Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,198
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,702
NuGet
656
pip
3,328
Pub
11
RubyGems
883
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

141 advisories

Loading
Denial of Service in foreman High
GHSA-xm28-fw2x-fqv2 was published for foreman (npm) May 31, 2019
Prototype Pollution in deap High
GHSA-xrmp-99wj-p6jc was published for deap (npm) May 31, 2019
Prototype Pollution in @apollo/gateway High
GHSA-74cr-77xc-8g6r was published for @apollo/gateway (npm) Jun 13, 2019
Regular Expression Denial of Service in Acorn High
GHSA-6chw-6frg-f759 was published for acorn (npm) Apr 3, 2020
Regular Expression Denial of Service in websocket-extensions (NPM package) High
CVE-2020-7662 was published for websocket-extensions (npm) Jun 5, 2020
Regular Expression Denial of Service in negotiator High
CVE-2016-10539 was published for negotiator (npm) Oct 9, 2018
Denial of Service in nes High
CVE-2017-16025 was published for nes (npm) Jul 24, 2018
DoS due to excessively large websocket message in ws High
CVE-2016-10542 was published for ws (npm) Feb 18, 2019
Denial-of-Service Extended Event Loop Blocking in qs High
CVE-2014-10064 was published for qs (npm) Oct 9, 2018
Denial of Service in mqtt-packet High
CVE-2016-10523 was published for mqtt-packet (npm) Feb 18, 2019
ReDoS via long UserAgent header in ua-parser High
CVE-2017-16086 was published for ua-parser (npm) Jul 24, 2018
Regular Expression Denial of Service in parsejson High
CVE-2017-16113 was published for parsejson (npm) Jul 24, 2018
Denial of Service in hapi High
CVE-2015-9241 was published for hapi (npm) Jun 7, 2018
Regular expression denial of service in url-regex High
CVE-2020-7661 was published for url-regex (npm) Jun 22, 2020
Denial of Service in yar High
CVE-2014-4179 was published for yar (npm) Sep 1, 2020
Denial of Service in uws High
CVE-2016-10544 was published for uws (npm) Sep 1, 2020
Denial of Service in subtext High
GHSA-2mvq-xp48-4c77 was published for subtext (npm) Sep 3, 2020
Regular Expression Denial of Service in ansi2html High
CVE-2015-9239 was published for ansi2html (npm) Sep 1, 2020
Regular Expression Denial of Service in validator High
CVE-2014-8882 was published for validator (npm) Aug 31, 2020
Bitcoin Inventory Out-of-Memory Denial-of-Service Attack (CVE-2018-17145) High
CVE-2018-17145 was published for bcoin (npm) Sep 10, 2020
d3-color vulnerable to ReDoS High
GHSA-36jr-mh4h-2g58 was published for d3-color (npm) Sep 29, 2022
Regular Expression Denial-of-Service in npm schema-inspector High
CVE-2021-21267 was published for schema-inspector (npm) Mar 19, 2021
erik-krogh
modern-async's `forEachSeries` and `forEachLimit` functions do not limit the number of requests High
CVE-2021-41167 was published for modern-async (npm) Oct 21, 2021
Uncontrolled Resource Consumption in fast-string-search High
CVE-2022-22138 was published for fast-string-search (npm) Jun 18, 2022
Regular expression denial of service in react-native High
CVE-2020-1920 was published for react-native (npm) Jul 20, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database