GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
142 advisories
Filter by severity
File Descriptor Leak Can Cause DoS Vulnerability in hapi
High
CVE-2014-3742
was published
for
hapi
(npm)
Oct 24, 2017
Denial-of-Service Memory Exhaustion in qs
High
CVE-2014-7191
was published
for
qs
(npm)
Oct 24, 2017
Regular Expression Denial of Service in ms
High
CVE-2015-8315
was published
for
ms
(npm)
Oct 24, 2017
Regular Expression Denial of Service in moment
High
CVE-2017-18214
was published
for
moment
(npm)
Mar 5, 2018
Denial of Service vulnerability with large JSON payloads in fastify
High
CVE-2018-3711
was published
for
fastify
(npm)
Jul 18, 2018
mime Regular Expression Denial of Service when MIME lookup performed on untrusted user input
High
CVE-2017-16138
was published
for
mime
(npm)
Jul 20, 2018
ReDoS via long UserAgent header in ua-parser
High
CVE-2017-16086
was published
for
ua-parser
(npm)
Jul 24, 2018
Regular Expression Denial of Service in no-case
High
CVE-2017-16099
was published
for
no-case
(npm)
Jul 24, 2018
Regular Expression Denial of Service in content
High
CVE-2017-16111
was published
for
content
(npm)
Jul 24, 2018
ReDoS via long UserAgent header in useragent
High
CVE-2017-16030
was published
for
useragent
(npm)
Jul 24, 2018
Regular Expression Denial of Service in decamelize
High
CVE-2017-16023
was published
for
decamelize
(npm)
Jul 24, 2018
method-override ReDoS when untrusted user input passed into X-HTTP-Method-Override header
High
CVE-2017-16136
was published
for
method-override
(npm)
Jul 24, 2018
Regular Expression Denial of Service in marked
High
CVE-2017-16114
was published
for
marked
(npm)
Jul 24, 2018
Regular Expression Denial of Service in parsejson
High
CVE-2017-16113
was published
for
parsejson
(npm)
Jul 24, 2018
Regular Expression Denial of Service in tough-cookie
High
CVE-2017-15010
was published
for
tough-cookie
(npm)
Jul 24, 2018
Regular Expression Denial of Service in string package
High
CVE-2017-16116
was published
for
string
(npm)
Jul 24, 2018
Regular Expression Denial of Service in forwarded
High
CVE-2017-16118
was published
for
forwarded
(npm)
Jul 24, 2018
Regular Expression Denial of Service in fresh
High
CVE-2017-16119
was published
for
fresh
(npm)
Jul 24, 2018
Regular Expression Denial of Service in charset
High
CVE-2017-16098
was published
for
charset
(npm)
Aug 9, 2018
Regular Expression Denial of Service in timespan
High
CVE-2017-16115
was published
for
timespan
(npm)
Aug 29, 2018
ProTip!
Advisories are also available from the
GraphQL API