GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
39 advisories
Filter by severity
XML External Entity Reference in Glances
Moderate
CVE-2021-23418
was published
for
Glances
(pip)
Aug 9, 2021
XML External Entity vulnerability in Easy-XML
Critical
CVE-2020-26705
was published
for
easy-xml
(pip)
Nov 1, 2021
feedparser denial of service vulnerability
High
CVE-2012-2921
was published
for
feedparser
(pip)
Jul 24, 2018
ebookmeta XML External Entity vulnerability
High
CVE-2024-36827
was published
for
ebookmeta
(pip)
Jun 7, 2024
ebookmeta XML External Entity vulnerability
Critical
CVE-2024-37388
was published
for
ebookmeta
(pip)
Jun 7, 2024
GeoServer style upload functionality vulnerable to XML External Entity (XXE) injection
Moderate
CVE-2023-26043
was published
for
GeoNode
(pip)
Aug 30, 2024
Guardrails AI vulnerable to Improper Restriction of XML External Entity Reference
Moderate
CVE-2024-6961
was published
for
guardrails-ai
(pip)
Jul 21, 2024
XML External Entity (XXE) in Django
Moderate
CVE-2013-1665
was published
for
Django
(pip)
May 17, 2022
XML Entity Expansion (XEE) in Django
Moderate
CVE-2013-1664
was published
for
Django
(pip)
May 17, 2022
OpenStack Swift XML external entities (XXE) Injection
Moderate
CVE-2022-47950
was published
for
swift
(pip)
Jan 18, 2023
fonttools XML External Entity Injection (XXE) Vulnerability
High
CVE-2023-45139
was published
for
fonttools
(pip)
Jan 9, 2024
OpenStack Nova Live migration fails to update persistent domain XML
High
CVE-2020-17376
was published
for
nova
(pip)
May 24, 2022
Improper Restriction of XML External Entity Reference in python-docx
High
CVE-2016-5851
was published
for
python-docx
(pip)
May 13, 2022
py-xml XML External Entity Injection vulnerability
High
CVE-2020-26709
was published
for
py-xml
(pip)
Jun 29, 2023
easy-parse XML External Entity Injection vulnerability
High
CVE-2020-26710
was published
for
easy-parse
(pip)
Jun 29, 2023
requests-xml XML External Entity Injection vulnerability
High
CVE-2020-26708
was published
for
requests-xml
(pip)
Jun 29, 2023
weixin-python XML External Entity vulnerability
Critical
CVE-2018-25082
was published
for
weixin-python
(pip)
Mar 21, 2023
PySAML2 XML external entity attack
Critical
CVE-2016-10127
was published
for
pysaml2
(pip)
May 17, 2022
Improper Restriction of XML External Entity Reference in Plone
High
CVE-2020-28734
was published
for
Plone
(pip)
Apr 7, 2021
Improper Restriction of XML External Entity Reference in Plone
High
CVE-2020-28736
was published
for
Plone
(pip)
Apr 7, 2021
XML2Dict XML Entity Expansion Vulnerability
High
CVE-2021-25951
was published
for
XML2Dict
(pip)
Jul 2, 2021
PyAMF vulnerable to XML external entity (XXE)
High
CVE-2015-8549
was published
for
pyamf
(pip)
May 24, 2022
Improper Restriction of XML External Entity Reference in trytond and proteus
Moderate
CVE-2022-26661
was published
for
proteus
(pip)
Mar 11, 2022
untangle vulnerable to Improper Restriction of XML External Entity Reference
High
CVE-2022-31471
was published
for
untangle
(pip)
Aug 6, 2022
ProTip!
Advisories are also available from the
GraphQL API