GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,041
Maven
5,000+
npm
3,733
NuGet
662
pip
3,414
Pub
12
RubyGems
891
Rust
866
Swift
36
Unreviewed advisories
All unreviewed
5,000+
40 advisories
Filter by severity
unstructured XML External Entity (XXE)
Moderate
CVE-2024-46455
was published
for
unstructured
(pip)
Dec 9, 2024
XML2Dict XML Entity Expansion Vulnerability
High
CVE-2021-25951
was published
for
XML2Dict
(pip)
Jul 2, 2021
untangle vulnerable to Improper Restriction of XML External Entity Reference
High
CVE-2022-31471
was published
for
untangle
(pip)
Aug 6, 2022
GeoServer style upload functionality vulnerable to XML External Entity (XXE) injection
High
CVE-2023-26043
was published
for
GeoNode
(pip)
Aug 30, 2024
Guardrails AI vulnerable to Improper Restriction of XML External Entity Reference
High
CVE-2024-6961
was published
for
guardrails-ai
(pip)
Jul 21, 2024
XML External Entity vulnerability in Easy-XML
High
CVE-2020-26705
was published
for
easy-xml
(pip)
Nov 1, 2021
ebookmeta XML External Entity vulnerability
High
CVE-2024-37388
was published
for
ebookmeta
(pip)
Jun 7, 2024
Improper Restriction of XML External Entity Reference in python-docx
High
CVE-2016-5851
was published
for
python-docx
(pip)
May 13, 2022
XML External Entity Injection in PyWPS
High
CVE-2021-39371
was published
for
pywps
(pip)
Sep 2, 2021
PySAML2 XML external entity attack
Critical
CVE-2016-10127
was published
for
pysaml2
(pip)
May 17, 2022
Pysaml2 does not sanitize XML responses
High
CVE-2016-10149
was published
for
pysaml2
(pip)
Jul 16, 2018
PyAMF vulnerable to XML external entity (XXE)
High
CVE-2015-8549
was published
for
pyamf
(pip)
May 24, 2022
Improper Restriction of XML External Entity Reference in Plone
High
CVE-2020-28734
was published
for
Plone
(pip)
Apr 7, 2021
Improper Restriction of XML External Entity Reference in Quokka
Critical
CVE-2020-18705
was published
for
quokka
(pip)
Aug 30, 2021
Improper Restriction of XML External Entity Reference in Quokka
Critical
CVE-2020-18703
was published
for
quokka
(pip)
Aug 30, 2021
Improper Restriction of XML External Entity Reference in Plone
High
CVE-2020-28736
was published
for
Plone
(pip)
Apr 7, 2021
Improper Restriction of XML External Entity Reference in pikepdf
High
CVE-2021-29421
was published
for
pikepdf
(pip)
Apr 20, 2021
Improper Restriction of XML External Entity Reference in Openpyxl
Moderate
CVE-2017-5992
was published
for
openpyxl
(pip)
May 17, 2022
OWSLib vulnerable to XML External Entity (XXE) Injection
High
CVE-2023-27476
was published
for
OWSLib
(pip)
Mar 7, 2023
Improper Restriction of XML External Entity Reference in ladon
Critical
CVE-2019-1010268
was published
for
ladon
(pip)
Jul 26, 2019
OpenStack Nova Live migration fails to update persistent domain XML
High
CVE-2020-17376
was published
for
nova
(pip)
May 24, 2022
XML External Entity Reference in Glances
Moderate
CVE-2021-23418
was published
for
Glances
(pip)
Aug 9, 2021
feedparser denial of service vulnerability
High
CVE-2012-2921
was published
for
feedparser
(pip)
Jul 24, 2018
ProTip!
Advisories are also available from the
GraphQL API