GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,277
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
307 advisories
Filter by severity
Unbounded resource exhaustion in cmark-gfm autolink extension may lead to denial of service
Moderate
GHSA-4qw4-jpp4-8gvp
was published
for
commonmarker
(RubyGems)
Sep 21, 2022
Regular Expression Denial of Service
Moderate
GHSA-6394-6h9h-cfjg
was published
for
nwmatcher
(npm)
Jun 7, 2019
Regular Expression Denial of Service (ReDoS) in lodash
Moderate
CVE-2019-1010266
was published
for
lodash
(npm)
Jul 19, 2019
Prototype Pollution in upmerge
Moderate
GHSA-gm9g-2g8v-fvxj
was published
for
upmerge
(npm)
Jun 6, 2019
Prototype Pollution in lutils-merge
Moderate
GHSA-f7qw-5pvg-mmwp
was published
for
lutils-merge
(npm)
Jun 13, 2019
Denial of Service in js-yaml
Moderate
GHSA-2pr6-76vf-7546
was published
for
js-yaml
(npm)
Jun 5, 2019
Regular Expression Denial of Service in underscore.string
Moderate
GHSA-v2p6-4mp7-3r9v
was published
for
underscore.string
(npm)
Jun 14, 2019
Regular Expression Denial of Service
Moderate
GHSA-qx4v-6gc5-f2vv
was published
for
esm
(npm)
Jun 20, 2019
Denial of Service in url-relative
Moderate
GHSA-86p3-4gfq-38f2
was published
for
url-relative
(npm)
Jun 5, 2019
Denial of Service in rgb2hex
Moderate
GHSA-65p8-3hm4-h9h8
was published
for
rgb2hex
(npm)
Aug 23, 2019
Regular Expression Denial of Service in ssri
Moderate
CVE-2018-7651
was published
for
ssri
(npm)
Mar 7, 2018
Denial of Service in node-sass
Moderate
GHSA-9v62-24cr-58cx
was published
for
node-sass
(npm)
Sep 11, 2020
Regular Expression Denial of Service in bleach
Moderate
CVE-2014-8881
was published
for
bleach
(npm)
Sep 1, 2020
Denial of Service in handlebars
Moderate
GHSA-f52g-6jhx-586p
was published
for
handlebars
(npm)
Sep 3, 2020
ReDOS vulnerabities: multiple grammars
Moderate
GHSA-7wwv-vh3v-89cq
was published
for
@highlightjs/cdn-assets
(npm)
Dec 4, 2020
Denial of service (via resource exhaustion) due to improper input validation in third-party identifier endpoint
Moderate
GHSA-7h5v-85w9-pq6c
was published
for
matrix-synapse
(pip)
May 19, 2021
Uncontrolled Resource Consumption in pillow
Moderate
GHSA-jgpv-4h4c-xhw3
was published
for
pillow
(pip)
Apr 23, 2021
Denial of Service in node-static
Moderate
GHSA-8r4g-cg4m-x23c
was published
for
node-static
(npm)
Sep 22, 2021
Denial of service in DataCommunicator class in Vaadin 8
Moderate
GHSA-j23j-q57m-63v3
was published
for
com.vaadin:vaadin-server
(Maven)
Oct 13, 2021
Regular Expression Denial of Service in millisecond
Moderate
GHSA-m489-xr35-fjxr
was published
for
millisecond
(npm)
Sep 22, 2021
ProTip!
Advisories are also available from the
GraphQL API