Jun 5, 2019
ProTip!
Advisories are also available from the
GraphQL API